JP2000348003A - Author protection system dealing with contents being digital author - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an author protection system for using the contents of low significance by means of a familiarized personal computer and highly protecting the contents of high significance from an illegal attack when the two types of contents different in significance are to be circulated together. SOLUTION: A reception part 1110 receives a capsule 100 containing first contents to which first ciphering is executed and second contents to which second ciphering whose decoding is more difficult than first ciphering is executed and stores it in a capsule storage part 1130. A first contents processing part 1140 realized by a personal computer decodes the first contents in the capsule 100 by a first decoding method and a second contents processing part 1210 being a PC card decodes the second contents in the capsule 100 by a second decoding method which is more complicated than the first decoding method.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a system for technically realizing copyright protection of a digital work, and more particularly to a copyright protection technique for reproducing and recording contents as a digital work.

[0002]

2. Description of the Related Art In recent years, with the development of Internet-related technologies, it has become possible to distribute contents such as music through the Internet and receive fees and the like from users who download the contents. In addition, since a digital work downloaded from the Internet to a personal computer can be easily copied, techniques such as encryption are used to prevent this.

[0003] By the way, there is a case where it is desired to provide contents for sale through the Internet, and also to provide contents as free samples in which the same contents as the contents are recorded with low quality for the purpose of sales promotion. For example, there is a case where content as a free sample is provided free of charge, and a user wants to try the content and purchase the content for sale after being convinced.

In this case, the content as a sample is
In order to have a wide range of users, such as many of the customers of the provider, try it out, it is desirable to reproduce the hardware using a personal computer that can connect to the Internet. In some cases, even if the content is a free sample, the provider may wish to distribute and reproduce the content to some extent within the control of the user. It is conceivable to apply encryption to the content.

[0005]

However, if the content for sale and the content as a free sample are combined in the same encryption and provided through the Internet in response to the above demand, the content for sale is also provided as a free sample. As much as the contents of the above, the user is at risk of unauthorized attacks such as analysis of encryption algorithms.

Accordingly, the present invention provides such a combination of content for sale and content as a sample,
When it is desired to distribute two types of content having different importance levels together, the content of low importance can be reproduced by a popular personal computer or the like, while the content of high importance is advanced from unauthorized attacks. It is a first object of the present invention to provide a copyrighted work protection system for protecting a copyrighted work.

Further, the present invention is a copyright protection system capable of recording contents on a recording medium mountable on a player for reproducing contents in order to more safely protect contents for sale and the like. Even if one of the distribution encryption algorithm used when the content is distributed via the Internet or the like and the recording encryption algorithm used when recording the content on the recording medium is decrypted, Second, to provide a copyright protection system that prevents the other from being affected.
The purpose of.

Further, according to the present invention, by partially sharing the encryption algorithm for distribution and the encryption algorithm for recording, the implementation cost when the encryption algorithm is implemented by software or hardware can be reduced. Third, providing a copyright protection system
The purpose of.

[0009]

In order to achieve the first object, a copyright protection system according to the present invention is a copyright protection system for handling contents which are digital copyrights. The first content with
Acquiring means for acquiring data including at least one of second encrypted content that is more difficult to decrypt than the first encryption; and data obtained by the acquiring means. If the first content is included in the first content, the first content is decrypted by a first decryption method corresponding to the first encryption, and the first content is obtained by the obtaining unit. When the second data is included in the encrypted data, the second content is decrypted by the second decryption method corresponding to the second encryption and having high difficulty in decryption. Decoding means.

[0010] With this, when the first content and the second content that have been encrypted with different degrees due to the two types of importance of the content are obtained, it is possible to decrypt each of the obtained content. So you can
The highly important second content can be more highly protected from unauthorized attack by hard-to-decrypt encryption. In addition,
For example, it is possible to secure the difficulty of deciphering the encryption by use of hardware that is tamper-resistant in terms of implementation, such as logically complicating the encryption algorithm.

[0011] It should be noted that the apparatus embodying the first content decoding means and the second content decoding means for decoding different contents can be different from each other.
For example, content of low importance can be decrypted and reproduced on a personal computer and widely used as a general purpose, and content of high importance can be highly protected by being decrypted, reproduced, recorded, etc. by a dedicated device. Unauthorized use can be prevented.

Therefore, for example, it is possible to safely carry out a sales activity such as distributing a content as a free sample with a low importance and a content as a sales product with a high importance using a network or a recording medium. Further, the acquisition unit performs the acquisition by receiving the data from an external network, and the copyright protection system further includes a reproduction unit that performs AV reproduction of the first content decrypted by the first content decryption unit. And the second
Encrypting means for performing a third encryption different from the second encryption on the second content decrypted by the content decrypting means; and a second encrypting means for performing the third encryption by the encrypting means. Recording means for recording all or part of the content on a recording medium may be provided.

[0013] This makes it possible to safely carry out sales activities such as distributing the contents as free samples with low importance and the contents as sales products with high importance through the network. For example, video, music,
Create digital works such as still images, and for the purpose of sales promotion of these sales contents and other purposes, for example, low-quality preview contents obtained by sampling the music at a low sampling rate, or a digest version of the video It is possible to safely carry out sales activities such as widely distributing certain contents and the like, that is, contents of a sample together on a network. Also, since the contents of the sample can be decrypted on a personal computer, it can be widely used by general users, and the contents for sale can be recorded on a recording medium such as a memory card only by dedicated hardware. By doing so, a high degree of security can be ensured so as not to be illegally recorded. Also, the content recorded on a recording medium such as a memory card is protected from unauthorized peeping since it is encrypted.

Furthermore, for the second content to be sold, for example, the encryption used for distribution is different from the encryption used for recording. When the optimization algorithm is decrypted, the other is unaffected, thereby achieving the second objective. Further, the encryption algorithm used for decryption in the second content decryption means and the encryption algorithm used for encryption in the encryption means may be partially different algorithms.

As a result, a part of the software or hardware for realizing the encryption algorithm can be shared, so that the cost for developing or realizing the encryption algorithm can be reduced as compared with the case where the encryption algorithm cannot be shared, and the third object is achieved. .

[0016]

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS <Embodiment 1> Hereinafter, a music content reproduction / recording system which is Embodiment 1 of a copyrighted work protection system according to the present invention will be described with reference to the drawings. <Structure> FIG. 1 is an external view of a music content reproduction / recording system 1000 according to Embodiment 1 of the present invention.

Music content reproduction and recording system 1000
Is a system in which music content received via a communication line 1001 is reproduced by a personal computer 1100 and recorded on a memory card 1300.
The memory card 1300 has a thickness of several millimeters and a length and width of 2c.
This is a semiconductor memory having a shape of about m square, a storage capacity of 64 megabytes, and a built-in control circuit. The user inserts the memory card 1300 into the memory card reproducing device, thereby reading out the music content recorded on the memory card 1300 to the memory card reproducing device and reproducing it, and playing the music reproduced through headphones or the like. You can enjoy.

As shown in FIG. 1, a music content reproduction / recording system 1000 includes a personal computer 110 having a display 1191 and a keyboard 1192.
0 and a memory card writer 1200 inserted therein. The personal computer 1100 is
It has a built-in CPU, memory, hard disk, etc., and can execute a program for playing music content in response to an instruction from a user.
Memory card writer insertion slot 119 which is a card slot
5

The memory card writer 1200 is a so-called PC card, and has a memory card insertion slot 1299 for inserting a memory card. FIG. 2 is a functional block diagram of the music content reproduction / recording system 1000 according to the first embodiment. Functionally, the music content reproduction / recording system 1000 includes a reception unit 1110, a control unit 1120, a capsule storage unit 1130, a first content processing unit 1140, a reproduction unit 1150, and a memory card writer 1200. You. FIG. 14 shows a music card 1300 inserted into a memory card writer 1200 in addition to the music content reproduction / recording system 1000 itself.
And the capsule 100 received by the receiving unit 1110 from the communication line and stored in the capsule storage unit 1130. Here, the capsule 100 is data input to the music content reproduction / recording system 1000 from the communication line, and is obtained by encrypting the music content and management information related thereto. The contents of the capsule 100 will be described later in detail.

The receiving section 1110, the control section 1120, the first content processing section 1140, and the reproducing section 1150 are realized by executing a music content reproducing program stored in the memory of the personal computer 1100 by the CPU. The capsule storage unit 1130 is an area of a memory or a hard disk of the personal computer 1100.

The music content reproducing program is for allowing the user to select the music content to be received, and for accepting a user's instruction as to whether to reproduce or record the selected music content. Part 11
Reference numeral 20 is used to receive a user operation from the keyboard 1192 and issue a music content reception instruction, a reproduction instruction, a recording instruction, and the like in response to the user operation.

Receiving section 1110 receives a receiving instruction from control section 1120, receives a capsule which is data including encrypted music content from communication line 1001 connected to the Internet, and stores it in capsule storing section 1130.
And notifies the control unit 1120 of the storage location of the capsule. The capsule is delivered from a music content supplier or the like via the Internet or the like. Here, for the sake of explanation, it is assumed that the capsule 100 is stored in the capsule storage unit 1130 by the receiving unit 1110 as shown in FIG.

Upon receiving the reproduction instruction and the information on the storage location of the capsule 100 from the control unit 1120, the first content processing unit 1140 performs processing for decrypting the encrypted C1 content 130 in the capsule 100. The decrypted C1 content is output to the reproducing unit 1150. The music contents include low-quality sound sampled at a sampling rate of 16 KHz and 64 KH.
There are two types, one for purchase of high sound quality sampled at a sampling rate of z. Here, the former is called C1 content, and the latter is called C2 content. The encrypted C1 content 130 is obtained by encrypting the C1 content and the encrypted C2 content 140
Is an encrypted version of the C2 content. The details of the first content processing unit 1140 will be described later in detail together with the contents of the capsule 100.

The reproduction section 1150 is a function section that reproduces the C1 content passed from the first content processing section 1140 and sounds the speaker 1193, and the music content is an MPEG (Moving Picture Expert).
ts Group) since the audio data is compressed in accordance with the audio standard, the reproducing unit 1150 also has a function of expanding the audio data.

The memory card writer 1200 is a PC card having a hardware structure as shown in FIG.
When a recording instruction and information on the storage location of the capsule 100 are received from the control unit 1120, a function of decrypting the encrypted C2 content 140 in the capsule 100, performing another encryption again, and recording the encrypted C2 content 140 on the memory card 1300 is provided. Things.

FIG. 3 is a diagram showing a hardware structure of the memory card writer 1200. As shown in the figure, the memory card writer 1200 is
PU 1201, ROM 1202, RAM 1203
, A PC interface 1204, a memory card interface 1205, and a second content processing unit 1210, which is an LSI having a plurality of terminals, connected by a bus.
IA (Personal ComputerMemor
y Card International Asso
personal computer 1 according to the standard
100 and data communication with the memory card 1300 via the memory card interface 1205.

Here, the CPU 1201 has a ROM 120
2 for controlling the memory card writer 1200 by executing the program recorded in the RAM 2 and uses the RAM 1203 as a work area. The second content processing unit 1210 is a tamper-resistant LSI package that is wrapped around a current supply wire and wrapped over the entire surface.
Tamper resistance means that it can be protected against unauthorized external access. The second content processing unit 1210
It is an integrated circuit formed on one silicon substrate, that is, one chip. Also, the second content processing unit 1210
It is impossible to inspect the internal data electrically and physically. For example, the internal data of the LSI package is held in the EEPROM, and when the LSI package is opened, the conductor is disconnected. As a result, the current supply to the LSI package is stopped, and the internal data composed of the charges stored in the capacitor is cleared.

As shown in FIG. 2, the memory card writer 1200 decrypts the C2 content and performs encryption for recording audio data, as shown in FIG. A memory card ID acquisition unit 1230 for acquiring a memory card ID unique to each memory card, and a recording unit 12 for recording encrypted audio data on the memory card 1300
40. The second content processing unit 1210
Also includes an authentication unit 1224 for authenticating the validity of the memory card 1300. Second content processing unit 1210
The details of the processing contents will be described later.

<Data Structure and Related Processing> The contents of the capsule 100 will be described below. The capsule 100 is data generated by the copyright protection center. Here, the copyright protection center is a neutral organization for copyright protection. The copyright protection center receives the music contents and the management information related thereto from the above-mentioned music contents supply company, etc., encrypts these, and
Generate 0.

Music content reproduction / recording system 1000
Are input to the capsule 100 as shown in FIG.
60-bit encrypted capsule unique key 110, fixed-length encryption management information 120, encrypted C1 content 130 whose data length can change according to its contents, and encrypted C2 content whose data length can change according to its contents 140.

FIG. 4 is a data flow diagram showing a process of generating the encrypted C1 content 130 and the encrypted C2 content 140. As shown in the figure, the encrypted C1 content 130 is obtained by converting the plaintext C1 content 30 to the C1 key 2.
1 is data generated by encryption. C
One key 21 is 64-bit key data, and encryption is performed by a block encryption method. For example, DES (Data En
Cryption Standard) algorithm is used.

The encrypted C2 content 140 is data generated by encrypting the plaintext C2 content 40 with the C2 key 25. C2 key 25 is 12
It is 8-bit key data, and encryption is performed by a block encryption method, for example, an algorithm based on the DES algorithm is used. The C1 content 30 and C1
Each of the two contents 40 is compressed based on the MPEG audio standard.

FIG. 5 is a data flow diagram showing a process of generating the encrypted capsule unique key 110 and the encrypted management information 120. As shown in FIG.
This is data generated by encrypting the management information 20 with the transport key 1144. Here, the management information 20 is information related to the C1 content 30 and the C2 content 40 shown in FIG. 4, and includes a C1 key 21, a C1 address 22, a C1 decryption condition information 23, and a C1 billing information 2.
4, C2 key 25, C2 address 26, C2 decryption condition information 27, and C2 billing information 28. The encryption algorithm in the encryption 3 is of the block cipher system, and for example, an algorithm based on the DES algorithm is used.

Here, the C1 address 22 and the C2 address 26 correspond to the encrypted C
The relative address of one content 130 and the relative address of the encrypted C2 content 140 are shown. C1 decryption condition information 2
3 and C2 decoding condition information 27 are information indicating conditions for decoding the C1 content 30 and the C2 content 40, respectively, and indicate a date when decoding is permitted. Also, C1 charging information 24 and C2 charging information 2
8, C1 content 30 and C2 content 4
This is information on a fee to be charged when 0 is decrypted, that is, information indicating a trial listening fee or a purchase fee for music content.

The transport key 1144 is 160-bit key data arbitrarily determined by the copyright protection center.
Further, as shown in FIG.
Is data generated by encrypting the capsule unique key 10 obtained by the exclusive OR of the transport key 1144 and the S1 key 1142 with the elliptical secret key 5 using an elliptic encryption algorithm. Here, the S1 key 1142
Is a 160-bit common key having the same value as the S1 key stored in the first content processing unit 1140 of the music content reproduction / recording system 1000. Also, the elliptical secret key 5
Is a 160-bit secret key paired with the K1 key 1141 that is a public key stored in the first content processing unit 1140. As for the elliptic encryption, Dougla
sR. This is described in detail in "Basics of Cryptographic Theory" by Sinson (Kyoritsu Shuppan Co., Ltd.).

Hereinafter, the capsule 1 generated as described above will be described.
The processing contents of the first content processing unit 1140 and the second content processing unit 1210 that perform the processing related to the content of 00 will be described in detail. First, the processing content of the first content processing unit 1140 will be described. The first content processing unit 1140 includes a K1 key 1141 and an S1 key 1142
And the capsule unique key decryption unit 1143
And a management information decoding unit 1145, a C1 content decoding control unit 1146, and a C1 content decoding unit 1147 as constituent elements.

The capsule unique key decryption unit 1143 decrypts the encrypted capsule unique key 110 in the capsule 100 using the K1 key 1141 which is a public key, and outputs it. The output capsule unique key and the common key S1 key 1142
Transport key 114 which is the result of exclusive OR with
4, the management information decoding unit 1145 uses the capsule 10
The encryption management information 120 in 0 is decrypted.

The C1 content decryption control unit 1146 determines whether or not decryption is possible by referring to the C1 decryption condition information 23 in the decrypted management information 20, and refers to the C1 billing information 24 when decryption is possible. Billing process, and C1
A decryption instruction is given to the content decryption unit 1147. Here, the billing process is to transmit, via a communication line, instruction information to remit a preview fee from a bank or other account with which the user has contracted in advance to a music content provider or the like. It is. If the trial listening is free, the instruction information is not transmitted.

The C1 content decryption unit 1147 stores the C1 in the management information 20 decrypted by the management information decryption unit 1145.
Referring to one address 22, the encrypted C1 content 130
Is identified, the encrypted C1 content 130 is decrypted using the C1 key 21 in the management information 20, and the playback unit 11
The C1 content 30 is output to 50. Note that the decryption algorithm is a block encryption algorithm corresponding to the encryption 1 shown in FIG.

Next, the processing contents of the second content processing unit 1210 will be described. Second content processing unit 121
0 is roughly classified into decryption of C2 content and re-encryption for recording on a memory card. The decryption of C2 content is similar to the process of the first content processing unit 1140 described above. are doing. The second content processing unit 1210 stores a K2 key 1211 and an S2 key 1212 in order to perform a C2 content decryption function, and stores a capsule unique key decryption unit 1213 and a management information decryption unit 1215.
And a C2 content decoding control unit 1216 and a C2 content decoding unit 1217 as constituent elements.
In order to perform a re-encryption function for recording on a memory card, a plurality of master keys 1219 are stored, and a disk key generation unit 1218, a disk key encryption unit 1220, a title key generation unit 1221, a title key generation unit 1221, Encryption unit 1222
, An audio data encryption unit 1223 and an authentication unit 12
24 as constituent elements. Here, the master key is key data having the same value as the key data held in the memory card reproducing device of each maker, and the contents are different for each maker. The second content processing unit 1210 stores master keys 1219 for a plurality of manufacturers so that a memory card to be recorded can be reproduced by a memory card reproducing device of a plurality of manufacturers.

The capsule unique key decryption unit 1213 decrypts the encrypted capsule unique key 110 in the capsule 100 using the K2 key 1211 that is a public key, and outputs it. Using the transport key 1214 which is the result of exclusive OR between the output capsule unique key and the S2 key 1212,
The management information decryption unit 1215 decrypts the encrypted management information 120 in the capsule 100. Here, the transport key 1214 has the same value as the transport key 1144 obtained in the first content processing unit 1140 described above. Note that the K2 key 1211 and the S2 key 1212 are
Of the elliptical secret key 5 in FIG.
5 and the S1 key 1142 in FIG. 5 is replaced with the S2 key 1212,
As shown in FIG. 5, the key data has a relationship such that the encrypted capsule unique key 110 can be generated based on the transport key 1144.

The C2 content decoding control unit 1216 judges whether or not decoding is possible by referring to the C2 decoding condition information 27 in the management information 20 decoded by the management information decoding unit 1215. The accounting process is performed with reference to the accounting information 28, and the C2 content decoding unit 121 is executed.
7 is given a decoding instruction. C2 content decryption control unit 12
16 is the same as the charging process performed by the C1 content decryption control unit 1146. The charging process is performed via a communication line from an account of a bank or the like with which the user has contracted in advance to a music content supply company or the like. And transmitting instruction information to remit the purchase fee. The instruction information is transmitted to the personal computer 11 via the PC interface 1204 of the memory card writer 1200.
00 is transferred to the communication line 1001 by the control unit 1120. Note that the C2 content decryption control unit 1216 stores the counter value, increments the counter value by one each time the C2 content is decrypted, and obtains the product of the counter value and the purchase fee to obtain, for example, the total purchase fee in one day. Can be sent through a communication line at night.

The C2 content decoding unit 1217 stores the C2 content in the management information 20 decoded by the management information decoding unit 1215.
2 encrypted C2 content 140 with reference to address 26
Is identified, the encrypted C2 content 140 is decrypted using the C2 key 25 in the management information 20, and the C2 content as audio data is transmitted to the audio data encryption unit 1223. The decoding algorithm is shown in FIG.
Is an algorithm of the block cipher system corresponding to the encryption 2 shown in FIG.

The authentication unit 1224 is connected to the memory card 1
It has a function of mutually authenticating with the authentication unit 1301 included in 300. The authentication unit 1301 authenticates the validity of the device that records data on the memory card.
The authentication unit 1224 receives the authentication information from the authentication unit 1301, and determines the validity of the memory card based on the authentication information. As an authentication method, for example, the authentication unit 1224 of the memory card writer 1200 sends a random number to the authentication unit 1301 of the memory card 1300,
In response to the authentication unit 1301 encrypting the random number using the secret encryption algorithm and returning the encrypted random number, the authentication unit 1224 decrypts the encrypted random number using the decryption algorithm and the result is the same as the original random number. Since the encryption algorithm of the authentication unit 1301 and the decryption algorithm of the authentication unit 1224 correspond to each other, a method of determining that the authentication is successful is used. This authentication method
Memory card writer 1200 and memory card 1300
May share an authentication method with a secret authentication key, and mutually authenticate each other by a challenge response procedure using the authentication key.

If the authentication is successful, that is, if it is determined that the memory card is valid, the authentication unit 1224
The memory card writer 1200 is given instructions for ID acquisition permission and recording permission to the memory card ID acquisition unit 1230 and the recording unit 1240, respectively. Upon receiving the ID acquisition permission, the memory card ID acquisition unit 1230 acquires the memory card ID, which is the unique information, from the memory card 1300 and gives this to the disk key generation unit 1218. 1240 records the encrypted data output from the disk key encryption unit 1220, the title key encryption unit 1222, and the audio data encryption unit 1223 on the memory card 1300.

The disk key generation unit 1218 receives the memory card ID given from the memory card ID acquisition unit 1230
A 64-bit disk key that partially includes information about the Here, the disk key means key data common to the entire memory card as a recording medium. The disk key encryption unit 1220 encrypts the disk key generated by the disk key generation unit 1218 using one of a plurality of master keys stored in advance,
The process of encrypting the same disk key continuously using another master key is repeated, and the same number of encrypted disk keys as the number of master keys are generated and output to the recording unit 1240 in the memory card writer 1200.

The title key generation unit 1221 has an appropriate 64
A bit title key is generated and given to the title key encryption unit. Here, the title key means key data that can be set for each music content. Title key encryption unit 12
Reference numeral 22 encrypts the title key generated by the title key generation unit 1221 using the disk key generated by the disk key generation unit 1218 and outputs the encrypted title key to the recording unit 1240. In addition, the audio data encryption unit 1223
The C2 content output by the two-content decryption unit 1217 is encrypted with the title key generated by the title key generation unit 1221, and output to the recording unit 1240.

The disk key encrypting unit 1220, the title key encrypting unit 1222, and the audio data encrypting unit 122
3 is an encryption algorithm of block cipher system D
ES algorithm. Note that the recording unit 1240 records the audio data received from the audio data encryption unit 1223 in the user accessible area of the memory card 1300, and is encrypted in the system area of the memory card 1300 that cannot be accessed by the user. Record the disc key and title key. In addition, the memory card 13
00 is a memory card playback device that can hold a master key. If authentication of the memory card 1300 succeeds, the above-described recording is performed using the encrypted disk key and title key. Has the function of playing back music by performing an inverse process of the encryption process for decoding the audio data.

<Operation> The operation of the music content reproduction / recording system 1000 having the above configuration will be described below. FIG. 6 shows a music content reproduction / recording system 100.
11 is a flowchart showing the operation of the "0".

As shown in the figure, first, the receiving unit 1110 of the music content reproduction / recording system 1000 receives a capsule containing music content from the server of the music content supply company via the Internet in accordance with a user instruction, and stores the capsule. It is stored in the unit 1130 (step S301). Accordingly, when the capsule 100 is stored in the capsule storage unit 1130, the control unit 1120 displays a graphical user interface screen on the display 1191 for allowing the user to select one of the trial listening, the purchase, and the end of the process of the music content. indicate.

Thereafter, when detecting that the user has selected the trial listening (step S302), control unit 1120 instructs first content processing unit 1140 to reproduce the C1 content. In response, the first content processing unit 114
0, the capsule unique key is decrypted by the capsule unique key decryption unit 1143, and the management information is decrypted by the management information decryption unit 1145 (step S303).

After the management information is decrypted by the management information decryption unit 1145, the C1 content decryption control unit 1146
With reference to the C1 decoding condition information 23, for example,
If the C1 decoding condition is satisfied (step S304) due to the fact that the content is within the trial listening time limit or the number of times of decoding is within a predetermined number of times (step S304), charging is performed (step S305), and the C1 content Decoding unit 1
147 to decrypt the C1 content (step S
306), the reproduction unit 1150 reproduces the C1 content and makes the speaker 1193 sound (step S30).
7). If the C1 decryption condition is not satisfied (step S304), such as after the expiration of the C1 content preview period (step S304), steps S305 to S30 are performed.
Step 7 is not performed.

When detecting that the user has selected purchase, that is, that the user has requested recording on the memory card (step S308), the control unit 1120 controls the second content processing unit of the memory card writer 1200. 12
10 is instructed to reproduce the C2 content. In response to this, the second content processing unit 1210 decrypts the capsule unique key by the capsule unique key decryption unit 1213 and decrypts the management information by the management information decryption unit 1215 (step S
309). After the management information is decoded by the management information decoding unit 1215, the C2 content decoding control unit 1216
With reference to the C2 decoding condition information 27, for example,
Due to the date and time within the content purchase allowable period, C2
If the decryption condition is satisfied (step S31
0), a billing process is performed (step S311), and after the C2 content is decrypted by the C2 content decrypting unit 1217 (step S312), encryption and recording processes for recording on the memory card are performed (step S31).
3). If the C2 decryption condition is not satisfied, such as after the expiration of the C2 content purchase allowable period (step S310), steps S311 to S31 are performed.
Step 3 is not performed.

When the control unit 1120 detects that the user has selected to end the processing (step S314),
All the processes related to the trial listening or the purchase are completed, but if the process end is not selected, the process returns to step S302. Therefore, the user can select the audition or the purchase many times. FIG. 7 is a flowchart showing encryption and recording processing for recording audio data on a memory card.

As shown in the figure, the authentication unit 1224 authenticates the memory card 1300 (step S401). If authentication is not successful, encryption and recording are not performed. If authentication is successful (step S401). S402), the following processing is performed. First, the memory card ID acquisition unit 1230 acquires a memory card ID from the memory card 1300 and gives it to the disk key generation unit 1218 (Step S403). The disk key generation unit 1218 receives the given memory card I
A disk key is generated based on D (step S40)
4).

The disk key encryption unit 1220 encrypts the generated disk key using each of the plurality of master keys 1219 (step S405), and encrypts the plurality of encrypted disk keys via the recording unit 1240 into the memory card 1320.
00 (step S406). After recording the disk key, the title key generation unit 1221 generates a title key and encrypts it using the disk key (step S4).
07), the encrypted title key is recorded on the memory card 1300 via the recording unit 1240 (step S40).
8). Subsequently, the audio data encryption unit 1223
The C2 content decrypted by the C2 content decrypting unit 1217 is encrypted using the title key, and
0 to the memory card 1300 (step S409).

As described above, the music content reproduction / recording system 1000 can reproduce the music content and record the music content on the memory card in response to the user's request. <Embodiment 2> Next, a music content reproduction and recording system 2 which is Embodiment 2 of the copyrighted work protection system according to the present invention.
000 will be described with reference to the drawings.

<Structure> The music content reproduction / recording system 2000 is a system for reproducing music content received via a communication line by a personal computer and recording the music content on a memory card, and its appearance is shown in FIG. The appearance is the same as that of the music content reproduction / recording system 1000 according to the first embodiment.

FIG. 8 is a functional block diagram of a music content reproduction / recording system 2000 according to the second embodiment. As shown in FIG.
Reference numeral 00 denotes a personal computer 21 which includes a personal computer 2100 and a memory card writer 2200, receives an encrypted capsule 200 from a communication line, and transfers music contents contained in the capsule 200 to the personal computer 21.
00, and the music content and management information related to the music content are recorded on a memory card 2300 inserted into the memory card writer 2200.

In the figure, the same parts as those shown in FIG. 2 in the first embodiment are denoted by the same reference numerals, and the description of those parts will be omitted. Here, the capsule 20
0 is composed of encryption management information 120 including a C1 key 21 and a C2 key 25, an encrypted C1 content 130, and an encrypted C2 content 140. Details of the capsule 200 will be described later.

The personal computer 2100 includes a receiving section 1110, a control section 1120, and a capsule storage section 11
30, the first content processing unit 2140, and the reproduction unit 11
50, and the capsule storage unit 1
The encrypted C1 content 130 in the capsule 200 stored in 130 is decrypted by the first content processing unit 2140 and reproduced by the reproducing unit 1150.

The memory card writer 2200, which is a PC card to which the memory card 2300 is attached and which is connected to the personal computer 2100, includes a second content processing unit 2210 composed of tamper-resistant hardware. Here, the memory card 2300 is stored in the authentication unit 23
10, a 64-bit memory card ID 2320 is recorded in an unrewritable area in advance, and the MC encryption management information 2330 and the MC encrypted C2 content 2340 are recorded in a writable data area. Things. Note that the MC encrypted C2 content 2340 is a C2 content that has been encrypted for recording.
The encryption management information 2330 includes a C2 ′ key 2331 which is a key for decrypting the MC encrypted C2 content.
MC management information, which is information used for content management and the like, is encrypted.

The details of the first content processing section 2140 and the second content processing section 2210 will be described later. <Data Structure and Related Processing> The contents of the capsule 200 will be described below. The capsule 200 is data generated by the copyright protection center in the same manner as the capsule 100 described in the first embodiment.
The configuration is the same as that obtained by removing the encrypted capsule unique key 110 from 00. However, the data size of the C1 key 21 and the C2 key 25 in the capsule 200 and the encryption management information 1
20 are different from those in the first embodiment.

The encryption management information 120 includes, in addition to the C1 key 21 and the C2 key 25, information (not shown in FIG. 8) indicating the decryption condition of each content and billing information. Management information 2 shown in FIG.
This is data generated by encrypting 0. However, in the second embodiment, the management information 20 also includes information on the limit on the number of times of reproduction and the number of times of copying of the C2 content recorded on the memory card, information on billing information, and the like (hereinafter, referred to as “management information”). It is assumed that

The encryption management information 120 is generated by encryption using an elliptic encryption algorithm. The encrypted C1 content 130 is data generated by encrypting the plaintext C1 content 30 with the C1 key 21 (see FIG. 4), and the data length can be changed according to the content. The C1 key 21 is 40-bit key data, and encryption is performed by a block encryption method.
The S algorithm is used.

The encrypted C2 content 140 is data generated by encrypting the plaintext C2 content 40 with the C2 key 25 (see FIG. 4), and the data length can be changed according to the content. The C2 key 25 is 56-bit key data, and encryption is performed by a block encryption method, for example, using a DES algorithm. In addition,
Each of the C1 content 30 and the C2 content 40 is compressed based on, for example, the MPEG audio standard.

Next, the capsule 2 generated as described above
The processing contents of the first content processing unit 2140 and the second content processing unit 2210 that perform the processing related to the content of 00 will be described in detail. First content processing unit 214
0 has a management information decryption unit 2145, a C1 content decryption unit 1147, and an authentication encryption unit 2149.

Here, the management information decryption section 2145 decrypts the encrypted management information 120 by an elliptic encryption algorithm to obtain the management information 20, and obtains the C1 key 21 in the management information.
Is supplied to the C1 content decryption unit 1147, and C2
The key and the management information are supplied to the authentication encryption unit 2149. Note that the management information decoding unit 2145 is different from the first embodiment.
The function includes the function of the C1 content decryption control unit 1146, and determines whether or not decryption is possible by referring to the C1 decryption condition information 23 in the decrypted management information 20. If decryption is possible, the C1 charging information 24 After performing the accounting process with reference to the C1 key 21
To provide a decoding instruction. Also, the management information decoding unit 2
Reference numeral 145 also includes the function of the C2 content decryption control unit 1216 shown in the first embodiment, and determines whether or not decryption is possible by referring to the C2 decryption condition information 27 in the decrypted management information 20 and enables decryption. In this case, the charging process is performed with reference to the C2 charging information 28, and the C2
The two keys and the management information are supplied to the authentication encryption unit 2149.
The details of the billing process are the same as in the first embodiment, and a description thereof will not be repeated.

The C1 content decryption unit 1147 uses the C1 key 21 in the decrypted management information 20 to encrypt the encrypted C1 content.
The content 130 is decrypted, and the C1 content is output to the reproducing unit 1150. This decryption algorithm is an algorithm of the block cipher system corresponding to the encryption of the C1 content. The authentication encryption unit 2149 authenticates the validity of the memory card writer 2200 by transmitting and receiving data to and from the authentication encryption unit 2260 in the second content processing unit 2210, and outputs the C2 key supplied from the management information decryption unit 2145. And encrypting the management information to authenticate and encrypt
To tell.

Further, the second content processing unit 2210
Authentication encryption unit 2260, C2 content decryption unit 1217,
Authentication unit 2224, MC management information encryption unit 2270, and MC
It has a content encryption unit 2280. Here, the authentication encryption unit 2260 authenticates the legitimacy of the personal computer 2100 by transmitting and receiving data to and from the authentication encryption unit 2149, and encrypts the C2 key and management information transmitted from the authentication encryption unit 2149. And decrypts it.

The C2 content decryption unit 1217 obtains the C2 key from the authentication encryption unit 2260, and uses this key to
The encrypted C2 content 140 is decrypted by a block encryption algorithm corresponding to the content encryption. The authentication unit 2224 includes the memory card 2300
The authenticity of the memory card 2300 is authenticated by transmitting and receiving data to and from the authentication unit 2310 of the authentication unit 2310.
10 receives the memory card ID 2320 sent from the server 10.

The MC management information encryption unit 2270 receives the management information from the authentication encryption unit 2260, and
The MC management information including the 2 ′ key is encrypted, and the MC encryption management information 2330 is recorded in the memory card 2300. Also, the MC content encryption unit 2280
The decrypted C2 content is encrypted for recording, and the MC encrypted C2 content 2340 is recorded on the memory card 2300.

The MC management information encryption section 2270, MC
Memory card 230 performed by content encryption unit 2280 and the like
Details of recording to 0 will be described later. Here, the authentication operation and the encryption communication operation between the authentication encryption unit 2149 and the authentication encryption unit 2260 will be described. Authentication encryption unit 214
9 and the authentication encryption unit 2260 are, for example,
Japanese Industrial Standard JISX5056-1 "Security Technology-Entity Authentication Mechanism-Part 4 Authentication Mechanism Using Cryptographic Check Function" is used.

That is, each authentication encryption unit uses the same encryption algorithm E of the common key system if it is valid, and depends on whether the other party uses the same encryption algorithm E or not. Authenticates whether the other party is legitimate. The DES algorithm is used as the encryption algorithm E, for example. Hereinafter, using FIG.
A specific authentication and encryption communication procedure between the authentication encryption unit 2149 and the authentication encryption unit 2260 will be described. In the process until the mutual authentication succeeds, the authentication encryption unit 2149 uses the algorithm E and the authentication encryption unit 226.
It is assumed that 0 uses the algorithm E ′.

FIG. 9 is a diagram showing a procedure of authentication and encryption communication between authentication encryption section 2149 and authentication encryption section 2260.
First, the authentication encryption unit 2149 of the personal computer 2100 generates a random number R1, generates E (R1) which is a value obtained by converting the random number R1 by the encryption algorithm E, and authenticates the random number R1 to the memory card writer 2200. Transmit to the encryption unit 2260 (step S300)
1).

In response to this, the memory card writer 220
The 0-side authentication encryption unit 2260 converts the received R1 with the encryption algorithm E ′ to generate a value E ′ (R1), and transmits it to the authentication encryption unit 2149 of the personal computer 2100 (step S300).
2). In response, the personal computer 2100
The authentication encryption unit 2149 on the side verifies whether the received E ′ (R1) matches the already generated E (R1), and if they match, the memory card writer 2200
Is determined to be valid (step S300).
3).

Similarly, a memory card writer 2200
The authentication encryption unit 2260 on the side generates a random number R2,
E ′ (R
2), and transmits the random number R2 to the authentication encryption unit 2149 of the personal computer 2100 (step S3004). In response, the authentication encryption unit 2149 of the personal computer 2100 sends the received R2
Is generated by the encryption algorithm E to generate E (R2), and the authentication encryption unit 2 of the memory card writer 2200 side is generated.
260 (step S3005).

In response to this, the memory card writer 220
The 0-side authentication encryption unit 2260 verifies whether the received E (R2) matches the already generated E ′ (R2), and if they match, the personal computer 2
100 is determined to be valid (step S30)
06). In this way, when the mutual authentication by the authentication encryption unit 2149 and the authentication encryption unit 2260 succeeds, that is, when the encryption algorithm E ′ is the same as the encryption algorithm E and the key used by each is the same, the authentication encryption unit 2149
And each of the authentication encryption units 2260 has E (R1) and E
A bit string K which is a result of inputting the exclusive OR with (R2) to the encryption algorithm E is generated.

After generating K, the authentication encryption unit 2149 of the personal computer 2100 sends the management information decryption unit 2
The C2 key and the management information decrypted by 145 are encrypted by the encryption algorithm E using K as a key, and transmitted to the authentication encryption unit 2260 of the memory card writer 2200 (step S3007). In response, the authentication encryption unit 2260 of the memory card writer 2200 uses the key K to decrypt the C2 key and the management information using the encryption algorithm E (step S3008).

Note that step S3003 and step S300
If the other party is not determined to be valid in 3006, the subsequent processing is stopped. By such a procedure, the C2 key and the management information are safely transferred from the personal computer 2100 to the memory card writer 2200. Next, an authentication operation and a communication operation between the authentication unit 2224 and the authentication unit 2310 will be described.

The authentication unit 2224 and the authentication unit 2310 are used as an authentication method, for example, according to Japanese Industrial Standard JISX5056-
2 "Security technology-entity authentication mechanism-Part 4 Authentication mechanism using cryptographic check function" is used. That is, each authentication unit uses the same cryptographic algorithm F of the same common key system if it is valid, and depending on whether the other party uses the same encryption algorithm F, the other party is valid. Authenticate whether there is. The DES algorithm is used as the encryption algorithm F, for example.

Hereinafter, a specific authentication and communication procedure between the authentication unit 2224 and the authentication unit 2310 will be described with reference to FIG. In the process until the mutual authentication succeeds, the authentication unit 2310 uses the algorithm F,
The description will be made on the assumption that the authentication unit 2224 uses the algorithm F ′. FIG. 10 shows an authentication unit 2224 and an authentication unit 23.
It is a figure which shows the procedure of authentication and communication with 10.

First, the authentication unit 2 on the memory card 2300 side
310 generates a random number R3, generates F (R3) which is a value obtained by converting the random number R3 by the encryption algorithm F, and transmits the random number R3 to the authentication unit 2224 of the memory card writer 2200 (step S3501). In response to this, the authentication unit 2 of the memory card writer 2200 side
The 224 converts the received R3 with the encryption algorithm F ′ to generate a value F ′ (R3), and transmits the value to the authentication unit 2310 of the memory card 2300 (step S3502).

In response to this, the authentication unit 2310 of the memory card 2300 verifies whether the received F ′ (R3) matches the F (R3) already generated by itself.
If they match, it is determined that the memory card writer 2200 is valid (step S3503). Similarly, the authentication unit 2224 of the memory card writer 2200 side
Generates a random number R4, generates a value F ′ (R4) that is a value obtained by converting the R4 by the encryption algorithm F ′, and generates the random number R4 by using the authentication unit 2310 on the memory card 2300 side.
(Step S3504).

In response, authentication section 2310 of memory card 2300 converts received R4 into encryption algorithm F
Then, F (R4), which is the value converted in step (1), is generated and transmitted to the authentication unit 2224 of the memory card writer 2200 (step S3505). In response, memory card writer 2
The authentication unit 2224 on the 200 side verifies whether the received F (R4) matches the F ′ (R4) that has already been generated, and if they match, the memory card 2300 is valid. Is determined (step S3506).

Note that step S3503 and step S350
If it is determined in step 3506 that the other party is not valid, the subsequent processing is stopped. In this manner, when the mutual authentication by the authentication unit 2224 and the authentication unit 2310 is successful, that is, when the encryption algorithm F ′ is the same as the encryption algorithm F and the keys used by the respective are the same, the authentication unit 2310 The ID 2320 is transmitted to the authentication unit 2224 (step S3507), and the authentication unit 2224 receives the memory card ID 2320 (step S3508).

When such mutual authentication succeeds, the authentication unit 22
24, after receiving the memory card ID 2320, in the second content processing unit 2210, the MC management information is encrypted by the MC management information encryption unit 2270, the C2 content is decrypted by the C2 content decryption unit 1217, and the decrypted C2 The content is re-encrypted by the MC content encryption unit 2280.

Hereinafter, the MC management information encryption section 2270, MC
Memory card 230 performed by content encryption unit 2280 and the like
The processing procedure for recording data to 0 will be described. If the mutual authentication by the authentication unit 2224 and the authentication unit 2310 succeeds, the authentication unit 2 that has received the memory card ID 2320
224 generates a 56-bit memory card unique key as a result of inputting the memory card ID 2320 to the encryption algorithm G. The encryption algorithm G is, for example, a DES algorithm using a secret value as a key.

Subsequently, the authentication unit 2224 generates a 56-bit random number, and generates a 56-bit C2 ′ key which is a result of exclusive OR of the random number and the memory card unique key. The authentication unit 2224 uses the memory card unique key and C
After the 2 ′ key is generated, the MC content encryption unit 228
0 uses the C2 ′ key to generate the C2 content
17 encrypts the decrypted C2 content and records it on the memory card. Therefore, the MC encryption C2 is stored in the memory card.
The content 2340 is recorded.

After the memory card unique key and the C2 ′ key are generated by the authentication unit 2224, the MC management information encryption unit generates an MC The management information is encrypted using the memory card unique key as a key and recorded on the memory card. Therefore, the MC encryption management information 23 is stored in the memory card.
30 will be recorded.

Note that the encryption in the MC content encryption unit 2280 and the MC management information encryption unit 2270 includes
Different from the S algorithm, an encryption algorithm similar to the DES algorithm is used. FIG. 11 is a diagram illustrating the concept of encrypting a 64-bit plaintext by a DES algorithm using a 56-bit key. Encryption uses a function to calculate the plaintext from the first to the 16th stage.
This is repeated twice, but the figure shows only the second stage. The symbol “+” in FIG.
Indicates exclusive OR.

That is, in the DES algorithm, as shown in the figure, the lower 32 bits of the plaintext and the intermediate key derived from the key are input to the function f, and the output 32 of the function f is output.
The exclusive OR of the bit string and the upper 32 bits of the plaintext is set as the lower 32 bits in the first row, the lower 32 bits of the plaintext is set as the upper 32 bits in the first row, and such a procedure is performed up to the 16th row. Encrypts the plaintext.

Here, the function f for outputting 32-bit data is composed of eight functions g1 and g for outputting 4-bit data.
2, g3,..., G8 are output in combination in a predetermined order, and the function f is expressed as f = (g
1, g2, g3,..., G8).
On the other hand, of the eight functions constituting the function f, for example, a function f ′ (f ′ = (g1 ′, g2, g3,...) Constituted by replacing only one g1 with another g1 ′・, G
8)) can be considered.

Therefore, the above-mentioned MC content encryption unit 2
Examples of the encryption algorithm used by the 280 and the MC management information encryption unit 2270 include the C2 content decryption unit 121
An algorithm in which f is replaced by f ′ when the DES algorithm used by 7 is the algorithm as shown in FIG. Thus, C2
Since the encryption algorithm used by the content decryption unit 1217 and the encryption algorithm used by the MC content encryption unit 2280 are partially different, if this encryption algorithm is realized by software or hardware, Can be shared, so that the cost for developing or realizing the encryption algorithm can be reduced as compared with the case where both use completely different encryption algorithms. <Supplement> The copyright protection system according to the present invention has been described above based on the music content reproduction and recording systems of the first and second embodiments. However, the present invention is not limited to these embodiments. It is. That is, (1) In both embodiments, the memory card writer that encrypts and records the C2 content on the memory card is a PC card, but is not limited to this.
Any device that can be connected to a personal computer may be used, such as a USB (Universal Serial).
Bus) or the like.

Further, the receiving unit 111 in the first embodiment
0, the control unit 1120, the capsule storage unit 1130, the first content processing unit 1140, and the reproduction unit 1150 are realized by the personal computer 1100, and the receiving unit 1110, the control unit 1120, the capsule storage unit 1130, and the 1 content processing unit 2140
And the reproducing unit 1150 is a personal computer 2100
However, the personal computer 1100 and the personal computer 2100 may be household electrical appliances having a memory and a CPU and having a program execution control function, for example, a television receiver having an Internet connection function. Good.

Further, in the first embodiment, the second content processing unit 1210 is an LSI package having tamper resistance, which is wrapped around a current supply conductor and is completely wrapped. If it has, it is not limited to a form wound around a conducting wire. Also, the second content processing unit 1 described in the first embodiment
210 and the second content processing unit 2 described in the second embodiment
210 is a software program that restricts access to data to be protected or that is difficult to obfuscate by combining a processing program that handles data to be protected with an unnecessary program. The software having the tamper property may be configured as a personal computer or the like that executes the software. Note that the management information decryption unit 2145 and the authentication encryption unit 2149 may be included in the second content processing unit 2210. (2) In the first embodiment, the audio data as the C2 content decrypted by the C2 content decrypting unit 1217 in the memory card writer 1200 is encrypted for recording on the memory card. It is good also as reproducing to. In this case, when a speaker is connected to the memory card writer 1200, music can be played from the speaker. (3) In both embodiments, one capsule contains one encrypted C1 content and one encrypted C2 content, but one capsule contains either the encrypted C1 content or the encrypted C2 content. May be included, a plurality of encrypted C1 contents and a plurality of encrypted C2 contents may be included, and the manner of inclusion may be different for each capsule.

[0097] Note that only when the capsule includes the C1 content, the management information includes information such as billing related to the C1 content, and only when the capsule includes the C2 content, the management information includes the C2 content. It is sufficient that information such as billing related to is included. (4) In the first embodiment, the C1 key is 64 bits, and the C2 key is 1
The C1 key is 40 bits in the second embodiment, such as 28 bits,
The length of the key data, such as 56 bits for the C2 key and the C2 'key, is shown, but the length is not limited to this. The K1 key, K2 key, S1 key, S2 key, and transport key may also have different lengths.

It is to be noted that the encrypted capsule unique key 110 is
A key that can be decrypted with one key and a key that can be decrypted with the K2 key may be combined. The exclusive-OR calculation for calculating the transport key is also performed using exclusive bits of predetermined bits instead of all bits. It may be logical OR. In the first embodiment, the decoding algorithm used by the C1 content decoding unit and the decoding algorithm used by the C2 content decoding unit may be configured to be downloadable via a communication line. When downloading the decryption algorithm, the signature information may be confirmed and the decryption algorithm may be imported only when the signature information is valid. In this case, the decryption algorithm for the C2 content is determined by executing the transfer program contained in the ROM 1202 in the memory card writer 1200 by the CPU 1201 so that the personal computer 1100 can execute the second content processing via the PC interface 1204. This will be written to the unit 1210.

The encryption algorithms in the disk key encryption unit 1220, title key encryption unit 1222, and audio data encryption unit 1223 can be downloaded and processed in the same manner as the above-described decryption algorithm.
A configuration in which signature verification and the like can be performed may be adopted. Here, the signature information is confirmed, for example, assuming that a decryption algorithm and signature information are transmitted by a neutral organization for copyright protection, and that the signature information is encrypted with a secret key. Therefore, if the public key corresponding to the secret key is stored in the ROM 1202 in advance, and the signature information is decrypted using the public key by executing the above-described transfer program, the confirmation is performed. Good.

In both embodiments, the C1 key and the C2 key are included in the management information. However, the present invention is not limited to this. The C1 key is stored in the C1 content decryption unit in advance. The key data may be C2
The key may be key data stored in advance in the C2 content decryption unit. (5) The encryption algorithm of the C1 content and the C2 content shown in both embodiments is not limited to the DES algorithm.

Further, the authentication encryption unit 21 shown in the second embodiment
Authentication procedure between authentication 49 and authentication encryption unit 2260 and authentication unit 2
The authentication procedure between the H.224 and the authentication unit 2310 is not limited to the above-described procedure, and in the second embodiment, the DES algorithm is used as the encryption algorithms E, F, and G. Other algorithms may be used.

It is to be noted that the encryption algorithm E and the encryption algorithm used by the C2 content
ES algorithm, encryption algorithms F, G and M
C management information encryption unit 2270 and MC content encryption unit 2
The encryption algorithm used by 280 is the same, DES
The algorithm may be partially different from the encryption. Further, each of these encryption algorithms may be an algorithm partially different from each other. That is, the manufacturing cost can be reduced as long as the components of the algorithm are shared, not limited to the DES algorithm. (6) In both embodiments, the capsule is sent through the communication line. However, the present invention is not limited to this.
It may be stored on a recording medium such as an optical disk. In this case, the receiving unit 1110 may read the capsule from the recording medium and store the capsule in the capsule storage unit 1130. (7) In the first embodiment, the title key generation unit 1221
Although the title key is appropriately generated, the present invention is not limited to this. For example, the title key generating unit 1221 refers to the C2 content output from the C2 content The title key may be generated based on the C2 key in the management information decrypted by the management information decryption unit 1215, and the title key may be generated based on the C2 key. .

Further, the title key generation unit 1221
May generate a title key based on a value unique to the memory card writer 1200. (8) In the first embodiment, the disk key generation unit 1218
Although the disk key is generated based on the memory card ID, the disk key may be generated irrespective of the memory card ID. Further, a unique disk key unique to the medium encrypted by the master key may be recorded in the memory card.
The disk key generation unit 1218 converts this unique disk key into
A disk key may be generated by decryption using the master key. In this case, the disk key encryption unit 1220 becomes unnecessary, and accordingly, the recording unit 1240 is used.
Only the encrypted title key and the encrypted audio data may be written to the memory card. (9) In the first embodiment, the audio data encryption unit 12
Although the audio data 23 encrypts the C2 content audio data, a part of the C2 content may be encrypted and output. (10) In the first embodiment, a plurality of master keys are stored in advance in the second content processing unit. However, the present invention is not limited to this, and a single master key may be used.

The second content processing unit 1210
A master key may be downloaded from an external network via a communication line and a personal computer, taken in and stored, or may have a function of deleting a specific master key. When downloading the master key, the signature information may be checked and the master key may be imported only when the signature information is valid.

In this case, the master key is stored in the second content processing unit via the PC interface 1204 from the personal computer 1100 by executing the transfer program contained in the ROM 1202 in the memory card writer 1200 by the CPU 1201. 1210
Will be written to. Here, the confirmation of the signature information on the master key may be performed in the same manner as the confirmation of the signature information on the decryption algorithm and the like.

Similarly, when an instruction to delete a specific master key is received from an external network, the signature information may be confirmed and the specific master key may be deleted only when the signature information is valid. (11) In the first embodiment, the memory card is authenticated (step S401), and if the authentication fails, the encryption and recording are not performed (step S402).
Etc.), if the authentication fails, it is only necessary that the data is not finally recorded on the memory card. For example, encryption is performed regardless of whether the authentication fails. The output from the second content processing unit 1210 of the data resulting from the conversion may be suppressed. (12) The procedure for recording the encrypted data on the memory card shown in the first embodiment is as follows (steps S406, S4
08, S409), it is not limited to this order, and may be executed in any order.

Also, data of a plurality of contents can be recorded on the same memory card. In this case, the title key generation unit 1221 generates the same number of title keys as the number of contents, and the title key encryption unit 1222 , And the audio data encryption unit 1223 also outputs the encrypted data of the number of the contents. (13) In the first embodiment, the capsule is generated by the copyright protection center. However, the present invention is not limited to this, and the capsule may be generated by a content provider or a provider. In this case, in order to enhance the security of the key data, the content provider or the provider encrypts the capsule unique key using the public key, and the reproducing apparatus decrypts the capsule unique key using the private key corresponding to the public key. It may be that. (14) In the first embodiment, the remittance instruction information and the like are transmitted as the billing process. However, the present invention is not limited to this. The data may be encrypted and transmitted to a billing institution.

At this time, the billing information may be regarded as contents, and encrypted and transmitted in the same format as the capsule. For this purpose, the first content processing unit 1140 and the second content processing unit 1210 may be provided with an encryption unit for generating a capsule. The encryption in the encryption unit may be performed according to the capsule generation procedure shown in FIGS.

When recording the content on a recording medium such as a memory card, the recording unit 1240 may also record the decoding condition information and the billing information included in the management information. Also in this case, the decryption condition information and the billing information may be recorded in a secure state by encryption or the like. This makes it possible to control the execution of the reproduction of the content and to charge for the execution of the reproduction even after recording on the recording medium.

Further, even if the management information described in the second embodiment is not included in the management information 20, the MC management information encryption unit can control information such as reproduction control and copy control of the MC-encrypted C2 content and decryption conditions. The MC management information including the information shown, the billing information, and the like is calculated by using the information stored in advance and the like, and is encrypted to form the MC encryption management information 23.
30 may be recorded on the memory card 2300. (15) In the second embodiment, the bit string K is E (R1) and E (R
2) and the exclusive OR operation,
The present invention is not limited to this, and it is only necessary that the authentication encryption unit 2149 and the authentication encryption unit 2260 can be acquired or derived in common.

Also, the method of generating the C2 ′ key need not be the exclusive OR of the memory card unique key and the random number.

[0112]

As is apparent from the above description, the copyrighted work protection system according to the present invention is a copyrighted work protection system for handling contents which are digital works, wherein 1 content and a second encrypted second encrypted data which is more difficult to decrypt than the first encrypted data.
Acquisition means for acquiring data including at least one of the first content and the first content if the first content is included in the data acquired by the acquisition means. First content decoding means for decoding by a first decoding method corresponding to the encryption, and, if the data obtained by the obtaining means includes second content, the second content And a second content decrypting unit that decrypts the content using a second decryption method that is highly difficult to decrypt in accordance with the second encryption.

Thus, when the first content and the second content, which have different degrees of encryption because the content has two types of importance, are obtained, it is possible to decrypt each of the obtained content. So you can
The highly important second content can be more highly protected from unauthorized attack by hard-to-decrypt encryption. In addition,
For example, it is possible to secure the difficulty of deciphering the encryption by use of hardware that is tamper-resistant in terms of implementation, such as logically complicating the encryption algorithm.

It should be noted that the devices embodying the first content decoding means and the second content decoding means for decoding different contents can be different from each other.
For example, content of low importance can be decrypted and reproduced on a personal computer and widely used as a general purpose, and content of high importance can be highly protected by being decrypted, reproduced, recorded, etc. by a dedicated device. Unauthorized use can be prevented.

Therefore, for example, it is possible to safely carry out sales activities such as distributing the content as a free sample with a low importance and the content as a sales product with a high importance using a network or a recording medium. Further, the acquisition unit and the first content decrypting unit are configured by a personal computer that executes software for decrypting content, and the second content decrypting unit is configured by tamper-resistant hardware or tamper-resistant hardware. It may be configured by a device that executes certain software.

As a result, the first content can be decrypted by a personal computer and widely used as, for example, a reproducible content, and the second content with high importance can be decrypted by a dedicated hardware to be reproduced, recorded, etc. By doing so, confidentiality is highly protected and unauthorized use can be prevented. Further, the acquisition unit performs the acquisition by receiving the data from an external network, and the copyright protection system further transmits the first content decrypted by the first content decryption unit to an A.
A reproducing unit for performing V reproduction; an encrypting unit for performing a third encryption different from the second encryption on the second content decrypted by the second content decrypting unit; Recording means for recording all or part of the encrypted second content on a recording medium.

As a result, it is possible to safely carry out sales activities such as distributing the contents as free samples with low importance and the contents as sales products with high importance through the network. For example, video, music,
Create digital works such as still images, and for the purpose of sales promotion of these sales contents and other purposes, for example, low-quality preview contents obtained by sampling the music at a low sampling rate, or a digest version of the video It is possible to safely carry out sales activities such as widely distributing certain contents and the like, that is, contents of a sample together on a network. Also, since the contents of the sample can be decrypted on a personal computer, it can be widely used by general users, and the contents for sale can be recorded on a recording medium such as a memory card only by dedicated hardware. By doing so, a high degree of security can be ensured so as not to be illegally recorded. Also, the content recorded on a recording medium such as a memory card is protected from unauthorized peeping since it is encrypted.

Further, for the second content to be sold, for example, the encryption used for delivery is different from the encryption used for recording, so that even one of the two If the decryption algorithm is decrypted, the other will not be affected. The data communication path between the second content decrypting means and the encrypting means, and the encrypting means is constituted by a tamper-resistant hardware or a device that executes tamper-resistant software. It can also be done.

Thus, for example, the second content to be sold needs to be encrypted in accordance with the standard for recording on the recording medium after decryption. By performing such processing using hardware or software having tamper resistance, it is possible to ensure the security that the decrypted content is not peeped.

Further, the encryption algorithm used for decryption in the second content decryption means and the encryption algorithm used for encryption in the encryption means may be partially different algorithms. As a result, a part of software or hardware for realizing the encryption algorithm can be shared, so that the development cost or the implementation cost of the encryption algorithm can be reduced as compared with the case where the encryption algorithm cannot be shared.

The copyright protection system further comprises:
PC connection means for connecting to the personal computer by a predetermined interface, and recording medium mounting means capable of mounting the recording medium, wherein the second content decryption means, the encryption means, the recording means, and the PC The connection means and the recording medium mounting means are constituted by integral hardware, and the second content decoding means comprises
The second content included in the data obtained by the obtaining unit is obtained through the PC connection unit and decoded, and the recording unit stores the second content in the recording medium mounted by the recording medium mounting unit. The recording of the second content may be performed.

As a result, since the processing from decryption of the second content to re-encryption and recording on the recording medium can be realized inside the integrated dedicated hardware, security against unauthorized recording or the like can be ensured. Further, the data acquired by the acquisition means includes encrypted management information for controlling processing on the content, and the management information for controlling the processing on the content is included in the first content decoding means and the second content decoding means. At least one may include a management information decoding unit that decodes the management information.

Further, the second content decoding means includes the management information decoding section, and the personal computer constituting the second content decoding means further executes management information decoding software. You can also. Thus, for example, management information for controlling processing of each content, such as billing information and information indicating decryption conditions, can be encrypted and delivered, so that the security of the management information is ensured.

The management information includes a key used for decrypting the second content, the management information decryption unit has a first authentication encryption unit, and the second content decryption unit further includes a second authentication decryption unit. The first authentication encryption unit authenticates the second authentication encryption unit and performs encryption communication with the second authentication encryption unit, so that when the authentication is successful, The key in the management information decrypted by the management information decryption unit is transmitted to the second authentication encryption unit, and the second authentication encryption unit authenticates the first authentication encryption unit and communicates with the first authentication encryption unit. By performing cryptographic communication between, the key is obtained, and the second content decryption unit
Using the key obtained by the second authentication encryption unit, the second
Can be decrypted.

Thus, the first authentication encryption unit sets the key for decrypting the second content to the second content when the authentication is successful.
Since the information is transmitted to the authentication encryption unit, the key can be safely transmitted from the part for decoding the management information to the part for decoding the second content, and the unauthorized decryption of the second content can be prevented. Further, the first content may be music content for trial listening, and the second content may be music content for purchase, and may have higher audio quality than the first content. it can.

As a result, the sales activities of the music contents for trial listening and sales can be safely performed on the network. In addition, the copyright protection system may further include a reproducing unit that reproduces and outputs music of the first content decrypted by the first content decrypting unit.

As a result, the user can listen to the downloaded music content for trial listening. Further, the encryption unit includes a master key storage unit that stores a master key in advance, a disk key generation unit that generates a disk key, and the disk key generated by the disk key generation unit using the master key. A key encrypting unit for encrypting the title key, a title key generating unit for generating a title key, and a title key encrypting unit for encrypting the title key generated by the title key generating unit using the disk key And a content encryption unit that encrypts a part or all of the second content decrypted by the second content decryption unit using the title key. A disc key encrypted by the encrypting unit, a title key encrypted by the title key encrypting unit, and a title key encrypted by the content encrypting unit. Of the content it may be to be recorded on the recording medium.

As a result, since the disk key, the title key, and the content are encrypted in three layers, the content cannot be decrypted unless the device having the master key is used. Therefore, the security of the content recorded on the recording medium is reduced. As a result, unauthorized copying by general users can be prevented. Also,
By writing the disk key and the title key in an area of the recording medium that the user cannot access, there is a possibility that the security can be further enhanced. If the recording medium is a DVD, it can correspond to a DVD playback device.

Also, unique information unique to the medium is recorded on the recording medium in advance, and the disc key generation unit generates the disc key based on the unique information in the recording medium. You can also. Further, the recording medium has previously recorded a unique disk key unique to the medium encrypted using the master key, the encryption means, a master key storage unit that stores a master key in advance, By using the disk key, a disk key generation unit that generates a disk key by decrypting the unique disk key in the recording medium using the master key, a title key generation unit that generates a title key, A title key encrypting unit that encrypts the title key generated by the title key generating unit, and a part or all of the second content decrypted by the second content decrypting unit using the title key. A content encrypting unit for encrypting, the recording unit comprising: a title key encrypted by the title key encrypting unit; A second content that has been encrypted may be to be recorded on the recording medium.

Thus, different encryption can be performed for each recording medium, so that the security of the encryption is improved. In addition, the apparatus that reproduces the content from the recording medium refers to the disk key and the unique information in the recording medium. Thus, it can be checked whether or not the recording has been properly performed, and the reproduction can be performed only when the recording is valid.

Further, the title key generation unit is configured to execute the second
The title key may be generated based on partial information of the second content decrypted by the content decrypting means. With this, different encryption can be performed for each content, so that the security of the encryption is improved.

Further, the recording medium includes a recording device authentication unit for transmitting authentication information, and the recording unit determines the validity of the recording medium based on the authentication information transmitted from the recording device authentication unit. However, the recording may be performed only when it is valid. Thereby, it is possible to prevent recording on an unauthorized recording medium, for example, in which the contents can be easily peeped.

When the data includes the first content, the data obtained by the obtaining means includes first content charging information that is charging information for decoding the first content. The second data if the data includes the second content.
The first content decoding means performs a charging process based on the first content charging information when decoding the first content, the second content charging information being charging information for decoding the content. The second
The content decrypting means may perform a billing process based on the second content billing information when decrypting the second content.

[0134] This makes it possible to charge a fee for decrypting the content, which facilitates the sale of the content. In other words, a sales form meaning that the ownership is given to the user by charging for the decryption becomes possible. In addition, the first encryption is performed using a first key, and the second encryption is performed using a second key having a data size larger than the first key. The data acquired by the acquisition unit further includes management information for controlling processing on content including the first key and the second key, The first content decrypting means decrypts the first content using the first key, and the second content decrypting means decrypts the second content using the second key.
Can be decrypted.

As a result, the key is not fixedly present on the device side for decrypting the content, so that the content can be encrypted using a different key for each content. Unless it is known where the key is included in the management information, the key is not recognized by the general user. Further, the management information is included in the data by being encrypted with a control key that can be derived from a third key and a system common key, and the third key is encrypted using a fourth key. The first content decryption means stores a fifth key corresponding to the fourth key and the system common key in advance, and stores the fifth key in the data. A first management information decryption unit that decrypts the third key using the third key, derives the control key from the decrypted third key and the system common key, and decrypts the management information using the control key. Has,
The second content decryption means stores in advance a fifth key corresponding to the fourth key and the system common key, decrypts the third key using the fifth key, and decrypts the third key. Deriving the control key from the obtained third key and the system common key, and decrypting the management information using the control key.
A management information decoding unit may be provided.

Thus, since the management information including the key used for decrypting the content is encrypted, the confidentiality is further enhanced, and the management information including the decryption condition of the content, the billing information, etc. If so, such information will be firmly protected from falsification such as falsification. For example, if the fourth key and the fifth key are a secret key and a corresponding public key, the management information is encrypted depending on the secret key. Even if the public key stored in is decrypted, there is no risk that the secret key will be known if the elliptic key cryptosystem or the like is used, and the management information will be protected sufficiently safely.

[Brief description of the drawings]

FIG. 1 is an external view of a music content reproduction / recording system 1000 according to a first embodiment of the present invention.

FIG. 2 is a functional block diagram of a music content reproduction / recording system 1000 according to the first embodiment.

FIG. 3 is a diagram showing a hardware structure of a memory card writer 1200.

FIG. 4 is a data flow diagram showing a process of generating an encrypted C1 content 130 and an encrypted C2 content 140.

FIG. 5 is a data flow diagram showing a process of generating an encrypted capsule unique key 110 and encrypted management information 120.

FIG. 6 is a flowchart showing an operation of the music content reproduction / recording system 1000.

FIG. 7 is a flowchart showing encryption and recording processing for recording audio data on a memory card.

FIG. 8 is a functional block diagram of a music content reproduction / recording system 2000 according to Embodiment 2 of the present invention.

FIG. 9 is a diagram illustrating a procedure of authentication and encryption communication between the authentication encryption unit 2149 and the authentication encryption unit 2260.

FIG. 10 is a diagram showing a procedure of authentication and communication between the authentication unit 2224 and the authentication unit 2310.

FIG. 11 shows a 64-bit plaintext DES with a 56-bit key.
It is a figure showing the concept at the time of encrypting by an algorithm.

[Description of Code] 1000 Music Content Reproduction / Recording System 1100 Personal Computer 1110 Receiving Unit 1120 Control Unit 1130 Capsule Storage Unit 1140 First Content Processing Unit 1143 Capsule Unique Key Decryption Unit 1145 Management Information Decoding Unit 1146 C1 Content Decoding Control Unit 1147 C1 Content Decryption unit 1150 Playback unit 1200 Memory card writer 1210 Second content processing unit 1213 Capsule unique key decryption unit 1215 Management information decryption unit 1216 C2 content decryption control unit 1217 C2 content decryption unit 1218 Disk key generation unit 1220 Disk key encryption unit 1221 Title Key generation unit 1222 Title key encryption unit 1223 Audio data encryption unit 1224 Authentication unit 1230 Memory card ID acquisition unit 1240 Recording unit 1300 Memory card 1301 Authentication unit 2000 Music content reproduction and recording system 2100 Personal computer 2140 First content processing unit 2145 Management information decryption unit 2149 Authentication encryption unit 2200 Memory card writer 2210 Second content processing unit 2224 Authentication unit 2260 Authentication encryption unit 2270 MC management information encryption unit 2280 MC content encryption unit 2300 Memory card 2310 Authentication unit

──────────────────────────────────────────────────の Continued on the front page (51) Int.Cl. ⁷ Identification symbol FI Theme coat ゛ (Reference) G11B 20/10 G10L 9 / 18Z H04L 9/10 H04L 9/00 621Z (72) Inventor Minami Ken Osaka Osaka 1006 Kadoma Kadoma Matsushita Electric Industrial Co., Ltd. (72) Inventor Makoto Tatebayashi 1006 Kadoma Kadoma, Kadoma City, Osaka Matsushita Electric Industrial Co., Ltd.

Claims (28)

[Claims] 1. A copyright protection system for handling content which is a digital copyrighted work, comprising: a first content subjected to a first encryption;
Acquisition means for acquiring data including at least one of second encrypted content that is more difficult to decrypt than encryption of the first content; and first data in the data acquired by the acquisition means. A first content decrypting means for decrypting the first content by a first decryption method corresponding to the first encryption when the content includes the first content, If the second content is included in the
A copyright protection system comprising: a second content decryption unit that decrypts the content using a second decryption method that is highly difficult to decrypt in accordance with the second encryption. 2. The method according to claim 1, wherein the acquiring unit and the first content decrypting unit are configured by a personal computer that executes software for decrypting the content, and the second content decrypting unit is configured by tamper-resistant hardware or tamper-resistant hardware. 2. The copyrighted work protection system according to claim 1, wherein the copyrighted work protection system is configured by an apparatus that executes tamper-resistant software. 3. The acquisition means performs the acquisition by receiving the data from an external network, and the copyright protection system further reproduces the first content decrypted by the first content decryption means in AV reproduction. Reproducing means for performing a third encryption different from the second encryption on the second content decrypted by the second content decrypting means; and a third cipher by the encrypting means. 3. The copyright protection system according to claim 2, further comprising a recording unit that records all or a part of the converted second content on a recording medium. 4. A data communication path between said second content decrypting means and said encrypting means, and said encrypting means comprises:
The copyright protection system according to claim 3, wherein the copyright protection system is configured by a device that executes tamper-resistant hardware or tamper-resistant software. 5. The work according to claim 3, wherein an encryption algorithm used for decryption in said second content decryption means and an encryption algorithm used for encryption in said encryption means are partially different. Protection system. 6. The copyright protection system further comprises: a PC connection unit that connects to the personal computer through a predetermined interface; and a recording medium mounting unit that can mount the recording medium, wherein the second content decryption is performed. The means, the encrypting means, the recording means, the PC connecting means, and the recording medium mounting means are constituted by integral hardware, and the second content decrypting means is included in the data acquired by the acquiring means. Obtaining the second content through the PC connection unit and decoding the second content, and the recording unit records the second content on the recording medium mounted by the recording medium mounting unit. The copyrighted work protection system according to claim 3, characterized in that: 7. The data acquired by the acquisition unit includes encrypted management information for controlling a process on content, wherein the first content decryption unit and the second content decryption are included. 3. The copyright protection system according to claim 2, wherein at least one of the means has a management information decoding unit for decoding the management information. 8. The second content decoding unit includes the management information decoding unit, and a personal computer constituting the second content decoding unit further executes management information decoding software. The copyrighted work protection system according to claim 7. 9. The management information includes a key used for decrypting the second content, the management information decryption unit includes a first authentication encryption unit, and the second content decryption unit further includes a second authentication decryption unit. The first authentication encryption unit authenticates the second authentication encryption unit and performs encrypted communication with the second authentication encryption unit, so that when the authentication is successful, The key in the management information decrypted by the management information decryption unit is transmitted to the second authentication encryption unit, and the second authentication encryption unit authenticates the first authentication encryption unit and communicates with the first authentication encryption unit. The second content decryption unit decrypts the second content using the key acquired by the second authentication encryption unit by performing cryptographic communication between the second content and the second content decryption unit. 9. The copyright protection system according to claim 8, . 10. The acquisition means and the first content decoding means are constituted by a device executing software for decoding content, and the second content decoding means is tamper-resistant hardware or tamper-resistant hardware. 2. The copyright protection system according to claim 1, wherein the copyright protection system is configured by a device that executes responsive software. 11. The acquisition means performs the acquisition by receiving the data from an external network, wherein the first content and the second content are represented by digital data of different forms for the same work. 11. The copyrighted work protection system according to claim 10, wherein 12. The copyright protection system further comprises: an encryption unit that performs a third encryption different from the second encryption on the second content decrypted by the second content decryption unit; 11. The copyright protection system according to claim 10, further comprising recording means for recording, on a recording medium, all or a part of the second content that has been subjected to the third encryption by the encryption means. 13. A data communication path between said second content decryption means and said encryption means, and said encryption means executes tamper-resistant hardware or tamper-resistant software. 13. The copyrighted work protection system according to claim 12, comprising a device. 14. The method according to claim 1, wherein the first content is music content for trial listening, and the second content is music content for purchase and has higher audio quality than the first content. 13. The copyrighted work protection system according to claim 12, wherein: 15. The work according to claim 14, wherein the copyright protection system further comprises a reproducing unit that reproduces and outputs music of the first content decrypted by the first content decrypting unit. Object protection system. 16. The copyrighted work according to claim 12, wherein an encryption algorithm used for decryption in the second content decryption means and an encryption algorithm used for encryption in the encryption means are partially different. Protection system. 17. The encryption means, comprising: a master key storage unit that stores a master key in advance; a disk key generation unit that generates a disk key; and a disk key generation unit that is generated by using the master key. A disk key encryption unit for encrypting the disk key; a title key generation unit for generating a title key; and a title key for encrypting the title key generated by the title key generation unit using the disk key. An encryption unit; and a content encryption unit that encrypts a part or all of the second content decrypted by the second content decryption unit using the title key. A disk key encrypted by a disk key encryption unit, a title key encrypted by the title key encryption unit, Digital work protection system of claim 12, wherein the second content, characterized in that recording on the recording medium which is Goka. 18. The recording medium has pre-recorded unique information unique to the medium, and the disc key generation unit generates the disc key based on the unique information in the recording medium. The copyright protection system according to claim 17, characterized in that: 19. The work according to claim 17, wherein the title key generation unit generates the title key based on a part of the information of the second content decrypted by the second content decryption unit. Object protection system. 20. The recording medium, in which a unique disk key unique to the medium encrypted using the master key is recorded in advance, and the encrypting means includes a master key storage for storing a master key in advance. A disk key generation unit that generates a disk key by decrypting the unique disk key in the recording medium using the master key; a title key generation unit that generates a title key; A title key encrypting unit that encrypts the title key generated by the title key generating unit using the title key; and a part of the second content decrypted by the second content decrypting unit using the title key. Or a content encryption unit for encrypting the entire content, wherein the recording unit includes: a title key encrypted by the title key encryption unit; Digital work protection system of claim 12, wherein the recording the second encrypted content to the recording medium by the encrypting unit. 21. The recording medium includes a recording device authentication unit for transmitting authentication information, and the recording unit determines validity of the recording medium based on the authentication information transmitted from the recording device authentication unit. And
13. The copyright protection system according to claim 12, wherein the recording is performed only when it is valid. 22. The copyright protection system further comprises: an encryption unit that performs a third encryption different from the second encryption on the second content decrypted by the second content decryption unit; 11. The copyright protection system according to claim 10, further comprising recording means for recording, on a recording medium, all or a part of the second content that has been subjected to the third encryption by the encryption means. 23. The work according to claim 22, wherein an encryption algorithm used for decryption in said second content decryption means and an encryption algorithm used for encryption in said encryption means are partially different. Protection system. 24. The data acquired by the acquiring means includes first content billing information that is billing information for decoding the first content when the data includes the first content. And when the data includes the second content, the second content charging information, which is charging information for decoding the second content, is included. When decoding one content, a charging process is performed based on the first content charging information, and the second content decoding unit performs a charging process based on the second content charging information when decoding the second content. The copyright protection system according to claim 10, characterized in that: 25. The first encryption is performed using a first key, and the second encryption is performed by using a second key having a data size larger than that of the first key. The data obtained by the obtaining unit further includes management information for controlling processing on content including the first key and the second key. The first content decrypting means decrypts the first content using the first key, and the second content decrypting means decrypts the second content using the second key. The copyright protection system according to claim 1, wherein the content is decrypted. 26. The management information is encrypted by a control key derivable from a third key and a system common key and included in the data, and the third key is a fourth key. The first content decrypting means is stored in advance in the data by using a fifth key corresponding to the fourth key and the system common key. A first key that decrypts the third key by using the key of (i), derives the control key from the decrypted third key and the system common key, and decrypts the management information by using the control key. An information decryption unit, wherein the second content decryption unit stores in advance a fifth key corresponding to the fourth key and the system common key, and uses the fifth key to store the third key. And the control key is obtained from the decrypted third key and the system common key. Digital work protection system of claim 25, wherein the derived, a second management information decoding unit for decoding the management information using the control key. 27. The first encrypted music content for trial listening and the trial music content for music having the same content with improved voice quality and the second encrypted music content for purchase. A copyright protection system for handling music content, comprising: acquisition means for acquiring data in which music content for trial listening and music content for purchase are integrated from an external network; and A first content decoding unit for decoding the first content by a first decoding method; a reproducing unit for reproducing and outputting music of the first content decoded by the first content decoding unit; A second content decoder that decodes the second content in the acquired data by a second decoding method that is more complicated than the first decoding method; Encryption means for performing a third encryption different from the second encryption on the second content decrypted by the second content decryption means; and third encryption performed by the encryption means. Recording means for recording all or part of the obtained second content on a recording medium, wherein the obtaining means and the first content decoding means are constituted by a personal computer executing software for content decoding, The data communication path between the second content decrypting means and the encrypting means, the second content decrypting means, and the encrypting means may include tamper-resistant hardware or tamper-resistant software. A copyright protection system characterized by being constituted by an executing device. 28. The work according to claim 27, wherein an encryption algorithm used for decryption in the second content decryption means and an encryption algorithm used for encryption in the encryption means are partially different. Protection system.