CN101552018A - System and device for inputting/outputting information and managing key - Google Patents
System and device for inputting/outputting information and managing key Download PDFInfo
- Publication number
- CN101552018A CN101552018A CNA200910137160XA CN200910137160A CN101552018A CN 101552018 A CN101552018 A CN 101552018A CN A200910137160X A CNA200910137160X A CN A200910137160XA CN 200910137160 A CN200910137160 A CN 200910137160A CN 101552018 A CN101552018 A CN 101552018A
- Authority
- CN
- China
- Prior art keywords
- key
- unit
- invalidation means
- information
- media key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
In an information input/output system, a user apparatus inputs information to an external message source having a key management device and outputs information from the external message source. The system includes a key management device, capable of outputting enciphered cancel recognizing list (CRL) information safely, wherein the list information define a nullification device unit configured that usage is invalid; and an user device, having an input/output unit and a host unit. By means of the input/output unit, it is capable of inputting and outputting the information between the host unit and the external message source. The host unit may receive the enciphered cancel recognizing list (CRL) outputted from the key management device safely, and judge whether the input/output unit is the invalid device unit or not.
Description
Present patent application is to be that April 7, application number in 2003 are 03808380.9 and title dividing an application for the patented claim of " system of information I/O and key management and device " applying date.
Technical field
The present invention relates to information input/output system, in this system, user's set inputs to external source with information and from external source output information.
Technical background
In recent years, obtained obvious progress, huge storage capacity recording medium etc. occurred at the multimedia correlative technology field.Such technical background support is arranged, and the copyright that has occurred being made up of video, audio frequency etc. reaches at the huge storage capacity recording medium, for example writes down the copyright system of (back is called " content ") on the CD.In such system, encryption technology is used to protect copyright, i.e. content.Equally,, developed the technology of a kind of being called " media binding ", that is, be used for the technology that content and specific medium are held together in order to prevent undelegated content replication.
As an object lesson of this respect, in Jap.P. No.3073590, illustrated with numerical data protection system, customer's approval device, reached the relevant technology of user's set.These technology according to explanation, the key " A " of numerical data deciphering is encrypted with the unique key of medium " A ", key " A " is that the unique information " A " that writes down from the read-only region of recording medium " A " produces, and the numerical data decruption key of encrypting " A " is write recording medium " A " as approval information " A ".
When the user will be at device, when for example personal computer (PC) is gone up playing back content, this device is at first wanted the unique information " A " of playback record medium " A ", produce unique key " A " of medium from the unique information of reading " A ", and use the unique key " A " of medium that is produced that approval information " A " is decrypted, then, use numerical data decruption key " A " that the content of encrypting is decrypted.
According to such technology, even the data of using PC or similar device will be recorded in the recording medium " A " copy in the another kind of recording medium " B ", the unique information " B " that is recorded in the read-only region of recording medium " B " can not be rewritten as unique information " A ".Therefore, even from unique information " B ", produced the unique key of medium " B ", the unique key " B " of medium can not be decrypted using the unique key " A " of medium to encrypt the approval information that produces, thereby can not the encrypted content of record in recording medium " B " be decrypted.
According to the media binding technology, will be recorded in content in the recording medium and specific media binding together with the method, just can prevent unauthorized copying to content.
Below also will be by the hypothesis said apparatus, for example PC is made up of driver (read/write device) and main frame (encryption/decryption device), and the media binding technology is described further.
According to the media binding technology, because main frame will be to the content encryption and decryption, main frame just should be the device that licence is arranged, and still, because the direct contents processing of driver, driver does not just need licence.
Main frame and driver normally link together by versabus, and the standard of this bus is disclosed.Therefore, main frame and driver are subject to the invasion and attack of unauthorized user " information replacement ".
As mentioned above, the encrypted content " A " of the key " A " of the encrypted content of unique information " A ", use unique information " A " encryption and use content key " A " encryption all is stored in the read-only region of recording medium " A ".As previously mentioned, the key of encrypted content " A " can not rewrite.For the content " A " of encrypting is decrypted, need to use content key " A ".Content key " A " can only obtain by using unique information " A " that the key " A " of encrypted content is decrypted.
Like this, undelegated user can use his or his device (unauthorized device), reads the key " A " and the encrypted content " A " of unique information " A ", encrypted content from recording medium " A ".Unauthorized device is at once just at the key " A " of storage inside unique information " A " and encrypted content, and encrypted content " A " is write another recording medium " B ".The key " B " of the encrypted content that unique information " B " and use unique information " B " are encrypted just is stored in the read-only region of this recording medium " B ".Be decrypted by the key " B " to encrypted content, can obtain content key " B ", still, content key " B " can not be used for encrypted content " A " is decrypted.At this moment, encrypted content " A " can not be decrypted, thereby just can not playback.
Therefore, unauthorized user can connect unauthorized device between driver and main frame.Unauthorized device receives unique information " B ", the key " B " of encrypted content and the encrypted content " A " that driver is read from recording medium " B ".Then, unauthorized device is replaced the key " B " of the encrypted content of the unique information " B " that receives and reception with the key " A " that is stored in unique information " A " in the unauthorized device and encrypted content.At last, unauthorized device sends the key " A " of unique information " A " encrypted content to main frame with the encrypted content of reading " A " from recording medium " B ".Receiving the key " A " of unique information " A ", encrypted content and the main frame of encrypted content " A " can decipher and playback encrypted content " A " without a doubt.This just means that unauthorized user has in fact successfully duplicated content.
In order to prevent the above-mentioned invasion and attack that information is replaced, main frame need use the validity of the device of checking transmission information such as public-key encryption method.The pacing items of using Public key to carry out this checking is that Public key must be effective.
For this reason, normally a mechanism that is referred to as " Certificate Authority " provides a Public key effective " Public key authentication " that identification is corresponding with this device for the device that each belongs to native system.
If a device of having provided the Public key authentication participates in the unauthorized operation, if perhaps corresponding with this device privacy key is stolen, the Certificate Authority corresponding with the Public key authentication will be cancelled.In order to cancel other device that the device notice that authenticates belongs to same system, one of certification authority issue has the Public key authentication of the digital signature of relevant apparatus and cancels tabulation (following title " CRL ").This CRL has listed some and has been cancelled the information of definite Public key authentication.According to this CRL, main frame just can judge whether the device of transinformation is effective.As an example, file (1)-" the Secure Electronic Comerce:Buiding theInfrastructure for Digital Signatures and Encryption " that publishes with Japanese Translator, by PEARSON EDUCATION by Shinichiro Yamada-the illustrated structure of the CRL of the standard x .509 definition of determining by ISO/IEC/ITU.Yet a problem in driver-main machine structure is that driver just received CRL before main frame receives CRL.This just means, and is invalid even driver is set to, and driver also can be set to an announced CRL is transferred to main frame before invalid at it, replaces main frame to use correct CRL to judge the validity of driver.If this situation really takes place, can not the judge rightly validity of driver of main frame.
Explanation of the present invention
Consider the problem of above-mentioned appearance, one object of the present invention just provides a kind of system, and in this system, in order to prevent undelegated content replication, main frame will judge correctly whether driver is one and has been set to invalid device.
Above-mentioned purpose can realize that in this information input/output system, information is inputed to external source to user's set and from external source output information, a kind of external source wherein is exactly a key management apparatus by information input/output system.This system comprises: key management apparatus, and this key management apparatus can be exported invalidation means information safely, and this invalidation means information specifies has been set to use invalid invalidation means; And user's set, it comprises I/O unit and main computer unit, can between main computer unit and external source, carry out the input and output of information by described I/O unit, main computer unit can receive the invalidation means information of being exported by key management apparatus safely by I/O unit, and by judging with reference to the invalidation means information that receives whether I/O unit is the invalidation means unit, and when confirming to judge, I/O unit carries out input and output with regard to no thoroughfare.
According to this structure, main frame can judge correctly whether driver is to be set to invalid device.
Brief description of drawings
According to the description that accompanying drawing carried out below in conjunction with the explanation specific embodiment of the invention, it is clearer that these and other objects of the present invention, advantage and feature will become.In the accompanying drawing:
Fig. 1 is the block scheme of the general structure of expression information input/output system 800;
Fig. 2 shows the structure of CRL;
Fig. 3 is the block scheme of the structure of expression end device 100, pen recorder 200 and recording medium 300;
Fig. 4 is the block scheme of the structure of expression recording medium 300, read/write device 400 and encryption device 500;
Fig. 5 is the operational flowchart (following map interlinking 6) of expression read/write device 400 and encryption device 500;
Fig. 6 is the operational flowchart (going up map interlinking 5, following map interlinking 7) of expression read/write device 400 and encryption device 500;
Fig. 7 is the operational flowchart (going up map interlinking 6, following map interlinking 8) of expression read/write device 400 and encryption device 500;
Fig. 8 is the operational flowchart (going up map interlinking 7) of expression read/write device 400 and encryption device 500; And
Fig. 9 is the operational flowchart of expression read/write device 400 and encryption device 500.
Realize optimal mode of the present invention
Most preferred embodiment of the present invention is described with reference to the accompanying drawings.
1, the structure of information input/output system 800
As shown in Figure 1, information input/output system 800 roughly is made up of end device 100, pen recorder 200, recording medium 300, read/write device 400 and encryption device 500.
Read/write device 400 is allowed to use content, and data are read and data are write recording medium 300 from recording medium 300.
Below with the structure of each parts of descriptive information input/output 800.
1.1 end device 100
The Public key authentication is provided correspondingly and is given each device that belongs to this system, assert that each Public key authentication is corresponding with the validity of Public key.The Public key authentication comprises the following: the closing time of authentication; The Public key of device; With the unique identifier (ID) of device, and the CA signed data of these projects.
In the Public key authentication of providing, also do not expire but this device is engaged in the authentication of the stolen device of unauthorized operation or privacy key and will be cancelled.For other device that invalid device notice belongs to native system that is set to that will list, CRL has listed the information of the device of determining that is cancelled the Public key authentication.
As shown in Figure 2, CRL is made up of multipage.In Fig. 2, CRL hypothesis is formed to the N page or leaf by first page.First page comprises the index area, identifier field and signature area.Second page comprises identifier field and signature area.The 3rd page of page or leaf with the back is all identical with second page.Each page is all by being formed by such data that recording medium 300 of read/write device 400 visits just can read.
In each page or leaf, identifier field has been cancelled the identifier of the device of Public key authentication by the ascending order storage.
In each page or leaf, signature area storage signed data, signed data are to carry out signature algorithm " S " and produce being stored in identifier in this page.As an example, signature algorithm " S " can be the EIGamal signature scheme algorithm of Galois field.The EIGamal signature scheme is well-known Galois field scheme, does not therefore explain here.
In first page, index area location identifier, each identifier are represented a different page or leaf, and have the maximal value of identifier in the identifier field that is stored in this page.
1.2 pen recorder 200
As shown in Figure 3, pen recorder 200 comprises media key storage unit 201, CRL storage unit 202, device keys storage unit 203, content key storage unit 204, transmission/receiving element 205, ciphering unit 206 to 208 and control module 209.
The following describes all parts of pen recorder 200.
(1) the media key storage unit 201
The a plurality of media key of media key storage unit 201 storages.Each media key all is used for content key is encrypted, and content key then is used for CRL and content are encrypted.When recording medium 200 effectively the time, CA issues these media key.
(2) the CRL storage unit 202
(3) the device keys storage unit 203
203 storages of device keys storage unit belong to the device keys of all encryption devices of information input/output system 800.
(4) the content key storage unit 204
204 storages of content key storage unit are used for the content key to content-encrypt.
(5) ciphering unit 206
(6) ciphering unit 207
(7) ciphering unit 208
Should be pointed out that the method (it can only offer media key concrete device) that is used to select this device keys can realize by well-known technology, therefore, does not explain here.As an example; use the copyright protection key management method of tree in document (2) " Dejitaru Kontentsu HogoYo KagiKanri Houshiki (Key ManagementMethod for Protecting Digital Content) ", to be described; the document (2) is done by Nakano, Omori and Tatebayashi, is published in 2001Symposium on Cryptography and Information Security (SCIS2001) 5A-5 January calendar year 2001.
(8) control module 209
When recording medium 300 was loaded in the pen recorder 200, control module 209 control ciphering units 206 used media key that content key is encrypted.Then, control module 209 writes recording areas 310 with the content key of encrypting 303.
Equally, control module 209 control ciphering units 207 use media key that each page or leaf among the whole C RL is encrypted.Then, control module 209 writes recording areas 310 with the CRL 302 that encrypts.
1.3 recording medium 300
As shown in Figure 3, recording medium 300 comprises: recording areas 310, and encrypted media key 301, the CRL 302 that encrypts and the content key of encrypting 303 all are recorded in the recording areas 310; And recording areas 320, recording areas 320 recording of encrypted contents.
Recording areas 310 usable record devices 200 write.Recording areas 310 can only be read by read/write device 400, can not write.
Recording areas 320 can write with read/write device 400.
1.4 read/write device 400
As shown in Figure 4, read/write device 400 comprises public-key encryption processing unit 401, ciphering unit 402, read/write cell 403, reads unit 404 and I/O unit 405.
The following describes each parts of read/write device 400.
(1) the public-key encryption processing unit 401
Public-key encryption processing unit 401 is set up SAC (safety is differentiated channel) between read/write device 400 and encryption device 500.Before setting up SAC, public-key encryption treating apparatus 401 produces a shared key " Key_AB ", is shared by read/write device 400 and encryption device 500.Should be pointed out that " Gen " is set to the key generating function, and " Y " is set to the systematic parameter unique to this system.Should also be noted that key generating function " Gen " satisfy funtcional relationship " Gen (and x, Gen (y, z))=Gen (y, Gen (x, z)) ".Should be pointed out that the key generating function can realize by enough any selection ordinary skills, does not therefore elaborate here.As an example, document (3)-" the Gendai Ango Riron (ModernCryptography) " that is done by Nobuichi Ikeno and Kenji Koyama, DenkiTsushin Gakkai-illustrated Diffie-Hellman (DH) Public key location mode.
The privacy key " SK_A " of public-key encryption processing unit 401 storage read/write devices 400 and be the authentication " Cert_A " of read/write device 400 issues by CA.Authentication " Cert_A " comprises the following: the closing time of authentication; The Public key of read/write device 400 " PK_A "; And the signed data " Sig_CA " of the CA of the identifier " ID_A " of read/write device 400 and these projects.
Public-key encryption processing unit 401 is read authentication " Cert_A ", and the authentication that will read sends the public-key encryption processing unit 502 in the encryption device 500 to.
Public-key encryption processing unit 401 receives the random number " Cha " of public-key encryption processing unit 502, and uses privacy key " SK_A " to produce the signed data " Sig_A " of the random number " Cha " that receives.Then, public-key encryption processing unit 401 sends the signed data " Sig_A " that produces to public-key encryption processing unit 502.
Public-key encryption processing unit 401 receives the key " Key_B " that is calculated by public-key encryption processing unit 502, and produces a random number " a ".Then, public-key encryption processing unit 401 uses random number " a " computation key that produces " Key_A=Gen (a, y) ", and sends the key " Key_A " that calculates to encryption device 500.Equally, use the key " Key_B " that receives and the key " Key_A " of calculating, and the shared key of public-key encryption processing unit 401 calculating " Key_AB=Gen (a, Key_B) ", share by read/write device 400 and encryption device 500.The shared key " Key_AB " that public-key encryption processing unit 401 will calculate is exported to ciphering unit 402.
(2) ciphering unit 402
(3) read/write cell 403
Read/write cell 403 is read encrypted media key 301 from recording areas 310, and sends encrypted media key 301 to encryption device 500.
Read/write cell 403 is read first page of CRL 302 of encryption, and the page or leaf that will read sends encryption device 500 to.Equally, when order read/write cell 403 was read corresponding with identifier " ID_A " page or leaf by encryption device 500, read/write cell 403 was read corresponding with the CRL that encrypts 302 page from recording areas 310, and will read page send encryption device 500 to.
Read/write cell 403 receives the encrypted content of encryption device 500, and encrypted content is write recording areas 320.
(4) read unit 404
Read unit 404 and read encrypted content key 303, and encrypted content key 303 is exported to ciphering unit 402 from recording areas 310.
(5) I/O unit 405
I/O unit 405 will send encryption device 500 to by two encrypted content key 303 that ciphering unit 402 is encrypted.
1.5 encryption device 500
As shown in Figure 4, encryption device 500 comprises device keys storage unit 501, public-key encryption processing unit 502, decryption unit 503 to 506, ciphering unit 507 and I/O unit 508.
To each parts of encryption device 500 be described below.
(1) the device keys storage unit 501
501 storages of device keys storage unit are unique device keys to encryption device 500.
(2) the public-key encryption processing unit 502
Public-key encryption processing unit 502 is set up SAC between read/write device 400 and encryption device 500.Before setting up SAC, public-key encryption processing unit 502 produces shares key " Key_AB ", is shared by read/write device 400 and encryption device 500.
The Public key " PK_CA " of public-key encryption processing unit 502 storage CA.
First page of the CRL of public-key encryption processing unit 502 receiving and deciphering unit 504, and first page signed data carried out signature verification algorithm " V ", verify this signature.The signature verification algorithm " V " here is to be used for the algorithm of checking according to the signed data of above-mentioned signature algorithm " S " generation.When checking was unsuccessful, SAC set up process and finishes.
When being proved to be successful, carry out following the processing.Public-key encryption processing unit 502 receives the authentication " Cert_A " of public-key encryption processing unit 401 by I/O unit 508, and uses Public key " PK_CA " the certifying signature data " Sig_CA " of CA.When checking was unsuccessful, SAC set up process and finishes.When being proved to be successful, carry out following the processing.Public-key encryption processing unit 502 is from first page the index area that read/write device 400 receives, the page or leaf that detection may be corresponding with identifier " ID_A ", and export detected page or leaf.In order to detect corresponding page or leaf, public-key encryption processing unit 502 is arranged the identifier in last inspection index area one by one with ascending order, and detect comprise identifier, with the page number that row writes, comprise that identifier value in being expert at equates with identifier value " ID_A " or bigger than it.
When the page or leaf of correspondence was first page, public-key encryption processing unit 502 judged whether identifier " ID_A " is registered in first page identifier field.When identifier " ID_A " was registered there, SAC set up process and finishes.
When the page or leaf of correspondence was not first page, public-key encryption processing unit 502 order read/write devices 400 were read corresponding page or leaf.
According to receive, read and by corresponding with identifier " ID_A " page of decryption unit 504 deciphering by read/write device 400, the signed data that public-key encryption processing unit 502 will this page or leaf offers signature verification algorithm " V ", and signature is verified.When checking was unsuccessful, SAC set up process and finishes.When being proved to be successful, carry out following the processing.Public-key encryption processing unit 502 judges whether identifier " ID_A " is registered in page or leaf.When identifier " ID_A " was registered in page or leaf, SAC set up process and finishes.
Bigger when do not detected identifier value in the index area than identifier value " ID_A ", and do not find corresponding page or leaf; When detecting corresponding page or leaf is first page, but identifier " ID_A " does not have first page of registration at CRL; Perhaps ought detect corresponding page or leaf, but when identifier " ID_A " was not registered, public-key encryption processing unit 502 produced random numbers " Cha ", and sends the random number of generation to public-key encryption processing unit 401 in the page or leaf of correspondence.
In case receive the signed data " Sig_A " from public-key encryption processing unit 401, public-key encryption processing unit 502 uses read/write device 400 Public keys " PK_A " that receive, that be included in the authentication " Cert_A " that signed data " Sig_A " is verified.
When checking was unsuccessful, SAC set up process and finishes.
When being proved to be successful, carry out following the processing.Public-key encryption processing unit 502 produces a random number " b ".The random number " b " that use to produce, public-key encryption processing unit 502 computation keys " Key_B=Gen (b, Y) ", and send the key " Key_B " that calculates to public-key encryption processing unit 401.
In case receive the key " Key_A " that calculates from public-key encryption processing unit 401, public-key encryption processing unit 502 uses the key " Key_A " that receives and the random number " b " of generation, the shared key of calculating " Key_AB=Gen (b, Key_A).The shared key " Key_AB " that public-key encryption processing unit 502 will calculate is exported to decryption unit 505.
(3) decryption unit 503 to 506
The media key that decryption unit 506 receives by decryption unit 503 outputs, and receive the encrypted content key of exporting by decryption unit 505 303.Then, decryption unit 506 is used media key according to decipherment algorithm " D ", and encrypted content key 303 is decrypted.Then, decryption unit 506 is exported to ciphering unit 507 with content key.
(4) ciphering unit 507
The content key that ciphering unit 507 receives by decryption unit 506 outputs, and the content of reception external source, and, use content key to content-encrypt according to cryptographic algorithm " E ".Ciphering unit 507 is exported to I/O unit 508 with the content of encrypting.
(5) I/O unit 508
I/O unit 508 receives the encrypted media key 301 of read/write device 400, and encrypted media key 301 is exported to decryption unit 503.
I/O unit 508 receives first page of CRL 302 that read/write devices 400 encrypt, and first page of will receive exported to decryption unit 504.Equally, in case receive from decryption unit 504 read the encryption corresponding with identifier " ID_A " CRL 302 the page or leaf instruction, I/O unit 508 sends instruction to read/write device 400.I/O unit 508 receives the corresponding page or leaf of the CRL 302 that encrypts from read/write device 400, and the corresponding page or leaf that will receive is exported to decryption unit 504.
I/O unit 508 receives the two encrypted content key 303 from read/write device 400, and two encrypted content key 303 are exported to decryption unit 505.
I/O unit 508 receives encrypted content from ciphering unit 507, and encrypted content is exported to read/write device 400.
2. the operation of information input/output system 800
2.1 the operation of pen recorder 200
The following describes the operation that pen recorder 200 writes data the recording areas 310 of recording medium 300.
When in the pen recorder 200 that recording medium 300 is packed into, 206 pairs of content keys of control module 209 order ciphering units are encrypted.
Then, 207 couples of CRL of control module 209 order ciphering units encrypt.
Each page or leaf of the encryption CRL 302 that control module 209 will be encrypted by ciphering unit 207 writes recording areas 310.
Equally, 208 pairs of media key of control module 209 order ciphering units are encrypted.
The encrypted media key 301 that control module 209 is encrypted encrypted unit 208 writes recording areas 310.
2.2 the operation of read/write device 400 and encryption device 500
Operation below with reference to Fig. 5 to 8 explanation read/write device 400 and encryption device 500.
When recording medium 300 was loaded into read/write device 400, read/write cell 403 was read encrypted media key 301 (step S701) from recording areas 310, and sent encrypted media key 301 to encryption device 500 (step S702).
Read/write cell 403 is read the CRL302 of encryption first page (step S705), and first page of will read sends encryption device 500 (step S706) to.
Public-key encryption processing unit 502 uses the Public key " PK_CA " of CA that the signed data of first page of CRL is verified (step S709).Unsuccessful when verifying (in step S710 be " deny ") time, EO.
In order to set up SAC, public-key encryption processing unit 401 is read authentication " Cert_A " (step S711), and will authenticate by I/O unit 405 and send public-key encryption processing unit 502 (step S712) to.
Public-key encryption processing unit 502 receives authentication " Cert_A " by I/O unit 508, and uses the Public key " PK_CA " of CA that the signed data " Sig_CA " of the authentication " Cert_A " of reception is verified (step S713).Unsuccessful when verifying (in step S714 be " deny "), SAC sets up process and finishes.When being proved to be successful (in step S714 for "Yes"), public-key encryption processing unit 502 detects one page in the page or leaf of the deciphering of CRL, the identifier " ID_A " corresponding (step S715) of this page and the authentication " Cert_A " of reception.Then, public-key encryption processing unit 502 judges whether detected corresponding page or leaf is first page (step S716).Detected when not being corresponding first page (being " not being first page " in step S716) when judging, public-key encryption processing unit 502 order read/write devices 400 are read corresponding page or leaf (step S717) by I/O unit 508.
When receiving the order of encryption device 500 (step S718), read/write device 403 is read the page or leaf corresponding with identifier " ID_A " from the CRL 302 that encrypts, and the page or leaf that will read sends encryption device 500 (step S719) to.
When identifier " ID_A " registered (being "Yes" in step S724), SAC sets up process and finishes.When not registration of identifier " ID_A " (in step S724 for " deny ") and when not having page or leaf corresponding with identifier " ID_A " (being " NONE ") in step S716, public-key encryption processing unit 502 produces random number " Cha " (step S725), and sends the random number that produces to public-key encryption processing unit 401 (step S726) by I/O unit 508.
Public-key encryption processing unit 401 receives random number " Cha " by I/O unit 405, and use privacy key " SK_A " to produce signed data " Sig_A " (step S727), and send the signed data that produces to public-key encryption processing unit 502 (step S728) by I/O unit 405 for the random number " Cha " that receives.
Public-key encryption processing unit 502 receives signed data " Sig_A " by I/O unit 508, and use Public key " PK_A ", checking receives is included in signed data " Sig_A " (step S729) in the authentication " Cert_A " among the step S710.Whether successfully public-key encryption processing unit 502 judges checking (step S730).Unsuccessful when verifying (in step S730 be " deny "), the process that SAC sets up finishes.When being proved to be successful (being "Yes" in step S730), public-key encryption processing unit 502 produces a random number " b " (step S731).Use the random number " b " that produces, public-key encryption processing unit 502 computation keys " Key_B=Gen (b; Y) " (step S732), and send the key " Key_B " that calculates to public-key encryption processing unit 401 (step S733) by I/O unit 508.
Public-key encryption processing unit 401 receives key " Key_B " by I/O unit 405, and produces random number " a " (step S734).Use the random number " a " that produces, public-key encryption processing unit 401 computation keys " Key_A=Gen (a; Y) " (step S734), and send the key " Key_A " that calculates to public-key encryption processing unit 502 (step S736) by I/O unit 405.Equally, the key " Key_B " that use to receive, public-key encryption processing unit 401 calculate shares key " Key_AB=Gen (a, Key_B) " (step S737), and will share key and send ciphering unit 402 (step S738) to.
Received the public-key encryption processing unit 502 of key " Key_A ", use key " Key_A " and the shared key of random number " b " calculating " Key_AB=Gen (b; Key_A) " (step S739), and will share key " Key_AB " and export to decryption unit 505 (step S740).
In this way, public-key encryption processing unit 502 and public-key encryption processing unit 401 produce the shared key of being shared by read/write device 400 and encryption device 500.This has just finished the process that SAC sets up.
When key " Key_AB " is shared in 401 generations of public-key encryption processing unit, read/write device 400 is read the content key 303 (step S741) of encryption by reading unit 404 from recording areas 310, and sends the content key of encrypting 303 to ciphering unit 402 (step S742).Ciphering unit 402 uses the shared key " Key_AB " that is received from public-key encryption processing unit 401 that the content key of encrypting 303 is encrypted (step S743), and, send the two encrypted content key 303 that obtain to encryption device 500 (step S744) by I/O unit 405.
The shared key " Key_AB " that decryption unit 505 receives by 502 outputs of public-key encryption processing unit, and pass through two encrypted content key 303 that I/O unit 508 receives read/write devices 400.Then, decryption unit 505 uses shared key " Key_AB " that two encrypted content key 303 are encrypted (step S745), and the content key 303 of the encryption that will obtain is exported to decryption unit 506.
The content key of ciphering unit 507 receiving and deciphering unit 506, and the content of reception external source.Then, ciphering unit 507 uses content key that content is encrypted (step S748).Ciphering unit 507 sends the content of encrypting to read/write device 400 (step S749) by I/O unit 508.
Read/write unit device 403 receives the content of encrypting by I/O unit 405, and the content of encrypting is write in the recording areas 320 of recording medium 300 (step S750).
3. other modification
Though describe the present invention, should be understood that the present invention is not limited to the foregoing description based on the foregoing description.For example, can carry out following modification.
(1) the present invention can realize with the method that the foregoing description is described.The present invention also can by operation on computers, the computer program of realizing these methods realizes, perhaps realize with the digital signal of representing computer program.
The present invention also can realize with the computer-readable recording medium of logger computer program or digital signal.The example of computer-readable recording medium comprises flexible plastic disc, hard disk, CD-ROM, MO, DVD, DVD-ROM, DVD-RAM, BD (blue beam CD) (Blu-ray Disc)) and semiconductor memory.The present invention also can realize with computer program or the digital signal that is recorded on this recording medium.
And the present invention can be with passing through electronic communication circuit, wire/wireless communication circuit or network, and for example the computer program of Internet transmission or digital signal realize.
In addition, the present invention can realize with the computer system that comprises microprocessor and storer.Storer can storage computation machine program, and microprocessor can be operated according to computer program.
Computer program or digital signal can be recorded in the medium or by transfers such as networks, make that computer program or digital signal can be by other independently computer system execution.
(2) in the process that SAC sets up, sharing key " Key_AB " can be by step S761 to S771 shown in Figure 9, rather than realizes by the step S727 to S739 shown in Fig. 7 and 8.
More particularly, in case receive random number " Cha ", public-key encryption processing unit 401 produces random number " a " (step S761).Random number " a " computation key of public-key encryption processing unit 401 use generations " Key_A=Gen (a; Y) " (step S762), and privacy key " SK_A " generation of use read/write device 400 is by the signed data " Sig_A " (step S763) of " the Key_A ‖ Cha " of random number " Cha " acquisition of key " Key_A " that links calculating and reception.Then, public-key encryption processing unit 401 sends the key " Key_A " that calculates and the signed data " Sig_A " of generation to encryption device 500 (step S764).
Public-key encryption processing unit 502 uses the Public key " PK_A " that is included in the read/write device 400 in the authentication " Cert_A " that receives, certifying signature data " Sig_A " (step S765).Unsuccessful when verifying (in step S766 be " deny ") time, SAC sets up process and finishes.When being proved to be successful (being "Yes" in step S766), public-key encryption processing unit 502 produces random number " b " (step S767).The random number " b " that use to produce, public-key encryption processing unit 502 computation keys " Key_B=Gen (b, Y) " (step S768), and send the key " Key_B " that calculates to public-key encryption processing unit 401 (step S769).Equally, use the key " Key_B " that calculates and the key " Key_A " of reception, public-key encryption processing unit 502 calculates shares key " Key_AB " (step S770).
In case receive key " Key_B ", public-key encryption processing unit 401 uses key " Key_B " and key " Key_A ", calculates and shares key " Key_AB " (step S771).
(3) though the foregoing description has illustrated such hierarchy, in such hierarchy, use media key to content key encryption, the operative installations key is encrypted media key, and the present invention is not limited to these.For example, also can adopt such structure, wherein the operative installations key is directly encrypted content key, uses content key that CRL is encrypted.In this case, by on all purpose communication route, transmitting content key and device keys safely, just can prevent the invasion and attack that above-mentioned information is replaced.
Equally, by increasing the number of keys of using, can make hierarchy complicated more.As an example, can additional application disk key.In this case, at first use the disk key that content key is encrypted, use media key that the disk key is encrypted, the operative installations key is encrypted media key then.In this case, might be able to not use media key that CRL is encrypted, but can use the disk key that it is encrypted.In this way, any key that obtains by encryption device 500 safety may be used to CRL is encrypted.
Therefore, also can use following structure.Before above-mentioned information is transmitted, can set up the SAC that transmits Public key.After SAC set up, above-mentioned information just can be transmitted safely, then, can verify the actual validity of Public key with reference to CRL.
(4) though the foregoing description has illustrated each identifier that is recorded in the index area all represents a different page or leaf and have peaked situation in the identifier of the identifier field of this page record, the present invention is not limited to these.For example, each identifier that has minimum value in the identifier of the identifier field of this page record can be recorded in the index area, and perhaps the identifier of Zui Xiao identifier and maximum can be recorded in the index area.
In addition, can give each page assigned address or identifier, can link together for the address or the identifier of each page appointment with the identifier that is stored in this page.In this case, the page number that can be used to judge location identifier with the address or the identifier of identifier.
In addition, the foregoing description has illustrated the signed data of each page of CRL has been recorded in situation in the signature area of each page.On the other hand, described structure can be such, and win page or leaf and second page signed data are recorded in second page the signature area, and the signed data of first page and N page or leaf is recorded in the signature area of N page or leaf.In this case, the signed data that is recorded in first page the signature area does not need checking.For example, by to being recorded in the checking of second page of signed data in the signature area, also can verify the validity of first page and second page.In brief, in any adaptable structure, the validity of CRL part is as long as use the part of the CRL that reads just can verify.Equally, can receive the signed data that offers whole C RL.
(5) though the foregoing description illustrated the situation of the identifier record of the device that is cancelled Public key authentication in the identifier field of CRL, but CRL can replace the identifier of the unique series number of listing the Public key authentication that is cancelled or the Public key corresponding with device.
List at CRL under the situation of series number, encryption device 500 receives the CRL of the encryption of the Public key authentication that comprises its sequence number and read/write device 400.The CRL of 500 pairs of encryptions of encryption device is decrypted, and judges whether the sequence number of the Public key authentication that receives is listed in the CRL of deciphering.When judging that sequence number is listed really there, encryption device 500 judges that the Public key authentication of read/write device 400 is cancelled.List at CRL under the identifier situation of Public key and also use same procedure.
(6) though the foregoing description has illustrated encrypts CRL and it is recorded in structure in the recording medium, the present invention is not limited to these.In general, not need to be keep secret of CRL, but it is effective requiring CRL.Therefore, CRL can be any structure that can guarantee its validity.For example, CRL can use media key to carry out unidirectional conversion (being hash function), so that produce Message Authentication Code (MAC).In this case, media key, CRL and MAC are recorded in the recording medium.Here, encryption device 500 uses the media key of reading from recording medium, and CRL is carried out unidirectional conversion, so that produce MAC.Encryption device 500 compares MAC that produces and the MAC that reads then, judges that CRL is effective when MAC is consistent.
(7) be applied to the situation of encryption device 500 though the foregoing description has illustrated the present invention, the present invention also can be applied to decryption device, perhaps has the encryption/decryption device of encryption and decryption function.Under the situation of decryption device, install the content of the encryption of playback record in recording medium, and it is decrypted, the content of output deciphering.
(8) though the foregoing description has illustrated device keys is unique situations to encryption device 500,, identical device keys can be by the device of many same types, or is shared by many devices of handling the same type contents.
(9) though the foregoing description has illustrated that being used for the key that content is encrypted or deciphered is the situation of content key itself, but by another key of content key generation, or another key that is produced by content key and out of Memory (being unique information for recording medium for example) may be used to content is encrypted or deciphered.
(10) though having illustrated pen recorder 200, the foregoing description comprises the situation of the CRL storage unit of storing up-to-date CRL,, encryption device, decryption device or encryption/decryption device can comprise the CRL storage unit.In this case, the CRL storage unit compares the CRL of the read/write device 400 of reception and the CRL that is stored in wherein, is newer so which is known.When the CRL that receives was new, the CRL memory storage just upgraded the CRL that is stored in the there with the CRL that receives.Here, can compare CRL according to the version number of each CRL or date of formation and the time of each CRL.Encryption device, decryption device or encryption/decryption device also can be connected with network.In this case, have only when between the CRL of CRL that detects storage and reception difference being arranged, this device just can or obtain up-to-date CRL by the up-to-date CRL of network inquiry.
(11) the foregoing description has illustrated and has set up SAC so that only need the situation of unidirectional authentication,, only needs the situation of checking of the validity of encryption device 500 checking read/write devices 400 that is.Yet, can set up SAC so that verify mutually.In this case, the CRL of read/write device 400 uses can be recorded in the recording medium 300.On the other hand, can construct the read/write device 400 that comprises the CRL storage unit of storing up-to-date CRL.
(12) read/write device and encryption device can not be devices separately.For example, read/write device and encryption device can be included in the device, and can interconnect by all purpose communication circuit.
(13) can adopt the structure of using communication medium rather than recording medium.In this case, encryption device 500 passes through communication medium, network for example, the encrypted media key 301 of reception/recording device 200, the CRL 302 that encrypts and the content key of encrypting 303, and be decrypted and verify by the same operation with the foregoing description explanation.Then, encryption device 500 uses the content key of deciphering that content is encrypted, and sends the content of encrypting to replay device, for example PC.
(14) though the foregoing description has illustrated that CRL that pen recorder 200 receives from end device 100 is by a plurality of pages of situations about forming, but, the CRL that receives from terminal 100 can be made up of a page or leaf, records the identifier of all devices that have been cancelled the Public key authentication in this page.In this case, pen recorder 200 is divided into a plurality of pages or leaves with the CRL that receives, and extracts an identifier that writes on the ending and/or the beginning of each page, produces an index area.Then, pen recorder 200 is signed to the part of each page at least, and storage CRL.
(15) though the foregoing description has illustrated signature that end device 100 makes CA and has been included in the situation that the identifier among the CRL links together that pen recorder 200 can link together the signature of pen recorder 200 with the identifier that is included among the CRL.
(16) though the foregoing description has illustrated the situation of a plurality of media key of media key storage unit 201 storages, if desired, can in pen recorder 200, produce the key of each medium each time.Equally, if desired, each media key can input to pen recorder 200 from external source.
(17) though the foregoing description has illustrated the situation of pen recorder 200 medium keys and content key, the present invention is not limited to these.Recording medium 300 can be stored unique information, and pen recorder 200 can utilize described unique information to produce media key and content key.As an example, the combination by described unique information and date and time information can produce media key.On the other hand, can utilize unique information to produce another key.In this case, can utilize the key of generation that media key is encrypted, perhaps can utilize the key of generation content key encryption.
(18) though the foregoing description explanation is a situation of selecting the media key encrypted content key that a media key and utilization choose from a plurality of media key,, the present invention should not be confined to these.
Can utilize a media key to come encrypted content key.On the other hand, can utilize a plurality of different media key, utilize a plurality of pen recorders to come encrypted content key.For example, can utilize media key " A ", come encrypted content key by pen recorder " A "; Can utilize media key " B ", encrypt same content key by pen recorder " B ".And, also can utilize more media key to come encrypted content key.
(19) though having illustrated the content key of the CRL of encrypted media key, encryption and encryption, the foregoing description all is recorded in the situation that does not allow the read-only recording areas that writes,, the present invention should not be confined to these.
As long as the unique information of recording medium is recorded in do not allow the read-only recording areas that writes, other key just can be recorded in the permission write area.
(20) though the foregoing description has illustrated the situation that 207 couples of whole C RL of ciphering unit encrypt, ciphering unit 207 only can be configured to the part to CRL, and for example the signature area of each of CRL page is encrypted.
(21) though the foregoing description has illustrated that pen recorder 200 couples of media key, content key and CRL encrypt and they are write situation in the recording areas 310,, device that they are encrypted and the device that they are write can be provided separately.
(22) the foregoing description and modification thereof can independent assortments.
As mentioned above, the present invention relates to the input/output of information, in this system, information is inputed to external source to user's set and from external source output information, a kind of external source is exactly a key management apparatus.This system comprises: key management apparatus, it can export invalidation means information safely, described invalidation means information specifies be configured such that with invalid invalidation means unit; And user's set, described user's set comprises I/O unit and main computer unit.Can between main computer unit and external source, carry out the input and output of information by described I/O unit.Main computer unit can receive from the invalidation means information of key management apparatus output safely by described I/O unit, and the invalidation means information that reference receives judges whether I/O unit is the invalidation means unit, when judging affirmation, I/O unit input and output that just no thoroughfare.
According to this structure, can prevent that CRL from being altered, invalid thereby whether the table apparatus that can judge rightly is set to.Thereby, be judged as invalid device by eliminating, just can protect copyright.
Here, key management apparatus can be encrypted invalidation means information, and with the invalidation means information output of encrypting, main computer unit in user's set can receive the invalidation means information by the encryption of key management apparatus output, and the invalidation means information of encrypting is decrypted, so that obtain invalidation means information, and, judge whether I/O unit is the invalidation means unit with reference to the invalidation means information that obtains.
Equally, key management apparatus can be signed to invalidation means information, so that generation signed data, and output invalidation means information and signed data, main computer unit in the user's set can receive signed data and invalidation means information then, and the signed data of checking reception, when being proved to be successful, just, judge whether I/O unit is the invalidation means unit with reference to the invalidation means information that receives.
According to this structure, can be with the invalidation means information encryption, thereby can prevent that invalidation means information from being altered.
According to this structure, can link together signature and invalidation means information, make signature can confirm that invalidation means information is the correct information that is used for demo plant validity.
Here, key management apparatus and user's set can interconnect by network.Key management apparatus can be exported to user's set with invalidation means information by network, and user's set can receive invalidation means information by network.
According to this structure, can transmit and receive correct invalidation means information by communication medium, thereby it is invalid to judge correctly whether I/O unit is set to.
Here, key management apparatus can write invalidation means information the recording areas of recording medium, and this recording areas computer-readable, user's set can not write.User's set can be read invalidation means information from recording medium.
According to this structure, main computer unit can receive correct invalidation means information from recording medium.
The invention still further relates to the key management apparatus of output invalidation means information, this key management apparatus comprises: storage unit, be used to store invalidation means information, and this invalidation means information specifies is set to use invalid invalidation means unit; And output unit, it can export invalidation means information safely.
According to this structure, can export invalidation means information safely, therefore, can prevent that invalidation means information from being altered.
Here, output unit can be encrypted invalidation means information, and the invalidation means information of output encryption.
Here, output unit can use first key information that invalidation means information is encrypted, and uses second key information that first key information is encrypted, and the invalidation means information of output encryption and first key information of encryption.
Here, output unit can be encrypted at least a portion invalidation means information, and that part of invalidation means information of output encryption and the remainder of invalidation means information.
Here, output unit can be signed to invalidation means information, so that produce signed data, and output invalidation means information and signed data.
Here, output unit can carry out unidirectional conversion with invalidation means information, so that produce Message Authentication Code, and output invalidation means information and Message Authentication Code.
Here, output unit can (a) carry out unidirectional conversion with first key information and invalidation means information, so that generation Message Authentication Code, (b) use second key information that first key information is encrypted, and (c) first key information of output message Validation Code, invalidation means information and encryption.
According to this structure, can encrypt invalidation means information, perhaps can produce and export the Message Authentication Code of invalidation means information.Therefore, can verify the correctness of invalidation means information, thereby prevent that invalidation means information from being altered.
Here, key management apparatus can also comprise: first storage unit, and it is used for a plurality of identifiers that are configured such that with invalid invalidation means unit of storaging mark; Second storage unit, it has index area and two or more pages district; The page or leaf generation unit, it is arranged being pressed by predetermined queueing discipline order specified by the identifier of first cell stores, and the identifier that will arrange is divided into two or more corresponding with two or more pages district group, and the identifier that will be divided into two or more groups writes in the corresponding page or leaf district; The index area generation unit, on behalf of the identifier in each page district, it will write the index area; And the signature unit, it is signed to the identifier that writes in each page district, so that produce the signed data in each page district.Output unit can send out the invalidation means information of being made up of the signed data in index area, two or more pages district and each page district.
According to this structure, can export the invalidation means information that is divided into multipage.Therefore, by will sign with each the page or leaf link together, can prevent that invalidation means information from being altered.
The invention still further relates to computer-readable recording medium, computer-readable recording medium comprises the recording areas that user's set can not write, in this recording areas, write down second key information and invalidation means information, second key information is that the first unique key information is encrypted by key management apparatus output and use to device unit, and invalidation means information utilizes described second key information safety output and regulation to be set to use invalid invalidation means unit by key management apparatus.
According to this structure, recording medium can store invalidation means information and second key information into its read-only region.Therefore, can prevent that invalidation means information from being altered thereby can protect copyright.
The invention still further relates to user's set, user's set inputs to external source with information and from external source output information, a kind of external source wherein is exactly the secret key management devices, and it can export the invalidation means information that regulation is set to use invalid invalidation means unit safely.User's set comprises I/O unit and main computer unit.I/O unit can be between main frame and external source input and output information.Main computer unit comprises: receiving element, and it can pass through I/O unit, receives the invalidation means information by key management apparatus output safely; Judging unit, it can judge whether I/O unit is the invalidation means unit with reference to the invalidation means information that receives; And forbid the unit, and when the judged result of judging unit when being sure, its no thoroughfare I/O unit input and output information.
According to this structure, user's set can receive invalidation means information safely, thereby it is invalid to judge correctly whether I/O unit is set to.
Here, receiving element can receive the invalidation means information by the encryption of key management apparatus output, and the invalid information of encrypting is decrypted, so that obtain invalidation means information, and with reference to the invalidation means information that obtains, judging unit can judge whether I/O unit is invalidation means.
Here, receiving element can comprise: storage unit, and it stores second key information; Information receiving unit, it receives second key information encryption first key information of encrypting and the encryption invalidation means information of using first key information to encrypt used from key management apparatus; First decryption unit, it uses second key information that first key information of encrypting is decrypted, so that obtain first key information; And second decryption unit, it can use first key information of acquisition that the invalidation means information of encrypting is decrypted, so that obtain invalidation means information.
Here, receiving element can be from the signed data of key management apparatus reception by invalidation means information is signed and produced, and the signed data of checking reception, when receiving element checking result success, judging unit judges with reference to the invalidation means information that receives whether I/O unit is invalid device unit.
Here, receiving element can receive first Message Authentication Code and invalidation means information (first Message Authentication Code produces by invalidation means information being carried out unidirectional conversion) and make the invalidation means information of reception experience unidirectional conversion so that produce second Message Authentication Code from key management apparatus, judging unit can compare first Message Authentication Code of reception and second Message Authentication Code of generation, when first Message Authentication Code is consistent with second Message Authentication Code, with reference to the invalidation means information that receives, judge whether I/O unit is the invalidation means unit.
Here, receiving element can comprise: storage unit, and it stores second key information; Information receiving unit, it can receive (a) first Message Authentication Code from key management apparatus, and first key information and invalidation means information experience that unidirectional conversion produces by making for it, (b) invalidation means information and first key information that (c) uses second key information to encrypt; Decryption unit, it utilizes second key information that first key information of encrypting is decrypted, so that obtain first key information; And the Message Authentication Code generation unit, it makes second key information of acquisition and the invalidation means information of reception experience unidirectional conversion, so that produce second Message Authentication Code.
According to this structure, user's set can receive the invalidation means information of encryption, the perhaps Message Authentication Code of invalidation means information.Thereby can verify the correctness of invalidation means information, thereby prevent that invalidation means information from being altered.
Here, user's set can input to information the potable recording medium, or from the potable recording medium information is exported.Recording medium can store predetermined be set up the invalidation means information of using invalid a plurality of invalidation means at least.Invalidation means information can comprise index page, a plurality of identifier page or leaf, and a plurality of and identifier page or leaf signed data one to one.Each identifier page or leaf can comprise the identifier of a plurality of invalidation means of sign unit.Can be by carrying out digital signature and produce each section signed data to being included in identifier in the corresponding identifier page or leaf.Each index page can comprise and identifier page or leaf index information one to one.Each bar index information can comprise the identifier of representing the corresponding identifier page or leaf.User's set can comprise I/O unit and main computer unit.I/O unit can be between main computer unit and recording medium input and output information.Main computer unit comprises: the index page receiving element, and it can be by the index page of I/O unit receiving record medium; Page or leaf regulation unit, it uses the index page regulation identifier page or leaf that receives, and the identifier page or leaf comprises the identifier that identifies I/O unit; Identifier page or leaf receiving element, it by I/O unit receiving record medium, the regulation the identifier page or leaf and with the signed data that is included in the identifier in the regulation identifier page or leaf; Signature verification unit, the signed data that its checking receives; Judging unit, when signature verification unit checking result success, it judges with reference to the identifier page or leaf that receives whether I/O unit is invalid device unit, when the judged result of judging unit when being sure, forbid the unit no thoroughfare that I/O unit carries out the input and output of information.
According to this structure, have only the page or leaf that needs to transmit and to receive, therefore, can be compressed in the communication cost between I/O unit and the main computer unit.
Here, the receiving element in main computer unit can comprise: storage unit, its storage invalidation means information; Comparing unit, it compares the invalidation means information that receives and the invalidation means information of cell stores when receiving invalidation means information from key management apparatus, judges which is newer; And writing unit, when the invalidation means information that receives compares the invalidation means information updating of storage, with the invalidation means information write storage unit that receives.
According to this structure, user's set can be stored invalidation means information.Therefore, be not each time during sense information user's set all need to receive and verify the correctness of invalidation means information.Have only when the invalidation means information updating, user's set just need receive invalidation means information.
The invention still further relates to the Certificate Authority device, this device issue regulation is set to use the invalidation means information of invalid invalidation means unit.The Certificate Authority device comprises: first storage unit, and it stores the identifier that a plurality of signs are set to use invalid invalidation means unit; Second storage unit, it has an index area and two or more pages district; The page or leaf generation unit, it is according to the predetermined classification rule, and the identifier of first cell stores is divided into two or more groups corresponding with two or more pages district, and the identifier that will be divided into two or more groups writes corresponding page or leaf district; The index area generation unit, on behalf of the identifier in each page district, it will write the index area; The signature unit, it is signed to the identifier that writes each page district, so that produce the signed data in each page district; And delivery unit, it will be sent out by the invalidation means information that the signed data in index area, two or more pages district and each page district is formed.
According to this structure, the Certificate Authority device of the end device that has as CA can be divided into invalidation means information a plurality of pages or leaves in advance and the signature of CA is linked together with each page, makes described signature can verify the correctness of invalidation means information.
Commercial Application
The present invention is applicable to personal computer, DVD driver and similar device etc.
Claims (4)
1. information input/output system comprises:
Recording medium is used for storage:
(i) content of using media key to encrypt,
The (ii) media key of operative installations secret key encryption,
The invalidation means information that (iii) comprises identification information, described identification information sign has been set to use invalid one or more invalid input/output device, and
(iv) verification msg produces based on media key and invalidation means information, so that when when (a) encrypted media key is distorted or (b) the invalidation means information of record is distorted, the predetermined authentication that verification msg is carried out is handled failure;
Input/output device comprises:
Storage unit is used to store the identification information of discerning input/output device;
Read the unit, be used to read content, encrypted media key, the invalidation means information of encryption, and from the verification msg of recording medium and
Transmission unit is used to transmit content, encrypted media key, the invalidation means information of described encryption, the authorization information and the verification msg of input/output device; And
Host apparatus comprises:
Storage unit is used for the memory storage key;
Receiving element, be used to receive encryption content, encrypted media key, invalidation means information, input/output device authorization information and from the verification msg of input/output device,
Authentication unit is used for that verification msg is carried out the predetermined authentication processing and is not all distorted with checking encrypted media key that receives and the invalidation means information that receives;
Confirmation unit, be used for when described authentication unit has successfully carried out predetermined checking processing, whether the identification information of the I/O unit that receives by inspection is included in that to confirm whether I/O unit is set in the invalidation means information that receives invalid
First decryption unit is used for the operative installations key and deciphers institute's encrypted media key, and
Second decryption unit is used for when (i) authentication unit has successfully carried out predetermined checking processing; With confirm that when (ii) confirmation unit I/O unit is not configured to use media key to decipher the content of being encrypted when invalid.
2. the host apparatus of the use content of reading from recording medium by input/output device,
Described recording medium storage:
(i) use media key and the content of encrypting,
(ii) operative installations key and encrypted media key,
The invalidation means information that (iii) comprises identification information, described identification information sign has been set to use invalid one or more invalid input/output device, and
(iv) verification msg, it produces based on media key and invalidation means information, so that distorted or (b) when the invalidation means information of record is distorted when (a) encrypted media key, the predetermined checking processing procedure failure that verification msg is carried out;
Host apparatus comprises:
Storage unit is used for the memory storage key;
Receiving element, be used to receive encryption content, encrypted media key, invalidation means information, input/output device authorization information and from the verification msg of input/output device,
Authentication unit is used for that verification msg is carried out predetermined checking processing and is not all distorted with checking encrypted media key that receives and the invalidation means information that receives;
Confirmation unit is used for when authentication unit has successfully carried out predetermined checking and handles, and whether the identification information of the I/O unit that receives by inspection is included in that to confirm whether input/output device is set in the invalidation means information that receives invalid;
First decryption unit, be used for the operative installations key decipher institute's encrypted media key and
Second decryption unit is used for when (i) authentication unit has successfully carried out predetermined checking and handles and confirms that input/output device is not configured to use media key to decipher the content of being encrypted when invalid when (ii) confirmation unit.
3. method that is used for host apparatus, described host apparatus are used for the memory storage key and use the content of reading from recording medium by input/output device, described recording medium storage:
(i) use media key and the content of encrypting,
(ii) operative installations key and encrypted media key,
The invalidation means information that (iii) comprises identification information, described identification information sign has been set to use invalid one or more invalid input/output device, and
(iv) verification msg, described verification msg is based on media key and invalidation means information and produce, so that when when (a) encrypted media key is distorted or (b) the invalidation means information of record is distorted, the predetermined authentication processing procedure failure that verification msg is carried out;
Described method comprises:
Receiving step: receive the identification information of encrypted content, encrypted media key, invalidation means information, input/output device and from the verification msg of input/output device;
Verification step: (i) verification msg is carried out predetermined checking processing and all do not distorted with checking encrypted media key that receives and the invalidation means information that receives;
Confirm step: when described verification step has successfully carried out predetermined checking and has handled, by the identification information of checking I/O unit whether be included in confirm in the invalidation means information that receives input/output device whether be set to invalid;
First decryption step: the operative installations key is deciphered described encrypted media key, and
Second decryption step: when (i) described verification step has successfully carried out predetermined checking and has handled and (ii) described affirmation step confirm that described input/output device is not configured to use media key to decipher the content of being encrypted when invalid.
4. the integrated circuit (IC) apparatus of the use content of from recording medium, reading by input/output device, described recording medium storage:
(i) use media key and the content of encrypting,
(ii) operative installations key and encrypted media key,
The invalidation means information that (iii) comprises identification information, described identification information sign be set to use invalid one or more invalid input/output device and
(iv) verification msg, described verification msg produces based on media key and invalidation means information, so that the invalidation means information that predetermined checking processing procedure is distorted or (b) write down when (a) encrypted media key is when being distorted and fail;
Described integrated circuit (IC) apparatus comprises:
Storage unit is used for the memory storage key,
Receiving element, be used to receive encryption content, encrypted media key, invalidation means information, input/output device authorization information and from the verification msg of input/output device,
Authentication unit is used for that verification msg is carried out predetermined checking and handles, and is not all distorted with checking encrypted media key that receives and the invalidation means information that receives;
Confirmation unit is used for when authentication unit has successfully carried out predetermined checking and handles, and whether the identification information of the I/O unit that receives by inspection is included in that to confirm whether I/O unit is set in the invalidation means information that receives invalid;
First decryption unit, be used for the operative installations key decipher institute's encrypted media key and
Second decryption unit is used for when (i) authentication unit has successfully carried out predetermined checking and handles and confirms input/output device when (ii) confirmation unit not being configured to when invalid the content of using media key to come enabling decryption of encrypted.
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| JP2002115328 | 2002-04-17 | ||
| JP2002115328 | 2002-04-17 | ||
| JP2002134646 | 2002-05-09 |
Related Parent Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB038083809A Division CN100508452C (en) | 2002-04-17 | 2003-04-07 | System and devices for information input/output and key management |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101552018A true CN101552018A (en) | 2009-10-07 |
Family
ID=41156215
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA200910137160XA Pending CN101552018A (en) | 2002-04-17 | 2003-04-07 | System and device for inputting/outputting information and managing key |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101552018A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11477013B2 (en) | 2019-11-29 | 2022-10-18 | Alipay (Hangzhou) Information Technology Co., Ltd. | Methods and devices for cryptographic key management based on blockchain system |
-
2003
- 2003-04-07 CN CNA200910137160XA patent/CN101552018A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11477013B2 (en) | 2019-11-29 | 2022-10-18 | Alipay (Hangzhou) Information Technology Co., Ltd. | Methods and devices for cryptographic key management based on blockchain system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100508452C (en) | System and devices for information input/output and key management | |
| US9083512B2 (en) | Recording device, and content-data playback system | |
| CN103348623B (en) | Termination, checking device, key distribution device, content reproducing method and cryptographic key distribution method | |
| US20140075207A1 (en) | Apparatus, method, and computer program product for processing information | |
| AU785421B2 (en) | Data authentication system | |
| TW316301B (en) | ||
| CN101047495B (en) | Method and system for transferring data | |
| CN102473230A (en) | Controller, control method, computer program, program recording medium, recording apparatus, and method of manufacturing recording apparatus | |
| US9172535B2 (en) | Key implementation system | |
| WO2006064768A1 (en) | Unauthorized deice detection device, unauthorized device detection system, unauthorized device detection method, program, recording medium, and device information update method | |
| WO2004064317A1 (en) | Mutual authentication method, program, recording medium, signal processing system, reproduction device, and information processing device | |
| CN100458740C (en) | Recording system and method, recording device and method, input device and method, reproduction system and method, reproduction device and method, recording medium, and program | |
| CN103380589A (en) | Terminal device, server device, content recording control system, recording method, and recording permission/non-permission control method | |
| CN103177739A (en) | Information processing apparatus, information processing system, information storing device, and program | |
| EP2633465B1 (en) | Storage device, and authentication method and authentication device of storage device | |
| CN100557716C (en) | Semiconductor memory card and control method thereof | |
| CN113836516B (en) | Printer selenium drum anti-counterfeiting and printing frequency protection system and method | |
| CN101552018A (en) | System and device for inputting/outputting information and managing key | |
| JP4614632B2 (en) | Information input / output system, key management device, and user device | |
| CN100568366C (en) | Content playback unit | |
| CN1954542A (en) | Encryption device and key distribution device and system | |
| CN103098064A (en) | Method and apparatus for authenticating a non-volatile memory device | |
| JP4760938B2 (en) | KEY GENERATION PROGRAM, KEY RECORDING PROGRAM, KEY GENERATION DEVICE, PKI CARD, AND KEY RECORDING SYSTEM | |
| TWI248590B (en) | Data processing apparatus and data processing method | |
| JPH1049640A (en) | System for certifying ic card, and method therefor |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20091007 |