JP2004303265A - Data copyright management device - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a terminal unit for handling data copyright, digital cache and television conference system data. <P>SOLUTION: This data copyright management device is provided with a CPU, an ROM, an EEPROM and an RAM. The ROM, EEPROM and RAM are connected to a bus of the CPU, and a system bus of devices for using data is connectable to the bus of the CPU. A data copyright management system program, cryptographic algorithm and user information are stored in the ROM, and a second exclusive key, a use authorization key, a second private key and copyright information are stored in the EEPROM. When the device is operated, a first public key, a first exclusive key, a second public key and a first private key are transferred to the RAM. As the form of the data copyright management device, a monolithic or hybrid IC, a thin-type IC card or PC card with an exclusive terminal, and an insertion board are applicable and can also be built in a computer device, a television image receiver, a set-top box, digital video tape recorder, digital video disk recorder, a digital audio tape device or a portable terminal unit. <P>COPYRIGHT: (C)2005,JPO&NCIPI

Description

  The present invention relates to an apparatus that uses data in displaying, storing, copying, processing, and transferring digital data, and has an object to protect the copyright of digital data.

  2. Description of the Related Art In the information age, a database system that mutually uses various kinds of data, which have been stored independently by each computer, by connecting each computer through a communication line has been widely used. The information handled so far in this database system is coded information with a small amount of information that can be processed by a classical computer and, at most, monochrome binary data such as facsimile information, natural images and moving images. It was not possible to handle data with an extremely large amount of information.

  By the way, as digital processing technology of various electric signals is developed, digital signal processing technology for image signals other than binary data, which has been conventionally treated only as an analog signal, is being developed. The digitization of this image signal makes it possible for the computer to handle image signals such as television signals. Therefore, a "multimedia system" that simultaneously handles various data handled by the computer and image data obtained by digitizing the image signals. Is attracting attention as a future technology.

Since image data has an overwhelming amount of information as compared with character data and voice data, it is difficult to store, transfer, or perform various processing in a computer as it is. Therefore, it is conceivable to compress / expand these image data, and some standards for image data compression / expansion have been created. Among them, the JPEG (Joint Photographic Image Coding Experts Group) standard for still images and the H.264 standard for television conferences have been used as common standards.
261 standard, MPEG1 (Moving Picture image coding Experts Group 1
) Standards and MPEG from current television broadcasting to high definition television broadcasting
Two standards have been created. These technologies have enabled real-time processing of digital video data.

  Conventionally, analog data that has been widely used deteriorates in quality every time it is stored, copied, processed, or transferred. Therefore, copyright processing caused by these operations has not been a serious problem. However, the quality of digital data is not degraded by repeatedly storing, copying, processing, and transferring digital data. Therefore, the processing of the copyright caused by these operations is a serious problem. Until now, there has been no precise method for copyright processing of digital data, and it has been processed under copyright law or by contract, and the copyright law also institutes compensation for digital recording equipment. It's just

  The method of using a database is not only to refer to its contents, but also to make effective use of the obtained data by storing, copying and processing it, and to use the processed data online via a communication line or on an appropriate storage medium. It is possible to transfer data to others online or even to a database and register it as new data. In a conventional database system, only character data was targeted.In a multimedia system, in addition to character data, etc., which had previously been made into a database, voice data and image data, which are analog data, were digitally converted. And converted into a database.

In such a situation, how to deal with the copyright of the data in the database becomes a big problem. So far, the copyright management means for that purpose, especially the secondary use such as copying, processing, transferring, etc. No copyright management measures have been completed for. Note that data called software with advertisements or data called freeware does not require a usage fee in principle, but there is a copyright, and depending on the method of use, there may be restrictions on copyright. The inventors of the present invention disclosed in Japanese Patent Application Laid-Open Nos. 6-132916 and 6-141004 a system for performing copyright management by obtaining a permission key from a key management center through a public telephone line. An apparatus for that is proposed.

  Also, Japanese Patent Application No. 6-64889 (Patent Document 1) and Japanese Patent Application No. 6-237673 have proposed a system for managing the copyright of digital data. In these systems and devices, a person who wishes to view an encrypted program makes a viewing application to the management center via a communication line using a communication device, and the management center issues a permission key to the viewing application. It transmits and bills to collect the fee. The viewer who has received the permission key sends the permission key to the receiving device by online or offline means, and the receiving device to which the permission key is sent decrypts the program encrypted by the permission key.

  The system described in Japanese Patent Application No. 6-64889 manages copyrights in displaying (including audio), storing, copying, processing, and transferring digital data in a database system including real-time transmission of digital video. In addition to the key for permitting use, a program for managing copyright and copyright information are used. This copyright management program monitors and manages so as not to use the application or the contents contrary to the permitted contents. In Japanese Patent Application No. 6-64889, data is supplied from a database in an encrypted state, is decrypted by a copyright management program at the time of display and processing, and storage, copy, and transfer are again encrypted. It is described that the operation is performed in a state where the operation is performed. Furthermore, the copyright management program itself is encrypted, the copyright management program is decrypted with the permission key, and the decrypted copyright management program decrypts and encrypts the copyright data, other than storing and displaying the data. It is also described that, when the use of the file is performed, copyright information including information about the operator is stored as a history in addition to the original copyright information.

  First, a general description of encryption technology will be given. The encryption technology includes a secret-key cryptosystem and a public-key cryptosystem. The secret key cryptosystem uses the same encryption key for encryption and decryption, and the time required for encryption and decryption is short, but the secret key is discovered and the cryptogram is decrypted (Cryptanalize). There is. On the other hand, a public key cryptosystem is a cryptographic key system in which a key for encryption is disclosed as a public key (public-key) and a key for decryption is not disclosed, and the key for encryption is a public key. , And the decryption key is called a private-key. To use this encryption method, the sender of information encrypts (encrption) with the public key of the receiver that receives the encryption, and the receiver of information decrypts (decryption) with the private key that is not disclosed. Although it is an encryption method and the time required for encryption and decryption is long, it is almost impossible to find a dedicated key and it is very difficult to decrypt the encryption.

In the encryption technology, a case where plaintext M is encrypted using a encryption key K and a cryptogram C is obtained is C = E (K, M).
Where the encrypted text C is decrypted using the encryption key K to obtain the plaintext M, where M = D (K, C)
Is expressed as The encryption scheme used in the present invention includes a secret-key system in which the same secret key Ks is used for encryption and decryption, and a public key Kb for plaintext encryption.
Is used, and a public-key system in which a private key Kv is used for decrypting the ciphertext is adopted.

FIG. 1 shows the configuration of a data copyright management system disclosed in Japanese Patent Application No. 6-237773, which is a prior application, in which the data copyright management device according to the present invention is used. In this system, encrypted data is supplied bidirectionally in response to a request from the primary user 4. Further, a secret key method and a public key method are adopted as the encryption key method. In addition, this system is of course applicable to a case where satellite broadcasting, terrestrial broadcasting, CATV broadcasting or a recording medium that does not need to be encrypted free of charge such as with an advertisement other than a database is used as a data supply means. is there.

  In this system, 1 is a database, 4 is a primary user terminal, 5 is a secondary user terminal, 6 is a tertiary user terminal, and 7 is an nth user terminal. Reference numeral 3 denotes a copyright management center, 8, 9, and 10 secondary copyright data, tertiary copyright data... N-order copyright data stored in the copyright management center 3, and 2 denotes a communication carrier. Is a communication network such as a public line provided by the company or a CATV line provided by a cable television company.

  Among these, the database 1, the primary user terminal 4, the secondary user terminal 5, the tertiary user terminal 6, the n-th user terminal 7, and the copyright management center 3 are connected to the communication network 2 and Can be connected to In this figure, the path indicated by the broken line is the path of the encrypted data, the path indicated by the solid line is the path of the request from each user terminal device, and the path indicated by the dashed line is The path along which the encryption key is transferred together with the permission information corresponding to the usage form from the data. The path indicated by the two-dot chain line indicates that the copyright information is transferred from the data to the next data in the database or in the copyright management center. This is the route to be transferred. Each user who uses this system registers in advance in the database organization. At the time of this registration, the database organization use software is provided to the user. This database organization use software includes a program for decrypting an encrypted copyright management program in addition to normal communication software such as a data communication protocol.

  In using the database 1, the primary user receives the primary user authentication data Au1, the first public key Kb1, and the first private key Kv1, the second public key Kb2, and the second public key Kb2 corresponding to the first public key Kb1. A corresponding second dedicated key Kv2 is prepared, and the primary user terminal device 4 is used to access the database 1 via the communication network 2.

  The database 1 that has received the primary user authentication data Au1, the first public key Kb1, and the second public key Kb2 from the primary user confirms the primary user authentication data Au1, and confirms the confirmed primary user authentication data Au1. To the secondary copyright management center 3 as primary user information Iu1.

  On the other hand, the database 1 prepares two secret keys, that is, a first secret key Ks1 and a second secret key Ks2. Of the prepared first secret key Ks1 and second secret key Ks2, the second secret key Ks2 is also transferred to the copyright management center 3 in advance.

  As a result of these transfers, the copyright management center 3 stores the permission key Kp corresponding to the primary usage mode, the primary user information Iu1, the original copyright information Ic0, and the second secret key Ks2. Among these, the original copyright information Ic0 is used for distribution of the copyright usage fee.

  When a primary user who wants to use data accesses the database 1 using the primary user terminal device 4, the data menu is transferred. At this time, fee information may be displayed together with the data menu.

  When the data menu is transferred, the primary user performs a data menu search and selects data M. At this time, the original copyright information Ic0 of the selected data M is transferred to the copyright management center 3. Further, the primary user selects the permission key Kp1 corresponding to the desired use form from the permission keys corresponding to the use forms of viewing, saving, copying, processing, and transfer. This permission key Kp1 is also transferred to the copyright management center 3.

  It should be noted that since the primary user needs to view and save at least as a usage mode, these usage modes are excluded from selection as minimum usage modes, and only copying, processing, and transfer are selected. You can also.

The original data M0 is read from the database 1 at the request of the primary user. The read original data M0 is encrypted with the first secret key Ks1.
Cm0ks1 = E (Ks1, M0)
The encrypted data Cm0ks1 is provided with unencrypted original copyright holder information Ic0. Further, the first secret key Ks1 is encrypted with the first public key Kb1, and the second secret key Ks2 is also encrypted with the second public key Kb2.
Cks1kb1 = E (Kb1, Ks1)
Cks2kb2 = E (Kb2, Ks2)
At the same time, the copyright management program P is also encrypted with the second secret key Ks2, but Cpks2 = E (Ks2, P)
The encryption of the copyright management program P does not have to be encrypted with the second secret key Ks2, but can be encrypted using another appropriate encryption key. The encrypted original data Cm0ks1, the encrypted copyright management program Cpks2 and the two encrypted secret keys Cks1kb1 and Cks2kb2 are transferred to the primary user terminal device 4 via the communication network 2. At this time, charging is performed if necessary. Note that the encrypted copyright management program Cpks2 can be stored in, for example, a ROM in the user terminal device 4 instead of being supplied from the database 1.

From database 1, encrypted original data Cm0ks1, two encrypted secret keys Cks1kb1, Cks2kb2
The primary user who has received the encrypted copyright management program Cpks2 decrypts the encrypted first secret key Cks1kb1 using the first private key Kv1 corresponding to the first public key Kb1 using the database organization use software. , Ks1 = D (Kv1, Cks1kb1)
The encrypted second secret key Cks2kb2 is decrypted using the second dedicated key Kv2 corresponding to the second public key Kb2.
Ks2 = D (Kv2, Cks2kb2)
Further, the encrypted copyright management program Cpks2 is decrypted using the decrypted second secret key Ks2.
P = D (Ks2, Cpks2)
Finally, the encrypted data Cm0ks1 is decrypted by using the decrypted first secret key Ks1 using the decrypted copyright management program P, and M0 = D (Ks1, Cm0ks1)
The decrypted original data M0 is used as it is or as processed data M1. As described above, since the first dedicated key Kv1 and the second dedicated key Kv2 are encryption keys prepared by the primary user and not disclosed to others, even if the third party obtains the data M, the encryption is performed. It is impossible to decrypt and use the coded data M.

Thereafter, when saving, copying or transferring the data M which is the original data M0 or the processed data M1, the encryption and decryption are performed using the second secret key Ks2.
Cmks2 = E (Ks2, M)
M = D (Ks2, Cmks2)
The decrypted second secret key Ks2 is used as an encryption key for encrypting / decrypting data when storing, copying or transferring data thereafter. The primary user terminal device 4 stores the original copyright information Ic0 together with the first private key Kv1 and the second private key Kv2, the first secret key Ks1 and the second secret key Ks2, the data M, and the copyright management program P. Also, when the primary user has processed the data, the primary user information and copyright information Ic1, which is the processing date and time, are also stored. It is safe if the copyright information Ic1 is attached to the data as a copyright information label and a digital signature is attached. Since the encrypted data Cmks2 is encrypted and distributed, and the copyright information label is used as a clue to obtain the second secret key Ks2, which is a decryption key, the copyright information label is removed from the encrypted data Cmks2. In this case, the second secret key Ks2 cannot be obtained.

  When the encrypted data Cmks2 is stored in the primary user terminal device 4, the second secret key Ks2 is stored in the device, but the encrypted data Cmks2 is stored in the primary user terminal device 4. If the data is copied to the storage medium 11 or transferred to the secondary user terminal 5 via the communication network 2 without performing any further operations, the first user terminal 4 is made unavailable for further use. The second secret key Ks2 is discarded. In this case, the number of times of copying / transferring may be limited so that the second secret key Ks2 is not discarded in copying / transferring within the number of times.

A primary user who wants to copy the data M to the external storage medium 11 or transfer the data M to the external storage medium 11 via the communication network 2 prepares a second secret key Ks2 when copying or transferring the data M, and transfers the data M to the second secret key Ks2. And encrypt it.
Cmks2 = E (Ks2, M)
Unencrypted original copyright information Ic0 and copyright information Ic1 of the primary user are added to the encrypted data Cmks2.

  The secondary user includes authentication data Au2 for authenticating the secondary user in the same manner as the primary user before using the database, a third public key Kb3, and a third private key Kv3 corresponding to the third public key Kb3. A fourth public key Kb4 and a fourth dedicated key Kv4 corresponding to the fourth public key Kb4 are prepared.

  A secondary user who wishes to use the copied or transferred encrypted data Cmks2 for secondary use sends the data name or data to the copyright management center 3 via the communication network 2 using the secondary user terminal device 5. A second use application is made by designating a number, at which time the third public key Kb3 and the fourth public key Kb3 are added to the secondary user authentication data Au2, the original copyright information Ic0 and the primary user copyright information Ic1. The public key Kb4 is also transferred.

  The copyright management center 3 receiving the secondary use application from the secondary user confirms the authentication data Au2 of the secondary user, and the confirmed secondary user authentication data Au2 is tertiary copyright data as secondary user information. 9 is transferred. When the secondary copyright information Ic1 of the primary user is transferred, the secondary copyright information Ic1 is queried and confirmed in the secondary copyright data 8, and the confirmed secondary copyright information Ic1 is 3 The next copyright data 9 is transferred.

  The secondary user selects the permission key Kp2 corresponding to the usage mode of viewing, storing, copying, processing, and transferring. The permission key Kp2 corresponding to the selected use form is transferred to the tertiary copyright database 9. In addition, since the viewing and storage are required as a minimum usage form of the secondary user, these usage forms may be excluded from selection as the minimum usage form, and only copying, processing, and transfer may be selected. .

  The secondary copyright database 8 prepares a third secret key Ks3. The prepared third secret key Ks3 is transferred to and stored in the tertiary copyright data 9.

  As a result of these transfers, the tertiary copyright data 9 includes the permission key Kp2, the primary user copyright information Ic1, the primary user information Iu1, the original copyright information Ic0, the secondary user information Iu2, and the third The secret key Ks3 is stored. Among these, the permission key Kp2, the primary user copyright information Ic1, and the primary user information Iu1 are used for distribution of the copyright usage fee.

Similarly, the n-th copyright data 10 includes a permission key Kpn, (n
-1) Secondary copyright information Icn-1, primary user information Iu1, original copyright information Ic0, n-th user information Iun, and an n-th secret key Ksn of the next user are stored.

The permission key Kp2, the primary user information Iu1, the original copyright information Ic0, and the second secret key Ks2 are read from the secondary copyright data 8. In this, the original copyright information Ic0 is used for distribution of the copyright royalty. The read second secret key Ks2 is encrypted using the secondary user's third public key Kb3, and the third secret key Ks3 is also encrypted using the fourth public key Kb4.
Cks2kb3 = E (Kb3, Ks2)
Cks3kb4 = E (Kb4, Ks3)
The copyright management program P is encrypted using the third secret key Ks3.
Cpks3 = E (Ks3, P)
The encrypted copyright management program Cpks3, the encrypted second secret key Cks2kb3, and the encrypted third secret key Cks3kb4 are transferred to the secondary user terminal device 5 via the communication network 2. At this time, charging is performed if necessary.

The secondary user who has received the two secret keys Cks2kb3 and Cks3kb4 encrypted from the secondary copyright data 8 and the encrypted copyright management program Cpks3 uses the database-using software to generate the third private key Kv3. To decrypt the encrypted third secret key Cks2kb3, and decrypt the encrypted third secret key Cks3 Kb4 using the fourth private key Kv4 corresponding to the fourth public key Kb4.
Ks2 = D (Kv3, Cks2kb3)
Ks3 = D (Kv4, Cks3kb4)
Further, the encrypted copyright management program Cpks3 is decrypted using the decrypted third secret key Ks3.
P = D (Ks3, Cpks3)
Next, the encrypted data Cmks2 is decrypted using the second secret key Ks2 decrypted using the decrypted copyright management program P and used.
M = D (Ks2, Cmks2)
As described above, since the third dedicated key Kv3 and the fourth dedicated key Kv4 are encryption keys prepared only by the secondary user and not disclosed to others, the third party obtains the encrypted data Cmks2. Even if it does, it is impossible to decrypt and use it.

  Each user who uses this system needs to register in advance in the database organization, and at the time of this registration, database software is provided to the user. Since this software includes a program for decrypting the copyright management program using the first encryption key in addition to normal communication software such as a data communication protocol, it is necessary to protect the software. In order to use the data M, the first encryption key K1, the second encryption key K2, and the copyright management program P are transferred to each user, and each user needs to keep these. Further, a copyright information label, user information, a program including a public key and a private key of a public key system, and a secret key generation algorithm are stored as necessary.

  Using a flexible disk as a means for storing these is the simplest means, but the flexible disk is extremely vulnerable to data loss or tampering. Also, when a hard disk drive is used, there is an anxiety about data loss or falsification, though not as much as a flexible disk. By the way, recently, an IC card in which an IC element is enclosed in a card-shaped container has become widespread, and in particular, a PC card in which a microprocessor is enclosed is being standardized as a PCMCIA card or a JEIDA card.

A data copyright management device proposed by the present inventors in Japanese Patent Application No. Hei 6-237673 will be described with reference to FIG. The data copyright management device 15 is a computer system having a microprocessor (CPU) 16, a local bus 17 of the CPU 16, a read only memory (ROM) 18 connected to the local bus 17, and a write / read memory (RAM) 19. The local bus 17 is connected to the system bus 22 of the microprocessor 21 of the user terminal device 20.

  Also, a communication device (COMM) 23 that receives data from a database external to the device, and a CD-ROM drive (CDRD) that reads data supplied from a CD-ROM is provided on a system bus 22 of the user terminal device 20. ) 24, a flexible disk drive (FDD) 25 for copying received data or processed data to a flexible disk drive for supply to the outside, and a hard disk drive (HDD) 26 for storing data are connected. Note that a ROM, a RAM, and the like are connected to the system bus 22 of the user terminal device as a matter of course, but illustration is omitted in this figure.

The ROM 18 of the data copyright management device 15 stores software for using the database and fixed information such as user data. The RAM 19 stores an encryption key and a copyright management program supplied from the key management center or the copyright management center. The work of decryption or re-encryption is performed by the data copyright management device 15, and only the processing result is transferred to the user terminal device 20 via the local bus 17 and the system bus 21 of the user terminal device. The data copyright management device 15 is realized as a monolithic IC, hybrid IC, expansion board, IC card, or PC card.
JP-A-7-271865

  The present application proposes a data copyright management device which is more specific to the data copyright management device attached to a user terminal device proposed in Japanese Patent Application No. 6-237773, which is a prior application. The data copyright management device of the present invention is used in connection with a user terminal device, and includes a central processing unit, a central processing unit bus, a read-only semiconductor memory, an electrically erasable programmable memory, and a read / write memory. A central processing unit, a read-only semiconductor memory, an electrically erasable programmable memory, and a read / write memory are connected to the central processing unit bus, and a system bus of a device that uses data can be connected to the central processing unit bus. Indicates a data copyright management system program, an encryption algorithm, and user information. The electrically erasable programmable memory stores a second dedicated key, a use permission key, a second secret key, and copyright information. Sometimes a first public key, a first private key, a second public key and a first secret key are transferred to a read / write memory. The copyright management program is stored in the EEPROM when supplied from the outside, but is stored in the ROM otherwise. Examples of the form of the data copyright management device include a monolithic IC, a hybrid IC, a thin IC card having a dedicated terminal, a PC card, and an insertion board.

  In the data copyright management system described so far as the invention of the prior application, when the obtained encrypted data is displayed and processed, it is decrypted and used, but when the obtained or processed data is stored, copied, and transferred. By re-encrypting data, unauthorized use of data is prevented. Therefore, in the device used in the data copyright management system targeted by the present invention, not only data decryption but also data re-encryption must be performed at the same time. The data copyright management device can perform only one of the data decryption and re-encryption operations.

In view of the above, the present application proposes an invention of a data copyright management device capable of simultaneously performing decryption and re-encryption of data supplied in an encrypted form for managing copyright. For this purpose, at least one microprocessor, ideally two microprocessors, is added to the user terminal device in addition to the microprocessor controlling the entire user terminal device, so that the encrypted and supplied data can be obtained. Perform decryption and re-encryption. When one microprocessor is added, one of the microprocessor of the user terminal device and the added microprocessor decrypts data, and the other performs re-encryption. If two microprocessors are added, one of the added microprocessors decrypts the data, the other microprocessor performs the re-encryption, and the microprocessor of the user terminal 20 is the entire microprocessor. Control behavior.

  The added microprocessor may be connected to the system bus of the microprocessor of the user terminal device, but this configuration cannot realize a multiprocessor configuration in which the microprocessors operate in parallel. Accordingly, the present application proposes a data copyright management device having a multiprocessor configuration using a SCSI bus or a PCI bus.

  Digital data includes, in addition to character data, graphic data, computer programs, digital audio data, still image data based on JPEG, and moving image data based on MPEG. Data works composed of these data are used using various devices, and these devices also need to have a data copyright management function. Therefore, the present application proposes that these data copyright management devices and the data copyright management device described in the prior application be incorporated in various devices.

According to a first aspect of the present invention, there is provided a data copyright management device used by connecting to a terminal device, a receiving device, a recording device, or a computer device that uses data, wherein the terminal device, the receiving device, A first secret key, a second secret key, and encrypted data are provided to the terminal device, the receiving device, the recording device, or the computer device from a copyright management system that manages a copyright of data provided to the device or the computer device. And
Means for storing the first secret key and the second secret key; means for receiving the supply of the encrypted data from the terminal device, the receiving device, the recording device, or the computer device; Means for decrypting encrypted data into decrypted data using the first secret key when the data is processed by a receiving device, a recording device, or a computer device; and processing the processed data using the second secret key. Re-encryption means for encrypting to re-encrypted data; means for storing primary user information of the terminal device, the receiving device, the recording device, or the computer device when data processing is performed; Means for discarding the first secret key and the second secret key when the encrypted data is copied or transferred, and the terminal device, the receiving device, Recording device, or a means to apply for re-transmission of the second secret key for use of the re-encrypted data to said copyright management system presents the primary user information of the computer device,
When the second secret key is retransmitted, a copy or transfer of the re-encrypted data is registered in the copyright management system.

Further, a second aspect is a data copyright management device connected to and used inside a terminal device, a receiving device, a recording device, or a computer device that uses data,
A microprocessor, a local bus connected to the microprocessor,
A read-only semiconductor memory and a read / write memory connected to the local bus,
One of the microprocessor of the terminal device, the receiving device, the recording device, or the computer device and the microprocessor of the data copyright management device may perform decryption processing, and the other may perform re-encryption processing.

Further, the third aspect is used by connecting to the inside of a terminal device using data, a receiving device, a recording device, or a computer device,
First and second microprocessors, a first local bus connected to the first microprocessor, a first read-only semiconductor memory connected to the first local bus, and a first read / write semiconductor memory. A write memory, a second local bus connected to the second microprocessor, a second read-only semiconductor memory and a second read / write memory connected to the second local bus,
The first microprocessor may perform a decryption process on the encrypted data, and the second microprocessor may perform a re-encryption process on the decrypted data.

  In the present application, data supplied in an encrypted form for managing copyright can be decrypted and re-encrypted at the same time.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings. FIG. 3 is a block diagram showing the configuration of the data copyright management device according to the present invention, which is Embodiment 1, of the present invention. The data copyright management device 30 includes an electrically erasable programmable memory (EEPROM) 31 in addition to the components of the data copyright management device 15 described in Japanese Patent Application No. 6-237673. . The data copyright management device 30 is a computer system having a CPU 16, a local bus 17 of the CPU 16, a ROM 18, a RAM 19, and an EEPROM 31 connected to the local bus 17. The local bus 17 is a system of the microprocessor 21 of the user terminal device 20. Connected to bus 22. Also, a communication device (COMM) 23 that receives data from a database external to the device, and a CD-ROM drive (CDRD) that reads data supplied from a CD-ROM is provided on a system bus 22 of the user terminal device 20. ) 24, a flexible disk drive (FDD) 25 for copying received data or processed data to a flexible disk drive for supply to the outside, and a hard disk drive (HDD) 26 for storing data are connected. Note that a ROM, a RAM, and the like are connected to the system bus 22 of the user terminal device as a matter of course, but illustration is omitted in this figure.

  The ROM 18 stores data copyright management programs, encryption programs based on encryption algorithms, and fixed information such as user data. The EEPROM 31 stores an encryption key and copyright information. When the data copyright management program and the encryption program are supplied from outside such as a database, they are stored not in the ROM 18 but in the EEPROM 31. The work of decryption or re-encryption is performed by the data copyright management device 30, and only the processing result is transferred to the user terminal device 20 via the local bus 17 and the system bus 22.

  The data copyright management device 30 is realized as a monolithic IC, a hybrid IC, an extension board, an IC card, or a PC card.

The ROM 18 of the data copyright management device 30 of the first embodiment stores a data copyright management program, an encryption program based on an encryption algorithm, and fixed information such as user data. The ROM 18 can store a secret key generation program, a decryption program, and a re-encryption program based on a non-secret secret key algorithm. The EEPROM 31 stores an encryption key and copyright information. When the copyright management program and the encryption program are supplied from an external source such as a database, they are stored not in the ROM 18 but in the EEPROM 31. Note that this EEPROM is not always necessary and can be omitted. The RAM 19 stores one of the first encryption key and the second encryption key supplied from the key management center or the copyright management center and a data copyright management system program.

  On the other hand, information such as software and user data required by the MPU 46 of the user terminal device 20 is supplied to the user terminal device 20 by software and stored in the RAM of the user terminal device 20. The RAM of the user terminal device 20 stores either the first encryption key or the second encryption key supplied from the key management center or the copyright management center, and a copyright management system program. The MPU 46 of the user terminal device 20 and the CPU 16 of the data copyright management device 30 share the work of decryption and re-encryption, and one performs decryption and the other performs re-encryption. Only the result is transferred to the user terminal.

  FIG. 4 shows a specific internal configuration of the data copyright management device 30 shown in FIG. The data copyright management device 30 includes a microcomputer (CPU) 16, a read-only memory (ROM) 18, a write / read memory (RAM) 19, and an electrically erasable programmable memory (EEPROM) 31. The microcomputer bus 17 is connected to a microcomputer bus 17 of the computer 16, and the microcomputer bus 17 is connected to a system bus 22 of the user terminal device 20.

  The read-only semiconductor memory 18 stores a data copyright management system program, an encryption algorithm, and user information. The inside of the electrically erasable programmable memory 31 is divided into three areas. The first area 35 stores a first public key Kb1, a first dedicated key Kv1, a second public key Kb2, and a second dedicated key Kv2. The second area 36 includes a copyright management program P, a first secret key Ks1, which is a permission key for primary use such as viewing permission, storage permission, copy permission, processing permission, and transfer permission, and viewing permission, storage permission, and copy permission. A second secret key Ks2 serving as a permission key for secondary use such as processing permission and transfer permission is stored. The copyright management program may not be supplied from the outside but may be provided in advance on the user side. In this case, the copyright management program is not provided in the second area 36 of the electrically erasable programmable memory 31, It is stored in the read-only memory 18. The third area 37 stores copyright information such as original copyright information and secondary copyright information, and an access control key.

  Like the electrically erasable programmable memory 31, the inside of the write / read memory 19 is divided into three areas. The first area 32 stores a first public key Kb1, a first dedicated key Kv1, and a second public key Kb2 during operation. In the second area 33, a first secret key Ks1, which is a permission key for primary use such as viewing permission, accumulation permission, copy permission, processing permission, and transfer permission during operation, is stored. An access control key is stored in the third area 34 during operation.

  The user terminal device to which the data copyright management device is attached performs all operations for using the data in the data copyright management device according to the present invention, and transfers only the result to the user terminal device for various uses. It is safe to do so.

  When transmitting / receiving image data with a large amount of information, the original data is compressed and transmitted to reduce the amount of communication data, and the compressed data is expanded after receiving it. Copyright management can be performed by encrypting data. FIG. 5 shows an example of a data copyright management flow when the data to be encrypted is a digital image compressed according to the JPEG standard or the MPEG standard. The flow is divided into a flow and a receiving flow, and the receiving flow is further divided into a display flow and a storage flow.

The signal processing on the transmitting side includes a process of preparing a digital image and a process of processing the prepared digital image. In this process, if the original image is the digital image 41, the following processing is performed as it is, but if the original image is the analog image 40, the digitizing processing 42 is performed. The digital image is first subjected to a compression process 43 according to a predetermined standard such as the JPEG standard or the MPEG standard, and the compressed digital data is encrypted 44 using the first secret key.

  The image data that has undergone such transmission-side signal processing is transmitted via a transmission line 45 such as a satellite broadcast wave, a terrestrial broadcast wave, a CATV wave, or a public line / ISDN line. Note that a recording medium such as a digital video tape, a digital video disk, or a CD-ROM may be used as the transmission line.

  The image data transmitted to the receiving side in this manner is first decrypted 46 using the first secret key, and then the compressed image data is expanded 47 and displayed 49. If the display device is a digital data display device, it is displayed as it is, but if it is an analog data display device, analogization 48 is performed.

  When data is stored in a hard disk, a flexible disk, a magneto-optical disk, a write-once video disk, or the like, the data is re-encrypted 50 using the second secret key and then stored. When the re-encrypted and saved image data is displayed again, it is re-decrypted 52 using the second secret key and displayed 49. If the display device is a digital data display device, it is displayed as it is, but if it is an analog data display device, analogization 48 is performed. When data is data other than an image, an appropriate data compression / decompression means and transmission path suitable for the data are used.

FIG. 6 shows an example of a database copyright management system disclosed in Japanese Patent Application No. Hei 6-237673, which employs a secret key method as an encryption key method. In the system shown in FIG. 1, reference numeral 1 denotes a database in which binary data, digital audio data, and digital video data, which are text data, computer graphics screens or computer programs, are stored in an encrypted state. An artificial satellite such as a satellite; 15 ′, a data recording medium such as a CD-ROM or a flexible disk; 2, a communication network such as a public line provided by a communication company or a CATV line provided by a cable television company; Next user terminal device. Reference numeral 16 denotes a key management center that manages secret keys, and 17 denotes a copyright management center that manages database copyrights.

  Reference numerals 5, 6, and 7 denote secondary user terminal devices, tertiary user terminal devices, and n-th user terminal devices, respectively. 11, 12, and 13 denote secondary disks, which are storage media such as flexible disks or CD-ROMs. A tertiary disk and an nth disk. Note that n is an arbitrary integer, and when n is larger than 4, there is no correspondence between the tertiary user terminal 6 and the n-th user terminal 7 and between the tertiary disk 12 and the n-th disk 13. User terminal device and a disk.

  The database 1, the key management center 16, the copyright management center 17, the primary user terminal 4, the secondary user terminal 5, the tertiary user terminal 6, and the n-th user terminal 7 are connected to the communication network 2. Have been. In this figure, the path indicated by the broken line is the path of the encrypted data, the path indicated by the solid line is the path of the request from each user terminal device, and the path indicated by the dashed line is This is a path through which the secret key is transferred together with the permission information corresponding to the usage form from the database. Each user who uses this system registers in advance in the database organization. At the time of this registration, the database organization use software is provided to the user. The software for using the database organization includes a program for operating a copyright management program in addition to normal communication software such as a data communication protocol.

The text data stored in the database 1 or the data recording medium 15 ', the computer graphics screen or the binary data which is a computer program, digital audio data, and the original data M0 which is digital video data are stored in the communication network 2, the artificial satellite 14 or the storage. The data is unidirectionally supplied to the primary user terminal device 4 via the medium 15 ', but is encrypted at this time using the first secret key Ks1.
Cm0ks1 = E (Ks1, M0)
Even for data provided free of charge, such as with advertisements, encryption is required for copyright protection.

  Japanese Patent Application No. 6-64889, which is a prior application, discloses data use modes such as storage, processing, copying, and transfer in addition to the most basic display. One corresponding to one or more is prepared, and it is shown that the management is executed by the copyright management program. Further, it is described that when a use mode other than a display for data display and processing, that is, data is stored, copied, or transferred, the data is re-encrypted by a copyright management program. In other words, the copyrighted data is distributed in an encrypted state, and is only plainly written when the display for processing or display is performed on the user terminal device having the copyright processing function. is there.

In this system, the matters described in these prior applications are used. The primary user who wishes to use the supplied encrypted data Cm0ks1 for the primary use sends the original data name or the original data number to the key management center 16 via the communication network 2 using the primary user terminal device 4. By specifying this, a primary use application for the encrypted original data Cm0ks1 is made. At this time, information Iu1 about the primary user is presented to the key management center 16. The key management center 16 that has received the primary use application using the primary user terminal device 4 uses the copyright management program P to decrypt the encrypted original data Cm0ks1 obtained from the database 1 by the primary user. The primary user terminal device 4 sends a first secret key Ks1 and a second secret key Ks2 for re-encrypting the decrypted original data M0 or the processed data M1 obtained by processing the original data via the communication network 2. Transfer to

In the primary user terminal device 4 receiving the first secret key Ks1 as the decryption key and the second secret key Ks2 as the encryption / decryption key, the first secret key Ks1 is first used by using the copyright management program P. To decrypt the encrypted original data Cm0ks1 using M0 = D (Ks1, Cm0ks1)
The decrypted original data M0 is used as it is or as processed data M1.

  When the data M, which is the original data M0 or the processed data M1, is stored inside the primary user terminal device 4, that is, in a memory or a built-in hard disk drive, only the primary user can use the data. However, when the data M is copied to the external storage medium 11 such as a flexible disk, or when the data M is transferred to the secondary user terminal device 5 via the communication network 2, a copyright problem due to the secondary use occurs. .

  When the original data M0 obtained by the primary user is copied as it is and supplied to the secondary user, no modification is made to the original data M0. Does not occur. However, when processing is performed based on the data M0 obtained by the primary user or when new data M1 is created by using means such as combining with other data, the copyright of the primary user is added to the data M1. (Secondary copyright secondary exploitation right) occurs. Similarly, when the secondary user performs processing based on the original data M0 or processed data M1 obtained from the primary user or when new data M2 is created by using a method such as combining with other data. Similarly, the copyright of the secondary user is generated.

In order to deal with the problem of copyright, in this system, when the data M is stored, copied, or transferred, the data M is encrypted by the copyright management program P using the second secret key Ks2, and thereafter the primary data is encrypted. In the user terminal device 4, the data M is decrypted and encrypted using the second secret key Ks2.
Cmks2 = E (Ks2, M)
M = D (Ks2, Cmks2)
It is to be noted that the primary user can freely display and process the data to obtain the processed data in principle, but in that case, the number of times can be limited by the copyright management program.

  When the data M is copied to the external storage medium 11 and when the data is transferred via the communication network 8, the first secret key Ks1 and the second secret key Ks2 in the primary user terminal device 4 are determined by the copyright management program P. Discarded. Therefore, when the primary user uses the data M again, it is necessary to apply for use to the key management center 16 and receive the second private key Ks2 again. Receipt of the second secret key Ks2 indicates that the data M is copied to the external storage medium 11 or transferred to the secondary user terminal 5 via the communication network 2 for secondary use. Therefore, this is registered from the key management center 16 to the copyright management center 17 and the secondary use becomes possible thereafter.

  The movement of the data M from the primary user terminal device 4 to the secondary user terminal device 5 is performed by the external storage medium 11 or by the communication network 2, and is copied to the external storage medium 11 or moved via the communication network 2. Is performed, the data M is encrypted using the second secret key Ks2.

  When the data M is copied to the external storage medium 11 and when the data M is transferred via the communication network 2, the first secret key Ks1 and the second secret key Ks2 in the primary user terminal device 4 are discarded. At this time, the unencrypted primary user information Iu1 is added to the encrypted data Cmks2 stored in the primary user terminal device 4, and when the encrypted data Cmks2 is transferred to the secondary user, 1 Next user information Iu1 is also transferred.

The secondary user who desires the secondary use of the encrypted data Cmks2 copied or transferred from the primary user uses the secondary user terminal device 5 to the copyright management center 17 via the communication network 2. A secondary use application is made by designating the data name or data number and presenting the secondary user information Iu2, which is added to the encrypted data Cmks2 to clarify the relationship with the primary user. It also presents unencrypted primary user information Iu1. Based on the presented primary user information Iu1, the copyright management center 17 confirms that the primary user has received the second secret key Ks2 for secondary use of the data, and decrypts the data. The second secret key Ks2, which is a key, and the third secret key Ks3, which is an encryption / decryption key, are transferred to the secondary user terminal device 5 via the communication network 2. In the secondary user terminal device 5 receiving the second secret key Ks2 and the third secret key Ks3, the encrypted data Cmks2 is decrypted by the copyright management program P using the second secret key Ks2, and M = D (Ks2, Cmks2)
Secondary use of display or processing is performed.

In this system, the primary use application is processed by the key management center 16, and the secondary use application is processed by the copyright management center 17. The data M supplied by the primary user is encrypted using the first secret key Ks1, while the data M supplied by the secondary user is encrypted using the second secret key Ks2. . On the other hand, the first secret key Ks1 and the second secret key Ks2 are transferred from the key management center 16 to the primary user as encryption keys. Therefore, if the secondary user falsely assumes that the secondary user is the primary user and makes a primary use application to the key management center 16, the first secret key Ks1 is used as the decryption key and the first secret key Ks1 is used as the encryption / decryption key. The two secret keys Ks2 are transferred. However, the encrypted data Cmks2 cannot be decrypted using the first secret key Ks1 transferred as the decryption key. Therefore, it is impossible to make a false application for the use of data, so that not only the original copyright of the data but also the copyright of the primary user for the data is protected.

When the secondary user terminal device 5 performs storage, copy, or transfer, which is a use mode other than display for processing and processing of the data M, the copyright management program P encrypts the data M using the third secret key Ks3. After that, the data is decrypted and encrypted using the third secret key Ks3.
Cmks3 = E (Ks3, M)
M = D (Ks3, Cmks3)
It is to be noted that the secondary user can freely perform display and processing to obtain the processed data M2 in principle, but in that case, the number of times can be limited by the copyright management program P.

  When the data M is copied to the external storage medium 12 and when the data is transferred via the communication network 2, the second secret key Ks2 and the third secret key Ks3 in the secondary user terminal device 5 are determined by the copyright management program P. Discarded. Therefore, when the secondary user uses the data M again, it is necessary to apply for use to the copyright management center 3 and receive the third secret key Ks3 again. Receipt of the third secret key Ks3 means that data M is copied to the external storage medium 12 or transferred to the tertiary user terminal device 6 via the communication network 2 for secondary use. This means that the information has been registered, and this is registered in the copyright management center 17 and can be used thereafter.

  The movement of the data M from the secondary user terminal device 5 to the tertiary user terminal device 6 is performed by the external storage medium 12 or by the communication network 2, and is copied to the external storage medium 12 or moved via the communication network 2. Is performed, the data M is encrypted using the third secret key Ks3.

  When the data M is copied to the external storage medium 12 and when the data M is transferred to the tertiary user terminal device 6 via the communication network 2, the second secret key Ks2 and the third secret key in the secondary user terminal device 5 are stored. The key Ks3 is discarded. At this time, the encrypted data Cmks3, in which unencrypted secondary user information Iu2 is added to the encrypted data Cmks3 stored in the secondary user terminal device 5, is added. When transferring to the next user, the secondary user information Iu2 is also transferred. The user information is added to the data when all the user information is added to the data each time it is copied or transferred, and a history that is rewritten to the latest one each time is stored in the copyright management center. There are cases.

A tertiary user who wishes to use the encrypted data Cmks3 copied or transferred from the secondary user for tertiary use transmits to the copyright management center 17 via the communication network 2 using the tertiary user terminal device 6. A tertiary use application is made by designating the data name or data number and presenting the tertiary user information Iu3. At this time, it is added to the encrypted data Cmks3 to clarify the relationship with the secondary user. It also presents unencrypted secondary user information Iu2. Based on the presented secondary user information Iu2, the copyright management center 17 confirms that the secondary user has received a preparation procedure for tertiary use of the data, ie, that the secondary user has been re-issued the third secret key Ks3. Then, the third secret key Ks3, which is a decryption key, and the fourth secret key Ks4, which is an encryption / decryption key, are transferred to the tertiary user terminal device 6 via the communication network 2. In the tertiary user terminal device 6 that has received the third secret key Ks3 and the fourth secret key Ks4, the encrypted data Cmks3 is decrypted by the copyright management program P using the third secret key Ks3, and M = D (Ks3, Cmks3)
Tertiary use of display or processing is performed.

  In this system, data M supplied by a primary user is encrypted using a first secret key Ks1, and data M supplied by a secondary user is encrypted using a second secret key Ks2. However, the data M supplied by the tertiary user is encrypted using the third secret key Ks3. Therefore, when the tertiary user falsely claims to be the primary user and makes a primary use application to the key management center 16, the first secret key Ks1 is used as the decryption key and the first secret key Ks1 is used as the encryption / decryption key. The two secret keys Ks2 are transferred. However, the encrypted data Cmks3 cannot be decrypted using the first secret key Ks1 transferred as the decryption key. If the tertiary user falsely presumes that the tertiary user is a secondary user and makes a second use application to the copyright management center 17, the second secret key Ks2 is used as a decryption key and the encryption / decryption key is used. The third secret key Ks3 is transferred. However, the encrypted data Cmks3 cannot be decrypted using the second secret key Ks2 transferred as the decryption key. Therefore, it is impossible to make a false application for the use of data. As a result, not only the original copyright of the data but also the copyright of the primary user and the copyright of the secondary user for the data are protected. Hereinafter, the same procedure is applied to the fourth and subsequent uses.

  Although the database 1, the key management center 16, and the copyright management center 17 in the system described above are separately provided, these need not necessarily be separate, and all or two of them can be integrated. Installation is also possible. Also, the second secret key reissue application from the primary user may be made to the copyright management center 17 instead of to the key management center 16. □ FIG. 7 shows a signal processing flow in a data processing method for digital video or digital audio, etc., and FIG. 7 (a) shows a general processing flow, (b) ) Shows a processing flow that can avoid signal deterioration. In the processing flow shown in (a), the signal supplied as a digital signal (61) is first converted into an analog signal (62), and then the processing (63) is performed while displaying 64 on the analogized signal. The processed and processed analog signals are re-digitized (65) and stored, copied, and transferred (66). Although this process is simple, signal processing is performed in an analog state and digitized again after processing is completed, so that signal degradation cannot be avoided.

  In the processing flow shown in (b), the digital signal (61) is converted into an analog signal (62) for processing and displayed. The analogized signal (62) is used in the processing (63), but this analogized signal is used only for display (64) and is not used for storage, copying, or transfer. The signals for storage, copying, and transfer are processed (67) in the state of digital signals (61) in correspondence with the signals displayed in analog form, and are stored, copied, and transferred (66). In the case of this processing flow, there is no deterioration because the digital signal to be stored, copied, and transferred is not converted into an analog signal.

FIG. 8 shows an example of a flow in which the signal processing in the data processing method for digital video or digital audio shown in FIG. 6 is applied to the processing of encrypted data. () Shows an example of a simplified signal processing flow, and (b) shows an example of a signal processing flow capable of sufficiently performing copyright management. In the signal processing flow shown in (a), the original data Cm0ks1 71 supplied by being encrypted using the first secret key Ks1 is first decrypted 72 by using the first secret key Ks1, and M0 = D ( Ks1, Cm0ks1)
Next, processing (73) is performed while displaying (74) the decrypted data M0. The processed data M1 is re-encrypted (75) using the second secret key Ks2, and Cm1ks2 = E (Ks2, M1)
Save, copy, and transfer (76) are performed. Although this process is simple, since the data processing is performed in a decrypted state, there is a risk that the decrypted data may be stored, copied, or transferred, and copyright management is not sufficiently performed. I can't say.

On the other hand, in the signal processing flow shown in (b), the original data Cm0ks1 (71) encrypted using the first secret key Ks1 is decrypted (72) using the first secret key Ks1. , M0 = D (Ks1, Cm0ks1)
The decrypted data M0 is displayed (74). On the other hand, the processing (73) is performed on the encrypted data Cm0ks1 using the decrypted data M0 as a clue, and the original data M0 for storage or the processed data M1 is re-encrypted using the second secret key. Cm0ks2 = E (Ks2, M0)
Cm1ks2 = E (Ks2, M1)
The encrypted data Cm0ks2 or Cm1ks2 is stored, copied, and transferred (76). Corresponding to the data displayed and decrypted, the data is processed (77) in an encrypted state without being decrypted, and the processed program data and the data as encrypted are stored, copied, and transferred (77). 76). In the case of this signal processing flow, the data for storage, copying, and transfer remains encrypted, so that the decrypted data is not stored, copied, or transferred.

  In the data copyright management system in which the data copyright management device of the present invention is used, when the obtained encrypted data is displayed and processed, it is decrypted and used, but the obtained or processed data is stored, copied, and stored. In the case of transfer, data copyright is managed by re-encryption. However, the data copyright management device 15 of the invention of the prior application shown in FIG. 2 and the data copyright management device 30 of the invention shown in FIG. 3 either decrypt the encrypted data or encrypt the decrypted data. You can only do one or the other. Therefore, when storing, copying, or transferring the decrypted or processed data, it is necessary to temporarily store the data in the RAM of the user terminal device or the data copyright management device, and then re-encrypt the stored data. . Therefore, not only is there a limitation on the amount of data that can be processed, but also data that has been decoded or processed may be lost due to an accident or an operation error.

  Except for some high-end MPUs, general MPUs used in personal computers and the like do not consider a multiprocessor configuration that operates a plurality of microcomputers simultaneously. Therefore, even if the attached device is connected to the system bus of the personal computer, a plurality of operations cannot be performed simultaneously. Therefore, even if the data copyright management device 15 shown in FIG. 2 or the data copyright management device 30 shown in FIG. 3 is connected to the system bus 22 of the user terminal device 20, the MPU 21 or 46 and the CPU 16 are connected in parallel. There is no multiprocessor configuration that can be operated, and the work of decrypting the encrypted data and re-encrypting the decrypted data is performed not alternately but alternately. Therefore, the size of data that can be decrypted and encrypted is limited by the capacity of the RAM, and large data cannot be processed. Further, even if the data is not large, the processing speed cannot be increased.

  On the other hand, in the data copyright management system described as the invention of the prior application, when the obtained encrypted data is displayed and processed, it is decrypted and used, but when the obtained or processed data is stored, copied, and transferred. Re-encrypts data to prevent unauthorized use of the data. Therefore, in the device used in the data copyright management system to which the present invention is directed, it is desirable that not only data decryption but also data re-encryption be performed at the same time.

As a means for realizing a multiprocessor configuration in a general personal computer, a PCI (Peripheral Component Interconnect) bus has recently attracted attention. This PCI bus is a bus for external connection connected to a system bus of a computer via a PCI bridge. By using the PCI bus, a multiprocessor configuration can be realized.

  FIG. 9 shows a configuration of the data copyright management device using the PCI bus according to the second embodiment of the present invention. The configuration is the same as that of the data copyright management device 15 shown in FIG. , A local bus 17 of the CPU 16, a ROM 18, a RAM 19 connected to the local bus 17, and an EEPROM 31. On the other hand, a PCI bus 81 connected by a PCI bridge 82 is connected to the system bus 22 of the microprocessor 21 of the user terminal device 20, and the local bus 17 of the CPU 16 of the data copyright management device 80 is connected to the PCI bus 81. It is connected. The system bus 22 of the user terminal device 20 further includes a communication device (COMM) 23 that receives data from a database external to the device and transfers the data to the outside, and a CD-ROM drive (CDRD) that reads data supplied from a CD-ROM. ) 24, a flexible disk drive (FDD) 25 for copying received data or processed data to a flexible disk drive for supply to the outside, and a hard disk drive (HDD) 26 for storing data are connected. The COMM 23, CDRD 24, FDD 25 and HDD 26 can be connected to the PCI bus 81. Although a ROM, a RAM, and the like are connected to the system bus 22 of the user terminal device as a matter of course, the illustration is omitted in this figure.

  The configuration and operation of the other parts are the same as in the case of the first embodiment shown in FIG. The MPU 21 of the user terminal device 20 and the CPU 16 of the data copyright management device 80 share the work of decryption and re-encryption, and one performs decryption and the other simultaneously performs re-encryption. Since the MPU 21 and the CPU 16 in this embodiment have a multiprocessor configuration that performs a parallel operation by the PCI bus, a high processing speed can be obtained.

  By the way, as a typical means for attaching an external device to a personal computer body and using it, there is a SCSI (Small Computer System Interface) interface to which an external storage device such as a hard disk device or a CD-ROM drive is connected. . Up to eight devices including the personal computer to which the SCSI interface is connected can be connected to the SCSI interface, and a plurality of computers can be used as the eight devices. These multiple computers can all play the same role, in other words, the SCSI interface has a function as a multiprocessor bus, not just an interface. The third embodiment focuses on the function of this SCSI interface as a multiprocessor bus, and instead of the PCI bus 81 of the second embodiment, a SCSI interface 86 (hereinafter, the “SCSI interface” is referred to as a “SCSI bus” for convenience of understanding. ), The data copyright management device 85 is connected to the system bus 22 of the user terminal device 20.

  FIG. 10 is a configuration block diagram of a data copyright management device according to the third embodiment of the present invention using a SCSI bus. The data copyright management device 85 of the third embodiment has the same configuration as the data copyright management device shown in FIG. 3, that is, the CPU 16, the local bus 17 of the CPU 16, the ROM 18, the RAM 19, and the EEPROM 31 connected to the local bus 17. Computer system.

On the other hand, a SCSI bus 86 controlled by a SCSI controller (SCSICONT) 87 is connected to the system bus 22 of the microprocessor 21 of the user terminal device 20, and the local bus 17 of the CPU 16 of the data copyright management device 85 is connected to this SCSI bus. It is connected to a bus 86. The system bus 22 of the user terminal device 20 further includes a communication device (COMM) 23 for receiving data from a database external to the device and transferring the data to the outside, a CD-ROM drive for reading data supplied from a CD-ROM. (CDRD)
A flexible disk drive (FDD) 25 for copying received data or processed data to a flexible disk drive for external supply and a hard disk drive (HDD) 26 for storing data are connected. Note that the COMM 23, CDRD 24, FDD 25, and HDD 26 can be connected to the SCSI bus 86. Although a ROM, a RAM, and the like are connected to the system bus 22 of the user terminal device as a matter of course, the illustration is omitted in this figure.

  The configuration and operation of the other parts are the same as in the case of the first embodiment shown in FIG. The work of decryption and re-encryption is shared between the MPU 21 of the user terminal device 20 and the CPU 16 of the data copyright management device 85, one of which performs decryption and the other of which performs re-encryption at the same time. Because of the multiprocessor configuration that performs the parallel operation by 86, a high processing speed can be obtained.

  In addition, SCI (Scalable Coherent Interface) or the like can be used as a means for realizing a multiprocessor configuration. If possible, microprocessors may be connected to each other without using a bus.

  The data to be managed by the data copyright management device of the present invention includes graphic data, computer programs, digital audio data, still image data based on JPEG, etc., and moving image data based on MPEG, etc., in addition to character data. . The data copyright management device 80 according to the second embodiment or the data copyright management device 85 according to the third embodiment described above is connected to the system bus 22 of the microprocessor 21 of the user terminal device 20 by a PCI bus or a SCSI bus. Constitute a multiprocessor. In the case of such a multiprocessor configuration, the MPU 21 of the user terminal device 20 needs to play a role of controlling the entire system. When the data is relatively low-speed and small-capacity data such as character data and graphics data, data copyright management by decryption and re-encryption is possible even with a multiprocessor configuration including the MPU 21 and the CPU 16, but the data is JPEG. In the case of a moving image based on a still image or a moving image based on MPEG1 or MPEG2, data copyright management with such a configuration is extremely difficult because of high-speed and large-capacity data.

  In the fourth embodiment shown in FIG. 11, in order to cope with such a situation, the first data copyright management device 80 and the second data copyright management device 90 are connected to the PCI bus 81. , Forming a multiprocessor system. The second data copyright management device 90 has the same configuration as the first data copyright management device 80, that is, a CPU 91, a local bus 94 of the CPU 91, a ROM 92 connected to the local bus 94, a RAM 93, and an EEPROM 95. In this embodiment, the first data copyright management device 80 decrypts the encrypted data, and the second data copyright management device 90 re-encrypts the decrypted data.

  The ROM 18 of the first data copyright management device 80 that decrypts the encrypted data stores software for using the database and fixed information such as user data. The RAM 19 stores a first encryption key for decryption and a data copyright management system program supplied from the key management center or the copyright management center. Similarly, the ROM 92 of the second data copyright management device 90 that re-encrypts the decrypted data stores software for using the database and fixed information such as user data. A second encryption key for re-encryption and a data copyright management system program supplied from the management center or the copyright management center are stored. In this multiprocessor configuration, SCSI or SCI can be used, and if possible, microprocessors may be connected to each other without using a bus.

  In the first embodiment of the present invention described with reference to the prior application shown in FIG. 2 and FIG. 3, the communication device (COMM) 23 and the CD-ROM drive (CDRD) 24 to which the encrypted data is supplied include: It is connected to the system bus of the user terminal device 20. Therefore, in order to decrypt the encrypted data, it is necessary to pass the encrypted data through the system bus of the user terminal device 20 and the local bus of the data copyright management device. There is a risk of inviting. This is the same even when these attached devices are connected to a PCI bus or a SCSI bus. In the fifth embodiment shown in FIG. 12, the communication device 23 and the CD-ROM drive 24 to which the encrypted data is supplied in order to prevent the processing speed from lowering are replaced by the decryption data copyright management device 97. Connected to local bus 17.

  The data copyright management device 97 of the fifth embodiment shown in FIG. 12 is a data copyright management device for decryption, and is basically the same as the data copyright management device 30 of the first embodiment shown in FIG. The same configuration, that is, a computer system having a CPU 16, a local bus 17 of the CPU 16, a ROM 18, a RAM 19 and an EEPROM 31 connected to the local bus 17, and a communication device COMM 23 and a CD-ROM drive CDRD 24 are connected to the local bus 17. The ROM 18 stores fixed information such as a copyright management program, an encryption program based on an encryption algorithm, and user data. Copyright information is stored in the EEPROM 31. When the copyright management program and the encryption program are supplied from an external source such as a database, they are stored not in the ROM 18 but in the EEPROM 31. The RAM 19 stores a decryption encryption key and a data copyright management system program supplied from a key management center or a copyright management center. The encrypted data supplied from the COMM 23 or the CDRD 24 is decrypted by the data copyright management device 97 and transferred to the user terminal device 95.

  Although the data copyright management devices 80 and 90 of the fourth embodiment described above are described as being configured separately, it goes without saying that these can be integrally configured.

  FIG. 13 shows a data copyright management device of a sixth embodiment in which the data copyright management device 100 of the fifth embodiment is further developed. In the first embodiment of the present invention described with reference to FIG. 2 and FIG. 3, a storage device such as an HDD 26 for storing re-encrypted data is connected to the system bus 22 of the user terminal device 20. Have been. Therefore, in order to store the re-encrypted data, the data must be transmitted via the system bus 22 of the user terminal device 20 and the local bus 17 of the data copyright management device 15 or 30. There is a risk that the speed will decrease. This is the same even when these attached devices are connected to a PCI bus or a SCSI bus. In the data copyright management device 100 of the sixth embodiment shown in FIG. 13, the communication device COMM 23 and the CD-ROM drive CDRD 24 of the fifth embodiment shown in FIG. A storage device such as the HDD 26 for storing the re-encrypted data in addition to the copyright management device 97 is connected to the local bus 94 of the re-encryption data copyright management device 101.

  The data copyright management device 101 for re-encryption shown in the sixth embodiment has basically the same configuration as the data copyright management device 30 shown in FIG. 3, that is, the CPU 91, the local bus 94 of the CPU 91, It is configured as a computer system having a ROM 92, a RAM 93 and an EEPROM 95 connected to a local bus 94, and the HDD 26 is connected to the local bus 94.

The ROM 92 stores a copyright management program, an encryption program based on an encryption algorithm, and fixed information such as user data. Copyright information is stored in the EEPROM 95. When the copyright management program and the encryption program are supplied from an external source such as a database, they are stored not in the ROM 92 but in the EEPROM 95. The RAM 93 stores an encryption key for re-encryption and a data copyright management system program supplied from the key management center or the copyright management center. Data re-encrypted by the copyright management device 101 for re-encryption is stored in the HDD 26.

  Although the data copyright management devices 100 and 101 according to the sixth embodiment described above are described as being configured separately, it goes without saying that these can be integrally configured.

  Digital data includes, in addition to character data, graphic data, computer programs, digital audio data, still image data based on JPEG, and moving image data based on MPEG. A typical user terminal device that uses a data work is a computer device such as a personal computer, but other receiving devices such as a television receiver, and a set-top box used in conjunction with these receiving devices. , Digital video tape recorders, digital video disk recorders, digital audio tapes (DAT), and other digital recording devices or portable terminal devices (PDA).

  2. The data copyright management device shown in FIG. 2 or the data copyright management device shown in FIG. 6 described in Japanese Patent Application No. It can be used in addition to a user terminal device such as a set-top box, a digital recording device, or a portable terminal device. However, considering the trouble and trouble at the time of addition, the data copyright management device is used as a user terminal device. It is desirable to be built in the device.

  To this end, in each embodiment of the present invention, a monolithic IC, a hybrid IC, or a built-in sub-board is used as a form of the data copyright management apparatus, and a computer apparatus such as a personal computer or a television receiver is used. Device, a set-top box used in connection with these receiving devices, a digital recording device such as a digital video tape recorder, a digital video disk recorder, a digital audio tape (DAT) for storing digital signals, or a portable terminal device (PDA). ) Etc. to be built in the user terminal device.

  Further, the data copyright management device described above is applicable not only to data utilization but also to digital cash distribution and television conference systems. Various digital cash systems proposed so far transfer encrypted digital cash data from a bank account or a cashing service of a credit company by a secret key method and store the data in an IC card. Use and pay. A digital cash system that uses this IC card as an electronic wallet can be used anywhere that an input / output terminal device is installed, such as a store, but on the other hand, where there is no input / output terminal device, such as a home. , Is unusable.

By the way, since the digital cash is encrypted data, any device that can store the encrypted data besides the IC card and can transfer the data to the payee can transfer the digital cash data. It can be used as an electronic wallet to save. Specific examples of user terminal devices that can be used as an electronic wallet include personal computers, intelligent television devices, portable information terminal devices, PHS (Personal Hadyphone System), and other mobile phones, intelligent telephones, PC cards having input / output functions. Etc.

  Transactions by using such a terminal device as an electronic wallet for digital cash are performed by using the database in the configuration of the data copyright management system described above to the customer bank and the primary user terminal device to the customer. This is realized by replacing the next user terminal device with a retail store, the copyright management center with the retail store bank, and the tertiary user terminal device with a wholesale or manufacturer.

  An example of using a transaction system performed by transferring a digital cash via a communication network will be described with reference to FIG. This example uses the configuration of the data copyright management system shown in FIG. 1. In this figure, 111 is a customer, 112 is a bank of the customer 111, 113 is a retail store, and 114 is a retail store 113. Is a communication bank such as a public line provided by a telecommunications carrier or a CATV line provided by a cable television company. The bank 112, the retail store 113, the retail bank 114, the manufacturer 115, and the manufacturer bank 116 can be interconnected by the communication network 2. In this system, a customer 111 can use a credit company that provides a cashing service in addition to a bank, and can interpose an appropriate number of wholesalers between a retail store and a manufacturer. Reference numerals 117 and 118 denote IC cards or PC cards storing digital cash data, which are used when a communication network is not used. In this figure, the dashed line indicates the path of the encrypted digital cash data, and the solid line indicates the path of the request from the customer, the retail store or the maker to the bank. The chain line shows the path of the private key from each bank.

  In this use example, a first secret key prepared by the customer bank 112, a second secret key generated by the customer, a third secret key generated by the retail store, and a fourth secret key generated by the manufacturer are used as encryption keys. In this use example, the customer bank 112, the retail store bank 114, and the maker bank 116 are described as separate units, but these may be considered collectively as a financial system.

  A digital cash management program P for encrypting / decrypting digital cash data is distributed to the customer 111 in advance and stored in the user terminal device. Further, the digital cash management program P can be transferred together with data every time a transaction is made with a bank. Further, it is desirable that the digital cash management program P be common to all banks. The customer 111 makes an application for withdrawal of a deposit from a deposit account to the customer's bank 112 by designating the amount via the communication network 2 using the user terminal device. Is presented.

The customer's bank 112 receiving the application for withdrawal of the deposit from the customer 111 selects or creates the first secret key Ks1, encrypts the digital cash data M0 of the withdrawal amount with the first secret key Ks1, and Cm0ks1 = E (Ks1 , M0)
The encrypted digital cash data Cm0ks1 and the first secret key Ks1 as the decryption key are transferred to the customer 111, and the customer information Ic and the first secret key Ks1 are stored. In this case, the first secret key Ks1 may be selected from those prepared in advance by the customer's bank 112, but the customer presents the customer information Ic at the time of withdrawal, and the customer information Ic presented by the digital cash management program P. It can also be created based on
Ks1 = P (Ic)
With this configuration, not only can the first secret key Ks1 be unique to the customer 111, but it is not necessary to transfer the first secret key Ks1 to the customer 111, so that the security of the system is reduced. Get higher. Further, the first secret key Ks1 can also be created based on the bank information Ibs of the customer bank 112 or the bank information Ibs and the date and time of creation.

The customer 11 to which the encrypted digital cash data Cm0ks1 and the first secret key Ks1 have been transferred.
1 generates a second secret key Ks2 based on one or both of the customer information Ic and the first secret key Ks1 by the digital cash management program P, and Ks2 = P (Ic)
The generated second secret key Ks2 is stored in the user terminal device. Further, the customer 111 decrypts the encrypted digital cash data Cm0ks1 using the first secret key Ks1 by the digital cash management program P, and M0 = D (Ks1, Cm0ks1).
Although the contents are confirmed, if the decrypted digital cash data M0 whose contents have been confirmed is stored in the user terminal device which is an electronic wallet, the digital cash management program P is generated using the generated second secret key Ks2. Is encrypted by
Cm0ks2 = E (Ks2, M0)
At this time, the first secret key Ks1 is discarded.

The customer 111 who wants to purchase an article from the retail store 113 decrypts the encrypted digital cash data Cm0ks2 stored in the user terminal device, which is an electronic wallet, by using the second secret key Ks2 by the digital cash management program P. M0 = D (Ks2, Cm0ks2)
The digital cash data M1 corresponding to the required amount is encrypted by the digital cash management program P using the second secret key Ks2, and Cm1ks2 = E (Ks2, M1)
Payment is made by transferring the encrypted digital cash data Cm1ks2 to the user terminal device which is an electronic wallet of the retail store 113 via the communication network 2. At this time, the customer information Ic is also transferred to the user terminal of the retail store 113. The remaining digital cash data M2 is encrypted by the digital cash management program P using the second secret key Ks2, and Cm2ks2 = E (Ks2, M2).
It is stored in the user terminal device of the customer 111.

  The retail store 113 to which the encrypted digital cash data Cm1ks2 and the customer information Ic have been transferred is stored in the user terminal device, and the communication network 2 is used for confirming the contents while storing the transferred encrypted digital cash data Cm1ks2 and the customer information Ic. And presents the customer information Ic to the retail store bank 114 via the. And requests the transfer of the second secret key Ks2, which is the decryption key. The retail store bank 114 that has received the transfer request for the second secret key Ks2 from the retail store 113 transfers the customer information Ic to the customer bank 112 together with the transfer request for the second secret key Ks2. When the transfer request for the second secret key Ks2 is transferred from the retail store bank 114, the customer bank 112 transfers the customer information Ic by the digital cash management program P when the second secret key Ks2 is based only on the customer information Ic. , A second secret key Ks2 is generated based on the customer information Ic and the first secret key Ks1 when the second secret key Ks2 is based on the customer information Ic and the first secret key Ks1. A second secret key Ks2 is generated based on the second secret key Ks2, and the generated second secret key Ks2 is transferred to the retail store bank 114. The retail store bank 114 to which the second secret key Ks2 has been transferred from the customer bank 112 transfers the second secret key Ks2 to the retail store 113 via the communication network 2.

The retail store 113 to which the second secret key Ks2 has been transferred decrypts the encrypted digital cash data Cm1ks2 using the second secret key Ks2 by the digital cash management program P, and M1 = D (Ks2, Cm1ks2).
After confirming the amount, the product is sent to the customer 111. In this case, the retail store 111 may directly request the customer's bank 112 to transfer the second secret key Ks2 instead of the retail store's bank 114.

When depositing the digital cash received by the retail store 113 into the account of the retail store bank 114, the customer information Ic is transferred to the retail store bank 114 via the communication network 2 together with the encrypted digital cash data Cm1ks2. The retail store bank 114 to which the encrypted digital cash data Cm1ks2 and the customer information Ic have been transferred requests the customer bank 112 to transfer the second secret key Ks2 by transferring the customer information Ic. Retail bank 1
When the second private key Ks2 is requested to be transferred from the customer bank 12 by the digital cash management program P, the second bank 112 receives the second secret key Ks2 based on the customer information Ic. A secret key Ks2 is generated. When the second secret key Ks2 is based on the customer information Ic and the first secret key Ks1, the second secret key is generated by the digital cash management program P based on the customer information Ic and the first secret key Ks1. A key Ks2 is generated, and the generated second secret key Ks2 is transferred to the retail bank 114. The retailer's bank 114 to which the second secret key Ks2 has been transferred from the customer's bank 112 decrypts the encrypted digital cash data Cm1ks2 using the second secret key Ks2 by the digital cash management program P, and M1 = D (Ks2 , Cm1ks2)
The decrypted digital cash data M1 is deposited in the bank account of the retail store 114.

  In a general transaction system, the retail store 113 purchases goods from the maker 115 or a wholesale store interposed between the maker 115 and the retail store 113 and sells the goods to the customer 111. Therefore, a similar transaction form exists between the customer 111 and the retail store 113 also exists between the retail store 113 and the maker 115. The handling of the digital cash performed between the retail store 113 and the maker 115 is basically the same as the handling of the digital cash performed between the customer 111 and the retail store 113. Is omitted.

Since the handling of digital cash in this digital cash system is all carried out through a bank, storing information such as the amount of money, date, secret key requester information, etc. relating to handling of digital cash in the bank on the customer side. It is possible to grasp the balance and usage history of the digital cash. In addition, even if a user terminal device, which is an electronic wallet for storing digital cash data, becomes unusable due to loss or damage, reissue digital cash based on the usage balance and usage history stored in the customer's bank. Is possible. It is desirable to attach a digital signature to digital cash data in order to enhance the security of the digital cash. In this use example, customer information is added to the digital cash, and the customer information may be digitally signed. That is, in this embodiment, the digital cash also has a function as a bill clearing system in which the customer is the originator. In addition, this system can be used for various settlement systems in international trade that are conventionally performed using paper, such as letters of credit (L / C), (Bill of Lading: B / L), and Payment of Settlement of Import / It can be applied to Export as an extension.

  Television conferencing systems, which used to be just a conventional audio telephone with a television image added, have recently been integrated into a computer system to improve not only the audio or video quality but also the Data has evolved to be able to handle audio and video simultaneously. Under such circumstances, security against invasion of the privacy of users and leakage of data due to eavesdropping viewing other than the participants of the television conference is protected by an encryption system using a secret key. However, since the conference contents obtained by the video conference participant themselves are decrypted, the video conference participants themselves save the conference content, perform processing in some cases, and furthermore, In the event that secondary use is made to distribute to other parties, the privacy and data security of other teleconference participants are completely vulnerable. In particular, as the technology for compressing transmission data has been developed, the data storage medium has increased in capacity, and as a result, the entire contents of the television conference may be copied to the data storage medium or even transferred via a network. It is becoming.

In view of such a situation, this usage example applies the configuration of the data copyright management system described so far to a television conference system, thereby providing another use of the television conference participants themselves for secondary use. This is to ensure the privacy and data security of TV conference participants.

  The video conference data management system includes, for example, a database in the configuration of the data copyright management system shown in FIG. 1, a primary user terminal device as a video conference second participant, and a primary user terminal as a video conference second participant. This can be realized by replacing the secondary user terminal device with a non-participant in the television conference. This usage example will be described with reference to FIG. In this figure, 121 is the first participant of the television conference, 122 is the second participant of the television conference, 123 is the third non-participant of the television conference, 124 is the fourth non-participant of the television conference, and 2 is the communication business Communication network such as a public line provided by a TV conference operator or a CA television line provided by a cable television company. The first participant 121 of the television conference and the second participant 122 of the television conference mutually communicate via the communication network 2. It is possible to connect. In addition, the video conference second participant 122 and the video conference third non-participant 123, and the video conference third non-participant 123 and the video conference fourth non-participant 124 can be connected via the communication network 2. I have. Reference numerals 125 and 126 are data recording media. In this figure, the dashed lines indicate the paths of the encrypted video conference contents, and the solid lines indicate the video conference third non-participants 123 and the video conference fourth non-participants 124. Is a path for requesting an encryption key from the TV conference first participant 121 to the TV conference first participant 121. The dashed line indicates a path from the video conference first participant 121 to the video conference second participant 122, This is a path through which the encryption key is transferred to the third non-participant 123 and the fourth non-participant 124 of the television conference. For simplicity, in the video conference data management system described in this usage example, a case will be described in which only the privacy and data security of the video conference first participant 121 are ensured. It goes without saying that privacy and data security of the conference second participant 122 can also be ensured.

  The video conference management program P for encrypting / decoding the video conference data of the video conference first participant 121 including video and audio includes a video conference second participant 122 and a video conference third non-participant 123. And is distributed in advance to the fourth non-participant 124 of the television conference, and is built in each terminal device. Note that the television conference data management program P may be transferred every time the encryption key is transferred. Further, in this example of use, the first secret key prepared by the first participant 121 of the television conference and the second secret key generated by the second participant 122 of the television conference as the encryption key, and the third non-participant 123 of the television conference are used. Are used.

The first participant 121 of the television conference and the second participant 122 of the television conference use each terminal device to transmit audio, video, and data (collectively, “television conference data”) via the communication network 2. Are transferred to each other, a video conference is performed. Before starting the video conference, the first participant 121 of the video conference selects or generates a first secret key Ks1 and generates a first secret key Ks1. Is supplied to the video conference second participant 122 before starting the video conference. In addition, the video conference second participant 122 to which the first secret key Ks1 has been transferred generates a second secret key Ks2 based on the first secret key Ks1 using the video conference data management program P, and Ks2 = P ( Ks1)
The generated second secret key Ks2 is stored in the terminal device.

The first participant 121 of the television conference encrypts the video conference data M0 with the first secret key Ks1 in the television conference held via the communication network 2, and Cm0ks1 = E (Ks1, M0).
The encrypted video conference data Cm0ks1 is transferred to the video conference second participant 122.

The second teleconference participant 122 who has received the video conference data Cm0ks1 encrypted using the first secret key Ks1 decrypts the encrypted video conference data Cm0ks1 using the first secret key Ks1, and M0 = D (Ks1, Cm0ks1)
The decrypted video conference data M0 is used. In addition, the television conference data management program P generates a second secret key Ks2 based on the first secret key Ks1.
Ks2 = P (Ks1)
When the decoded video conference data M0 is stored in the terminal device of the second teleconference participant 122, or is copied to the data recording medium 125, the third video conference data is transmitted via the communication network 2. When transferred to the participant, the data M is encrypted by the video conference data management program P using the second secret key Ks2.
Cmks2 = E (Ks2, M)
The encrypted data Cmks2 is copied to the recording medium 125 together with the video conference data name or the video conference data number, or supplied to the third non-participant of the video conference via the communication network 2.

  The video conference third non-participant 123 who has obtained the encrypted data Cmks2 uses the terminal device to specify the video conference data name or the video conference data number to use the secondary use of the video conference data M. Apply to the first participant 121 of the television conference.

  The video conference first participant 121 who has received the secondary use application of the data M searches for the first secret key Ks1 using the video conference data name or the video conference data number as a clue, and based on the first secret key Ks1. A second secret key Ks2 is generated, and Ks2 = P (Ks1). The generated second secret key Ks2 is supplied to the third non-participant 123 of the television conference.

The third non-participant 123 of the television conference receiving the second secret key Ks2 decrypts the encrypted data Cmks2 using the second secret key Ks2 using the video conference data management program P, and M = D ( Ks2, Cmks2)
The decrypted video conference data M is used. When the video conference data M is stored in the terminal device of the video conference third non-participant 123 and is copied to the recording medium 126, the video conference fourth non-participant 124 is transmitted via the communication network 2. Is transferred, the video conference data M is encrypted by the video conference data management program P using the second secret key Ks2.
Cmks2 = E (Ks2, M)
Further, a third secret key Ks3 is generated by the television conference data management program P based on the second secret key Ks2, and Ks3 = P (Ks2)
The data M can be encrypted by the television conference data management program P using the generated third secret key Ks3.
Cmks3 = E (Ks3, M)
(Other)
This embodiment discloses the following invention (hereinafter, referred to as supplementary notes).
(Supplementary Note 1) A data copyright management device used in connection with a user terminal device using digital data, wherein the data copyright management device is a central processing unit, a central processing unit bus, a read-only semiconductor memory, an electrical An erasable programmable memory and a read / write memory, wherein the central processing unit bus is connected to the central processing unit, the read-only semiconductor memory, the electrically / electrically erasable programmable memory, and the read / write memory; A system bus of the user terminal device is connectable, a data copyright management system program, an encryption algorithm and user information are stored in the read-only semiconductor memory, and a second dedicated key is stored in the electrically erasable programmable memory. Authorization key, second secret key, work A rights management program and copyright information are stored, and the read / write memory stores a data copyright in which a first public key, a first dedicated key, a second public key, and a first encryption key are transferred during operation. Management device.
(Supplementary Note 2) A data copyright management device used in connection with a user terminal device using digital data, wherein the data copyright management device is a central processing unit, a central processing unit bus, a read-only semiconductor memory, an electrical An erasable programmable memory and a read / write memory, wherein the central processing unit bus is connected to the central processing unit, the read-only semiconductor memory, the electrically / electrically erasable programmable memory, and the read / write memory; The system bus of the user terminal device is connectable, a data copyright management system program, a copyright management program, an encryption algorithm and user information are stored in the read-only semiconductor memory, and the electrically erasable programmable memory is 2 exclusive key, use permission A key, a second secret key, and copyright information are stored, and a first public key, a first private key, a second public key, and a first encryption key are transferred to the read / write memory during operation. Data copyright management device.
(Supplementary Note 3) The data copyright management device according to Supplementary Note 1 or 2 configured in an IC.
(Supplementary Note 4) The data copyright management device according to Supplementary Note 1 or 2, configured on an IC card.
(Supplementary Note 5) The data copyright management device according to Supplementary Note 1 or 2, configured on a PC card.
(Supplementary Note 6) The data copyright management device according to Supplementary Note 1 or 2, configured on an insertion board.
(Supplementary Note 7) A data copyright management device used in a user terminal device that decrypts and displays and processes encrypted digital data, and re-encrypts and stores, copies and transfers the decrypted data. Wherein the data copyright management device comprises a microprocessor, a computer including a microprocessor, a local bus connected to the microprocessor, a read-only semiconductor memory connected to the local bus, and a read / write memory; A data copyright management device wherein one of a microprocessor of the device and a microprocessor of the data copyright management device performs a decryption process and the other performs a re-encryption process.
(Supplementary Note 8) A data copyright management device used in a user terminal device that decrypts and displays and processes encrypted digital data, and re-encrypts and stores, copies, and transfers the decrypted data. Wherein the data copyright management device includes first and second microprocessors, a first local bus connected to the first microprocessor, and a first local bus connected to the first local bus. A first computer including a read-only semiconductor memory and a first read / write memory, a second local bus connected to the second microprocessor, and a second read connected to the second local bus A second computer including a dedicated semiconductor memory and a second read / write memory is configured, and the first microprocessor is encrypted. A data copyright management device that performs a data decryption process and the second microprocessor performs a re-encryption process on the decrypted data.

FIG. 1 is a configuration diagram of a data copyright management system according to a prior application invention. FIG. 1 is a configuration diagram of a data copyright management device according to the invention of the prior application. FIG. 1 is a configuration diagram of a data copyright management device according to a first embodiment of the present invention. FIG. 2 is a specific configuration diagram of the data copyright management device according to the first embodiment of the present invention. FIG. 4 is a processing flowchart of the data copyright management system according to the present invention. FIG. 1 is a configuration diagram of a data copyright management system according to a prior application invention. FIG. 2 is a general processing flowchart of digital data. FIG. 4 is a flowchart of processing for processing encrypted data according to the present invention. FIG. 5 is a configuration diagram of a data copyright management device according to a second embodiment of the present invention. FIG. 9 is a configuration diagram of a data copyright management device according to a third embodiment of the present invention. FIG. 9 is a configuration diagram of a data copyright management device according to a fourth embodiment of the present invention. FIG. 14 is a configuration diagram of a data copyright management device according to a fifth embodiment of the present invention. FIG. 14 is a configuration diagram of a data copyright management device according to a sixth embodiment of the present invention. FIG. 1 is a configuration diagram of a digital cash system which is an example of use of the present invention. FIG. 1 is a configuration diagram of a television conference system that is an example of use of the present invention.

Explanation of reference numerals

1 database 2 communication network 3, 10, 17 copyright management center 4, 5, 6, 7 user terminal device 11, 12, 13 recording medium 14 broadcast / communication satellite 15 'CD-ROM
16 Key Management Center 17, 22 Microcomputer Bus 18 Read Only Memory 19 Write / Read Memory 20 User Terminal 21, 16 Microcomputer 22 System Bus 23 of User Terminal 23 Communication Device 24 CD-ROM Drive 25 Flexible Disk Drive 26 Hard Disk Drive 30, 80, 85, 90, 97, 100, 101 Data copyright management device 31 Electrically erasable programmable memory 111 Customer 113 Retail store 115 Maker 112 Customer bank 114 Retail store bank 116 Maker bank 117, 118 IC Cards 121 and 122 Teleconference participants 123 and 124 Non-teleconference participants

Claims (3)

A work that is connected to the inside of a terminal device, a receiving device, a recording device, or a computer device that uses data, and manages a copyright of data provided to the terminal device, the receiving device, the recording device, or the computer device. A first secret key, a second secret key, and encrypted data are provided from the right management system to the terminal device, the receiving device, the recording device, or the computer device;
Means for storing the first secret key and the second secret key;
Means for receiving the supply of the encrypted data from the terminal device, a receiving device, a recording device, or a computer device;
Means for decrypting the encrypted data into decrypted data using the first secret key when the encrypted data is processed by the terminal device, the receiving device, the recording device, or the computer device;
Re-encryption means for encrypting the processed data into re-encrypted data using the second secret key;
Means for storing primary user information of the terminal device, the receiving device, the recording device, or the computer device when data processing is executed;
Means for discarding the first secret key and the second secret key when the re-encrypted data is copied or transferred;
A method for presenting primary user information of the terminal device, the receiving device, the recording device, or the computer device to use the re-encrypted data in the copyright management system so that the second secret key is retransmitted. Means for applying for retransfer of the second secret key,
A data copyright management device that causes a copy or transfer of the re-encrypted data to be registered in the copyright management system when the second secret key is retransmitted. A terminal device that uses data, a receiving device, a recording device, or a computer device that is used by being connected to the inside,
A microprocessor,
A local bus connected to the microprocessor;
A read-only semiconductor memory and a read / write memory connected to the local bus,
One of the microprocessor of the terminal device, the receiving device, the recording device, or the computer device and the microprocessor of the data copyright management device performs a decryption process, and the other performs a re-encryption process. A terminal device that uses data, a receiving device, a recording device, or a computer device that is used by being connected to the inside,
First and second microprocessors;
A first local bus connected to the first microprocessor;
A first read-only semiconductor memory and a first read / write memory connected to the first local bus;
A second local bus connected to the second microprocessor;
A second read-only semiconductor memory and a second read / write memory connected to the second local bus,
A data copyright management device wherein the first microprocessor performs a decryption process on the encrypted data, and the second microprocessor performs a re-encryption process on the decrypted data.

Images