CN1739260B - Work protection system, key data generating apparatus, and terminal device - Google Patents

Work protection system, key data generating apparatus, and terminal device Download PDF

Info

Publication number
CN1739260B
CN1739260B CN200480002253.7A CN200480002253A CN1739260B CN 1739260 B CN1739260 B CN 1739260B CN 200480002253 A CN200480002253 A CN 200480002253A CN 1739260 B CN1739260 B CN 1739260B
Authority
CN
China
Prior art keywords
device keys
key
content
key data
unit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
CN200480002253.7A
Other languages
Chinese (zh)
Other versions
CN1739260A (en
Inventor
中野稔久
大森基司
松崎枣
馆林诚
山本直纪
石原秀志
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Panasonic Holdings Corp
Original Assignee
Matsushita Electric Industrial Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Matsushita Electric Industrial Co Ltd filed Critical Matsushita Electric Industrial Co Ltd
Priority claimed from PCT/JP2004/000155 external-priority patent/WO2004064313A1/en
Publication of CN1739260A publication Critical patent/CN1739260A/en
Application granted granted Critical
Publication of CN1739260B publication Critical patent/CN1739260B/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Images

Abstract

A content protection system prevents illegal key acquisition, without checking uniqueness of device keys. The content protection system includes a key data generation apparatus and a user terminal. The key data generation apparatus converts first key data, which is for using content, based on a predetermined conversion rule, thereby generating second key data, encrypts the second key data using a device key held by valid terminals, and outputs the encrypted key data. The user terminal obtains the encrypted key data, decrypts the encrypted key data using a device key held by the user terminal, thereby generating second key data, converts the second key data based on a re-conversion rule corresponding to the conversion rule, thereby generating the first key data, and uses the content with use of the generated first key data.

Description

Content protective system, key data generating apparatus and terminal installation
Technical field
The present invention relates to a kind of being used for the digital data recording of content to the huge storage capacity recording medium such as CD, and play the system of this content, this content is such as the such product of film.
Background technology
In order to protect is copyright such as the content of film or music product; playing device is given a plurality of Device keyses; and content by with key data with the state recording encrypted on recording medium; and can be only by the playing device acquisition that is allowed to play this content, this key data is used to decipher this content.A kind of mode of managing for the key that is used for this key data is to use tree structure.
Document 1 discloses the relevant technology of key management system a kind of and the use tree structure, and wherein the key information amount is relatively little, and special key can be undone.In addition; document 2 discloses a kind of based on technology in the document 1; and relating to the technology of digital content protection key management method, the increase that it suppresses the Device keys number preserved in advance by this playing device reduces the key information amount that is recorded on this recording medium simultaneously.
Below outline disclosed key management method in document 1.
Cipher key authority management equipment key makes that the leaf in tree structure is to concern one to one with playing device.Each playing device is preserved and the corresponding Device keys of node, and described node is placed on from root on the route corresponding to the leaf of this playback equipment.Cipher key authority uses Device keys K to encrypt a content and media key MK is used to decipher this content, and Device keys K is by the playing device sharing equipment key of maximum quantity among the Device keys of all management.Then, (K MK) is written to recording medium to the media key E that cipher key authority will be encrypted.Notice E (X, Y) encrypted text of expression by utilizing key data X enciphered data Y to obtain.
Here, if playing device is internally analyzed, and all Device keyses of being preserved by playing device are exposed, then cipher key authority is cancelled the key of this exposure, and select playing device sharing equipment key among the remaining Device keys, and use the Device keys of selecting to remove to encrypt media key MK by maximum quantity.
As shown in figure 11, under the situation that playing device 0 is undone, Device keys Kf, Kb and K1 are used to encrypt media key MK, thus produce encrypted text E (Kf, MK), E (Kb, MK) and E (K1, MK), it is written to recording medium.
Therefore, the playback equipment of cancelling 0 can not obtain media key MK, because it does not have among Device keys Kf, Kb and the K1 any one, and any one playback equipment that only has Device keys Kf, Kb and a K1 can obtain media key MK.
Here, if unique Device keys lost, for example, if the corresponding value of Device keys Kf and Device keys k1 is identical, then be recorded in encrypted text E on the recording medium (Kf, MK) and E (K1, value MK) will be identical.This means that it will be known publicly that Device keys Kf has identical value with K1.
If playing device 7 is undone after a while, as shown in figure 12, then cipher key authority utilizes Device keys Kb, Kc, K1 and K6 to encrypt media key MK, and four encrypted text E (Kb, MK), and E (Kc, MK), E (K1, MK) and E (K6 MK) is recorded on the recording medium.
Here, because the Device keys Kf that is preserved by this playing device 7 is exposed, and because Kf is known that the identical fact publicly with K1, so there is a danger, promptly, illegal side will use the Kf of this exposure to remove enabling decryption of encrypted text E, and (K1 MK), thereby and unlawfully obtains media key MK.If in order to prevent such illegal act, (K1 MK) does not record this recording medium to encrypted text E, a problem then can occur, and promptly effectively playing device 1 becomes and can not obtain media key MK, and is cancelled illegally.
The example that playing device that prevents the method that media key is unlawfully obtained and prevent from should not cancel is cancelled illegally is a uniqueness of guaranteeing (assurance) each Device keys.Especially, the randomizer that produces random number sequence produces because Device keys typically uses, so a kind of method is when Device keys is produced, checks that whether this Device keys is complementary with any one of the Device keys of previous generation.Here, if there is the Device keys that is complementary, then this random number sequence is destroyed, and the Device keys that if there is no is complementary, and this random number sequence is used.
But in large-scale system, wherein the number of playing device is billions of, and with regard to the time whether Device keys of checking each generation is complementary with the Device keys of previous generation, it is to waste hugely.Even when the key management method that uses in document 2, can occur and the identical problem of time that spends the checkout facility key.
Document 1
Nakano; " Digital Content Hogo-youKagi Kanri Houshiki (Key Management System for Digital ContentProtection is used for the key management system of digital content protection) " of Ohmori and Tatebayashi; 2001 seminars about cryptography and Information Security; SCIS2001; 5A-5, January calendar year 2001.
Document 2
Nakano; " Digital Content Hogo-youKanri Houshiki-Ki-kouzou Pattem Bunkatsu Houshiki (KeyManagement System for Digital Content Protection-Tree PatternDivision Method is used for the key management system-tree schema distribution method of digital content protection) " of Ohmori and Tatebayashi; 2002 seminars about cryptography and Information Security; SCIS2002; 10C-1, in January, 2002.
Summary of the invention
In view of the problem of this statement, the purpose of this invention is to provide a kind of content protective system, it prevents the illegal acquisition of media key under the situation of the uniqueness of checkout facility key not, and the wrongful cancellation that prevents the playback equipment that should not be cancelled.
In order to realize the purpose of this statement, the invention provides a kind of content protective system, wherein content only is spendable by effective terminal installation, comprise: key data generating apparatus, it comprises: converting unit, be used for changing first key data that when using this content, uses, thereby produce second key data based on predetermined transformation rule; Ciphering unit is used to use the Device keys of being preserved by this effective terminal installation that second key data is encrypted, thereby produces the encrypted secret key data; And output unit, be used to export this encrypted secret key data, and terminal installation, it comprises: obtain the unit, be used to obtain this encrypted secret key data; Decrypting device is used to use the Device keys of being preserved by this terminal installation to go to decipher this encrypted secret key data, thereby produces second key data; Converting unit is used for changing second key data based on predetermined transformation rule, thereby obtains first key data; Use the unit with content, be used for using this content based on this first key data.
According to described structure, even this Device keys has identical value, these encrypted secret key data can not have identical value inevitably yet.In addition, use these encrypted secret key data to determine that it is impossible that this Device keys has identical value.Therefore, can prevent from illegally to obtain this first key data.Thereby prevent the cancellation of the playback equipment that should not be cancelled.
Description of drawings
Figure 1 shows that the block diagram of the structure of key data generating apparatus 100 and recording medium 300;
Figure 2 shows that the tree structure of the correlation between the indication equipment key in key data generating apparatus 100;
Figure 3 shows that and the correlation between the Device keys occurring under the situation that Device keys is undone;
Figure 4 shows that the content of media key conversion and ciphering process;
Figure 5 shows that the structure of the recording areas of DVD 300;
Figure 6 shows that the block diagram of the structure of DVD 300 and playing device 200;
Figure 7 shows that the media key deciphering of encryption and the content of conversion process again;
Figure 8 shows that the flow chart of the key data production process in key data generating apparatus 100;
Figure 9 shows that the flow chart of the operation of playing device 200;
Figure 10 shows that the flow chart that record position is specified and the transitional information generation is operated in playing device 200;
Figure 11 shows that the example of the key management method that uses tree structure; With
Figure 12 shows that the example of the key management method that uses tree structure.
Embodiment
Below with reference to accompanying drawing embodiments of the invention are described.
First embodiment
1. the structure of copyright protecting system
As shown in figs. 1 and 6, copyright protecting system is made up of with DVD 300 key data generating apparatus 100, a plurality of playing device 200a, 200b or the like.Notice that the total structure of playing device 200a, 200b or the like is shown as playing device 200 in Fig. 6.
Key data generating apparatus 100 recorded contents of holding by cipher key authority and be used to play the key data that this content is given DVD 300.This key data is selected so that have only effective playing device can play this content, and manages with tree structure.
Each allocates a plurality of Device keyses in advance by key data generating apparatus 100 playing device 200a, 200b that is held by corresponding user or the like.In addition, each of playing device 200a, 200b or the like selected a suitable Device keys from the Device keys that distributes, and uses the Device keys of this selection to go to decipher and play the content that is recorded in the encryption on the DVD 300.
Each structure is described below
1.1 key data generating apparatus 100
As shown in Figure 1, key data generating apparatus 100 is made up of Device keys memory cell 101, Device keys selected cell 102, converting unit 103, transitional information generation unit 104, media key ciphering unit 105, content key encryption unit 106, content encryption unit 107, input unit 108, control unit 109 and driver element 110.
Particularly, the computer system formed by microprocessor, ROM, RAM, hard disk unit, display unit, keyboard, mouse or the like of key data generating apparatus 100.Computer program is stored in RAM or the hard disk unit, and key data generating apparatus 100 is operated according to computer program by microprocessor and realized its function.
(1) input unit 108 and driver element 110
Input unit 108 is from the input of external source receiver media key MK, a content key CK and content, and output medium key MK is to converting unit 103 and content key encryption unit 106, output content ciphering key K is to content key encryption unit 106 and content encryption unit 107, and output content is to content encryption unit 107.
Noticing that media key can be for the unique information of DVD 300, perhaps can be from for the key data that produces the unique information of DVD 300.
Driver element 110 is written to DVD 300 with the content of transitional information, encrypted secret key data and encryption under the control of control unit 109.
(2) control unit 109
Control unit 109 control appliance key selected cells 102 are so that make it select at least one Device keys among the management equipment key of usually being preserved by the maximum number of playing device.
In addition, control unit 109 control transformation information generation units 104 are so that make each transitional information of Device keys that its generation is used to select.
Next, control unit 109 these converting units 103 of control, so that make it use every of transitional information to come transfer medium key MK respectively, this transitional information is produced by transitional information generation unit 104.
In addition, control unit 109 control medium secret key encryption unit 105 are so that each that makes it use the corresponding Device keys of selecting encrypted the media key MK of conversion.Control unit 109 is control content secret key encryption unit 106 also, so that make its working medium key encrypt the content key of reception, and control content ciphering unit 107, so that make its encrypted content.
Control unit 109 makes the content of corresponding encrypted secret key data, transitional information and encryption write DVD 300 via driver element 110.
(3) the Device keys memory cell 101
All Device keyses of the playing device that belongs to this copyright protecting system are supplied with in 101 storages of Device keys memory cell.
Be used the tree structure key management method shown in Fig. 2 by the Device keys of Device keys memory cell 101 storage and produce and be assigned to playing device.
Notice that though in current embodiment, it is to have 3 yuan of trees of three layers that this tree structure is described to, it is 3 yuan of trees that tree structure is not limited to, and can have even more layer.In document 2, describe this tree structure management method in detail.
This tree structure is described below briefly.
This tree structure is made up of node and path.In tree structure, each " junction point " is known as node, and node is connected by the path.Each level that node is placed in this tree structure is known as a layer.Above specific node and the node that is connected to that node by a path be known as father node, and under father node and by the node that the path is connected to this father node, be known as child node.
In addition, the node on top is known as root, and the node on lowermost layer is known as leaf.This playing device is distributed to this leaf one to one.In Fig. 2, this playing device has the numbering 0 to 8 of distributing respectively as shown.
In addition, each node is assigned with a node ID.Node ID is the series connection of the path number from root to specific node.Path number 00,01 and 10 is distributed to the path from left to right with described order.For example, the node ID of distributing to the leaf of playing device 6 is " 1000 ".
How distributing equipment key in copyright protecting system is described below briefly.
<root 〉
A plurality of Device keyses are assigned to root.In Fig. 2, these Device keyses can be expressed as identifying information Ka-0000, Ka-0001, Ka-0010, Ka-0011, Ka-0100, Ka-0101 and Ka-0110.In this identifying information, " Ka-" represents that this Device keys is assigned to root.At " Ka-" four bits afterwards are NRP (node is cancelled pattern), and the most significant bit of this NRP whether discern this node be father node with respect to this leaf.When this node was father node, most significant bit was " 1 ", and under any other the situation of node, most significant bit is " 0 ".
In this NRP, represent to cancel information than low-order bit for three.This cancel in the child node that information is root each, whether Device keys that indication will be undone or key are present in the Device keys of distributing to this child node.Here, " 1 " expression has the Device keys that will be undone or the child node of key, and " 0 " expression does not have the Device keys that will be undone or the child node of key.This is cancelled information and is made of the information that is used for each child node of tree structure order series connection from left to right.
Here, " cancel " and refer to owing to a reason (being exposed such as the analyzed and Device keys of playing device) makes playing device and Device keys invalid.Node corresponding to the Device keys of in this way cancelling is undone.Such node is known as the node of cancelling.
Ka-0000 is the key of being preserved by all playing device that belongs to tree structure, and this is the Device keys that uses in initial condition, and in initial condition, the playing device neither one in the tree structure is undone.
When the Device keys of cancelling was present in the child node, other Device keys was used to encrypt media key.
For example, below there is the leftmost child node of root in the playing device of cancelling, and the playing device of not cancelling uses the Device keys that has by the information of cancelling " 100 " of Ka-0100 identification when existing below other child nodes.In this way, Device keys is assigned to each and cancels information accordingly, and according to the position of the playing device of cancelling in the tree structure, carry out the selection of Device keys, this Device keys is will be used for subsequently discerning by the sheet which cancels information.
In addition, the Device keys with the information of cancelling " 111 " is not assigned with.This is that the Device keys of distributing to the node of lowermost layer is used because when all child nodes have the playing device of cancelling.
<node 〉
Six Device keys Kb-1001, Kb-1010, Kb-1011, Kb-1100, Kb-1101 and Kb-1110 are assigned to leftmost node in the layer 1.Here, the Device keys of the Far Left node of layer 1 is distributed in " Kb " expression.In the mode same with the Device keys of root, each Device keys is the information Recognition of cancelling by relevant child node.In addition, the Device keys with the information of cancelling " 000 " is not assigned with.This is that root is the node that is higher than specific node because when not having the playing device of cancelling of the node that is used to be lower than specific node, the Device keys of distributing to root is used.In addition, the Device keys with the information of cancelling " 111 " is not assigned with.This is that the Device keys of distributing to this node does not use because when all playing devices corresponding to three leaves are undone, and these three leaves are child nodes.
Each has been assigned with six by cancelling the Device keys of information Recognition in described mode other node.
<leaf 〉
Each leaf has a playing device of distributing to it.Here, this playing device is by numbering 0 to 8 identification.
The leftmost leaf of layer 2 is assigned with Device keys Ka-0000, Ka-0001, Ka-0010, Ka-0011, Kb-1001, Kb-1010 and Kb-1011.
Remove corresponding to the Device keys that is used for the pattern of cancelling when playing device 0 is undone, this leaf is assigned with all Device keyses, and this Device keys is assigned to the node on the path from the root to the leaf.In other words, Device keys Ka-0100, Ka-0101, Ka-0110, Kb-1100, Kb-1101 and Kb-1110 do not distribute to this playing device 0, and this is because these Device keyses are Device keyses of distributing to the use when playing device 0 is undone in root and layer 1 the Far Left node at those.
Other leaf quilt is the distributing equipment key in the same way.
(4) the Device keys selected cell 102
Device keys selected cell 102 is selected Device keys, makes the playing device of cancelling can not use content, and exports selected Device keys and give media key ciphering unit 105.
In initial condition, Device keys selected cell 102 is selected Ka-0000, and the Device keys of exporting this selection is given this media key ciphering unit 105.
Utilize Fig. 3 to describe the method for the selection Device keys when having the one or more playing device of cancelling.
If playing device 0 and 8 is undone, from root to being undone corresponding to all nodes on each the path of the leaf of playing device 0 and 8.Each node of cancelling is represented by a cross (X) in Fig. 3.When one or more playback equipments were undone, the Device keys that is using no longer can be used.In other words, the Ka-0000 that is using in initial condition can not be used.
Next, Device keys selected cell 102 is selected a Device keys for each node of cancelling, and it is corresponding to the pattern of cancelling of this node.Under the situation of root, Device keys selected cell 102 is selected Device keys Ka-0101, and it cancels information is " 101 ", because a left side and right child node are undone.
Under the situation of the Far Left node of layer 1, Device keys selected cell 102 is selected Device keys Kb-1100, and it cancels information is " 100 ", because leftmost child node is undone.The child node that node placed in the middle is not cancelled in layer 1, so this Device keys distributes to top layer, in this case, the Ka-0101 that distributes to root is used.Device keys selected cell 102 is that the rightmost child node of layer 1 is selected Device keys Kd-1001, and it cancels information is " 001 ", because its rightmost node is undone.
(5) the transitional information generation unit 104
104 generations of transitional information generation unit are used for the transitional information by each of the Device keys of Device keys selected cell 102 selections.
NRP information is that the NRP of the node that is assigned with up to selected Device keys from root by series connection produces.
As shown in Figure 3, when playing device 0 and 8 was undone, transitional information generation unit 104 produced and is used for by Device keys Ka-0101, the Kb-1100 of Device keys selected cell 102 selections and the transitional information of Kd-1001.
At first, transitional information generation unit 104 produces the transitional information that is used for by playing device 3 to 5 sharing equipment key K a-0101.Here, be " 101 " because only be useful on the NRP of the node that is assigned with up to Device keys Ka-0101 from root, so transitional information generation unit 104 is given this converting unit 103 as transitional information output " 101 ".
Then, transitional information generation unit 104 produces the transitional information that is used for by playing device 1 and 2 sharing equipment key K b-1100.Because being used for the NRP of the node of the node that is assigned with up to Device keys Kb-1100 from root is " 101 " and " 100 ", so these NRP of transitional information generation unit 104 series connection to be producing transitional information " 101100 ", and the transitional information of exporting this generation is given this converting unit 103.
Next, transitional information generation unit 104 produces the transitional information that is used for by playing device 6 and 7 sharing equipment key K b-1001.Because being used for the NRP of the node of the node that is assigned with up to Device keys Kb-1001 from root is " 101 " and " 001 ", so these NRP of transitional information generation unit 104 series connection to be producing transitional information " 101001 ", and the transitional information of exporting this generation is given converting unit 103.
In addition, the transitional information of the transitional information generation unit 104 transitional information recording areas 301 that makes NRP be used to produce to write DVD 300 via driver element 110.Here, the order of the floor height that is assigned with them of this NRP is written into.
Notice, be used as transitional information attached to the heading message on the content key of media key of encrypting or encryption, the record transitional information is unnecessary.In addition, allow it to produce the structure of transitional information if playing device has, it is unnecessary then writing down transitional information.
(6) converting unit 103
The media key that converting unit 103 receives from an external source via input unit 108, and from transitional information generation unit 104 reception transitional informations.Converting unit 103 uses every of transitional informations that media key is applied corresponding xor operation, thus the transfer medium key.
Particularly, shown in Fig. 4 A, converting unit 103 is at first used transitional information " 0101 " transfer medium key MK, thereby produces the media key MK ' of a conversion, and this transitional information " 0101 " is corresponding to Device keys Ka-0101.Then, shown in Fig. 4 B, converting unit 103 is used transitional information " 01011100 " transfer medium key MK, thereby produces the media key MK of a conversion ", this transitional information " 01011100 " is corresponding to this Device keys Kb-1100.In addition, converting unit 103 is used transitional information " 01011001 " transfer medium key MK, thereby produces the media key MK of a conversion , this transitional information " 01011001 " is corresponding to Device keys Kd-1001.
Switched media key MK ', MK " and MK that converting unit 103 outputs produce
Figure 10003_1
Give media key ciphering unit 105.
(7) the media key ciphering unit 105
Media key ciphering unit 105 slave unit key selected cells 102 receiving equipment keys, and receive the media key of conversion from converting unit 103.The Device keys that media key ciphering unit 105 utilizes each to receive is encrypted the media key of each conversion.
Particularly, shown in Fig. 4 A, media key ciphering unit 105 at first uses Device keys Ka-0101 that the media key MK ' of conversion is applied-individual cryptographic algorithm E1, thereby produces an encryption key E (Ka-0101, MK ').Here, this cryptographic algorithm E1 is AES (an improved encryption standard) as an example.Because AES is normally known, so its description is omitted.Notice E (X, Y) encrypted text of expression by utilizing key data X enciphered data Y to obtain.
With same method, shown in Fig. 4 B, media key ciphering unit 105 uses Device keys Kb-1100 that the media key MK of conversion " is applied cryptographic algorithm E1, thereby produces media key E (Kb-1100, the MK ") of an encryption.Then, shown in Fig. 4 C, media key ciphering unit 105 uses the media key MK of Device keys Kd-1001 to conversion
Figure 10003_2
Encrypt, thereby produce media key E (Kd-1001, the MK of an encryption ).
In addition, the media key ciphering unit 105 media key E that has encrypted (Ka-0101, MK '), E (Kb-1100, MK ") and E (Kd-1001, the MK that will produce via driver element 110
Figure 10003_4
) be written to the media key data recording areas 302 of DVD 300.
(8) the content key encryption unit 106
Content key encryption unit 106 is via input unit 108 received content ciphering key K and media key MK.Content key encryption unit 106 use the media key MK that receives apply cryptographic algorithm E1 to content key CK with encrypted content key CK, thereby produce an encryption content key E (MK, CK).Then, (MK CK) is written to content key data recorded area 303 to the content key E that has encrypted that content key encryption unit 106 will produce via driver element 110.
(9) content encryption unit 107
Content key encryption unit 107 via input unit 108 from an external source received content and content key CK.Content key encryption unit 107 use the content key CK that receives apply cryptographic algorithm E1 to this content encrypting this content, thereby produce the content E (CK, content) of encryption.The content E that has encrypted that content key encryption unit 107 will produce via driver element 110 (CK, content) is written to the content record district 304 of DVD 300.
1.2DVD?300
As shown in Figure 5, DVD 300 comprises transitional information recording areas 301, media key data recording areas 302, content key data recorded area 303 and content record district 304.
Transitional information recording areas 301 is that a NRP who is used to produce transitional information is written into zone wherein.This NRP is written into the order of the floor height that they are assigned with.
Media key data recording areas 302 is zones that are used for the media key of recording of encrypted.The media key of this encryption begins sequentially to be written into the media key of distributing to the encryption that top Device keys encrypts from use in tree structure.
Content key data recorded area 303 is zones that are used for the content key of recording of encrypted.
Content record district 304 is zones that are used for the content of recording of encrypted.
1.3 playing device 200
Playing device 200 is represented the common structure of playing device 200a, 200b or the like, and in this tree structure corresponding to any one of playing device 0 to 8.
As shown in Figure 6, this playing device 200 is made up of Device keys selected cell 201, Device keys memory cell 202, media key decrypting device 203, converting unit 204, content key decryption unit 205, content decryption unit 206, driver element 207, broadcast unit 208, control unit 209 and input unit 210.Monitor 220 and loud speaker 221 are connected to broadcast unit 209.
Be similar to key data generation unit 100, playing device 200 is a computer system of being made up of microprocessor, ROM, RAM, hard disk unit, display unit or the like specifically.Playing device 200 is realized its function by microprocessor according to the operation that is stored in the computer program in RAM or the hard disk.
(1) driver element 207 and input unit 210
Input unit 210 receives input from an external source, and the input information that receives is exported to control unit 209.
Under the control of control unit 209, driver element 207 reads from DVD 300.
At first, under the control of control unit 209, driver element 207 reads transitional information from transitional information recording areas 301, and the transitional information that this reads is exported to Device keys selected cell 201.
Secondly, the media key of driver element 207 reading encrypted from media key data recording areas 302, and the media key of having encrypted that will read is exported to media key decrypting device 203.
In addition, the content key E of driver element 207 reading encrypted from content key recording areas 303 (MK, CK), and the content key E that has encrypted that will read (MK CK) exports to content key decryption unit 205.
Driver element 207 is the content E of reading encrypted (CK, content) from content record district 304 also, and the content E that has encrypted that will read (CK, content) exports to content decryption unit 206.
(2) broadcast unit 208
Under the control of control unit 209, broadcast unit 208 produces vision signal and audio signal according to the content that receives from content decryption unit 206, and the vision signal and the audio signal that produce are exported to monitor 220 and loud speaker 221 respectively.
(3) control unit 209
Be used for order and play when being recorded in the command information of the content on the DVD 300 receiving from input unit 210, control unit 209 control drive unit 207 read various types of information from DVD 300.
At first, control unit 209 control appliance key selected cells 201 are selected Device keys, specify the record position of the media key of encrypting, and produce transitional information.
Secondly, control unit 209 control medium cipher key decryption unit 203 are come the media key of enabling decryption of encrypted, thereby produce the media key of conversion, and make converting unit 204 change the media key of this conversion again, thereby produce media key.
In addition, the content key of having encrypted that control unit 209 control content cipher key decryption unit 205 come the working medium key to go to decipher to read, thus produce a content key.Control unit 209 makes content decryption unit 206 use the content key that produces to decipher the content of having encrypted that reads, thereby produces content, and controls playing unit 208 so that this content be played.
(4) the Device keys memory cell 202
The a plurality of Device keyses of distributing to playing device 200 by the keeper of Device keys memory cell 202 storages.The Device keys that distributes is represented by the identifier shown in each of following playing device 0 to 8 in Fig. 2.For example, playing device 6 has the Device keys of being represented by identifying information Ka-0000, Ka-0010, Ka-0100, Ka-0110, Kd-1001, Kd-1010 and Kd-1011.
In addition, Device keys memory cell 202 storage is used for indicating the id information of position of the tree structure of 200 pairing of playing devices.
(5) the Device keys selected cell 201
Device keys selected cell 201 is selected a Device keys, and the Device keys of selecting is exported to media key decrypting device 203.The example that is used to select the Device keys method be wherein each Device keys by an identifier given in advance, this key data generating apparatus writes down the identifier with selecteed Device keys on DVD, and playing device is selected the Device keys represented by the identifier that is recorded on the DVD.This Device keys system of selection is normally known, and its detailed description is omitted for this reason.
Device keys selected cell 201 is specified the record position of the media key of encrypting, the media key of this encryption is corresponding to the Device keys of selecting, produce transitional information, and the explanation that will write down exports to media key decrypting device 203, and transitional information is exported to converting unit 204.Notice, describe the processing that is used for record position appointment and transitional information generation after a while.
(6) the media key decrypting device 203
The position of the media key of media key decrypting device 203 slave unit key selected cells, 201 receiving equipment keys and encryption record, and via the media key of driver element 207 reading and recording encryption in the zone of representing by the record position that receives from DVD 300.
Media key decrypting device 203 uses Device keys that decipherment algorithm D1 is put on the media key of encryption, thereby produces the media key of a conversion.Here, decipherment algorithm D1 carries out the opposite processing of cryptographic algorithm E1.The switched media key that media key decrypting device 203 will produce is exported to converting unit 204.
A specific example supposing the Device keys of selection is Ka-0101, shown in Fig. 7 A, media key decrypting device 203 uses the Device keys Ka-0101 that selects to come the media key E (Ka-0101, MK ') of enabling decryption of encrypted, thereby produces the media key MK ' of a conversion.At the Device keys of selecting is under the situation of Kb-1100, and the media key E of media key decrypting device 203 these deciphering of deciphering (Kb-1100, MK "), thereby produce the media key MK of a conversion ", shown in Fig. 7 B.When the Device keys of selecting is Kd-1001, media key E (Kd-1001, the MK of media key decrypting device 203 enabling decryption of encrypted ), thereby produce the media key MK of a conversion , shown in Fig. 7 C.
The switched media key MK ' that media key decrypting device 203 will produce, MK " or MK
Figure 10003_7
Export to converting unit 204.
(7) converting unit 204
Converting unit 204 receives the media key of changing from media key decrypting device 203, and slave unit key selected cell 201 receives transitional informations.
Converting unit 204 utilizes the transitional information that is produced by Device keys selected cell 201 that the switched media key that receives is carried out xor operation, thereby produces a media key.
The specific example of supposing the Device keys of selection is Ka-0101, shown in Fig. 7 A, converting unit 204 is used the switched media key MK ' of transitional informations " 0101 " conversion, and this transitional information " 0101 " is corresponding to Device keys Ka-0101, thereby produces a media key MK.At the Device keys of selecting is under the situation of Kb-1100, and converting unit 204 is used the switched media key MK of corresponding transitional information " 01011100 " conversion ", thus a media key MK produced, shown in Fig. 7 B.When the Device keys of selecting was Kd-1001, converting unit 204 was used the switched media key MK of corresponding transitional information " 01011001 " conversion
Figure 10003_8
Thereby, produce a media key MK, shown in Fig. 7 C.
Converting unit 204 is exported to content key decryption unit 205 with the media key MK that produces.
(8) content key decryption unit 205
Content decryption unit 205 receives the content key of encrypting from driver element 207, and from converting unit 204 receiver media keys.Content decryption unit 205 is used the media key that receives to apply decipherment algorithm D1 and is given the content key of encrypting, thereby produces a content key, and the content key that produces is exported to content decryption unit 206.
(9) content decryption unit 206
Content decryption unit 206 receives the content of encrypting from driver element 207, and receives this content key from this content key decryption unit 205.Content decryption unit 206 is used the content key that receives to apply decipherment algorithm D1 and is given the content of encrypting, thereby produces content, and the content that produces is exported to broadcast unit 208.
2. the operation in copyright protecting system
2.1 the operation of being undertaken by key data generating apparatus 100
Utilize Fig. 8 to describe the operation of being undertaken by key data generating apparatus 100 below.
Device keys selected cell 102 is selected one or more playing device sharing equipment keys (step S401) by the maximum quantity of not cancelling, and the Device keys of selecting is exported to media key ciphering unit 105 and transitional information generation unit 104.
Then, transitional information generation unit 104, converting unit 103 and media key ciphering unit 105 repeat following processing procedure for each of the Device keys of selecting.Notice, in Fig. 8, the number of the Device keys that " A " expression is selected.
Transitional information generation unit 104 produces transitional information (step S403), and transitional information is exported to converting unit 103.The media key that converting unit 103 conversions obtain via input unit 108, thus the media key (step S404) of a conversion produced, and the switched media key that will produce is exported to media key ciphering unit 105.This media key ciphering unit 105 obtains the Device keys of this selection and the media key of conversion, and uses the Device keys that obtains to encrypt the media key of this conversion, thereby produces the media key (step S405) of an encryption.
When the Device keys of all selections having been carried out the processing of step S403 to S405, the transitional information of this generation and the media key of encryption are write DVD 300 (step S406) via driver element 300.
Next, content key encryption unit 106 uses non-switched media key (media key before conversion) to encrypt this content, thereby produce the content key of an encryption, and be written to DVD 300 (step S407) via the content key of having encrypted that driver element 110 will produce.
In addition, content encryption unit 107 is used this content of content key encryption, thereby produces the content of encrypting, and the content of having encrypted that will produce is written to DVD300 (step S408) via driver element 110.
2.2 the operation of being undertaken by playing device
Utilize Fig. 9 to describe below and be used to play the operation that is recorded in the content on the DVD300 by what playing device 200 carried out.
Device keys selected cell 201 is selected a Device keys based on the transitional information that reads via driver element 207, and carries out and encrypt explanation of media key record position and transitional information generation (step S411).Device keys selected cell 201 is exported to media key decrypting device 203 with Device keys and the record position selected, and this transitional information is exported to converting unit 204.
Media key decrypting device 203 according to record position via the media key of driver element 207 from the DVD300 reading encrypted, and the Device keys that uses slave unit key selected cell 201 to receive is deciphered the media key of this encryption, thereby obtains the media key (step S412) of a conversion.Then, media key decrypting device 203 is exported to converting unit 204 with the media key of conversion.
The transitional information that converting unit 204 uses slave unit key selected cell 201 to receive applies xor operation (step S413) to the media key of changing, and result's media key is exported to content decryption unit 205.
Content decryption unit 205 working medium keys are deciphered the content key of the encryption of reading from DVD300 via driver element 207, thereby obtain a content key (step S414), and this content key is exported to content decryption unit 206.
Content decryption unit 206 uses the content key that receives from content key decryption unit 205 to decipher the content of the encryption of reading from DVD 300 via driver element 207, thereby obtains content (step S415), and this content is exported to broadcast unit 208.
Broadcast unit 208 is play the content that receives, and outputs it to monitor 220 and loud speaker 221 (step S416).
2.3 the media key of encrypting explanation and transitional information produce
(1) media key that utilizes Figure 10 to be described in the encryption of step S411 below is selected and transitional information produces.
Device keys selected cell 201 is the NRP of inspection record in transitional information recording areas 301 in order.Device keys selected cell 201 has the variable Y of the checked NRP of an expression position, the variable X of the record position of the media key of an expression encryption, the variables A of the position of the NRP that expression and playing device 200 are relevant, a variable W and a value D who is illustrated in the number of plies in the tree structure who is illustrated in the NRP number in the specific layer.Notice that the NRP relevant with playing device 200 is the NRP of the node of leaf on the path of root that be assigned with from user's set in tree structure.
Device keys selected cell 201 according to following step to layer i=0 up to layer i=D-1 execution analysis.
Device keys selected cell 201 is provided with the following initial value that is: variables A=0, variable W=1, variable i=0, variable Y=0 and X=0 (step S421).
Device keys selected cell 201 comparison variable i and value D, and, finish this processing, because playing device 200 is undone as this variable i (step S422) when being worth D.
When variable i is equal to or less than variables D (step S422), Device keys selected cell 201 judges whether minimum three of Y NRP being recorded in the transitional information recording areas 301 be " 111 " (step S423).When being " 111 " for these three, Device keys selected cell 201 calculates Y=Y+1 (step S426), and turns back to the processing of step S423.
When not being " 111 " for these three, whether the value of Device keys selected cell 201 judgment variable Y and the value of variables A are (the step S424) that equates.When this value not simultaneously, Device keys selected cell 201 calculates X=X+1 (step S425), calculates Y=Y+1 (step S426), and turns back to the processing of step S423.
When the value of the value of variable Y and variables A is when equating, Device keys selected cell 201 is stored the value (step S427) of Y NRP in layer i.
Next, Device keys selected cell 201 inspection constitute four of Y NRP whether be " 0 " or " 1 " (step S428) corresponding to the value B in the bit position of the value of the highest 2i position and 2i-1 position.Here, the value in the highest 2i position and 2i-1 position is under the situation of " 00 ", and corresponding bit position is the leftmost bit of Y NRP, under the situation of " 01 ", be the intermediate bit of Y NRP, and under the situation of " 10 ", be the rightmost bit of Y NRP.This id information constitutes based on following rule, and as shown in Figure 2, in tree structure, path, the left side is assigned with " 00 ", and intermediate path is assigned with " 01 ", and path, the right is assigned with " 10 ", therefore illustrates from root to the path corresponding to the leaf of playing device.
When B on duty is " 1 " (step S428), Device keys selected cell 201 calculates the number of in W NRP " " in layer i.But it is " " among the NRP of " 1 " that Device keys selected cell 201 does not calculate at the highest bit.Device keys selected cell 201 distributes this count value to give this variable W.In this way the variable W of Huo Deing is illustrated in down the number (step S429) that one deck i+1 goes up NRP.
Next, Device keys selected cell 201 calculates the number of " " in from first NRP to the NRP corresponding bit position.But it is " " among the NRP of " 1 " that Device keys selected cell 201 does not calculate at the highest bit.Device keys selected cell 201 distributes this count value to give this variables A.Here, Device keys selected cell 201 does not calculate the value of corresponding bit position.In this way the variables A of Huo Deing is represented the position (step S430) of the NRP relevant with playing device 200.
Next, Device keys selected cell 201 calculates X=X+1 (step S431), Y=0 (step S432), and i=i+1 (step S433), and turn back to the processing of step S422.
When at step S428 value B=0, Device keys selected cell 201 is exported to media key decrypting device 203 with the value of variable X as the record position of the media key of encrypting, the transitional information that produces is exported to converting unit 204 (step S434), and finish this processing.
(2) use the situation of the playing device 6 in Fig. 2 to describe as an example below and be used to select media key of encrypting and the specific processing that produces transitional information.
Playing device 6 is preserved Ka-0000, Ka-0010 as Device keys, Ka-0100, Ka-0110, Kd-1010, Kd-1011 and in advance as " 1000 " of id information.
A) Device keys selected cell 201 judges whether minimum three of the 0th NRP " 0101 " that be recorded in the transitional information recording areas 301 be " 111 " (step S423).
B) since minimum three be not " 111 ", the value (step S424) of Device keys selected cell 201 comparison variable Y and variables A, and because these values equate, so in layer 0 value " 0101 " (step S427) of the 0th NRP of storage.
C) because the value of the Senior Two position of id information is " 10 ", so Device keys selected cell 201 is checked three the minimum rightmost bit (step S428) of the 0th NRP.Because rightmost bit is " 1 ", so Device keys selected cell 201 advances to the processing of step S429.
D) Device keys selected cell 201 calculates the number (step S429) of " " among minimum three of NRP " 0101 " on layer 0.Because this count value is " 2 ", well-known, there are two NRP on the layer 1 secondarily.
E) next, Device keys selected cell 201 calculates the number " one " of NRP in " 0101 " of corresponding bit position minimum three.Notice that Device keys selected cell 201 does not calculate the value of corresponding bit position.Because this count value is " 1 ", well-known, the position A of corresponding N RP is position 1 in the layer 1 secondarily.
F) Device keys selected cell 201 calculates X=X+1, Y=0, and i=i+1 (step S431 to S433).As a result, the value of variable X becomes " 1 ".
G) Device keys selected cell 201 judges whether minimum three of the 0th NRP " 1100 " that be recorded in the transitional information recording areas 301 be " 111 " (step S423) on layer 1, and because minimum three are not " 111 ", so the value of comparison variable Y and variables A (step S424).
H) because the value of variable Y and A is different, so Device keys selected cell 201 calculates X=X+1 (step S425).As a result, the value of X becomes " 2 ".Device keys selected cell 201 also calculates Y=Y+1 (step S426).As a result, the value of Y becomes " 1 ".
I) Device keys selected cell 201 judges whether minimum three of first NRP " 1001 " on layer 1 be " 111 ", and because minimum three are not " 111 ", so the value of comparison variable Y and variables A (step S424).
J) since the value of variable Y and A equate, so Device keys selected cell 201 utilizes the NRP " 0101 " of previous time storage to be connected on NRP " 1001 " in the position 1 on the layer 1, and the series value (step S427) that produces of storage.
K) because the value of third and fourth highest order of id information is " 00 ", so Device keys selected cell 201 is checked three the minimum leftmost bit (step S428) of the NRP in position 1.Leftmost bit is " 0 ", therefore should analyze and finish.
L) Device keys selected cell 201 is exported to media key decrypting device 203 with the value " 2 " of variable X as record position, and gives converting unit 204 (step S434) as transitional information output " 01011001 ".
(Kd-1001 MK) specified by the record position 2 from playing device 6, and transitional information " 01011001 " is produced the media key E that processing described above causes encrypting.
3. improve
Though described the present invention based on a preferred embodiment, the present invention is not restricted to this.Be also included among the present invention such as following situation.
(1) encryption method of Shi Yonging is not limited to AES, and can use other encryption method.
(2) though in a preferred embodiment media key and content key import from an external source, they can replace and be stored in the key data generating apparatus.Can produce media key and content key when alternatively, using key data generating apparatus at every turn.
(3) use double-deck encryption in the preferred embodiment, in other words, content is used this content-encrypt and content key is used the media key encryption.But, might replace the encryption of using individual layer, utilize media key to come encrypted content whereby, an additional key or a plurality of key perhaps are provided, and improve the number of encryption layer.If the number of encryption layer is enhanced, then it is enough for encrypted with the key that is converted one.
(4) to be not limited to be NRP as describing in a preferred embodiment to transitional information.Transitional information can by produce be illustrated in this tree structure in the position of the node that Device keys is assigned with and any information of the relation between other the node, and according to predetermined rule about number of paths, node location information, NRP or the like.The example of transitional information is described in (a) to (f) below.
(a) transitional information generation unit 104 is searched the node ID of the node that the Device keys of selection is assigned with, and searches this NRP.These are connected to produce transitional information.It below is a specific example.
Under the situation that a kind of playing device as shown in FIG. 30,1 and 8 is undone, Device keys selected cell 102 is selected Device keys Ka-0101, Kb-1100 and Kd-1001.
Transitional information generation unit 104 at first produces the transitional information that is used for Device keys Ka-0101.Here, the node that Device keys Ka-0101 is assigned with is a root, and owing to the node ID that does not exist for this reason, NRP " 0101 " is a transitional information.
Secondly, transitional information generation unit 104 produces the transitional information that is used for Device keys Kb-1100.Here, the node ID of the node that Device keys Kb-1100 is assigned with is " 00 ", and NRP is " 1100 ", and these are connected to produce transitional information " 001100 ".
Then, transitional information generation unit 104 produces the transitional information that is used for Device keys Kd-1001.Here, the node ID of the node that Device keys Kd-1001 is assigned with is " 10 ", and NRP is " 1001 ", and these to be connected to produce transitional information be " 101001 ".
In addition, be not to utilize NRP series connection node ID, but node ID only can be used as transitional information.In this case, owing to there is not the transitional information that is used for Device keys Ka-0101,, perhaps use the transitional information that sets in advance for root to be converted so Device keys Ka-0101 can be encrypted under situation about not changing.Here, the value that is used for this transitional information is different from other transitional information.
(b) each node in this tree structure from root, is pressed from top to bottom and the given identification number of order from left to right, and as shown in Figure 2, and this identification number is used as transitional information.
In other words, when playing device 0,1 and 8 was undone, as shown in Figure 3, the transitional information of Ka-0101 was " 0 ", and the transitional information of Kb-1100 is " 01 ", and the transitional information of Kd-1001 is " 11 ".
(c) the given level number sign indicating number of each layer in this tree structure, as shown in Figure 2, and the node in identical layer is pressed the given node corresponding number of order from left to right.Based on this level number sign indicating number and node corresponding number, produce node location information, and the positional information of this generation is used as transitional information.
(d) from root up to the NRP of all nodes of the node that the Device keys of selecting is assigned with by in each layer by from top up to lowermost layer and order recovery from left to right, and by series connection with the generation transitional information.In case of necessity, the transitional information of this generation can be compressed and be converted to the ordered series of numbers of a random length, and this ordered series of numbers is used as transitional information.
(e) node is begun from root by the order recovery from the highest layer to minimum layer, and the number that runs through with " one " (perhaps " zero ") of the corresponding node of Device keys is calculated.This count value is used as transitional information.
Here, this count value can be converted into binary system, and connects to produce the binary data of transitional information with NRP.Here the NRP of Shi Yonging can be those NRP of the node that is assigned with up to Device keys from root, perhaps can be based on all NRP that aforesaid rule is recovered.Alternatively, binary data can only be connected with a NRP of last recovery.Another alternative is that this binary data is connected with the identifier of the Device keys of use.
(f) be resumed up to all NRP from root, and be converted into decimal number with the corresponding node of Device keys, with and totally be used as transitional information.Alternatively, NRP can be used as binary system and carries out xor operation, and its result is used as transitional information.
(5) in the preferred embodiment, whether the highest bit representation node of NRP is in the layer than Ye Genggao, but this can be used for transmitting other information.For example, the highest position can be used for being illustrated among the offspring of this node whether have some effective devices.Alternatively, might only use two or three minimum bits of four bits of NRP.Similarly, two bits are optional for number of path.As the situation of NRP, number of path can have the information of attached thereto other.In addition, might use the whole of number of path, perhaps use some bit of number of path.
(6) in the present invention, described recovery is not limited to by carrying out to minimum layer and order from left to right from the highest layer.Any method based on predetermined rule all is admissible.For example, recovery can be in this tree structure in left direction, perhaps carry out with the order of priority of the degree of depth.
(7) in the present invention, the operation that stands of transitional information and media key is not limited to the xor operation of describing in the preferred embodiment.For example, can use four main operations any of algorithm.Operation
(8) under a kind of situation of form, promptly this form comprises Parity Check Bits in this media key data, and transitional information can be embedded in the Parity Check Bits of this matter key, rather than media key and transitional information are through an operation.
For example, when using des encryption, the 8 bits of the media key data of 64 bits is Parity Check Bits, and key data generating apparatus 100 conversions have the media key that is embedded in the transitional information in this 8 bits.
It is optional that playing device 200 produces transitional information.As an alternative, playing device 200 can be from DVD 300 media key of reading encrypted, eight Parity Check Bits of deletion from media key data, and 56 bits that use effective key data are as media key.
In addition, when utilizing Device keys to encrypt media key, can come the transfer medium key as one of Parity Check Bits different random number by embedding at every turn.Similarly, in this case, playing device 200 need not to check just can delete this Parity Check Bits, and uses 56 bits as the effective key data of media key.
(9) when the Parity Check Bits quilt as when comprising as described in (5), transitional information or random number can be embedded in some of Parity Check Bits, and remaining Parity Check Bits can be used to transmission information.
For example, if there are eight Parity Check Bits, then random number can be embedded among seven of these bits, and a remaining bit is used to transmission information.The example how this bit is used to the information that transmits is to use this bit as a mark, and this mark for example is illustrated in the identifier that whether has the key that will cancel of row on the recording medium, and key data is recorded on the recording medium.Here, the bit that is used to the information that transmits is a fixed value that is used for specific recording medium, but because a random number is used as remaining seven Parity Check Bits embedding, so the media key of this conversion is different for each Device keys.
(10) in a preferred embodiment, key data generating apparatus 100 produces key datas, encrypted content, and the content of key data and encryption is written to recording medium.But, optional by these whole operations that this key data generating apparatus 100 is carried out.In other words, might have different devices, it produces key data, record key data and recorded content respectively.
In addition, key data generating apparatus 100 except the Device keys of management playing device, Device keys that can also the management accounts device.
In this case, tape deck is preserved the Device keys of the leaf of distributing to tree structure.Key data generating apparatus 100 is carried out the processing of describing in this embodiment, produces transitional information and media key data, and these are recorded DVD.
When coming encrypted content key for encrypted content, tape deck is carried out the processing identical with playing device 200, and selection and obtain a suitable Device keys among the Device keys of preserving.Tape deck uses the media key encrypted content key that obtains, and the content of the content key that will encrypt and encryption is written to DVD.
In addition, tape deck can use the key data by key generation apparatus 100 records as content key.
(11) key data is not limited to and is recorded to DVD.Can use portable and can be installed in key data generating apparatus 100 and the playing device 200 any recording medium among both, such as CD, MD, MO or BD (Blu-ray disc).In addition, key data can be sent to playing device from key data generating apparatus 100 by communicating by letter with content on internet or the like.
(12) the present invention can be by the many methods shown in the above.In addition, these methods can be by computer implemented computer program, and can be the digital signals of computer program.
In addition, the present invention can be computer-readable recording medium, such as floppy disc, hard disk, CD-ROM (compact disk-read-only memory) and MO (magneto optical disk), DVD-ROM (digital multi-purpose disk-read-only memory), DVD-RAM (digital multi-purpose disk-random access memory), BD (Blu-ray disc), the perhaps semiconductor memory of storage computation machine program or digital signal.In addition, the present invention can be computer program or the digital signal that is recorded on any recording medium device of aforesaid recording medium device.
In addition, the present invention can be at telecommunication line, wireless or wire communication line, perhaps computer program or the digital signal that transmits on the network of internet representative.
In addition, the present invention can be the computer system that comprises microprocessor and memory, this memory stores computer program, and this microprocessor is operated according to computer program.
In addition, by convey program or digital signal to the recording medium device, perhaps by via network or the like convey program or digital signal, this program or digital signal can by other independently computer system carry out.
(13) the present invention can be embodiment described above and improved any combination.
4. conclusion
As has been described, the present invention is a kind of content protective system, wherein content only is spendable by effective terminal installation, comprise: key data generating apparatus, it comprises: converting unit, be used for changing first key data that when using this content, uses, thereby produce second key data based on predetermined transformation rule; Ciphering unit is used to use the Device keys of being preserved by this effective terminal installation that second key data is encrypted, thereby produces the encrypted secret key data; And output unit, be used to export this encrypted secret key data, and terminal installation, it comprises: obtain the unit, be used to obtain this encrypted secret key data; Decrypting device is used to use the Device keys of being preserved by this terminal installation to go to decipher this encrypted secret key data, thereby produces second key data; Converting unit is used for changing second key data based on predetermined transformation rule, thereby obtains first key data; Content is used the unit, is used for using this content based on this first key data.
In addition, the present invention is a kind of key data generating apparatus, it produces key data, make content to use by effective terminal installation, comprise: converting unit, be used for changing first key data that when using this content, uses, thereby produce second key data based on predetermined transformation rule; Ciphering unit is used to use the Device keys of being preserved by effective terminal installation that second key data is encrypted, thereby produces the encrypted secret key data; And output unit, be used to export this encrypted secret key data.
In addition, the invention provides a terminal installation that uses content, comprise: obtain the unit, be used to obtain the encrypted secret key data, these encrypted secret key data are to change first key data to produce second key data by key data generating apparatus based on predetermined transformation rule, encrypt second key data with the use Device keys and produce, this first key data uses when using content; Decrypting device is used to use the Device keys of being preserved by this terminal installation to decipher this encrypted secret key data, thereby obtains second key data; Converting unit is used for changing second key data based on predetermined transformation rule, thereby obtains first key data; Use the unit with content, be used for using this content based on this first key data.
According to the structure of statement, even Device keys has identical value, the encrypted secret key data can not have identical value inevitably yet.In addition, use these encrypted secret key data to determine that whether Device keys has identical value is impossible.Therefore, can prevent from illegally to obtain first key data.Therefore, prevent cancelling of the playback equipment that should not be undone.
Here, in key data generating apparatus, this converting unit can be used for the transitional information of this Device keys by generation, and transitional information and the reversible operation of first key data execution to this generation produce second key data, and this output unit can further be exported this transitional information.
In addition, this terminal installation may further include: preserve the unit, be used to preserve a plurality of Device keyses; And selected cell, be used to select of this Device keys, wherein this acquisition unit obtains this ciphered data, this ciphered data is to carry out reversible operation by this key data generating apparatus by this transitional information that produces to first key data and for this Device keys to obtain second key data, and encrypting second key data produces, this decrypting device utilizes the Device keys of this selection to be decrypted, and this converting unit is used for the transitional information of the Device keys of this selection by generation, and utilize this transitional information that the Device keys of this selection is applied a predetermined operation, produce first key information.
According to the structure of statement, this key data generating apparatus uses this transitional information for the Device keys generation of this selection to come first key data is applied a reversible operation, thereby produces second key data.Have only the terminal installation of preserving this Device keys can change second key data again, so that produce this first key data.
Here, this key data generating apparatus may further include: cipher key management unit, be used for making the Device keys of being preserved by terminal installation corresponding with the node of tree structure, this tree structure is limited to the relation between the sharing equipment key among the terminal installation; And selected cell, be used for selecting one or more Device keyses from the Device keys of preserving by effective terminal installation, wherein this converting unit produces this transitional information and this ciphering unit based on each positional information of the Device keys of the corresponding selection of node on one or more extreme higher positions with in this tree structure in this tree structure and utilizes each of Device keys of one or more selections respectively second key data to be encrypted.
In addition, in this terminal installation, this converting unit can produce this transitional information according to the heading message that appends to these encrypted secret key data.
In addition, in this terminal installation, this heading message can be used to produce this transitional information, and can produce by this key data generating apparatus, this key data generating apparatus uses tree structure, from the Device keys of preserving by effective terminal installation, select the corresponding Device keys of node on one or more and the extreme higher position in this tree structure, produce this heading message with each positional information, with the management equipment key based on the Device keys of one or more selections in this tree structure; This preservation unit can be preserved positional information and this converting unit of this terminal installation and can utilize the positional information of this heading message and preservation to produce this transitional information.
According to the structure of statement, this key data generating apparatus uses based on the transitional information of the position generation of the Device keys of selecting in this tree structure and changes this first key data.Therefore, even Device keys is shared identical value, the different locational Device keys in this tree structure can not be used to correctly change second key data again.Therefore, can prevent from illegally to obtain this first key data.
Here, this key data generating apparatus may further include: cipher key management unit, be used for making the Device keys of being preserved by terminal installation corresponding with the node of tree structure, this tree structure is limited to the relation between the sharing equipment key in the terminal installation; With limit this Device keys each whether be undone; And selected cell, be used among the Device keys of preserving by effective terminal installation, selecting the one or more and corresponding Device keys of node on the extreme higher position of this tree structure, wherein this converting unit is based on the state of cancelling of cancelling information and other nodes, produce each transitional information of the Device keys that is used for one or more selections, this is cancelled information and is based on this node definition, and the Device keys of this selection is corresponding with this node.
In addition, in this terminal installation, this heading message can be to be used to produce transitional information, and can be by making the Device keys of preserving by terminal equipment corresponding with the node in tree structure, from the Device keys of preserving by effective terminal equipment, select the corresponding Device keys of node on the extreme higher position at least one and this tree structure, and with heading message based on according to and the state of cancelling of the information of cancelling that limited of the corresponding node of selected Device keys and other nodes, produce described heading message, wherein said tree structure be limited to the relation between the sharing equipment key in the described terminal equipment and limit this Device keys each whether be undone, this preservation unit in this key data generating apparatus can be kept at positional information and this converting unit of this terminal installation of the Device keys that is used for the office terminal device in the tree structure and can utilize the positional information of this heading message and preservation to produce this transitional information.
According to the structure of statement, this transitional information is to produce according to the relation of the position in the tree structure of the Device keys of cancelling at this, and therefore, the Device keys that has different positions in this tree structure can not be used to correctly change second data again.Therefore, can prevent from illegally to obtain this first key data.
Here, in this key data generating apparatus, this converting unit can produce each this transitional information of the Device keys that is used for one or more selections by series connection a plurality of of id information, wherein each id information identification from root up to a paths of the route of the corresponding node of Device keys of this selection this tree structure.
In addition, in key data generating apparatus, this converting unit can produce the data as this transitional information of each of the Device keys that is used for one or more selections, this data representation is corresponding to the position of the node of the Device keys of this selection, and this position is to represent according to the position relation between the layer in tree structure and between the node in identical layer.
In addition, this converting unit can be cancelled a plurality of of information by series connection and produce this transitional information, wherein each transitional information relate to from root up to the node of placing with the route of the corresponding node of Device keys of this selection.
In addition, in key data generating apparatus, this converting unit can be by from corresponding among the information of cancelling with the node of predetermined sequence arrangement, and the information of cancelling of connecting first is cancelled information up to a slice corresponding to the node of selected Device keys, produces described transitional information.
Structure according to statement, because there are many patterns in the position according to this Device keys in this tree structure, transitional information can not be do not produced so in this tree structure, do not have the terminal installation of the positional information of effective Device keys, and therefore first key data can not be obtained.
Here, in key data generating apparatus, this converting unit can be come by the transitional information that generation be used for this Device keys, and this transitional information is embedded at least a portion of redundancy section of first key data and produces second key data.
In addition, in this key data generating apparatus, this converting unit is by being random number of this Device keys generation, and the random number that will produce is embedded at least a portion of redundancy section of this first key data and produces second key data.
In addition, in this terminal installation, second key data be produce at least a portion by the redundancy section of described key data generating apparatus by will being embedded in described first key data for the transitional information that described Device keys produces and described converting unit produce described first key data by the redundancy section of deleting described second key data.
Structure according to statement, when redundant bit is included in this first key data, therefore utilize transitional information or utilize one to embed the redundant bit quilt, make it be difficult to find the Device keys encrypted secret key data of utilizing identical value for the different value of each conversion.Therefore, only can specify the terminal installation of the tram of this key data can obtain this first key data.
Here, in key data generating apparatus, this converting unit can be used the remainder of this redundancy section that does not embed random number, to transmit other information.
According to the structure of statement, a random number is embedded in some of redundant bit, and this remaining redundant bit is used to transmission information.Therefore, other information can be transmitted, the illegal acquisition of first key data can be prevented simultaneously.
Industrial applicibility
The present invention can use in the key management method that uses tree structure, and especially is suitable for preventing the illegal acquisition of key data.

Claims (15)

1. content protective system, wherein content only is spendable by effective terminal installation, this system comprises key data generating apparatus and terminal installation, wherein:
Described key data generating apparatus comprises:
Cipher key management unit is used for limiting described Device keys by making the Device keys of being preserved by terminal installation corresponding with the node of tree structure;
Selected cell is used to select described Device keys, makes the terminal installation of cancelling can not use content, and exports selected Device keys and give ciphering unit;
Converting unit, be used to use transitional information to change the media key that when using described content, uses, thereby produce the media key of conversion, wherein, described transitional information is according to the information that produces with the position of the corresponding node of selected Device keys in described tree structure;
Ciphering unit is used to use selected Device keys to come the media key of described conversion is encrypted, thereby produces the encrypted secret key data; With
Output unit is used to export this encrypted secret key data, and
Described terminal installation comprises:
Obtain the unit, be used to obtain this encrypted secret key data;
Decrypting device is used to use the Device keys of being preserved by described terminal installation to decipher this encrypted secret key data, thereby produces the media key of conversion;
Converting unit is used to use transitional information to change the media key of described conversion, thereby obtains media key, and wherein, described transitional information is according to the information that produces with the position of the corresponding node of selected Device keys in described tree structure; With
Content is used the unit, is used for using described content based on described media key.
2. key data generating apparatus, its generation is used to encrypt the key data of the content that offers terminal installation, thereby makes content to be used by effective terminal installation, and this key data generating apparatus comprises:
Cipher key management unit is used for limiting described Device keys by making the Device keys of being preserved by terminal installation corresponding with the node of tree structure;
Selected cell is used to select described Device keys, makes the terminal installation of cancelling can not use content, and exports selected Device keys and give ciphering unit;
Converting unit, be used to use transitional information to change the media key that when using described content, uses, thereby produce the media key of conversion, wherein, described transitional information is according to the information that produces with the position of the corresponding node of selected Device keys in tree structure;
Ciphering unit is used to use selected Device keys to come the media key of described conversion is encrypted, thereby produces the encrypted secret key data; With
Output unit is used to export this encrypted secret key data.
3. according to the key data generating apparatus of claim 2, wherein
Described converting unit is used for the transitional information of described Device keys and the transitional information and the described media key that are produced is carried out reversible operation by generation, produces the media key of described conversion, and
Described output unit is further exported this transitional information.
4. according to the key data generating apparatus of claim 3, wherein:
Described selected cell is selected the corresponding Device keys of node on one or more and the extreme higher position in this tree structure from the Device keys of being preserved by effective terminal installation.
5. according to the key data generating apparatus of claim 4, wherein
Described converting unit produces each described transitional information of the Device keys that is used for one or more selections by series connection a plurality of of id information, wherein each id information be identified in the described tree structure from root up to a paths of the route of the corresponding node of selected Device keys.
6. according to the key data generating apparatus of claim 4, wherein
Described converting unit produces the data as the described transitional information of each of the Device keys that is used for one or more selections, this data representation is corresponding to the position of the node of selected Device keys, and this position is to represent according to the position relation between the layer in described tree structure and between the node in identical layer.
7. according to the key data generating apparatus of claim 2, wherein
Described output unit is written to a portable recording medium with described encrypted secret key data.
8. according to the key data generating apparatus of claim 2, wherein
Described output unit utilizes communication media to export described encrypted secret key data.
9. terminal installation that uses content comprises:
Device keys is preserved the unit, is used to preserve Device keys;
Obtain the unit, be used to obtain the encrypted secret key data of output unit output of the key data generating apparatus of accessory rights requirement 2;
Decrypting device is used to use described Device keys to decipher described encrypted secret key data, thereby obtains the media key of conversion;
Converting unit is used to use transitional information to change the media key of described conversion, thereby obtains media key, and wherein, described transitional information is according to the information that produces with the position of the corresponding node of described Device keys in tree structure; With
Content is used the unit, is used for using described content based on described media key.
10. according to the terminal installation of claim 9, wherein:
Described Device keys is preserved the unit and is preserved a plurality of Device keyses that comprise described Device keys;
Described terminal installation also comprises selected cell, and it is used for selecting described Device keys from described a plurality of Device keyses,
Described acquisition unit obtains described ciphered data, this ciphered data is to carry out the media key that reversible operation obtains described conversion by described key data generating apparatus by the described transitional information that produces to described media key and for described Device keys, and the media key of encrypting this conversion produces
Described decrypting device utilize selected Device keys to be decrypted and
Described converting unit is used for the transitional information of selected Device keys by generation, and utilizes this transitional information that selected Device keys is applied a predetermined operation, produces described media key.
11. according to the terminal installation of claim 10, wherein
Described converting unit produces described transitional information according to the heading message that appends to described encrypted secret key data.
12. according to the terminal installation of claim 11, wherein
Described heading message is used to produce described transitional information, and produce by described key data generating apparatus, this key data generating apparatus uses tree structure, from the Device keys of preserving by effective terminal equipment, select the corresponding Device keys of node on one or more and the extreme higher position in this tree structure, and produce described heading message based on each positional information of the Device keys of the one or more selections in described tree structure, with the management equipment key
Described preservation unit preserve described terminal installation positional information and
Described converting unit utilizes described heading message and the positional information of being preserved to produce described transitional information.
13. according to the terminal installation of claim 9, wherein
Described content uses the unit to comprise:
Encrypt subelement, be used for encrypting described content, thereby produce encrypted content based on described media key; With
The output subelement is used to export the content of this encryption.
14. according to the terminal installation of claim 9, wherein
Described content uses the unit further to comprise:
Content obtains subelement, is used to the content that obtains to encrypt;
The deciphering subelement is used for deciphering based on described media key the content of described encryption, thereby produces content; With
Play subelement, be used to play described content.
15. key data production method that in key data generating apparatus, uses, this key data generating apparatus produces and is used to encrypt the key data of the content that offers terminal installation, thereby make content to be used by effective terminal installation, this method comprises:
The key management step, it limits described Device keys by making the Device keys of being preserved by terminal installation corresponding with the node in the tree structure;
Select step, it selects described Device keys, makes the terminal installation of cancelling can not use described content, and exports selected Device keys and be used for encrypting;
Switch process, it uses transitional information to change the media key that uses when using described content, thereby produce the media key of conversion, wherein, described transitional information is according to the information that produces with the position of the corresponding node of selected Device keys in tree structure;
Encrypting step, it uses selected Device keys that the media key of described conversion is encrypted, thereby produces the encrypted secret key data; With
The output step, wherein output unit is exported this encrypted secret key data.
CN200480002253.7A 2003-01-15 2004-01-13 Work protection system, key data generating apparatus, and terminal device Expired - Lifetime CN1739260B (en)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
JP2003007349 2003-01-15
JP7349/2003 2003-01-15
JP101455/2003 2003-04-04
JP2003101455 2003-04-04
PCT/JP2004/000155 WO2004064313A1 (en) 2003-01-15 2004-01-13 Content protection system, key data generation apparatus, and terminal appparatus

Publications (2)

Publication Number Publication Date
CN1739260A CN1739260A (en) 2006-02-22
CN1739260B true CN1739260B (en) 2011-12-28

Family

ID=36081289

Family Applications (1)

Application Number Title Priority Date Filing Date
CN200480002253.7A Expired - Lifetime CN1739260B (en) 2003-01-15 2004-01-13 Work protection system, key data generating apparatus, and terminal device

Country Status (2)

Country Link
CN (1) CN1739260B (en)
ES (1) ES2352052T3 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103036853B (en) * 2011-09-30 2016-01-27 中国移动通信集团公司 Business datum sending method and device, method for processing business and device

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1338698A (en) * 2000-07-24 2002-03-06 索尼公司 Data processing system, data processing method, data processing apparatus and program provided media
WO2002060116A2 (en) * 2001-01-26 2002-08-01 International Business Machines Corporation Method for broadcast encryption

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1338698A (en) * 2000-07-24 2002-03-06 索尼公司 Data processing system, data processing method, data processing apparatus and program provided media
WO2002060116A2 (en) * 2001-01-26 2002-08-01 International Business Machines Corporation Method for broadcast encryption

Also Published As

Publication number Publication date
ES2352052T3 (en) 2011-02-15
CN1739260A (en) 2006-02-22

Similar Documents

Publication Publication Date Title
CN101866668B (en) Recording device, and content-data playback system
CN100418316C (en) Information processing system and method
CN1901446B (en) System and method for processing information using encryption key block
CN1901067B (en) Copyright protection system, recording device and decryption device
CN100490369C (en) System and mehtod for processing information using encryption key block
CN101047495B (en) Method and system for transferring data
CN1940952B (en) System and device for managing control data
US7443984B2 (en) Information processing system and method for distributing encrypted message data
CN100423041C (en) Data processing apparatus and method
CN1759559B (en) Copyright protection system, recording apparatus, reproduction apparatus, and recording medium
CN1914852B (en) Information processing device, information processing method
CN100401667C (en) Information recording/reproducing apparatus and method
US8054978B2 (en) Key management for content protection
CN102568518B (en) Method and apparatus for processing information, method and apparatus for manufacturing information recording medium, information recording medium, and computer program
CN100542084C (en) Signal processing system, recording method, program, recording medium, transcriber and information processor
US7707410B2 (en) Information processing system and method
US6868404B1 (en) Digital data recording device, digital data memory device, and digital data utilizing device for converting management information which contains restrictive information using a different key in each management information send/receive session
CN100538718C (en) Management server apparatus, content playback unit and recording medium
US20020076204A1 (en) Key management device/method/program, recording medium, reproducing device/method, recording device, and computer-readable, second recording medium storing the key management program for copyright protection
JP2008263645A (en) Data protection system for protecting data through encryption
CN101533654A (en) Apparatus, method, and computer program product for processing information
KR101019321B1 (en) Content protection system, key data generation apparatus, and terminal apparatus
CN100458740C (en) Recording system and method, recording device and method, input device and method, reproduction system and method, reproduction device and method, recording medium, and program
GB2353682A (en) Cryptographic key management
CN1739260B (en) Work protection system, key data generating apparatus, and terminal device

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CX01 Expiry of patent term

Granted publication date: 20111228

CX01 Expiry of patent term