JP2002305515A5

JP2002305515A5 -

Info

Publication number: JP2002305515A5
Application number: JP2002002817A
Authority: JP
Filing date: 2002-01-09
Publication date: 2005-07-21

Claims

A content decrypting device that decrypts encrypted content recorded on a recording medium and outputs the decrypted content to an external device,
Decryption means for decrypting the encrypted content recorded on the recording medium to generate content;
Executing an instruction that decodes a transfer instruction including a transfer destination address indicating a position in the address space of the content output means as a content transfer destination, extracts the transfer destination address, and outputs the transfer destination address to the address checking means Means,
A permission address indicating a transfer destination permitted to output the content is stored in advance, and it is determined whether or not the transfer destination address matches the permission address. Address checking means for outputting to the content output means whose position is indicated by the transfer destination address;
Content decrypting apparatus, comprising: content output means for receiving the content and outputting the received content to an external device.

The content decryption device further includes:
A decryption program including a decryption instruction indicating decryption of the encrypted content and a transfer instruction including a transfer destination address indicating the position of the content output means and indicating transfer of the content to the content output means is obtained from another external device. Providing acquisition means to
The decrypting means decrypts the encrypted content according to a decryption instruction included in the decryption program,
The content decryption apparatus according to claim 1, wherein the command execution unit outputs a transfer destination address in accordance with a transfer command included in the decryption program.

The decryption means, the instruction execution means, the address inspection means, the content output means, and the program acquisition means are each connected via a bus,
The instruction execution means outputs the transfer destination address via the bus,
The address checking means acquires the transfer destination address via the bus, outputs the content via the bus,
The content decrypting apparatus according to claim 2, wherein the content output unit receives the content via the bus.

The address checking means further has a state in which the permission address is not stored,
The content decryption apparatus further determines whether or not the address checking unit stores the permission address, and prohibits the instruction execution unit from executing the transfer instruction when determining that it is not. The content decrypting apparatus according to claim 3, further comprising a state control unit.

The acquisition means further acquires an encrypted permitted address obtained by encrypting a new permitted address from an external device,
The decryption means decrypts the encrypted permitted address to generate a new permitted address;
The address checking means stores the generated new permission address instead of the permission address, and whether or not the transfer address matches the new permission address when the encrypted content is decrypted next time The content decrypting apparatus according to claim 3, wherein:

The content decrypting apparatus according to claim 5, wherein the decrypting unit stores a variable variable key in advance, and decrypts the encryption permission address using the variable key.

The decryption means further stores in advance a fixed key unique to the content decryption device,
The acquisition means further acquires an encrypted variable key obtained by encrypting a new variable key using the fixed key from an external device,
The decryption means decrypts the encrypted variable key using the fixed key, generates a new variable key, stores the generated new variable key instead of the variable key,
7. The content decrypting apparatus according to claim 6, wherein the new variable key is used when decrypting the permitted address encrypted using the new variable key.

The decryption means further has a state in which the variable key is not stored,
The state control means further determines whether or not the decryption means stores the variable key, and when it is determined to be no, the state control means prohibits the decryption means from decrypting. Item 7. The content decrypting device according to Item 6.

The decoding means, the instruction execution means and the address checking means constitute one CPU,
Performing a first device authentication between the CPU and the recording medium, continuously performing a second device authentication between the CPU and the content output means,
The content decryption device decrypts the encrypted content and outputs the decrypted content to an external device only when both the first device authentication and the second device authentication are successful. The content decryption apparatus described.

A content decrypting method used in a content decrypting apparatus, comprising a decrypting means, an instruction executing means, an address checking means, and a content output means, for decrypting encrypted content recorded on a recording medium and outputting the decrypted content to an external device. ,
A decrypting step of decrypting the encrypted content recorded on the recording medium to generate content;
The instruction execution means decodes a transfer instruction including a transfer destination address indicating a position in the address space of the content output means as a content transfer destination, extracts the transfer destination address, and uses the transfer destination address as an address checking means. Instruction execution steps to be output to
In the address checking means, a permission address indicating a transfer destination permitted to output content is stored in advance, and it is determined whether or not the transfer destination address matches the permission address. An address checking step of outputting the generated content to content output means whose position is indicated by the transfer destination address;
A content decoding method comprising: a content output step of receiving the content and outputting the received content to an external device in the content output means.

A content decryption program used in a content decryption device, comprising a decryption unit, an instruction execution unit, an address inspection unit, and a content output unit, decrypts encrypted content recorded on a recording medium and outputs the decrypted content to an external device. ,
A decrypting step of decrypting the encrypted content recorded on the recording medium to generate content;
The instruction execution means decodes a transfer instruction including a transfer destination address indicating a position in the address space of the content output means as a content transfer destination, extracts the transfer destination address, and uses the transfer destination address as an address checking means. Instruction execution steps to be output to
In the address checking means, a permission address indicating a transfer destination permitted to output content is stored in advance, and it is determined whether or not the transfer destination address matches the permission address. An address checking step of outputting the generated content to content output means whose position is indicated by the transfer destination address;
A content decoding program comprising: a content output step for receiving the content and outputting the received content to an external device in the content output means.