JP2005260374A - Memory card, data encryption method and data decryption method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a memory card protecting the right of a copyright holder while promoting use of a semiconductor memory card. <P>SOLUTION: The memory card 100 comprises an interface signal terminal 110, an NAND memory 109, and a processor module 108. The processor module 108 comprises: a means 123 for calculating a current transfer rate from a clock signal inputted from the CLK of an IO interface 120; a table comparison means 121 for comparing a transfer rate stored in a key table which is stored in a key table storage area 115 in a management area 111 with the results from the transfer rate confirming means 123; and a means 122 for taking out the key data from the results of the table comparison means 121 and for encrypting data stored in the transfer rate encryption area 124 in a user data area 113 using that key data. <P>COPYRIGHT: (C)2005,JPO&NCIPI

Description

  The present invention relates to a memory card, a data encryption method, and a data decryption method.

  In recent years, the market for mobile phones, mobile devices, and the like is rapidly expanding, and accordingly, the market for compact and large-capacity memory cards as storage devices for recording digital contents such as audio data is also expanding.

  Digital content, on the other hand, can be copied or downloaded without loss of quality by adopting digital encoding technology such as MPEG2 used for encoding digital video and audio and MP3 (MPEG-1 Audio Layer3) used for audio compression. can do. Therefore, technology for protecting such digital contents from unauthorized use is regarded as important from the viewpoint of copyright protection.

  To solve security problems such as copyright protection, the memory card performs mutual authentication with the connected device (hereinafter referred to as “connected device”) and only when the validity of the connected device is proved. A security area which is an area accessed by the corresponding device is provided, and the important data is protected from unauthorized access by an unauthorized device by storing the important data in this security area (see, for example, Patent Document 1). In the case of semiconductor audio, a copy protection technique is considered in which digital content cannot be copied or a system that can be copied one to several times and the content is not copied.

In the case of a CD, a copy control CD (hereinafter referred to as “CCCD”) technique is considered as a copy protection technique, and is beginning to spread. However, since the CCCD places importance on compatibility with conventional devices, copy protection is performed using a very simple method. Therefore, depending on the drive, the data of CCCD may be copied. Currently, it is a defense against casual copyrs, but in the future, it can be easily imagined that even a casual copyr can easily copy a CCCD.
Japanese Unexamined Patent Publication No. 2001-249695 (paragraph “0021”, FIG. 4)

  Although it is possible to further strengthen the content protection, even if the copy protection technology is strengthened like the CCCD, a technology for breaking the content protection technology can be considered. Further, if the content protection is too strong, it is impossible to copy at all, which may prevent the spread of semiconductor audio and semiconductor memory cards and block the audio market itself.

  Therefore, an object of the present invention is to provide a memory card, a data encryption method, and a data decryption method that can protect the rights of the copyright holder while promoting the spread of semiconductor memory cards.

  A first feature of the present invention is a memory card that outputs content data in accordance with an input clock signal, and (a) a transfer rate confirmation unit that calculates a current transfer rate from the input clock signal. (B) table comparison means for comparing the transfer rate stored in the key table in which the key data is associated with each transfer rate and the transfer rate calculated by the transfer rate confirmation means; and (c) the table. Based on the result of the comparison means, the key data corresponding to the transfer rate calculated by the transfer rate confirmation means is extracted from the key table, and the content data stored in the transfer rate encryption area is encrypted using the key data. The gist of the invention is that the memory card includes data encryption means.

  The second feature of the present invention is: (a) a transfer rate confirmation step for calculating a current transfer rate; (b) a transfer rate stored in a key table in which key data is associated with each transfer rate; Based on the result of the table comparison step for comparing the transfer rate calculated by the transfer rate confirmation step and (c) the table comparison step, key data corresponding to the transfer rate calculated by the transfer rate confirmation step is extracted from the key table. And a method for encrypting the content data stored in the transfer rate encryption area using the key data.

  The third feature of the present invention is: (a) a transfer rate confirmation step for calculating a current transfer rate; (b) a transfer rate stored in a key table in which key data is associated with each transfer rate; Based on the result of the table comparison step for comparing the transfer rate calculated by the transfer rate confirmation step and (c) the table comparison step, key data corresponding to the transfer rate calculated by the transfer rate confirmation step is extracted from the key table. And a method for decrypting the received content data by using the key data.

  According to the present invention, it is possible to provide a memory card, a data encryption method, and a data decryption method that can protect the rights of the copyright holder while promoting the spread of semiconductor memory cards.

  Next, embodiments of the present invention will be described with reference to the drawings. In the following description of the drawings, the same or similar parts are denoted by the same or similar reference numerals. However, it should be noted that the drawings are schematic and ratios of dimensions and the like are different from actual ones. Accordingly, specific dimensions and the like should be determined in consideration of the following description. Moreover, it is a matter of course that portions having different dimensional relationships and ratios are included between the drawings.

(First embodiment)
As shown in FIG. 1, the data processing system according to the first embodiment includes a semiconductor memory card (hereinafter referred to as “memory card”) 100 that outputs content data in accordance with an input clock signal. A host device A200 and a host device B300 are provided.

  The host device A200 is, for example, a KIOSK terminal or the like, transmits content data, a key for encrypting the content data, and a key table to the memory card 100, and decrypts the content data to the host device B300. Key and key table are transmitted. Here, “content data” refers to image data or music data (audio data) used by the user. In the first embodiment, the data is assumed to be music data. On the other hand, the host device B300 is a semiconductor audio player, for example, and decrypts data received from the memory card 100 using the key and key table received from the host device A. That is, the host device A 200 is a host that writes content data to the memory card 100, and the host device B 300 is a host that reads content data from the memory card 100. Hereinafter, the memory card 100, the host device A200, and the host device B300 will be described in detail.

  First, the memory card 100 will be described. As shown in FIG. 1, the memory card 100 includes an interface signal terminal 110, a NAND memory 109, and a processor module 108. Hereinafter, the configuration of the memory card 100 will be described using an SD memory card as an example. Specifically, the SD memory card is a memory card having a size of 24 × 32 × 2.1 mm, having a copyright protection function corresponding to the SDMI standard, and capable of upward compatibility with MMC (Multi Media Card). It is. The SD memory card is an SDMI standard memory card jointly developed by Toshiba Corporation, Matsushita Electric Industrial Co., Ltd., and SanDisk Corporation.

  The interface signal terminal 110 includes CLK as a clock terminal, CMD for command transfer and response transfer to the corresponding command, DAT0, DAT1, DAT2, and DAT3 as data terminals, VDD as power supply terminals, and a total of 9 ground terminals GND. It consists of signal terminals.

  The NAND memory 109 includes a management data area 111 for storing information related to the memory card, a security area 112 for storing confidential data, and a user data area 113 for storing general data. In addition, although not shown, the NAND memory 109 includes a confidential area for storing important information such as encryption key data. Note that the confidential area may be included in the management data area 111.

  The management data area 111 stores card information such as security information and media ID of the memory card 100, key data (key data storage area 114) for storing a key used for data encryption, transfer rate and transfer Stores a key table (key table storage area 115) in which key numbers corresponding to rates are stored.

  The security area 112 is an area that can be accessed only when mutual authentication is performed with the connected host device and the validity of the host device is proved.

  The user data area 113 is an area that a user using the memory card 102 can freely use, and is an area for storing general data such as image data and music data. The transfer rate encryption area 124 in the user data area 113 contains data that needs to be encrypted using a key corresponding to the current transfer rate when data stored in this area is read out. Stored.

  The processor module 108 is connected to the controller 116 that forms the main control unit of the memory card 100, the ROM 117 that stores the control program, the SRAM 118 that is used as a work buffer memory, and the nine interface terminals of the memory card 100. An IO interface 120 serving as an interface between the card 100 and the host 101, a transfer rate confirmation unit 123, a data encryption unit 122, and a table comparison unit 121 are provided.

  The transfer rate confirmation unit 123 calculates the current transfer rate from the clock signal input from the CLK of the IO interface 120. In general, the transfer rate is expressed by the following equation (1).

Transfer rate = (input clock / number of data bits) x execution rate ... Formula (1)
For example, when the clock input from the IO interface 120 is 25 MHz, the actual efficiency is 1, and the data bit width is 1 bit, the transfer rate is about 3 MB / s, and the transfer rate when the data bit width is 4 bits is about 12.5 MB / s. The execution rate indicates the rate at which data is actually transferred. Actually, since the data bus is used for command transfer in addition to data transfer, the execution rate is smaller than 1. However, when calculating a rough transfer rate, the actual efficiency may be set to 1.

  The table comparison means 121 compares the transfer rate stored in the key table stored in the key table storage area 115 in the management data area 111 with the result of the transfer rate confirmation means 123.

  The data encryption means 122 extracts the key data stored in the key data storage area 114 of the management data area 111 of the NAND memory 109 from the result of the table comparison means 121, and uses the key data in the user data area 113. The data stored in the transfer rate encryption area 124 is encrypted.

  Next, the host device A200 will be described. The host device A200 includes a card interface 201 on which a plurality of memory cards 100 can be mounted, a device connection interface 202 that communicates with the host device B300, a CPU 203 that controls the host device A200, a system memory 204, and a storage device 205. And an input unit 206 and an output unit 207.

  The system memory 204 is a storage medium that stores a program for causing the CPU 203 to execute creation of a key table, determination of key data, and the like. Examples of the recording medium include a RAM, a hard disk, a flexible disk, a compact disk, an IC chip, and a cassette tape. According to the recording medium holding such a program, the program can be easily stored, transported, sold, and the like.

  The storage device 205 stores key data and a key table. The storage device 205 may use an internal storage device such as a RAM or an external storage device such as a hard disk or a flexible disk.

  The input unit 206 refers to devices such as a touch panel, a keyboard, and a mouse. When an input operation is performed from the input unit 206, corresponding key information is transmitted to the CPU 203.

  The output unit 207 indicates a screen such as a touch panel or a monitor, and a liquid crystal display (LCD), a light emitting diode (LED) panel, an electroluminescence (EL) panel, or the like can be used.

  Further, as shown in FIG. 2, the host device A 200 can be configured such that an initialization module 203 a, a transmission module 203 b, a reception module 203 c, a key table creation module 203 d, and a key data determination module 203 e are built in the CPU 203. These modules can be realized by executing a dedicated program for using a predetermined program language in a general-purpose computer such as a personal computer.

  The initialization module 203a performs an initialization process for bringing the memory card 100 into a readable / writable state.

  The transmission module 203b transmits an area setting command for setting a transfer rate encryption area to the memory card 100. The transmission module 203b transmits key data and a key table to the memory card 100 or the host device B300. Also, the content data is transmitted to the memory card 100.

  The reception module 203c receives a response transmitted from the memory card 100 when an area setting command, key data, a key table, or the like is received. Further, the receiving module 203c receives a response that is transmitted when key data, a key table, and the like are received from the host device B300.

  The key table creation module 203d creates a key table as shown in FIG.

  The key data determination module 203e determines key data to be transmitted to the host device B300 based on the amount paid by the user. The transmission module 203b transmits the key data determined by the key data determination module 203e to the host device B300.

  As the host device A200, a digital device such as a personal computer or a KIOSK terminal can be used.

  Next, the host device B300 will be described. Similarly to the host device A200, the host device B300 also has a card interface 301 on which a plurality of memory cards 100 can be mounted, a device connection interface 302 that communicates with the host device A200, and a CPU 303 that controls the host device B300. A system memory 304, a storage device 305, an input unit 306, and an output unit 307 are provided.

  The system memory 304 is a storage medium that stores a program for causing the CPU 303 to execute decryption of content data, reproduction of content data, and the like. Examples of the recording medium include a RAM, a hard disk, a flexible disk, a compact disk, an IC chip, and a cassette tape. According to the recording medium holding such a program, the program can be easily stored, transported, sold, and the like.

  The storage device 305 stores key data and a key table. The storage device 305 may use an internal storage device such as a RAM or an external storage device such as a hard disk or a flexible disk.

  The input unit 306 refers to devices such as a touch panel, a keyboard, and a mouse. When an input operation is performed from the input unit 306, corresponding key information is transmitted to the CPU 303.

  The output unit 307 indicates a screen such as a touch panel or a monitor, and a liquid crystal display (LCD), a light emitting diode (LED) panel, an electroluminescence (EL) panel, or the like can be used. The disk storage device 205 stores key data and a key table.

  Further, as shown in FIG. 3, the host device B300 has a configuration in which an initialization module 303a, a transmission module 303b, a reception module 303c, a storage module 303d, a data decoding module 303e, and a reproduction module 303f are built in the CPU 303. it can. These modules can be realized by executing a dedicated program for using a predetermined program language in a general-purpose computer such as a personal computer.

  The initialization module 303a performs an initialization process for setting the memory card 100 in a readable / writable state.

  The transmission module 303b transmits a response to the host device A220 when key data or a key table is received. The transmission module 303b transmits a data read command to the memory card 100.

  The receiving module 303c receives key data and key table data from the host device A200. The reception module 303 c receives content data from the memory card 100.

  The storage module 303d stores the key data and key table received from the host device A200 in the storage device 305.

  The data decryption module 303e calculates the current transfer rate, and compares the calculated transfer rate with a transfer rate stored in a key table in which key data is associated with each transfer rate. Then, based on the comparison result, key data corresponding to the calculated transfer rate is extracted, and the received content data is decrypted using the key data.

  The reproduction module 303f reproduces the decrypted data (music data).

  As the host device B200, a digital device such as a personal computer or an audio player can be used.

  Next, FIG. 4 shows an example of a key table created by the host device A200. For each transfer rate, a key number corresponding to the transfer rate, player correspondence information, and an amount are stored. Here, the “key number” is an identification number assigned to uniquely recognize key data.

In the case of FIG. 4, the transfer rate is set to 1 kB / s × 100 ^2−N (N is an integer from 0 to 4) based on 1 kByte / Second (hereinafter referred to as “B / s”).

  The player correspondence information is used when the key table is stored in the host device B300 (player), and the information is set according to the amount of money. For example, when the user purchases content data for 3,000 yen, the transfer rate for 3,000 yen is 1 kB / s, so the player can play back at a transfer rate of 1 kB / s or less. Therefore, in the player correspondence information, information of “× (not supported)” if the transfer rate exceeds 1 kB / s and “◯ (supported)” if it is 1 kB / s or less are entered.

  The host device A200 creates the key table, and the host device A200 transmits to the memory card 100 a key table including at least two of the transfer rate and the key number. In addition, the host device A200 transmits to the host device B300 a key table including at least three of the transfer rate, number, and player correspondence information.

  Next, a data processing method according to the first embodiment will be described with reference to FIGS. Here, an example will be described in which a user purchases music data with the host device A200 (KIOSK terminal) and views the music with the host device B300 (audio player) that the user has. The host device A200 is a device equipped with an interface for connecting to a card interface of the memory card 100, a reader / writer, and a host device B300 (audio player) having a function of reproducing content data in the memory card 100. The host device B300 is a device equipped with a card interface of the memory card 100, a function of reading data in the memory card 100, and a function of decrypting encrypted data.

  When the user goes to the KIOSK terminal 200, a screen as shown in FIG. 9 is displayed. In accordance with this display, the user inserts the memory card 100 into the KIOSK terminal 200 and connects the player 300 to the KIOSK terminal 200.

  First, data exchange between the KIOSK terminal (host device A200) and the memory card 100 will be described with reference to FIGS.

  (A) First, in step S101 of FIG. 5, the memory card 100 is inserted into the card interface 201 of the host device A200 while the host device A200 is powered on. Alternatively, the host device A200 is powered on with the memory card 100 mounted. Then, the memory card 100 is turned on, and in step S102, the host device A200 performs an initialization process so that the memory card 100 can be read / written. Next, a screen as shown in FIG. 10 is displayed on the KIOSK terminal (host device A200). The user selects content with a transfer rate (read transfer time) to be purchased, presses a purchase button (not shown), and inputs the selected content price to the KIOSK terminal (host device A200). Here, it is assumed that the content corresponding to the low speed (1 kB / s) is selected and the price of 3,000 yen is input to the KIOSK terminal. It is assumed that the screen shown in FIG. 10 corresponds to the key table shown in FIG.

  (B) Next, in step S103, the host device A200 transmits to the memory card 100 an area setting command for setting the transfer rate encryption area 124 to be encrypted according to the transfer rate. Upon receiving the area setting command, the memory card 100 determines whether or not the transfer rate encryption area 124 can be set in the user data area 113. If the area can be set, the memory card 100 transfers the area to the user data area 113 in step S104. The rate encryption area 124 is set.

  (C) Next, in step S105, the memory card 100 transmits a response including the area setting completion information to the host device A200. Alternatively, if the area cannot be set, the memory card 100 does not create the transfer rate encryption area 124 and transmits a response including the area setting impossible information to the host device A200.

  (D) Next, the host device A200 receives the response from the memory card 100, and determines whether or not the area setting is completed in step S106. If it has been completed, the process proceeds to step S107. If it has not been completed, the process ends.

  (E) Next, in step S107, the host device A200 transmits all the keys corresponding to the transfer rate of the key table to the memory card 100. That is, as shown in step S107 in FIG. 8, keys 1 to 4 are transmitted. The memory card 100 receives the key data, and stores the received key data in the key data storage area 114 in the management data area 111 in step S108. Then, after the storage of the key data is completed, a response is transmitted to the host device A200 in step S109.

  (F) Next, in step S110, the host device A200 receives a response from the memory card 100. In step S111, the host device A200 transmits a key table including a transfer rate and a key number corresponding to the transfer rate to the memory card 100. (See step S111 in FIG. 8). The memory card 100 receives the key table, and stores the received key table in the key table storage area 115 in the management data area 111 in step S112. In step S113, the memory card 100 transmits a response to the host device A200 after the storage of the key table is completed.

  (G) Next, in step S114, when the host device A200 receives the response from the memory card 100, in step S115, the write command for writing data to the memory card 100 and the content stored in the transfer rate encryption area 124. Data is transmitted (see step S115 in FIG. 8). In step S116, the memory card 100 stores the received content data in the transfer rate encryption area 124. At this time, the content data is unencrypted raw data. Thereafter, in the transfer rate encryption area 124, data cannot be added and deleted.

  Next, data exchange between the KIOSK terminal (host device A200) and the player (host device B300) will be described with reference to FIGS.

(A) First, in step S201, the host device A200 transmits key data corresponding to the content price input to the host device B300. Since the user has inserted 3,000 yen, the key rate data corresponding to the low speed (1 kB / s) and the minimum speed (1 × 100 ⁻¹ kB / s) is transmitted from FIG. 4 and FIG. . That is, as shown in step S201 in FIG. 8, the key 3 and the key 4 are transmitted. The host device B300 receives the key data, and stores the received key data in the storage device 305 in step S202.

  (B) Then, after the storage of the key data is completed, a response is transmitted to the host device A200 in step S203. Next, in step S204, the host device A200 receives a response from the host device B300, and in step S205, the host device B300 sends a key table including a transfer rate, a key number corresponding to the transfer rate, and player correspondence information to the host device B300. Transmit (see step S205 in FIG. 8).

  (C) Next, the host device B300 receives the key table, and stores the received key table in the storage device 305 in step S206. In step S207, the host device B300 transmits a response to the host device A200 after the storage of the key table is completed. In step S208, the host device A200 receives a response from the host device B300.

  Next, data exchange between the host device B300 (player) and the memory card 100, that is, a data encryption / decryption method will be described with reference to FIGS.

  (A) First, in step S301, the memory card is inserted into the card interface of the host in a state where the host device B300 is powered on. Alternatively, the host device B300 is powered on with a memory card attached. Then, the memory card is turned on, and in step S302, the host device B300 performs an initialization process to make the memory card readable / writable.

  (B) Next, in step S303, the host device B300 transmits a read command to the memory card in order to read data in the transfer rate encryption area 124. In step S304, when receiving the read command, the memory card 100 confirms the current transfer rate by the transfer rate confirmation unit 123 in step S305.

  (C) Next, in step S306, the memory card 100 compares the key table stored in the key table storage area 115 in the management data area 111 with the result of the transfer rate confirmation means 123, and based on the comparison result, the transfer rate. Is selected from the key data storage area 114 in the management data area 111. Next, in step S307, the memory card 100 encrypts the data in the transfer rate encryption area 124 using the selected key, and transmits the encrypted data to the host device B300 in step S308.

  (D) Next, in step S309, the host device B300 receives the encrypted data from the memory card 100. In step S310, the host device B300 calculates the current transfer rate, and compares the calculated transfer rate with the transfer rate stored in the key table in which key data is associated with each transfer rate. Then, based on the comparison result, key data corresponding to the calculated transfer rate is extracted, and the received content data is decrypted using the key data. The key table is stored in the storage device 305.

  In this way, by changing the key used for encrypting the content data for each transfer rate, a host device that does not have the key cannot be decrypted.

  Specifically, first, the case where the transfer rate is 1 kB / s will be described with reference to FIG. This is an example where purchased music data can be decrypted.

  First, the host device B300 requests the memory card 100 to read content data in the transfer rate encryption area. The transfer rate at this time is 1 kB / s. Next, the memory card 100 confirms the current transfer rate by the transfer rate confirmation means 123, compares the current transfer rate with the key table (see FIG. 4) stored in the key table storage area, and transfers the transfer rate of 1 kB. The key 3 corresponding to / s is selected.

  Next, the memory card 100 encrypts the content data stored in the transfer rate encryption area 124 using the key 3, and transmits the encrypted data to the host device B300.

  Next, the host device B300 receives the encrypted content data and compares the current transfer rate with the key table. Next, the current transfer rate is acquired, and the received content data is decrypted using the key 3 corresponding to the current transfer rate of 1 kB / s.

  Next, the case where the transfer rate is 10 MB / s will be described with reference to FIG. This is an example when purchased music data cannot be decrypted.

  Similarly to the transfer rate of 1 kB / s, the host device B300 issues a read request for content data in the transfer rate encryption area 124 to the memory card 100. The transfer rate at this time is 10 MB / s. Next, the memory card 100 acquires the current transfer rate, compares the current transfer rate with the key table (see FIG. 4) stored in the key table storage area, and determines the key 1 corresponding to the transfer rate of 10 MB / s. Select.

  Next, the memory card 100 encrypts the content data stored in the transfer rate encryption area 124 using the key 1, and transmits the encrypted data to the host device B300.

  Next, the host device B300 receives the encrypted data, acquires the current transfer rate, and compares the current transfer rate with the key table. At this time, the player correspondence information in the key table shows that this player does not support the transfer rate of 10 MB / s. For this reason, even if the content data is received from the memory card, since the player does not have the key 1, it cannot be decrypted.

  As described above, in the data processing system and the data processing method according to the first embodiment, the transfer rate encryption area 124 is created, the data is stored in the transfer rate encryption area 124, and the key data and the key table are stored. Are also stored in the memory card 100. When data in the transfer rate encryption area 124 is read, the memory card 100 changes the key according to the transfer rate, encrypts the data using the key, and transmits the encrypted data to the host device B300. The host device B300 cannot decrypt data at a transfer rate faster than the transfer rate corresponding to the fee paid to the host device A200.

  In the past, it was thought that it was necessary to strengthen copy protection technology for copyright protection, but considering the fact that casual copyrs actually make copies, the cost required for copying However, since it is cheap and the time for copying is short, it is considered that the problem is that it can be easily copied. For example, if the cost of the medium for copying is higher than the cost of purchasing the content, or if the time to copy the content takes several to several tens of times the content playback, the advantage of actually copying the content However, since the disadvantages are larger, it is considered that copying is not performed.

  Thus, until now, copyright protection has been carried out by considering non-copyable technologies such as SD memory cards and CCCDs. However, in the first embodiment, content data can be copied. Think of it as something. However, the consideration can be changed depending on the conditions for copying, specifically, the time (transfer rate) at which the content is copied.

  For this reason, according to the data processing system and the data processing method according to the first embodiment, the key data used for encryption and decryption differs according to the transfer rate. The rights of the copyright holder can be protected.

(Second Embodiment)
In the first embodiment, the key data and the key table are stored in both the memory card and the player using the KIOSK terminal. In the second embodiment, the key data and the key table are already stored in the memory card. A case where a key table and content data are stored will be described.

  The data processing system according to the second embodiment includes a memory card 100 and a host device B300. Since the configuration of the host device B300 is the same as that of the first embodiment, the description thereof is omitted here.

  As shown in FIG. 12, the memory card 100 according to the second embodiment includes an interface signal terminal 110, a NAND memory 109, and a processor module 108. Since the interface signal terminal 110 and the NAND memory 109 are the same as those in the first embodiment, description thereof is omitted here.

  The processor module 108 is connected to the controller 116 that forms the main control unit of the memory card 100, the ROM 117 that stores the control program, the SRAM 118 that is used as a work buffer memory, and the nine interface terminals of the memory card 100. An IO interface 120 serving as an interface between the card 100 and the host 101, a transfer rate confirmation unit 123, a data encryption unit 122, a table comparison unit 121, and a copy number comparison unit 130 are provided.

  The copy count comparing means 130 compares the copy permission count and the copy count included in the key table. When copying is performed, “1” is set to the copy count in the key table stored in the key table storage area 115. to add.

  Note that the controller 116, the ROM 117, the SRAM 118, the IO interface 120, the transfer rate confirmation unit 123, the data encryption unit 122, and the table comparison unit 121 are the same as those in the first embodiment, and thus description thereof is omitted here. .

  In the second embodiment, a key table 140 stored in the memory card 100 will be described with reference to FIG. The key table 140 stores a transfer rate, and stores a key number, the number of permitted copies, and the number of copies for each transfer rate.

For example, in FIG. 13, the part of the transfer rate of 1 kB / s, that is, “1k × 100 ^2-2 ” stores “key C” as the key number, “7” as the permitted number of copies, and “6” as the number of copies. Is stored. This means that the number of times that copying can be performed at a transfer rate of 1 kB / s is seven, and copying has already been performed six times at a transfer rate of 1 kB / s.

  In the first embodiment, the key data and the key table are transmitted from the host device A200 to the host device B300. However, in the second embodiment, the key is preliminarily stored in the host device B300 (here, a personal computer). Embed the data. Even today, key data is embedded in PC software that plays back memory cards that support copyright protection.

  For example, in FIG. 13, a key A is for an audio player using a memory card and has an interface, a key B is for a dedicated audio player software 1 for a personal computer, a key C is for a dedicated audio player software 2 for a personal computer, and a key D Is for the dedicated audio player software 3 for a personal computer, and the key E is a key for an audio player that comes standard with the operating system. There are several audio software for PCs, but this is due to differences in version and software purchase price.

  The host device B300 (personal computer) is a device that uses a memory card and has an interface, a data read / write function, and a data decryption function. The personal computer holds the dedicated audio software 2 and a key C corresponding to the dedicated audio software 2. The memory card 100 already stores key data, a key table, and unencrypted content data.

  Next, regarding the data processing method according to the second embodiment, FIG. 14 and FIG. 15 are shown for data exchange between the host device B300 (personal computer) and the memory card 100, that is, data encryption and decryption methods. Use and explain.

  (A) First, steps S401 and S402 in FIG. 14 are the same as steps S301 and S302 in FIG.

  (B) Next, in step S403, the user transmits a content data read command to the memory card using the dedicated audio software 2 on the host device B300 (personal computer). Next, when receiving a read command in step S404, the memory card 100 acquires the current transfer rate in step S405. Next, the key table 140 stored in the key table storage area 150 of the management data area 111 is compared with the current transfer rate. In step S406, the copy permission count corresponding to the current transfer rate is compared with the copy count.

  (C) If the number of times of copying is equal to or greater than the number of permitted copies, the process proceeds to step S412 to reject the data read request. On the other hand, if the number of copies is less than the number of permitted copies, 1 is added to the number of copies, and the process proceeds to step S407.

  (D) Since the processing of steps S407 to 411 is the same as the processing of steps S306 to 310, description thereof is omitted here.

  Specifically, processing when the transfer rate is 1 kB / s will be described with reference to FIG.

  Since the current transfer rate is 1 kB / s, the memory card 100 compares the number of times the copy is permitted and the number of copies at the transfer rate 1 kB / s in the key table. In the case of FIG. 15A, since the copy permission count is “7” and the copy count is “6”, it is determined that the memory card 100 can copy. Since the memory card 100 can be copied, the key C corresponding to the transfer rate of 1 kB / s is selected. Then, the memory card 100 encrypts the raw data of the content using the key C and transmits it to the host device B (personal computer). The memory card 100 adds 1 to the number of copies corresponding to the transfer rate 1 kB / s in the key table. As a result, the number of copies at a transfer rate of 1 kB / s becomes “7”. The dedicated audio software 2 uses the key C to decrypt the content data.

  A case where content data is copied again on the memory card 100 to which the number of times of copying has been added by 1 under the same conditions as described above will be described with reference to FIG.

  Since the current transfer rate is 1 kB / s, the memory card 100 compares the number of permitted copies with the number of copies at the transfer rate of 1 kB / s. Since the copy permission count is “7” and the copy count is “7”, it is determined that the memory card 100 cannot copy. Therefore, the memory card returns a rejection response to the content read request from the audio software 2. This makes it impossible to read data at a transfer rate of 1 kB / s.

  Unlike the first embodiment, the second embodiment uses a memory card in which key data, a key table, and content data are written in advance. When reading the content data in the memory card, the memory card changes the key according to the transfer rate, encrypts the data using the key, and transmits it to the host device B. Therefore, key data and a key table can be set without using the host device A200.

  According to the second embodiment, when content data is transmitted, the number of copies can be counted, the number of copies can be stored in the key table, and copying exceeding the permitted number of copies can be prohibited. For this reason, the number of accesses to the content data can be limited.

  In the second embodiment, the same encryption algorithm is used in the memory card 100, but the encryption algorithm may be changed for each transfer rate as shown in FIG. Thereby, a stronger protection system can be constructed.

(Third embodiment)
In the third embodiment, when a memory card in which key data, a key table, and content data are written in advance is purchased and content data in the memory card is copied, as in the second embodiment. The memory card determines whether the data has already been reproduced, and determines whether copying is possible or not based on the determination result.

  In the following description, a request to copy data in the memory card is called a “copy request”, and a request to read data in the memory card (reproduction request) is called a “read request”. The commands are the same, and the memory card determines these requests according to the amount of data transferred over a certain time.

  The data processing system according to the third embodiment includes a memory card 100 and a host device B300. Since the configuration of the host device B300 is the same as that of the first embodiment, the description thereof is omitted here.

  As shown in FIG. 17, the memory card 100 according to the third embodiment includes an interface signal terminal 110, a NAND memory 109, and a processor module 108. Since the interface signal terminal 110 and the NAND memory 109 are the same as those in the first embodiment, description thereof is omitted here.

  The processor module 108 is connected to the controller 116 that forms the main control unit of the memory card 100, the ROM 117 that stores the control program, the SRAM 118 that is used as a work buffer memory, and the nine interface terminals of the memory card 100. An IO interface 120 serving as an interface between the card 100 and the host 101, a transfer rate confirmation unit 123, a data encryption unit 122, a table comparison unit 121, a copy number comparison unit 130, and a reproduction determination unit 131 are provided.

  The reproduction determination unit 131 determines whether or not the music data (audio data) requested to be copied has been reproduced.

  The controller 116, the ROM 117, the SRAM 118, the IO interface 120, the transfer rate confirmation unit 123, the data encryption unit 122, the table comparison unit 121, and the copy number comparison unit 130 are the same as those in the second embodiment. The description is omitted here.

  A key table stored in the memory card 100 in the third embodiment will be described with reference to FIG. The key table 140 stores the transfer rate, and stores the key number, the number of times allowed for copying, the number of times of copying, and the number of times of reproduction, which is the number of times of reproducing all the data in the transfer rate encryption area, for each transfer rate.

  Next, with regard to the data processing method according to the third embodiment, FIG. 19 and FIG. 20 show the data exchange between the player (host device B300) and the memory card 100, that is, the data encryption and decryption method. Use and explain.

  (A) First, steps S501 and S502 in FIG. 19 are the same as steps S301 and S302 in FIG.

  (B) Next, in step S 503, the host device B 300 transmits a request for copying the data in the transfer rate encryption area 124 in the memory card 100 to the memory card 100. Next, when the memory card 100 receives a data copy request in step S504, it acquires the current transfer rate in step S505. Next, the key table 140 stored in the key table storage area 115 of the management data area 111 is compared with the current transfer rate.

  (C) In step S506, the number of reproductions in the key table 140 is confirmed. The data reproduction count is counted when all data in the transfer rate encryption area is reproduced. This count is reset to “0” when the memory card 100 is removed from the host device B300. Become. If the number of data reproduction times is “0”, the process proceeds to step S508, and the data copy request is rejected. At this time, the memory card 100 accepts only a read request, and the read request accepts only a portion where the designated address has not been read once after the memory card 100 is inserted.

  (D) If the number of data reproduction times is “one time” or more, the process proceeds to step S507. The processing in steps S507 to 513 is the same as the processing in steps S406 to 411 in FIG.

  (E) Next, in step S514, the host device B300 removes the memory card 100 from the host device B300 because the data copy from the memory card 100 is completed. When the memory card 100 is removed from the host device B300, the power supply is stopped. At this time, in step S515, the number of times of data reproduction in the key table 140 is reset to “0”.

  Specifically, processing when the transfer rate is 1 kB / s will be described with reference to FIG.

  Since the current transfer rate is 1 kB / s, the memory card 100 checks the number of reproductions of the transfer rate 1 kB / s in the key table. When the memory card 100 is first inserted into the host device B300 (personal computer), as shown in FIG. 20 (a), the number of reproductions is “0”, so the memory card 100 is removed from the host device B300 (personal computer). Reject the data copy request.

  When the number of times of reproduction in the key table is “0”, the memory card 100 rejects all write commands and various instructions from the host device B300 (personal computer). The memory card 100 confirms that all data has been reproduced, and then enters a state where it can accept various requests from the host as usual.

  Therefore, the user reads all data stored in the transfer rate encryption area 124 and reproduces all data. The memory card 100 confirms whether all data in the transfer rate encryption area has been reproduced, and sets the number of reproductions in the key table to “1”.

  Next, the user transmits a copy request to the memory card 100 in order to copy the content data in the memory card 100. When the memory card 100 receives the copy request, the memory card 100 checks the number of reproductions in the key table 140. As shown in FIG. 20B, since the number of times of reproduction is currently “1”, the memory card 100 accepts a copy request from the host device B300 (personal computer) and responds from the key table 140 according to the transfer rate. Select the key, encrypt the data using that key, and send the encrypted data.

  When receiving the encrypted data, the host device B300 (personal computer) can decrypt the encrypted data, read the data, and copy it, as in the second embodiment.

  When the memory card 100 is extracted from the host device B300 (personal computer), the memory card 100 sets the number of reproductions stored in the key table 140 in the memory card 100 to “0”. Therefore, even if the memory card 100 is inserted into the host device B300 (personal computer) next time, it is impossible to copy the data unless it is reproduced again.

  In the third embodiment, when data in the memory card 100 is copied, if all data in the transfer rate encryption area 124 is not reproduced once, the data in the transfer rate encryption area 124 is copied. Is impossible. Therefore, it takes “reproduction time + copy time” to copy, and it is impossible to copy in a short time. For this reason, the time for copying is short, and it is a problem that the current casual copyr can be easily copied. However, since it takes time to copy, the copy from the casual copyr can be prevented.

  According to the data processing system and the data processing method according to the third embodiment, normal data exchange with the memory card becomes impossible only after all data is reproduced every time the memory card 100 is inserted into the host device B300. Therefore, easy copying cannot be performed, and the content data in the memory card can be protected.

  In the third embodiment, it is described that all data in the transfer rate encryption area 124 can be copied after reproduction. However, not only the data in the transfer rate encryption area but also the user data area and The data may be copied after the data in the security area is reproduced.

(Fourth embodiment)
In the fourth embodiment, a service in the case where a memory card in which key data, a key table, and content data are written in advance is purchased and the purchased memory card is used by a rental company will be described.

  The data processing system according to the fourth embodiment includes a memory card 100 and a host device B300. Since the configuration of the host device B300 is the same as that of the first embodiment, the description thereof is omitted here. Further, the configuration of the memory card 100 is the same as that of the second embodiment (see FIG. 12), and thus the description thereof is omitted here.

  Next, a memory card lending method according to the fourth embodiment will be described with reference to FIGS. First, as shown in FIG. 22, the rental company 400 owns a copy number investigation device 402 and a copy number reset device 401 having a memory card interface. On the other hand, the user 500 owns an audio player 502 capable of reproducing content data in the memory card 100 or a personal computer 504 equipped with dedicated audio software 503. The audio player 502 or the personal computer 504 has a key D501.

  (A) First, in step S601 of FIG. 21, the rental agent 400 lends the memory card 100 storing the content data to the user 500. At this time, as shown in FIG. 22, the number of copies of the key table 140 in the memory card 100 is all “0”. In step S602, the user 500 receives the card, and in step S603, pays a basic fee to the rental company 400. In step S604, the rental agent 400 receives a basic fee.

(B) Next, in step S605, the user 500 copies the memory card 100 borrowed from the rental agent 400 three times using, for example, the personal computer 504 on which the dedicated audio software 503 corresponding to the key D501 is installed. Do. At this time, “3” is written in the copy count of the portion of the transfer rate 1 kB / s × 100 ^2-3 in the key table 140 in the memory card 100.

  (C) Next, in step S606, the user 500 returns the memory card 100 storing the key table 140 to the rental agent 400. Next, in step S608, the rental company 400 inserts the memory card 100 into the copy number checking device 402, and checks how many times it has been copied at what rate. In step S609, the user is charged an additional copy fee according to the rate and the number of times.

  (D) Next, in step S610, the user 500 pays an additional fee, and in step S611, the rental agency 400 receives the additional fee. Next, in step S612, the rental company 400 inserts the memory card 100 into the copy count reset device 401 and sets the copy count in the key table 140 to “0” for next lending.

  According to the memory card lending method according to the fourth embodiment, when lending a memory card in which key data, a key table, and content data are written in advance, the additional fee is changed according to the number of copies and the transfer rate. Can do.

(Other embodiments)
Although the present invention has been described according to the above-described embodiments, it should not be understood that the descriptions and drawings constituting a part of this disclosure limit the present invention. From this disclosure, various alternative embodiments, examples and operational techniques will be apparent to those skilled in the art.

  For example, in the first embodiment, a KIOSK terminal is exemplified as the host device A200. However, the host device A200 is not limited to a KIOSK terminal as long as it has the function shown in FIG. For example, a personal computer or a mobile phone equipped with a memory card interface is also possible.

  Similarly, in the first to fourth embodiments, an audio player or a personal computer is exemplified as the host device B300. However, the host device B300 is not limited to these as long as it has the functions shown in FIG. Absent. For example, a cellular phone equipped with a memory card interface is also possible.

  In the first embodiment, it has been described that the host device A200 transmits key data corresponding to the transfer rate to the host device B300. However, the host device B300 transmits all key data to the host device B300. Further, it may be determined whether or not decryption is possible by comparing the player correspondence information in the key table with the current transfer rate.

  In the first embodiment, the host device A 200 and the host device B 300 may communicate with each other via a communication network such as the Internet or a telephone network.

  In FIG. 1 and the like, it has been described that the key data storage area 114 and the key table storage area 115 are arranged in the management data area 11, and the transfer rate encryption area 124 is arranged in the user data area 113. The area 114, the key table storage area 115, and the transfer rate encryption area 124 may be arranged in any area on the NAND memory 109.

  In the data processing method according to the first embodiment, it has been described that the user inserts the memory card 100 into the KIOSK terminal 200 and connects the player 300 to the KIOSK terminal 200. However, the memory card 100 and the host device B300 are simultaneously connected to the host device. It is not necessary to connect to A200, and it may be connected at a different timing.

  In the first to fourth embodiments, it has been described that the memory card 100 stores the content data as it is without encrypting the raw data. However, the present invention is not limited to this, regardless of whether it is simple or difficult. It may be encrypted.

  In the first to fourth embodiments, examples using the memory card 100 have been described. However, a function similar to that of a memory card may be realized by combining a CD and a drive. In this case, the management data is stored in a nonvolatile memory of the drive.

  In the first to fourth embodiments, it has been described that both the key data and the key table are stored in the memory card 100. However, only one of them may be stored. At this time, if there is no key data, even if the data is stored in the transfer rate encryption area 124, the data to be read is not encrypted. When there is key data and there is no key table, when data in the transfer rate encryption area 124 is read, data encrypted using a specific key is read regardless of the transfer rate.

  Further, in the first embodiment, it is described that the transfer rate encryption area 124 cannot be additionally written or deleted once written like a one-time ROM. Possible area is also acceptable. At this time, when deleting the area, deleting the area deletes all the data stored in the area.

  In the first to fourth embodiments, the transfer rate encryption area 124 created in the memory card 100 is described as one, but there are a plurality of transfer rate encryption areas 124 in the memory card. May be. In that case, key data and a key table may be held for each transfer rate encryption area 124.

  In the first to fourth embodiments, the same key table is used to read data in the transfer rate encryption area 124, but the key table is key information for each content, each application, and each medium. A separate key table may be held by each media key block storing the ID and each host device.

  In the first to fourth embodiments, the key table stores a transfer rate, a key number, player correspondence information, and a monetary amount. In addition, date information, time information, position information, weather information, Information such as the amount of light, volume, speed, and atmospheric pressure may be stored.

  In the first to fourth embodiments, a memory card has been described as an example of storing content data. However, other semiconductor memory cards such as a ROM card may be used.

  In the second embodiment, it has been described that the encryption algorithm may be changed for each transfer rate as shown in FIG. 16, but the first embodiment and the third and fourth embodiments are also described. Of course, the encryption algorithm may be changed.

  In the first to fourth embodiments, music data (audio data) has been described as an example of content data, but the content data is not limited to this, and image data, document data, etc. I do not care.

  As described above, the present invention naturally includes various embodiments not described herein. Therefore, the technical scope of the present invention is defined only by the invention specifying matters according to the scope of claims reasonable from the above description.

1 is a configuration block diagram of a data processing system according to a first embodiment. FIG. FIG. 3 is a configuration block diagram of a CPU of the host device A according to the first embodiment. FIG. 3 is a configuration block diagram of a CPU of the host device B according to the first embodiment. It is an example of the key table which concerns on 1st Embodiment. It is a flowchart which shows the data processing method which concerns on 1st Embodiment (the 1). It is a flowchart which shows the data processing method which concerns on 1st Embodiment (the 2). It is a flowchart which shows the data processing method which concerns on 1st Embodiment (the 3). It is a schematic diagram for demonstrating the data processing method which concerns on 1st Embodiment. It is an example of the display screen of the host apparatus A which concerns on 1st Embodiment (the 1). It is an example of the display screen of the host apparatus A which concerns on 1st Embodiment (the 2). It is a schematic diagram when the host apparatus B which concerns on 1st Embodiment reads content data. It is a block diagram of the configuration of the memory card according to the second embodiment. It is an example of the key table which concerns on 2nd Embodiment (the 1). It is a flowchart which shows the data processing method which concerns on 2nd Embodiment. It is a schematic diagram when the host apparatus B which concerns on 2nd Embodiment reads content data. It is an example of the key table which concerns on 2nd Embodiment (the 2). It is a block diagram of the memory card according to the third embodiment. It is an example of the key table which concerns on 3rd Embodiment. It is a flowchart which shows the data processing method which concerns on 3rd Embodiment. It is a schematic diagram when the host apparatus B which concerns on 3rd Embodiment reads content data. It is a flowchart of the memory card rental method which concerns on 4th Embodiment. It is a schematic diagram for demonstrating the memory card rental method which concerns on 4th Embodiment.

Explanation of symbols

DESCRIPTION OF SYMBOLS 100 Memory card 108 Processor module 109 NAND memory 110 Interface signal terminal 111 Management data area 112 Security area 113 User data area 114 Key data storage area 115 Key table storage area 116 Controller 117 ROM
118 SRAM
119 Memory interface 120 IO interface 121 Table comparison unit 122 Data encryption unit 123 Transfer rate confirmation unit 124 Transfer rate encryption area 130 Copy number comparison unit 131 Playback determination unit 200 Host device A
300 Host device B

Claims (5)

A memory card that outputs content data according to an input clock signal,
Transfer rate confirmation means for calculating a current transfer rate from the input clock signal;
Table comparison means for comparing a transfer rate stored in a key table in which key data is associated with each transfer rate, and a transfer rate calculated by the transfer rate confirmation means;
Based on the result of the table comparison unit, the key data corresponding to the transfer rate calculated by the transfer rate confirmation unit is extracted from the key table, and the content stored in the transfer rate encryption area using the key data A memory card comprising: data encryption means for encrypting data. The key table further includes a copy permission count and a copy count of content data associated with each transfer rate,
A copy number comparison means for comparing the copy permission number and the copy number;
2. The memory card according to claim 1, wherein the content data is not output when the number of times of copying exceeds the number of times of permitted copying. The key table further includes the number of playbacks associated with the transfer rate,
It further comprises a reproduction determining means for determining whether or not the content data requested for copying has been reproduced,
3. The memory card according to claim 1, wherein the content data is not output when the data is not reproduced. 4. A transfer rate confirmation step for calculating the current transfer rate;
A table comparison step for comparing the transfer rate stored in the key table in which the key data is associated with each transfer rate and the transfer rate calculated by the transfer rate confirmation step;
Based on the result of the table comparison step, key data corresponding to the transfer rate calculated by the transfer rate confirmation step is extracted from the key table, and stored in the transfer rate encryption area using the key data. A data encryption method comprising: encrypting content data. A transfer rate confirmation step for calculating the current transfer rate;
A table comparison step for comparing the transfer rate stored in the key table in which the key data is associated with each transfer rate and the transfer rate calculated by the transfer rate confirmation step;
Extracting key data corresponding to the transfer rate calculated by the transfer rate confirmation step from the key table based on the result of the table comparison step, and decrypting the received content data using the key data; A data decoding method comprising:

Images