JP2007043538A - System and method for authentication - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To reduce cost for device authentication processing when a plurality of devices to be authenticated access one authentication execution device. <P>SOLUTION: An encrypted content communication system includes a source device 200, and a plurality of destination devices 300A-300N for receiving license information and content from the source device 200. The first destination device 300A executes the device authentication of the second destination device 300N. The source device 200 executes the device authentication of the 300A. When the above authentication is successful, an encrypted challenge key for use in accessing the license information is issued to the 300A. The 300A supplies the encrypted challenge key being issued from the source device, to the 300N of which authentication is completed. The 300N acquires the license information from the source device 200, using the above encrypted challenge key. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to an authentication technique that can reduce authentication processing costs in a digital content distribution device.

  As a system for improving the efficiency of challenge response type device authentication processing, an authentication system described in Patent Document 1 is known. In this authentication system, instead of public key encryption conventionally used for challenge-response type device authentication, encryption with a common key with a shorter processing time is performed. As a result, the authentication processing cost can be reduced.

JP 2003-101530 A

  However, in the conventional authentication system, when the number of devices to be authenticated increases, the authentication cost increases accordingly. For example, when the above-described conventional authentication system is applied to a content distribution system that performs device authentication before distribution of digital content, N receiving devices are used as content transmitting devices that require time T for device authentication per content receiving device. , It takes T × N time to start digital content distribution.

  Therefore, an object of the present invention is to reduce the device authentication processing cost when a plurality of authentication target devices access one authentication execution device.

The present invention
In a system comprising a source device and a plurality of receiving devices including first and second receiving devices that receive data from the source device, a certification method for performing device authentication of the plurality of receiving devices,
A process in which the first receiving device executes device authentication of the second receiving device;
If device authentication of the second receiving device by the first receiving device is successful, the source device performs device authentication of the first receiving device, and if the authentication processing is successful, the data Issuing authentication information used for access to the first receiving device;
A process in which the first receiving device transfers the authentication information given from the source device to the second receiving device as authentication information used by the second receiving device to access the data;
The authentication method characterized by including this is provided.

  According to the present invention, it is possible to reduce the device authentication processing cost when a plurality of authentication target devices access one authentication execution device.

  Hereinafter, embodiments of the present invention will be described with reference to the accompanying drawings.

  First, the overall configuration of the encrypted content communication system 100 according to the present embodiment will be described with reference to FIG.

  In the encrypted content communication system 100, a content distribution apparatus (hereinafter referred to as a source device) that distributes digital content data (music data, image data, video data, game data, etc .; hereinafter referred to as content) in response to an external request. 200), a plurality of content receiving devices (hereinafter referred to as destination devices) 300A to 300N that request content from the source device 200, and communication lines that connect these to each other.

  The source device 200 includes a content storage unit 240 in which the content CT is stored, a content ID of the content CT in the content storage unit 240 and license information (a common key Kc used for content encryption, a content usage condition UR). Used for license storage unit 220 storing correspondence information, license authentication unit (destination device) device authentication and license transfer unit 210 for transferring license information to a valid license request source, and device authentication of the destination device Authentication data holding unit 250 in which authentication data to be stored is stored in advance, and encryption unit 230 for transferring the encrypted content (encrypted content) to a valid request source (legal destination device).

  Authentication data stored in the authentication data holding unit 250 includes, for example, a root CA issue revocation list CRL including a revoked device class public key KPdc, a root CA public key KPr, a root CA private key Kr, and a device class public key. KPdc is included.

  On the other hand, each of the destination devices 300A to 300N has the device authentication of the other destination device and the source device issued encryption challenge key to the legitimate destination device (authentication information used to access the license information of the source device). License transfer units 310A to 310N that execute the transfer of authentication data, authentication data holding units 350A to 350N in which authentication data used for device authentication of the destination device is stored in advance, and license information (a common key Kc used to decrypt encrypted content) License storage units 320A to 320N in which content usage conditions are stored, decryption units 330A to 330N that decrypt encrypted content from the source device, and processing (save, And a content processing unit 340A~340N for executing 示等).

  The authentication data stored in the authentication data holding units 350A to 350N of each destination device includes a root CA issue revocation list CRL, a root CA public key KPr, a root CA private key Kr, and a device class public key KPdc possessed by the source device. The same device class public key KPdc and device class private key Kdc are included. In addition, the authentication data in the authentication data holding unit 350A of at least one destination device (referred to as destination device 300A) further includes a device related to an external device (authenticated device, source device that authenticated destination device 300A). A device authentication checklist CCL in which information is registered is included. Each device information includes, for each device (source device or destination device that can communicate directly without going through other equipment), identification information assigned to the device (hereinafter, device ID), equipment for the device Authentication presence / absence information indicating presence / absence of authentication or device authentication from the device, and information acquired from the device (for example, device class public key, encryption challenge key, etc.) are included.

  In such a system configuration, prior to requesting content from the source device, device authentication is first performed between the destination devices, and then device authentication of any one of the destination devices 300A is performed by the source device. Done. The destination device 300A authenticated by the source device shares the encryption challenge key provided from the source device with the other destination devices 300B to 300N that it has authenticated. That is, since the source device can protect the copyright of the content CT provided by the source device without sequentially performing device authentication of all destination devices, the device authentication processing cost in the source device can be reduced. Can be planned.

  Next, such device authentication processing will be specifically described with reference to FIGS. Here, a case will be described in which there are two destination devices (referred to as destination devices 300A and 300N) included in the encrypted content communication system.

  First, of the two destination devices 300A and 300N, one of the destination devices (hereinafter referred to as the first destination device 300A) is legitimate as the other destination device (hereinafter referred to as the second destination device 300N). In order to confirm this, the following device authentication process (FIG. 2) is executed.

  In the second destination device 300N, the license transfer unit 310N reads the secret key Kr and the device class public key KPdc from the authentication data holding unit 250N, and encrypts the device class public key KPdc using the secret key Kr. As a result, encrypted device authentication information used for device authentication of the second destination device 300N is generated. In order to reduce the time required for the device authentication process, this process S400 may be executed in advance before the start of device authentication of the second destination device 300N.

  Thereafter, the license transfer unit 310N transfers the authentication request including the encrypted device authentication information generated at this time and the device ID of the second destination device 300N to the first destination device 300A (S400).

  Upon receiving the encrypted device authentication information and the device ID from the second destination device 300N, the license transfer unit 310A of the first destination device 300A first determines whether the device corresponding to the device ID has been authenticated. Check based on device information in corresponding device authentication checklist CCL.

  As a result, if the authentication presence / absence information associated with the device ID represents authenticated, the second destination device 300N has already been authenticated, and the license transfer unit 310A ends the process.

  On the other hand, if the authentication presence / absence information associated with the device ID represents unauthenticated, the license transfer unit 310A reads the public key KPr from the authentication data holding unit 350A to perform device authentication of the unauthenticated device 300N, The encrypted device authentication information is decrypted using the public key KPr (S410). Thereby, the device class public key KPdc of the device to be authenticated (second destination device 300N) is obtained.

  The license transfer unit 310A checks whether or not the device class public key KPdc obtained in this way is included in the revocation list CRL (S411). That is, it is checked whether or not the device class public key KPdc of the second destination device has expired.

  As a result, if the device class public key KPdc of the second destination device is included in the revocation list CRL (that is, if the device class public key KPdc of the second destination device is revoked), the first destination The license transfer unit 310A of the device 300A determines that the device authentication of the second destination device 300N has failed, and ends the process (S412).

  On the other hand, if the device class public key KPdc of the second destination device is not included in the revocation list CRL (that is, if the device class public key KPdc of the second destination device is not revoked), the first destination device The license transfer unit 310A registers device information including the device ID of the second destination device 300N, the device class public key KPdc, and no-authentication information indicating authentication in the device authentication checklist CCL.

  Thereafter, the license transfer unit 310A generates a challenge key Kchd, which is a common key (S413), and encrypts the challenge key Kchd with the device class public key KPdc. The encrypted challenge key information thus obtained is transferred to the second destination device 300N (S414). In this way, the encryption challenge key issued by the source device is provided from the first destination device 300A to the second destination device 300N that has been validated thereby.

  Further, the license transfer unit 310A generates a random number used for confirming whether or not the challenge key Kchd is correctly shared, and transfers this random number to the second destination device 300N (S415).

  Upon receiving the encryption challenge key information from the first destination device 300A, the license transfer unit 310N of the second destination device 300N decrypts the encryption challenge key information with the device class secret key Kdc (S401). Thereby, a challenge key Kchd is obtained. Further, the license transfer unit 310N generates encrypted random number information by encrypting the random number from the first destination device 300A with the challenge key Kchd. Further, this encrypted random number information is returned to the first destination device 300A (S402).

  Upon receiving the encrypted random number information from the second destination device 300N, the license transfer unit 310A of the first destination device 300A decrypts the encrypted random number information with the challenge key Kchd (S416). The license transfer unit 310A checks whether or not the random number obtained in this way matches the random number generated in S415 (S417).

  As a result, if both match, the license transfer unit 310A determines that the device authentication of the second destination device 300N is successful (S418). If the two do not match, the license transfer unit 310A determines that the device authentication of the second destination device 300N has failed.

  When the validity of the second destination device 300N is confirmed in this way, the source device 200 then performs the following device authentication process to confirm the validity of the first destination device 300A prior to license transfer. (FIG. 3) is executed.

  The license transfer unit 310A of the first destination device 300A reads the secret key Kr and the device class public key KPdc from the authentication data holding unit 250A, and encrypts the device class public key KPdc using the secret key Kr. Thereby, the encrypted device authentication information of the first destination device 300A is generated. The license transfer unit 310A transmits the encrypted device authentication information to the source device 200 (S510). Here, the encrypted device authentication information is generated by encrypting the device class public key KPdc in the authentication data holding unit, but the previously generated encrypted device authentication information is stored in the authentication data holding unit 350A. May be.

  When the license transfer unit 210 of the source device 200 receives the encrypted device authentication information from the first destination device 300A, the license transfer unit 210 reads the public key KPr from the authentication data holding unit 250 and uses the public key KPr to store the encrypted device authentication information. Decoding is performed (S500). As a result, the device class public key KPdc of the authentication target device (first destination device 300A) is obtained.

  The license transfer unit 210 checks whether or not the device class public key KPdc obtained at this time is included in the revocation list CRL in the authentication data holding unit 250 (S501). That is, it is checked whether or not the device class public key KPdc of the authentication target device (first destination device 300A) has expired.

  As a result, if the device class public key KPdc of the first destination device 300A is included in the revocation list CRL (that is, if the device class public key KPdc of the first destination device 300A is revoked), the license transfer The unit 210 determines that the authentication of the device to be authenticated has failed, and ends the process (S502).

  On the other hand, if the device class public key KPdc of the first destination device 300A is not included in the revocation list CRL (that is, if the device class public key KPdc of the first destination device 300A is not revoked), the license transfer unit 210 generates a challenge key KchS, which is a common key (S503), and encrypts the challenge key KchS with the device class public key KPdc. As a result, encrypted challenge key information is generated. Then, the license transfer unit 210 transfers the encrypted challenge key information and the device ID of the source device to the first destination device in order to reduce the device authentication processing by the source device 200 (S504).

  When the license transfer unit 310A of the first destination device 300A receives the encryption challenge key information and the device ID of the source device from the source device 200, the information and the authentication presence / absence information indicating that the device authentication has been received, Is registered in the device authentication checklist CCL in the authentication data holding unit 350A. Further, the device class secret key Kdc is extracted from the authentication data holding unit 350A, and the encrypted challenge key information is decrypted with this device class secret key Kdc (S511). Thereby, a challenge key KchS is obtained.

  Further, the license transfer unit 310A generates a session key KSd1 that is a common key (S512).

  At this time, when an input device (for example, a remote controller) issues a content transmission request including content specification in response to an instruction from the user, the license transfer unit 310A specifies the content specified in the content transmission request. Information (requested content ID) is generated according to a predetermined rule (S513). Thereafter, the license transfer unit 310A generates encrypted session key information KSd1 ′ by encrypting the session key KSd1 with the challenge key KchS, and adds the requested content ID to the encrypted session key information KSd1 ′. The encrypted session key information with the requested content ID thus obtained is transmitted to the source device 200 (S514).

  When the license transfer unit 210 of the source device 200 receives the encrypted session key information with the requested content ID from the first destination device 300A, the license transfer unit 210 extracts the encrypted session key information from the encrypted session key information with the requested content ID, The encrypted session key information is decrypted with the challenge key KchS (S505). Thereby, the session key KSd1 is obtained.

  Next, the license transfer unit 210 extracts the requested content ID from the encrypted session key information with the requested content ID, and reads the license information LIC1 associated with the requested content ID from the license storage unit 220 (S506). The license information is encrypted with the session key KSd1 to generate encrypted license information, and the encrypted license information is transmitted to the first destination device 300A (S507).

  The license transfer unit 310 of the first destination device 300A decrypts the encrypted license information from the source device with the session key KSd1 (S515). As a result, when the license LIC1 of the requested content is obtained, the license LIC1 is stored in the license storage unit 320A (S516).

  Thereafter, when the second destination device 300N requests a content license from the source device 200, the following license transfer process (FIG. 4) is executed.

  The license transfer unit 310A of the first destination device 300A determines whether the second destination device 300N has been authenticated (S600). Whether or not the encryption challenge key information is received from the source device 200, that is, device information including the device ID of the source device 200 and the encryption challenge key information in the second destination device 300N is included in the device authentication checklist CCL. It is checked whether or not (S601).

  As a result, if the challenge key is not received from the source device 200 or the corresponding device information is not included in the device authentication checklist CCL, the license transfer unit 310A ends the process.

  On the other hand, if the corresponding device information is included in the device authentication checklist CCL (that is, if it is authenticated by the first destination device 300A and the encrypted challenge key information is accepted in S511 of FIG. 3), the license transfer The unit 310A extracts the corresponding encryption challenge key information from the device authentication check list CCL, and uses the encrypted challenge key information as an authenticated destination device (here, the second destination device) registered in the device authentication check list CCL. 300N). Thereby, the encryption challenge key information from the source device is shared by the first destination device 300A authenticated by the source device 200 and the second destination device 300N authenticated by the first destination device 300A. .

  The license transfer unit 310N of the second destination device 300N decrypts the encryption challenge key information from the first destination device 300A with the device class public key Kdc (S610). Thereby, a challenge key KchS is obtained. Further, the license transfer unit 310N generates a session key KSd2 (S611).

  When the license transfer unit 310N of the second destination device 300N receives a content transmission request from an input device (such as a remote controller) that receives an instruction from the user (S612), the content specified in the content transmission request is received. A content ID (requested content ID) is generated. Then, the license transfer unit 310N generates encrypted session key information KSd2 ′ by encrypting the session key KSd2 with the challenge key KchS, and adds the requested content ID to the encrypted session key information KSd2 ′. The encrypted session key information with the requested content ID thus obtained is transmitted to the source device 200 (S613).

  Upon receiving the encrypted session key information with the requested content ID from the second destination device 300N, the license transfer unit 210 of the source device 200 receives the requested content ID and the encrypted session key from the encrypted session key information with the requested content ID. Information KSd2 ′ is extracted. Thereafter, the license transfer unit 210 decrypts the encrypted session key information KSd2 ′ with the challenge key KchS (S620). Thereby, the session key KSd2 is obtained.

  Next, the license transfer unit 210 reads the license information LIC2 associated with the requested content ID from the license storage unit 220 (S621), and encrypts the license information LIC2 with the session key KSd2 obtained in S620 (S622). ). The encrypted license information thus obtained is transmitted to the second destination device 300N.

  Upon receiving the encrypted license information from the source device 200, the license transfer unit 310N of the second destination device 300N decrypts the encrypted license information with the session key KSd2 (S614). As a result, when license information of the requested content is obtained, the license transfer unit 310N stores the license information in the license storage unit 320N (S615).

  According to the above process, the destination device confirmed as valid by the source device 200 executes the device authentication process of another destination device instead of the source device 200. That is, since the destination device authenticated by the source device 200 provides the encrypted challenge key information issued by the source device to the other destination devices that it has authenticated, the source device 200 has the at least one destination device. Therefore, public key encryption processing may be performed. For this reason, even if there is a destination device that receives content from the source device 200, it is possible to prevent an increase in the load on the source device 200 and an increase in processing cost due to an increase in the number of times of device authentication by the source device 200. .

  The second destination device 300N that has acquired the license information in this way acquires the requested content from the source device 200 by executing the following content transfer process (FIG. 5).

  Through the above-described processing, content transfer is performed between the second destination device 300N that has received the license information from the source device 200 and the source device 200 by the following processing.

  The encryption unit 230 of the source device 200 reads the common key Kc from the license storage unit 220 (S700), and reads the content CT from the content storage unit 240 (S701). Thereafter, the encryption unit 230 encrypts the content CT with the common key Kc in order to prevent unauthorized acquisition of the content on the transfer path, and converts the encrypted content CT ′ obtained thereby into the authenticated second destination device. It transmits to 300N (S702).

  When receiving the encrypted content CT ′ from the source device 200, the decryption unit 330N of the second destination device 300N reads the common key Kc from the license storage unit 320N (S710), and encrypts the content CT with the common key Kc. 'Is decrypted (S711). As a result, the content CT requested by the user is obtained.

  When the decrypting unit 330N stores the requested content CT in the content processing unit 340N, the content processing unit 340N performs predetermined processing (display, storage, transfer) on the requested content CT according to the use conditions in the license information. Etc.) is executed (S712).

  Here, the content transfer process between the source device 200 and the second destination device 300N has been described, but the content transfer process between the source device 200 and the first destination device 300A is also performed with this. The same is done.

  By the way, although the case where there are two destination devices that request content from the source device 200 has been described above, there may be three or more destination devices that request content from the source device 200. . In such a case, it is possible to shorten the time until all the destination devices start license transfer with the source device 200 by executing the above-described device authentication processing in parallel.

  For example, the processing time required until license transfer between one destination device and the source device 200 starts is T, and the time required to transfer a common key for establishing a secure session is Tt (<< T ), Conventionally, at least Ta = T × N is required until the start of license transfer between the N destination devices and the source device. According to the present embodiment, Ta = (T + Tt) Can be shortened. That is, it is possible to reduce the device authentication processing cost when there are a plurality of destination devices that request content from the source device.

  In such a case, each destination device has the above-described device authentication checklist in which device information related to the destination device that can be directly communicated (communication is possible without going through another destination device) is registered. Let Here, each device information holds the above-described device authentication check list in which device ID, information on presence / absence of device authentication processing, and the like are stored. After device authentication is performed between N destination devices, one of the destination devices (for example, among the N destination devices, the device ID quantification information has the maximum or minimum value). The device authentication of the destination device) may be performed by the source device 200 in the same manner as described above.

  Device authentication between buses at N destinations is performed as follows, for example. First, the N destination devices exchange their device processing lists. A destination device (first destination device) that is determined to have the maximum (or minimum) device ID based on the device processing list is a device by each destination device based on the authentication processing list of each destination device. An authentication target device is determined, and an authentication target device is instructed to each destination device. Specifically, each destination device is instructed as a device to be authenticated, a destination device with a device ID having a smaller value than the device ID of the destination device. Here, the device authentication of the destination device having the device ID having a smaller value than the device ID is performed on the authentication target device of each destination device, but it is not always necessary to do so. For example, a destination device having a device ID having a value larger than the device ID may be determined as an authentication target device of each destination device.

  Each destination device performs device authentication for the instructed authentication target device. If the device authentication is successful, the device information including the device ID of the authentication target device is added to the device information including the device ID of the authentication target device as described above. Similarly, the device class public key and the authentication presence / absence information indicating that the device authentication is successful are registered. Here, if each destination device simultaneously executes device authentication processing for other destination devices and device authentication processing by other destination devices, device authentication processing between N destination devices. Finishes in approximately the same time as the device authentication process between the two destination devices.

  When device authentication between N destination devices is established in this way, the license transfer unit 210 of the source device 200 thereafter executes the same processing (S500 to S504 in FIG. 3) as described above. , Authenticate the first destination device and provide encryption challenge key information to the first destination device. Furthermore, the first destination device transfers the encryption challenge key information from the source device to the other destination device by executing the same processing as described above (S600 to S602 in FIG. 4). Thus, when the encryption challenge key issued by the source device is shared by the N destination devices, processing similar to that described above between the source device and each destination device (S613 to 615 and FIG. 4). S620 to S622) are executed, and the license is transferred from the source device to each destination device using the encryption challenge key.

  In the above, the connection form between the source device and the destination device is not particularly mentioned, but the destination device in the encrypted content communication system according to the present embodiment is connected to the source device via the network. Alternatively, it may be directly connected to the source device.

  Finally, such a system configuration example (copyright protection system) will be described with reference to FIG.

  The copyright protection system according to the present embodiment includes a content server 800 having a function as the above-described source device, and at least one content processing terminal having a function as the above-described destination device with respect to the content server 800 (here. , Two content processing terminals 810A and 810B), and a network 820 for connecting them to each other.

  Each content processing terminal 810A, 810B includes a network interface 812 connected to the network 820, a memory 813, a secure storage (corresponding to a license storage unit and an authentication data holding unit) 818 in which license information and authentication data are stored, a secure storage CPU 811 for executing a program loaded into the memory 813 from 818 or the like (a program in which the processing of the above-described license transfer unit is defined), a user input / output interface 814 to which an input / output device is connected, a storage interface 815, and encrypted content A secure decoder (corresponding to the above-described decryption unit) 816 that uses copyright protection technology, and a content display unit that displays the content obtained by decoding of the secure decoder 816 (the above-described content processing) 817 and a bus 819 for connecting these units. Here, the storage interface 815 of one content processing terminal 810A has a plurality of secure removable storages (here, two secure removable storages 830A, 830A, 630A) having functions as both the source device and the destination device. 830B) is connected.

  In such a configuration, for example, one content processing terminal 810A serves as the above-mentioned first destination device for the content server 800, the internal devices (secure storage, secure decoder) and secure removable storage of the other content terminal 810B. Function.

  Specifically, two devices are obtained by device authentication of the internal device (secure decoder, secure storage, etc.) of the other content processing terminal 810B by one content processing terminal 810A and device authentication of one content processing terminal by the content server. Content processing terminals 810A and 810B share the encryption challenge key issued by the content server 800, and each content processing terminal 810A and 810B uses the encryption challenge key to send license information and content information from the content server 800. Accept. Thereby, reproduction of content from the content server, copy or move of content from the content server (hereinafter referred to as copy, etc.) to the secure storage by the secure decoder is realized.

  Further, when content is copied between a plurality of secure removable storages 830A and 830B connected to the content processing terminal 810B, a secure removable storage (for example, secure removable storage 830A) serving as a copy source or a move source is It functions as a source device and authenticates the content processing terminal 810A, which is the first destination device, in accordance with an instruction from the user. As a result, the license information and contents can be transferred from the secure removable storage 830A to another secure removable storage, and copying from the secure removable storage 830A to another secure removable storage is realized. Playing back the content in the secure storage or secure removable storage of the other content processing terminal by the secure decoder of one content processing terminal, except that the secure storage or secure removable storage of the other content processing terminal functions as the source device It can be realized by a similar process. The same applies to copying of content between the secure storage of two content processing terminals, such as copying of content between the secure storages of two content processing terminals, and the like between the removable secure storage connected to one content processing terminal and the secure storage of the other content processing terminal. Is feasible.

  As described above, the encrypted content communication system according to the present embodiment reduces the processing load on the source device regardless of the connection form between the source device and the destination device, and device authentication by the source device. An increase in the number of processes can be prevented. For this reason, system response time can be shortened.

1 is an overall configuration diagram of an encrypted content communication system according to an embodiment of the present invention. It is a flowchart of the apparatus authentication process between the destination devices in the encryption communication system which concerns on embodiment of this invention. 6 is a flowchart of device authentication processing and license transfer processing between a source device and a first destination device in the encrypted communication system according to the embodiment of the present invention. Flowchart of source device issue encryption challenge key distribution processing to the second destination device and license transfer processing between the second destination device and the source device in the encryption communication system according to the embodiment of the present invention. It is. It is a flowchart of the encryption content transmission process between the source device and the destination device in the encryption communication system which concerns on embodiment of this invention. It is a whole block diagram of the encryption content communication system which concerns on other embodiment of this invention.

Explanation of symbols

100: encrypted content communication system, 200: source device, 300A to 300N: destination device, 210, 310A to 310N: license transfer unit, 220, 320A to 320N: license storage unit, 240: content storage unit, 230: encryption Conversion unit, 330A to 330N: decryption unit, 340A to 340N: content processing unit

Claims (5)

In a system comprising a source device and a plurality of receiving devices including first and second receiving devices that receive data from the source device, a certification method for performing device authentication of the plurality of receiving devices,
A process in which the first receiving device executes device authentication of the second receiving device;
If device authentication of the second receiving device by the first receiving device is successful, the source device performs device authentication of the first receiving device, and if the authentication processing is successful, the data Issuing authentication information used for access to the first receiving device;
A process in which the first receiving device transfers the authentication information given from the source device to the second receiving device as authentication information used by the second receiving device to access the data;
An authentication method comprising: The authentication method according to claim 1, comprising:
When the third receiving device is further included in the plurality of receiving devices, the first receiving device or the second receiving device that is device-authenticated by the first receiving device is the device authentication of the third receiving device. If the device authentication is successful, the first and second receiving devices use the authentication information given by the source device for the third receiving device to access the data. Forward to the third receiving device as information,
An authentication method characterized by that. The authentication method according to claim 1, wherein:
The source device holds content data and a common key for decrypting encryption information of the content data as the data,
After authenticating the first receiving device by the source device, the plurality of receiving devices acquire the common key from the source device using the authentication information issued by the source device, and receive the content data from the source device. When the encrypted information is received, the encrypted information of the content data is decrypted using the common key.
An authentication method characterized by that. The authentication method according to claim 2,
Each of the plurality of receiving devices is assigned identification information represented by a numerical value,
Among the plurality of receiving devices, a receiving device having the maximum or minimum identification information performs device authentication of the second receiving device as the first receiving device, and the second receiving device An authentication method characterized by device authentication of a receiving device having identification information smaller or larger than a value of identification information of the second receiving device as the third receiving device. A source device that sends data to the data requester;
First and second receiving devices requesting the data from the source device;
Have
The source device is
Means for issuing authentication information used for accessing the data to the first receiving device when the source device executes device authentication of the first receiving device and succeeds in the authentication processing; Have
The first receiving device is
When the device authentication of the second receiving device is executed and the device authentication is successful, the authentication information given from the source device is used as authentication information used by the second receiving device to access the data. Means for forwarding to the second receiving device;
An authentication system characterized by that.

Images