JP2002164881A - Data terminal device - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a data terminal device, which can move encrypted contents data and license distributed by software to other data terminal devices. SOLUTION: A hard disc 530 in a personal computer has a contents list file 150 and an encrypted confidential file 160. A license management device 520 stores a binding key Kb into a license area 5215B of memory. The encrypted confidential file 160 can be decoded and encrypted by the binding key Kb stored in the license management device 520. The acquired license for the encrypted content data is stored in the encrypted confidential file 160 as confidential information.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

[0001] 1. Field of the Invention [0002] The present invention relates to a data terminal device used in a data distribution system capable of protecting copyright of copied information.

[0002]

2. Description of the Related Art In recent years, with the progress of information communication networks such as the Internet, it has become possible for each user to easily access network information using a personal terminal using a reproduction terminal or the like.

In such an information communication network, information is transmitted by digital signals. Therefore, for example, even when music or video data transmitted in the information communication network described above is copied by each individual user, the data is copied with almost no deterioration in sound quality or image quality due to such copying. It is possible.

[0004] Therefore, in the case where a creation, such as music data or image data, for which a writer's right exists, is transmitted on such an information communication network, appropriate copyright protection measures must be taken. , The rights of the copyright holder may be significantly infringed.

On the other hand, giving priority to the purpose of copyright protection,
If it is not possible to distribute copyrighted work data through the rapidly expanding digital information communication network, basically, copyright owners who can collect a certain copyright fee when copying copyrighted work data It is rather disadvantageous.

Here, considering not a distribution via the digital information communication network as described above but a recording medium on which digital data is recorded as an example, a CD (compact disc) on which music data which is usually sold is recorded is considered. Regarding (2), music data can be freely copied from a CD to a magneto-optical disk (MD or the like) in principle as long as the copied music is stopped for personal use. However, an individual user who performs digital recording or the like pays a certain amount of the price of the digital recording device itself or a medium such as an MD indirectly to a copyright holder as a copyright fee.

In addition, when music data as a digital signal is copied from a CD to an MD, in consideration of the fact that such information is digital data with little copy deterioration, the music data is transferred from a recordable MD to another MD as music data. Copying is prohibited due to copyright protection due to the configuration of the device.

[0008] Even in such circumstances, distributing music data and image data to the public through a digital information communication network is itself an act limited by the public transmission right of the copyright holder. Sufficient measures need to be taken.

In this case, with respect to content data such as music data and image data which are copyrighted works transmitted to the public through the information communication network, once received content data can be further copied without permission or can be copied. However, it is necessary to prevent it from being used.

[0010] Therefore, a distribution server that holds encrypted content data obtained by encrypting the content data is used to distribute the encrypted content data to a memory card mounted on a terminal device such as a reproduction terminal via the terminal device. A distribution system has been proposed. In this data distribution system, a public encryption key of a memory card and a certificate thereof, which have been authenticated by a certificate authority in advance, are transmitted to a distribution server at the time of a distribution request of encrypted content data. After confirming the reception, the encrypted content data and the license key for decrypting the encrypted content data are transmitted to the memory card. When distributing the encrypted content data and the license key, the distribution server and the memory card generate a different session key for each distribution, and encrypt the public encryption key with the generated session key. The keys are exchanged between the memory cards.

[0013] Finally, the distribution server transmits the license encrypted by the public encryption key of each memory card and further encrypted by the session key, and the encrypted content data to the memory card. Then, the memory card records the received license and the encrypted content data on the memory card.

When playing back the encrypted content data recorded on the memory card, the user inserts the memory card into the portable telephone. The mobile phone has a dedicated circuit for decrypting the encrypted content data from the memory card and reproducing and outputting the decrypted content data to the outside in addition to the normal telephone function.

As described above, the user of the mobile phone can receive the encrypted content data from the distribution server using the mobile phone and reproduce the encrypted content data.

[0014] On the other hand, distribution of encrypted content data to personal computers using the Internet has also been performed. Although it is possible to distribute the encrypted content data and the license to the personal computer in a similar manner, the distribution of the encrypted content data and the license is received by the software installed on the personal computer, and the license protection is performed. The transfer of the received encrypted content data and license to another personal computer is not performed from the viewpoint of copyright protection.

That is, the C of the personal computer that records the license distributed to the personal computer
Using an encryption process associated with a value such as an identification number individually assigned to a PU or an identification number of a BIOS that is a boot program, a license cannot be taken out and the encrypted content decrypted without copying the license to another personal computer. It uses a management structure that cannot be played back. And
If a service that allows a license to be transferred to another personal computer under this management is provided, the license cannot be specified on the recording device, but all encrypted content data and the license are managed and recorded. After backing up the data and transferring the encrypted content data and license to another personal computer by the provided service, manage all the encrypted content data and license that have been backed up and record all the data Is returned to the personal computer, the state before the movement can be reproduced, which is the same as copying the encrypted content data and the license. Transferring licenses in such management clearly presents a security hole. Therefore, the encrypted content data and the license distributed to the personal computer by the software cannot be transferred to another personal computer.

[0016]

However, the encrypted content data and the license distributed to the personal computer are not transmitted from the personal computer at all.
If the CPU cannot be taken out and the CPU fluctuates due to breakage of the personal computer or version upgrade, there is a problem that the already received encrypted content data and license cannot be used.

Accordingly, the present invention has been made to solve such a problem, and an object of the present invention is to provide a data terminal capable of transferring encrypted content data and a license distributed by software to another data terminal device. It is to provide a device.

[0018]

The data terminal device according to the present invention obtains the encrypted content data obtained by encrypting the content data and the license for decrypting the encrypted content data to obtain the original plaintext. A data terminal device that outputs the encrypted content data and the license to another data terminal device, the module unit acquiring the encrypted content data and the license by software, an encrypted content data, and a license management file. , A storage unit for storing the encrypted confidential file, and decrypting the encrypted confidential file,
And a device section for storing a binding license including a binding key for encrypting the decrypted confidential file in a dedicated area, the confidential file includes confidential information including the license as a component, and the license management file includes And a management number of confidential information corresponding to the encrypted content file and included in the confidential file.

In the data terminal device according to the present invention, the module unit obtains the encrypted content data and the license by software, decrypts the encrypted confidential file with the binding key extracted from the device unit, and decrypts the obtained license. Write to the confidential file and encrypt the confidential file with the binding key to generate an encrypted confidential file. That is, the module unit manages the license obtained by opening and closing the encrypted confidential file via the binding key held by the hardware in the device unit.

Therefore, according to the present invention, the license for decrypting and reproducing the encrypted content data obtained by the software is managed by the binding key held in the hardware, so that the obtained encrypted content is Data and licenses can be transferred to other data terminals.

Preferably, at the time of initialization of the encrypted confidential file, the module unit of the data terminal device generates a binding license including a binding key, generates a confidential file with empty confidential information, and generates the generated confidential file. Is encrypted with the generated binding key to generate an encrypted confidential file, and the generated binding license is given to the device unit.

When the encrypted confidential file is initialized, the module generates a binding license including a binding key and an empty confidential file, and encrypts the confidential file using the binding key to generate an encrypted confidential file. At the same time, the binding license is held in the device section.

Therefore, according to the present invention, a confidential file for storing a license for encrypted content data obtained by software is created in software, and a binding license for managing the created confidential file is managed in hardware. it can.

Preferably, at the time of obtaining the license, the module unit of the data terminal device decrypts the encrypted confidential file read from the storage unit with the binding key obtained from the device unit, and stores the obtained license in the decrypted confidential file. Update the confidential file by writing it as confidential information, encrypt the updated confidential file with a binding key, update and record the encrypted confidential file in the storage unit, and use the written license as a component. A license management file including the information management number is created and written to the storage unit.

The license obtained by opening and closing the encrypted confidential file using the binding key obtained from the device unit is written to the confidential file. Then, a license management file is created including the management number of the confidential information having the written license as a component.

Therefore, according to the present invention, the license of the encrypted content data acquired as software can be managed by the management number.

Preferably, at the time of transmitting the license, the module unit of the data terminal device obtains a license by decrypting the encrypted confidential file read from the storage unit using the binding key obtained from the device unit, and transfers the obtained license. Output to outside.

The module unit obtains a license by decrypting the encrypted confidential file using the binding key obtained from the device unit, and outputs the obtained license to the outside.

Therefore, according to the present invention, the license of the encrypted content data acquired by software can be transferred to another device in the same manner as the license of the encrypted content data acquired by hardware.

Preferably, when outputting the license, the module unit of the data terminal device outputs the encrypted content data and the license corresponding to the license and recorded in the storage unit to the outside.

When the license is output to the outside, the encrypted content data corresponding to the license extracted from the confidential file is read from the storage unit, and the encrypted content data and the license are output to the outside.

Therefore, according to the present invention, the encrypted content data and the license can be read out by software and the encrypted content data and the license can be moved to another device.

Preferably, the device section of the data terminal device receives a dedicated registration number designating a dedicated area from the module section, and stores the binding license in the dedicated area according to the received dedicated registration number.

The device section stores a binding license for opening and closing the encrypted confidential file in the dedicated area via the dedicated registration number.

Therefore, according to the present invention, the binding license can be associated with the license of the encrypted content data by the dedicated registration number.

Preferably, at the time of outputting the license, the module unit of the data terminal device acquires the binding key by transmitting the dedicated registration number to the device unit.

[0038] The module unit, via the dedicated registration number,
A binding key for opening a confidential file storing a license to be read from the storage unit is obtained.

Therefore, according to the present invention, the binding key can be accurately obtained by the dedicated registration number.

Preferably, at the time of outputting the license, the module unit of the data terminal device transmits the authentication data for the device unit to the device unit, and acquires the binding key when the authentication data is authenticated in the device unit.

The binding key is given only to the authenticated module part. Therefore, according to the present invention,
It is possible to prevent an unauthorized binding key from being leaked.

Preferably, when outputting the license, the device section of the data terminal device encrypts and outputs the binding key.

The device section encrypts and outputs a binding key for managing a license.

Therefore, according to the present invention, when a license is transferred to another device, it is possible to prevent a binding key for managing the license at the transfer destination from being illegally acquired.

Preferably, at the time of outputting the license, the module unit of the data terminal device decrypts the encrypted confidential file with the obtained binding key to obtain the confidential file, and includes the confidential file in the license management file read from the storage unit. The license to be output to the outside is obtained by reading the confidential information corresponding to the management number of the confidential information to be read out from the obtained confidential file.

The module unit obtains the binding key from the device unit, decrypts the encrypted confidential file, obtains the confidential information corresponding to the management number from the confidential information included in the decrypted confidential file, and outputs it to the outside. And obtain a license.

Therefore, according to the present invention, a license can be obtained accurately via the management number.

Preferably, when the license is transmitted to another data terminal, the module of the data terminal further receives the public encryption key held in the device, so that the device can write the binding license. Make sure that

When transmitting the license to another device, the module unit confirms whether or not the device unit is a device unit capable of writing a binding license by receiving a public encryption key from the device unit.

Therefore, according to the present invention, when the license of the encrypted content data is moved, it is possible to recognize that the license has been moved by rewriting the binding license stored in the device section.

Preferably, when the encrypted content data is moved to another data terminal device, the module unit of the data terminal device uses the license transmitted to the other data terminal device as a component when the license cannot be copied. The confidential information is deleted, the management number of the deleted confidential information is deleted, the license management file is updated, another binding key is generated, and the confidential file is encrypted by another generated banding key. Update encrypted files.

When duplication of the moved license is prohibited, the module unit deletes the moved license and generates another binding key to update the encrypted confidential file.

Therefore, according to the present invention, unauthorized duplication of a license can be prevented.

Preferably, when the encrypted content data is moved to another data terminal device, the device unit of the data terminal device receives another binding license including another binding key from the module unit and receives the binding license. Another binding license is overwritten and stored in the dedicated area.

When another binding key is generated,
The binding license is rewritten in the device section.

Therefore, according to the present invention, the license for reproducing the encrypted content data can be managed by the latest binding license.

Preferably, when transmitting the license to another data terminal device, the module of the data terminal device authenticates the authentication data received from the other data terminal device, and transmits the license to the other data terminal device. .

The module unit transmits the license of the encrypted content data after confirming that the data terminal device to which the license of the encrypted content data is to be transferred is a legitimate terminal device.

Therefore, according to the present invention, the license of the encrypted content data can be transferred between authorized data terminal devices, and the encrypted content data can be sufficiently protected.

Preferably, the module of the data terminal device outputs the license after encrypting it.

The module unit encrypts the license and moves to another data terminal device.

Therefore, according to the present invention, when the license is moved, the license is less likely to be illegally acquired.

Also, the data terminal device according to the present invention
A data terminal device that obtains a license for decrypting the encrypted content data obtained by encrypting the content data and the encrypted content data to obtain the original plaintext, and outputs the encrypted content data and the license to another data terminal device. A module for acquiring encrypted content data and a license by software; a storage for storing the encrypted content data, a license management file, and an encrypted confidential file with unique encryption; and a binding. A device section for storing a binding license including a key in a dedicated area, the confidential file obtained by decrypting the encrypted confidential file includes the same binding license as the binding license stored in the device section, and the license management file includes an encryption content. Corresponding to Tsudeta, and comprises encrypted security information subjected to own encryption confidential information as components license.

In the data terminal device according to the present invention, the module unit acquires encrypted content data and a license by software, performs unique encryption on the acquired license to generate encrypted confidential information, A license management file including the generated encrypted confidential information is created and written to the storage unit. The binding license for managing the license is stored in a confidential file.

Therefore, according to the present invention, since the binding key for managing the license is held by the hardware, the license for decrypting and playing back the encrypted content data obtained by the software is exchanged with another license. Can move to data terminal device.

Preferably, when the encrypted confidential file is initialized, the module unit of the data terminal device generates a binding license including the binding key, generates a confidential file storing the generated binding license, and generates the confidential file. The unique confidential file is subjected to unique encryption to generate an encrypted confidential file, and the generated binding license is given to the device unit.

When initializing the encrypted confidential file, the module generates a binding license including a binding key and an empty confidential file, writes the generated binding license in the confidential file, and performs unique encryption. Generate an encrypted confidential file and hold the binding license in a dedicated area of the device section.

Therefore, according to the present invention, since the binding key for managing the license is held by the hardware, the license for decrypting and playing back the encrypted content data obtained by the software is exchanged with another license. Can move to data terminal device.

Preferably, at the time of obtaining the license, the module of the data terminal device performs unique encryption on the license to generate encrypted confidential information, and generates a license management file including the encrypted confidential information. Write to the storage unit.

The module unit performs unique encryption on the acquired license and manages it in the storage unit.

Therefore, according to the present invention, a license can be managed by a unique encryption method.

Preferably, at the time of transmitting the license, the module unit of the data terminal device, if the binding key obtained from the device unit matches the binding key obtained by decrypting the encrypted confidential file, reads the encrypted data read from the storage unit. The license is obtained by decrypting the confidential information, and the obtained license and the encrypted content data read from the storage unit are transmitted to another data terminal device.

The module unit acquires a license only when the binding key stored in the device unit matches the binding key stored in the storage unit.

Therefore, only the module unit having the same binding key as the binding key managed by hardware can acquire the license.

Preferably, the unique encryption method is an encryption method associated with information unique to the data terminal device that can be obtained from the data terminal device.

The module unit encrypts the license by an encryption method based on information unique to the data terminal device, for example, the version number of the CPU.

Therefore, according to the present invention, even if the encrypted license is illegally leaked to another device, the license is not illegally obtained.

Preferably, the device section of the data terminal device receives a dedicated registration number designating a dedicated area from the module section, and stores the binding license in the dedicated area according to the received dedicated registration number. Generate an encrypted confidential file and license management file including the number.

The device unit manages the binding license by hardware using the dedicated registration number generated by the module unit, and the module unit encrypts the generated dedicated registration number and the acquired license independently and manages it by software. I do.

Therefore, according to the present invention, the module unit obtains the binding key held in the device unit through the dedicated registration number, and reads the binding key read from the encrypted confidential file and the binding key obtained from the device unit. Can be accurately determined.

Preferably, when transmitting the license, the module unit of the data terminal device acquires the binding key by transmitting the dedicated registration number to the device unit.

The module unit transmits the dedicated registration number to the device unit, and the device unit extracts and outputs the binding key from the dedicated area specified by the received dedicated registration number.

Therefore, according to the present invention, the binding key can be accurately obtained by the dedicated registration number.

Preferably, when transmitting the license to another data terminal apparatus, the module section of the data terminal apparatus transmits authentication data for the device section to the device section, and if the authentication data is authenticated in the device section, the binding Get the key.

The module unit acquires the binding key only when the validity of the module unit with respect to the device unit is confirmed.

Therefore, according to the present invention, unauthorized acquisition of a binding key can be prevented, and as a result, a license can be prevented from being illegally moved to another terminal device.

Preferably, when transmitting the license to another data terminal device, the module of the data terminal device authenticates the authentication data received from the other data terminal device, and transmits the license to the other data terminal device. .

When it is confirmed that the data terminal device to which the encrypted content data and the license are to be transferred is legitimate, the module unit transmits the encrypted content data and the license to another data terminal device.

Therefore, according to the present invention, it is possible to move encrypted content data and a license only between authorized data terminal devices.

Preferably, the module of the data terminal device acquires the encrypted content data and the license from the distribution server via the Internet.

Therefore, according to the present invention, it is possible to acquire various content data and move the acquired content data to another terminal device.

Preferably, the data terminal device further includes a medium drive unit for reading plaintext content data from the recording medium, and the module unit includes a license unit based on the copy permission information included in the content data read by the medium drive unit. Is generated, and the content data is encrypted with the license key included in the generated license to generate the encrypted content data, thereby obtaining the encrypted content data and the license.

The data terminal device obtains the encrypted content data and the license by ripping.

Therefore, according to the present invention, content data distributed by means other than the communication means can be obtained and moved to another data terminal device.

Preferably, the device unit of the data terminal device further receives the encrypted content data and the license from the distribution server, holds the received license, and stores the encrypted content data received by the device unit. Store the data.

The device unit holds the binding license, receives the encrypted content data and the license from the distribution server, and holds the received license together with the binding license.

Therefore, according to the present invention, a license acquired by hardware and a license acquired by software can be managed at almost the same security level.

[0097]

Embodiments of the present invention will be described in detail with reference to the drawings. In the drawings, the same or corresponding portions have the same reference characters allotted, and description thereof will not be repeated.

[Embodiment 1] FIG. 1 shows a case where a data terminal device (personal computer) according to the present invention acquires encrypted content data and transmits the acquired encrypted content data to another data terminal device (personal computer). FIG. 1 is a schematic diagram conceptually illustrating the overall configuration of a data distribution system that moves to a server.

[0099] In the following, the configuration of a data distribution system for distributing digital music data to the user of each personal computer via the Internet will be described as an example. As will be apparent from the following description, the present invention provides such a configuration. The present invention is not limited to this case, and can be applied to the case where content data as another copyrighted work, for example, image data, moving image data, or the like is distributed.

Referring to FIG. 1, personal computer 50 transmits a distribution request (distribution request) from a user of each personal computer to distribution server 10 via modem 40 and Internet network 30. The distribution server 10 that manages copyrighted music data includes:
Personal computer 50 owned by the user of the personal computer who has accessed for data distribution
Whether the personal computer has valid authentication data, that is, whether the legitimate personal computer performs content protection with a sufficient security level. After encrypting music data (hereinafter also referred to as content data) by a predetermined encryption method,
The encrypted content data and a license as information necessary for reproducing the encrypted content data are distributed to the personal computer 50.

In this case, the personal computer 50
Can receive encrypted content data and licenses from the distribution server 10 at different security levels via the modem 40 and the Internet network 30 and manage them. That is, the personal computer 50 has a built-in license management device that implements content protection in a hardware manner and a license management module that implements content protection in a software manner.
With the help of the application software, the license management device transmits the license from the distribution server 10 to the Internet network 30.
The encrypted content data and the license are received via the above. The license management device directly establishes an encrypted communication path for receiving a license for reproducing the encrypted content data with the distribution server,
It holds the received license in hardware,
The security level is high. Similarly, the license management module also establishes an encrypted communication path with the distribution server in accordance with a predetermined procedure, receives a license, encrypts the license, protects the license, and then stores the license in the hard disk (HDD).
Record the license. It receives and manages encrypted content data and licenses at a lower security level than the license management device. In any case, the encrypted content data is directly recorded on the HDD. The license management device and the license management module will be described later in detail.

Hereinafter, a security level for maintaining confidentiality by hardware such as a memory card 110 or a license management device for distinguishing the security level and the license is referred to as level 2, and the level 2 security is requested and transmitted from the distribution server. The license to be used is called a level 2 license. Similarly, a security level for maintaining confidentiality by software such as a license management module is referred to as level 1, and a license requesting the level 1 security level and transmitted from the distribution server is referred to as a level 1 license.

Further, in FIG. 1, the personal computer 50 has a music CD (Compact Disc) in which music data is recorded using a license management module.
k) From the music data acquired from 60, it is possible to generate encrypted content data limited to local use limited to personal use and a license for reproducing the encrypted content data. This process is called ripping, and corresponds to an act of acquiring encrypted content data and a license from a music CD. Since a license for local use by ripping has a security level which is never high due to its nature, it is assumed that a ripping is performed as a level 1 license by any means. Details of the ripping will be described later.

Furthermore, the personal computer 50
Is USB (UniversalSerial Bu)
s) It is possible to connect to the reproduction terminal 100 via the cable 70 and transmit the encrypted content data and the license received from the distribution server 10 to the memory card 110 attached to the reproduction terminal 100.

Furthermore, the personal computer 50
Transmits the received encrypted content data and license to the personal computer 80 via the communication cable 90.

Therefore, in the data distribution system shown in FIG. 1, personal computer 50 is connected to distribution server 1 via modem 40 and Internet network 30.
From 0, the encrypted content data and the license are received, and the encrypted content data and the license are obtained from the music CD. Also, the memory card 110 mounted on the playback terminal 100 is
0 receives the encrypted content data and the license acquired from the distribution server 10 or the music CD 60. The user of the reproduction terminal 100 is
, Encrypted content data and a license can be obtained from a music CD.

In FIG. 1, for example, a removable memory card 110 is attached to a reproduction terminal 100 of a portable telephone user.
Is attached. Memory card 110
Receives the encrypted content data received by the playback terminal 100, decrypts the encryption performed for the distribution, and provides the decrypted encryption data to a music playback unit (not shown) in the playback terminal 100.

Further, for example, a portable telephone user can “play back” and listen to such content data via the headphone 130 connected to the playback terminal 100 or the like.

Further, in FIG. 1, the personal computer 50 uses the license management module and works closely with the license management module only for the encrypted content data having the level 1 license that is directly managed by the license management module. A function of playing back using a music playing program can be provided. Level 2
Reproduction of encrypted content data having a license can be realized by providing a personal computer with a content reproduction circuit having confidentiality by hardware having the same configuration as the reproduction terminal. A detailed description of reproduction on a personal computer will be omitted for simplification of the description in the present application.

With such a configuration, unless a legitimate license management device or a personal computer having a license management module having a content protection function of a sufficient security level, the distribution of the content data from the distribution server 10 is received. However, it is difficult to transmit the encrypted content data to the personal computer 80 or the reproduction terminal 100.

Moreover, the distribution server 10 counts the frequency each time content data for one song is distributed, for example, so that the copyright generated each time the user of the personal computer receives (downloads) the content data is counted. If the fee is collected together with the fee for using the Internet network, it becomes easier for the copyright holder to secure the copyright fee.

In FIG. 1, the reproduction terminal 100 is
It is assumed that the reproduction terminal does not have a function of directly communicating with the distribution server 10.

In the configuration as shown in FIG. 1, the first requirement of the system for enabling the user of the personal computer to reproduce the content data to be distributed in an encrypted manner is firstly the communication. The second is the method itself for encrypting the content data to be distributed, and the third is the unauthorized copy of the content data distributed in this way. This is a configuration for implementing content data protection for prevention.

In the embodiment of the present invention, the authentication and checking functions for the destination of the content data are enhanced, especially when each session of distribution, movement, check-out, check-in, and reproduction occurs, A recording device and a data reproduction terminal (a data reproduction terminal capable of reproducing contents is also referred to as a reproduction terminal or a personal computer).
Hereinafter, a configuration will be described in which the copyright protection of the content data is strengthened by preventing the output of the content data to the same).

In the following description, the process of transmitting content data from the distribution server 10 to each personal computer or the like will be referred to as “distribution”.

FIG. 2 is a diagram for explaining characteristics of data, information, and the like for communication used in the data distribution system shown in FIG.

First, data distributed from the distribution server 10 will be described. Dc is content data such as music data. The content data Dc is encrypted so as to be decryptable with the license key Kc. License key K
The encrypted content data {Dc} Kc, which has been encrypted by decryption by c, is distributed from the distribution server 10 to the user of the personal computer in this format.

In the following, it is assumed that the notation {Y} X indicates that data Y has been encrypted by means of decryption key X.

Further, the distribution server 10 distributes, along with the encrypted content data, additional information Dc-inf as plain text information such as a copyright relating to the content data or server access. Further, as the license, a transaction ID, which is a management code for specifying the distribution of the license key Kc and the license key from the distribution server 10, is exchanged between the distribution server 10 and the personal computer 50. The transaction ID is also used to specify a license not based on distribution, that is, a license for local use for personal use. To distinguish between distribution and local use, transaction I
It is assumed that the beginning of D is a transaction ID for local use beginning with “0”, and a transaction ID starting from other than “0” is a transaction ID for distribution. Further, the license is generated based on a content ID, which is a code for identifying the content data Dc, and a license purchase condition AC including information such as the number of licenses and function limitation determined by the designation from the user side. Access control information ACm which is information relating to restrictions on license access in a recording device (memory card or license management device) and reproduction control information ACp which is control information in a data reproducing terminal.
Etc. exist. Specifically, the access restriction information ACm is control information of a memory card, a license management module, and a hand for outputting a license or a license key from the license management module to the outside.
The information includes the number of reproducible times (the number of license keys to be output for reproduction), restriction information on license transfer / copy, and license security level. The reproduction control information ACp is information for restricting reproduction after the content reproduction circuit receives a license key for reproduction, and includes reproduction time limit, reproduction speed change restriction, reproduction range designation (partial license), and the like.

In the embodiment of the present invention, for the sake of simplicity, the access restriction information ACm contains the number of reproductions <0: reproduction impossible, 1-254: control information for controlling the number of reproductions.
Reproducible number of times, 255: no restriction), move / copy flag for restricting license transfer and copy <0: move / copy prohibited, 1: move only, 2: move / copy possible), security level “1: level 1, 2 : Level 2 ”
It is assumed that the reproduction control information ACp limits only the reproduction time limit “UTCtime code” which is control information for specifying the time limit for reproduction. Therefore, hereinafter, the reproduction control information AC
p is also referred to as a playback time limit ACp.

Further, hereinafter, the transaction ID and the content ID are collectively referred to as a license ID, and a license key Kc, a license ID, and access restriction information AC
m and the playback time limit ACp are collectively referred to as a license.

In the embodiment of the present invention, distribution and reproduction of content data are prohibited for each class of recording device (memory card, license management device and license management module) and reproduction terminal for reproducing content data. Banned class list CRL (Class Revocation Lis)
The operation of t) is performed. In the following, the symbol CR
L may represent data in a prohibited class list.

The prohibition class list related information includes prohibition class list data listing the classes of the reproduction terminal, memory card, license management module, and license management device for which distribution, transfer, checkout, and reproduction of the license are prohibited. CRL is included. All devices and programs that perform management / accumulation of licenses related to content data protection and playback under licenses are to be listed.

The prohibition class list data CRL is managed in the distribution server 10, and is also recorded and held in a hard disk (HDD) in the personal computer 50 or a license management device by a memory card or a license management module. Such a prohibition class list needs to be upgraded and updated at any time, but data changes are basically made when distributing licenses such as encrypted content data and / or license keys. Then, the update date and time of the prohibited class list received from the personal computer (the license management device or the license management module) is determined, and when it is determined that the prohibited class list has not been updated, the updated prohibited class list is distributed to the personal computer. The prohibited class list is also exchanged between the license management module, the license management device, and the reproduction terminal 100, and the data change is the same as described above. Further, regarding the change of the prohibited class list, the distribution server 10 generates difference data CRL reflecting only the changed points, and adds the difference data CRL to the prohibited class list CRL in the memory card, the hard disk, and the license management device. It is also possible to adopt a configuration in which: Also, the update date and time CRLdat of the prohibited class list
e is recorded in the prohibition class list CRL recorded in the memory card, the hard disk, and the license management device, and the distribution server 10 confirms this and performs version management. The difference data CRL update date and time CRLdate is also included.

Thus, the prohibited class list CRL is
By holding and operating not only in the distribution server but also in the memory card or the personal computer, the decryption key unique to the class, that is, the type of the reproducing terminal and the memory card or the personal computer (license management device or license management module) is broken. Further, the supply of the license key to the reproduction terminal and the memory card or the personal computer is prohibited. Therefore, the reproduction terminal cannot reproduce the content data, and the memory card, the license management module, and the license management device cannot receive a new license.

As described above, the prohibition class list CRL in the memory card or the license management device or in the HDD managed by the license management module is configured to sequentially update data at the time of distribution. The management of the prohibition class list CRL in the memory card, the license management module, and the license management device is as follows.
A memory card, a license management device, and a hard disk controlled by a license management module independently of the upper level. A tamper resistant module.
Record in e). In the memory card or the license management device, similarly to the license, H is recorded by a high-level tamper resist module that guarantees confidentiality in hardware and managed by the license management module
The management of the prohibited class list CRL recorded in the DD is as follows.
At least a tamper-prevention measure is performed by the encryption processing, and the result is recorded in the HDD or the like of the personal computer. In other words, it is recorded by a low level tamper resistant module whose confidentiality is guaranteed by software. In any case, the configuration is such that the prohibition class list data CRL cannot be falsified from a higher level by a file system, an application program, or the like. As a result, copyright protection for data can be further strengthened.

FIG. 3 is a diagram for explaining characteristics of data, information, and the like for authentication used in the data distribution system shown in FIG.

The playback terminal, the memory card, the license management device, and the license management module are provided with unique public encryption keys KPpy and KPmw, respectively. The public encryption keys KPpy and KPmw are provided with the secret decryption key Kpy and memory unique to the playback terminal. It can be decrypted with a secret decryption key Kmw unique to the card, the license management device, and the license management module.
These public encryption key and secret decryption key have different values for each type of reproduction terminal, memory card, license management device, and license management module. The public encryption key and the secret decryption key are collectively referred to as a class key, the public encryption key is referred to as a class public encryption key, the secret decryption key is referred to as a class secret decryption key, and a unit sharing the class key is referred to as a class. The class differs depending on the manufacturing company, the type of product, the lot at the time of manufacturing, and the like.

[0129] Also, Cpy is provided as a class certificate of the content reproduction device (reproduction terminal), and Cmw is provided as a class certificate of the memory card, the license management device, and the license management module.

[0130] These class certificates have different information for each class of the content reproduction device, the memory card, the license management device, and the license management module. If the tamper resistant module is broken or the encryption with the class key is broken, that is, the class key for which the class secret decryption key has been obtained is listed in the prohibited class list and the license transmission is prohibited. Become.

The class public encryption key and the class certificate unique to the content reproduction device, memory card, license management device, and license management module are in the form of authentication data {KPpy // Cpy} KPa or authentication data {KPmw / In the format of / Cmw @ KPa, the data is recorded in a data reproduction device (reproduction terminal), a memory card, a license management device, and a license management module at the time of shipment. As will be described in detail later, KPa is a public authentication key common to the entire distribution system.

Further, a key for managing data processing in the memory card 110, the license management device, and the license management module is set for each medium or management software called the memory card, the license management device, and the license management module. There is a public encryption key KPmcx and a unique private decryption key Kmcx capable of decrypting data encrypted with the public encryption key KPmcx. The public encryption key and secret decryption key for each child are collectively referred to as an individual key, the public encryption key KPmcx is referred to as an individual public encryption key, and the secret decryption key Kmcx is referred to as an individual secret decryption key.

Data transfer between the memory card and the memory card, data transfer between the license management device and the license management device, or confidentiality in data transfer between the license management module and the license management module. The common keys Ks1 to Ks3 generated in the distribution server 10, the reproduction terminal 100, the memory card 110, the license management device, and the license management module each time the content data is distributed and reproduced are used as the encryption keys.

Here, the common keys Ks1 to Ks3 are unique common keys generated for each “session” which is a communication unit or access unit between the distribution server, the reproduction terminal, the memory card, the license management device or the license management module. These common keys Ks1 to Ks3 are hereinafter referred to as “session keys”.
Also referred to as.

These session keys Ks1 to Ks3
Has a unique value for each session,
It is managed by a distribution server, a playback terminal, a memory card, a license management device, and a license management module. Specifically, the session key Ks1 is generated by the distribution server for each distribution session. The session key Ks2 is generated for each distribution session and reproduction session by the memory card, the license management device, and the license management module, and the session key Ks3 is generated for each reproduction session in the reproduction terminal. In each session, these session keys are exchanged, a session key generated by another device is received, a license key and the like are transmitted after encrypting with the session key, and the security strength in the session is increased. Can be improved.

FIG. 4 shows bindings required for encrypting and managing the encrypted content data and license acquired by the software (license management module) in association with a license management device so that the license can be transferred to another personal computer. FIG. 3 shows a license and checkout management information in a checkout session in which the encrypted content data and the license acquired by the software are lent to the memory card 110.

A binding license includes a level 1 license for reproducing encrypted content data,
A binding key that is a common key for realizing a soft tamper resistant module by encrypting information related to license checkout, and ACmb and ACpb that are control information for the binding license
And transaction I for the binding license
Transaction IDb which is D and binding I
It is composed of a content IDb which is a dummy for D, and a binding ID which is a generic name of the transaction IDb and the content IDb. That is, since it is assumed that the license is recorded on the license management device, the license management device has the same configuration as the license.

The binding key Kb manages the license of the encrypted content data obtained by the software, and is held by the hardware. The license cannot be taken out without using the binding key Kb held by the hardware. Also, control information ACmb, ACp
b corresponds to ACm and ACp included in the license for reproducing the encrypted content data, and has a fixed value. ACmb indicates that there is no restriction on the number of times the license can be reproduced, moving copy is prohibited, and security level 1 is set.
b indicates that the playback time limit is indefinite.

The check-out management information includes a check-out possible number, a check-out destination individual ID, and a check-out transaction ID. The possible number of checkouts indicates the number of times that the encrypted content data can be rented out. The number is reduced by one each time the encrypted content data is checked out, and each time the encrypted content data is checked in. The numerical value is incremented by one. Check-out destination I
D is identification information for specifying a memory card for checking out encrypted content data, and corresponds to the individual public encryption key KPmcx held by the memory card. The transaction ID at the time of checkout is the transaction I for local use used at the time of checkout.
D.

FIG. 5 is a schematic block diagram showing a configuration of distribution server 10 shown in FIG. The distribution server 10 follows the data obtained by encrypting the content data according to a predetermined method, the information database 304 for storing distribution information such as the content ID, and the start of access to the content data for each user of the personal computer. A billing database 302 for holding billing information;
A CRL database 306 for managing the prohibited class list CRL, a menu database 307 for storing a menu of content data stored in the information database 304, and a transaction ID for specifying distribution of content data and license keys for each license distribution. A distribution record database 308 that records and holds distribution, an information database 304, a billing database 302, a CRL database 306, a menu database 307, and a distribution record database 308.
From data carrier 310 and data processor 310 via communication network, and a data processing unit 310 for receiving data from buses BS1 and performing predetermined processing. 350.

The data processing section 310 is controlled by the distribution control section 315 for controlling the operation of the data processing section 310 in accordance with the data on the bus BS1, and the session key Ks1 during the distribution session. Key generation unit 316 for generating an authentication data, and the authentication data {KPmw // Cm for authentication transmitted from the license management device and the license management module.
Communication of an authentication key holding unit 313 holding a public authentication key KPa for decrypting w @ KPa, and authentication data {KPmw // Cmw} KPa for authentication sent from a license management device and a license management module. A decryption processing unit 312 that receives the data via device 350 and bus BS1 and performs decryption processing using public authentication key KPa from authentication key holding unit 313;
Decrypts the session key Ks1 generated from
And an encryption processing unit 318 for encrypting using the class public encryption key KPmw obtained by step 12 and outputting the encrypted data to the bus BS1, and receiving data transmitted after being encrypted by the session key Ks1 from the bus BS1. And a decoding processing unit 320 that performs a decoding process.

The data processing unit 310 further discloses the license key Kc and the access restriction information ACm given from the distribution control unit 315 to the memory card, license management device, and license management module obtained by the decryption processing unit 320, respectively. The encryption processing unit 326 for encrypting with the encryption key KPmcx and the output of the encryption processing unit 326 are further encrypted by the session key Ks2 given from the decryption processing unit 320, and the bus B
And an encryption processing unit 328 for outputting to S1.

The authentication key held by the distribution server differs depending on the security level of the receiving side requested by the license to be distributed by the distribution server. A distribution server that distributes a level 2 license requesting security level 2 holds an authentication key KPa2 that can perform authentication processing on authentication data transmitted by a device whose security level is level 2. In addition, in a distribution server that distributes a level 1 license in which a license to be distributed requires security level 1, it can be distributed to both a device with a security level of 2 and a device with a security level of 1 Therefore, the authentication keys KPa corresponding to level 2 and level 1 respectively.
2 and KPa1 are to be used depending on the level of the opponent. Furthermore, even if the authentication key required by the transmitted authentication data is encrypted as the authentication data of the class certificate Cmw, it is written in an area maintained as plain text and the distribution control unit 315 of the distribution server 10 , The decryption processing unit 312 can easily specify the authentication key before decryption. An authentication key KPa2 corresponding to level 2 is used to distinguish two authentication keys from each other.
2. The authentication key KPa1 corresponding to level 1 is referred to as a level 1 authentication key KPa1, and is generally referred to as an authentication key KPa.

The operation of the distribution server 10 in a distribution session will be described later in detail with reference to flowcharts.

FIG. 6 is a schematic block diagram for describing the configuration of personal computer 50 shown in FIG. The personal computer 50 has a bus BS for exchanging data with each unit of the personal computer 50.
And a controller (CP) for controlling the inside of the personal computer and executing various programs.
U) 510, data bus BS2, data bus BS2
And a hard disk (HD) which is a large-capacity recording device for recording and accumulating programs and data.
D) 530 and a CD-ROM drive 540, a keyboard 560 for inputting instructions from the user, and a display 570 for visually giving various information to the user.

The personal computer 50 further comprises
Playback terminal 1 for encrypted content data and license
00 and the like, the controller 510 and the terminal 580
A USB interface 550 for controlling the transfer of data to and from the terminal, a terminal 580 for connecting a USB cable 70, and a controller 51 for communicating with the distribution server 10 via the Internet network 30 and the modem 40.
It includes a serial interface 555 for controlling data transfer between 0 and the terminal 585, and a terminal 585 for connecting to the modem 40 by a cable.

The controller 510 executes the application program so that the license management device 520 or the license management module 511 receives the encrypted content data or the like from the distribution server 10 via the Internet network 30. And control of acquiring encrypted content data and a license by ripping from a music CD via the CD-ROM drive 540.

Further, the personal computer 50 is
When receiving the encrypted content data and the license from the distribution server 10, various keys are exchanged with the distribution server 10, and the license for reproducing the distributed encrypted content data is hardware-managed. License management device 520 and controller 5
10 is a program executed in the distribution server 1
And a content management module 511 that receives the encrypted content data from level 0 and the level 1 license by a program and generates a dedicated license in which the received license is uniquely encrypted.

[0149] The license management device 520 transmits and receives the encrypted content data and the license when receiving the license from the distribution server 10 by hardware, and manages the received license by hardware.
It may handle level 2 licenses that require a high security level. On the other hand, the license management module 511 transmits and receives the encrypted content data and the license when receiving the license from the distribution server 10 by software using a program executed by the stove and the roller 510, and receives the license. Also, encrypted content data and a license for local use are generated from the music CD by ripping, and the acquired license is protected by performing encryption processing or the like.
Since the license management device 520 accumulates and manages only the level 1 license, which has a lower security level than the license management device 520. When the high security level is level 2, it goes without saying that a level 1 license can be handled.

Thus, the personal computer 50
The license management module 511 and the license management device 520 for receiving the encrypted content data and the license from the distribution server 10 via the Internet 30 and the license management module 520 for obtaining the encrypted content data and the license from the music CD by ripping. It has a built-in CD-ROM drive 540.

FIG. 7 is a schematic block diagram for describing a configuration of reproduction terminal 100 shown in FIG.

The reproduction terminal 100 includes a bus BS3 for transmitting and receiving data to and from each unit of the reproduction terminal 100, and a bus BS3.
A controller 1106 for controlling the operation of the playback terminal 100 via the CPU, an operation panel 1108 for giving an external instruction to the playback terminal 100, and a controller 11
And a display panel 1110 for giving information output from the mobile phone 06 or the like as visual information to a mobile phone user.

[0153] The reproduction terminal 100 further includes the distribution server 1
Memory card 110 for storing and decrypting content data (music data) from 0
And a memory interface 1200 for controlling transmission and reception of data between the memory card 110 and the bus BS3.
And a USB for controlling data transfer between the bus BS3 and the terminal 1114 when receiving the encrypted content data and the license from the personal computer 50.
An interface 1112 and a terminal 1114 for connecting the USB cable 70 are included.

The reproducing terminal 100 further authenticates its legitimacy by decrypting the class public encryption key KPp1 and the class certificate Cp1 set for each type (class) of the reproducing terminal with the class public authentication key KPa. Authentication data {KPp1 // Cp1} KP encrypted so that it can be used
a2, which includes an authentication data holding unit 1500 that holds a2. Here, it is assumed that the class y of the reproduction terminal 100 is y = 1. The security level is level 2 because the playback terminal is a device that provides playback using a content playback device that can maintain confidentiality in hardware.

The reproduction terminal 100 further includes a class secret decryption key, Kp, of the reproduction terminal (content reproduction device).
Kp1 holding unit 1502 for holding the data 1 and the data received from the bus BS3 by Kp1
And a decryption processing unit 1504 for obtaining a session key Ks2 generated by 0.

[0156] The reproduction terminal 100 further provides a session key Ks3 for encrypting data exchanged on the bus BS3 with the memory card 110 in a reproduction session for reproducing the content data stored in the memory card 110. And a session key Ks3 generated by the session key generation unit 1508 when receiving the license key Kc and the reproduction time limit ACp from the memory card 110 in the reproduction session of the encrypted content data. And an encryption processing unit 1506 for encrypting with the session key Ks2 obtained by the decryption processing unit 1504 and outputting to the bus BS3.

The reproduction terminal 100 further decrypts the data on the bus BS3 with the session key Ks3 and outputs the license key Kc and the reproduction time limit ACp, and the encrypted content data {Dc} from the bus BS3. A decryption processing unit 1516 that receives Kc, decrypts the content data with the license key Kc obtained from the decryption processing unit 1510, and outputs the content data.
And a DA converter 151 for converting the output of the music playback unit 1518 from a digital signal to an analog signal.
9 and a terminal 153 for outputting the output of the DA converter 1519 to an external output device (not shown) such as a headphone.
0 is included.

In FIG. 7, the area surrounded by the dotted line constitutes a content reproducing device 1550 for decrypting the encrypted content data and reproducing the music data. In FIG. 7, for the sake of simplicity, only blocks related to the reproduction of the music data of the present invention among the reproduction terminals are shown, and some blocks relating to the call function originally provided in the reproduction terminal are partially described. Is omitted.

The operation of each component of the reproduction terminal 100 in each session will be described later in detail with reference to flowcharts.

FIG. 8 is a schematic block diagram for describing a configuration of memory card 110. Referring to FIG. As described above, KPmw and Kmw are provided as a public encryption key and a private decryption key unique to the memory card, and a class certificate Cmw of the memory card is provided. It is assumed that the natural number to be identified is represented by w = 3 and the natural number to identify the memory card is represented by x = 4. In addition, memory card 1
Reference numeral 10 denotes a device that keeps confidentiality in hardware, so that the security level is 2.

Therefore, memory card 110 holds authentication data holding section 1400 holding authentication data {KPm3 // Cm3} KPa2 and individual secret decryption key Kmc4 which is a unique decryption key set for each memory card. Kmc holding unit 1402 and K holding a unique class secret decryption key Km3 set for each type of memory card
m holding unit 1421 and a KPmc holding unit 1416 holding a public encryption key KPmc4 that can be decrypted by the individual secret decryption key Kmc4.

By providing an encryption key for a recording device called a memory card, management of distributed content data and an encrypted license key is executed for each memory card, as will be apparent from the following description. It becomes possible to do.

The memory card 110 further includes an interface 1424 for exchanging signals with the memory interface 1200 via the terminal 1426, a bus BS4 for exchanging signals with the interface 1424,
From the data provided to the bus BS4 from the interface 1424, a class secret decryption key Km3 unique to each memory card type is received from the Km holding unit 1421, and the session key Ks1 generated in the distribution session by the distribution server 10 is output to the contact point Pa. Decryption processing unit 1422
And the level 2 authentication key KPa2 from the KPa holding unit 1414.
Receiving the level 2 from the data supplied to the bus BS4.
A decryption processing unit 1408 that performs decryption processing using the authentication key KPa2 and outputs the decrypted result and the obtained class certificate to the controller 1420, and outputs the obtained class public key to the encryption processing unit 1410, and a changeover switch 1442. The data selectively provided by the changeover switch 1446 is encrypted by a key provided by the
And an encryption processing unit 1406 that outputs the data to the

The memory card 110 further includes a session key generator 1418 for generating a session key Ks2 in each session, and a session key generator 141.
8 decrypts the session key Ks2 output by
8, an encryption processing unit 1410 for encrypting with the class public encryption key KPpy or KPmw and sending it to the bus BS4;
A decryption processing unit 1412 that receives the data encrypted by s2 and decrypts the data with the session key Ks2 obtained from the session key generation unit 1418, the license key Kc read from the memory 1415 in the playback session of the encrypted content data, and the playback time limit An encryption processing unit 1417 for encrypting ACp with the individual public encryption key KPmcx (# 4) unique to another memory card 110 decrypted by the decryption processing unit 1412.

The memory card 110 further includes a bus BS
4, a decryption processing unit 1404 for decrypting the data on the individual public encryption key KPmc4 with the individual secret decryption key Kmc4 unique to the memory card 110, prohibited class list data CRL, and encrypted content data {Dc}
Kc, a license (Kc, ACp, ACm, license ID) for reproducing the encrypted content data {Dc} Kc, additional information Data-inf, a playlist file of the encrypted content data, and a license are managed. And a memory 1415 for receiving and storing the license management file from the bus BS4. The memory 1415 is configured by, for example, a semiconductor memory. The memory 1515 stores a prohibited class list CRL.
Area, a license area 1415B for recording a license, encrypted content data {Dc} Kc, related information Dc-inf of the encrypted content data, encrypted content data recorded on the memory card, A data area that can be accessed directly from the outside. A playlist file that records basic information for accessing the license, and a license management file that records information necessary for managing the license for each encrypted content data. 1415C
Consisting of Details of the license management file and the playlist file will be described later.

[0166] The license area 1415B stores licenses in license-specific recording units called entries for recording licenses (content key Kc, reproduction control information ACp, access restriction information ACm, license ID). When accessing a license, an entry in which the license is stored or an entry for which the license is to be recorded is specified by an entry number.

[0167] The memory card 110 further includes a bus BS.
4. Data is exchanged with the outside via bus 4 and bus BS
And a controller 1420 for controlling the operation of the memory card 110 by receiving reproduction information and the like between the memory card 110 and the memory card 110.

It should be noted that all components except the data area 1415C are configured in a tamper-resistant module area.

FIG. 9 is a schematic block diagram showing the configuration of the license management device 520 built in the personal computer 50. License management device 520
Does not require an area corresponding to the data area 1415C in the memo card 110.
4 has the same configuration as that of the memory card 110, except that the interface 5224 and the terminal 5226 are different from each other in the function and the shape of the terminal 1426.
Authentication data holding unit 52 of license management device 520
00, Kmc holding unit 5202, decryption processing unit 5204, encryption processing unit 5206, decryption processing unit 5208, encryption processing unit 5
210, a decryption processing unit 5212, a KPa holding unit 5214,
KPmc holding unit 5216, encryption processing unit 5217, session key generation unit 5218, controller 5220, Km
Holding unit 5221, decoding processing unit 5222, interface 5224, terminal 5226, changeover switches 5242, 52
46 denotes an authentication data holding unit 1400, a Kmc holding unit 1402, and a decryption processing unit 14 of the memory card 110, respectively.
04, encryption processing unit 1406, decryption processing unit 1408, encryption processing unit 1410, decryption processing unit 1412, KPa holding unit 1
414, KPmc holding unit 1416, encryption processing unit 141
7. Session key generator 1418, controller 14
20, Km holding unit 1421, decryption processing unit 1422, and changeover switches 1442, 1446. However, the authentication data holding unit 5200 stores the authentication data {KPm7 //
Cm7｝ KPa2 is held, and the KPmc holding unit 5216 is held.
Holds the individual public encryption key KPm8, and stores
02 holds the class secret decryption key Km7, and the Kmc holding unit 5221 holds the individual secret decryption key Kmc8. It is assumed that the natural number w representing the class of the license management device 520 is w = 7, and the natural number x for identifying the license management device 520 is x = 8.

The license management device 520 stores the prohibited class list CRL and the licenses (Kc, ACp, AC
m, license ID),
Included instead of memory 1415 of memory card 110. The memory 5215 stores the prohibited class list CRL.
It comprises an RL area 5215A and a license area 5215B in which a license is recorded.

Further, the license management device 520
Needs to hold the binding license used by the license management module 511. Therefore, KPa holding section 5214 holds two authentication keys KPa2 and KPa1. Control from different levels will be described later in detail with reference to flowcharts.

The license management module 511 is a program for managing a license, and has a security level of 1. Also, the license management module 5
Since 11 is a management program having substantially the same configuration as the license management device 520, the natural number w representing the class of the license management module 511 is w = 5, and the natural number x for identifying the license management device 520 is x = 6. Suppose there is. Therefore, the license management module 511 determines that the authentication data {KPm5 // Cm5} K
Pa1, individual public encryption key KPm6, class secret decryption key K
m5 and an individual secret decryption key Kmc6. Further, it holds two authentication keys KPa2 and KPa1.

The operation of each session in the data distribution system shown in FIG. 1 will be described below.

[Initialization] Initialization performed before personal computer 50 receives the distribution of the encrypted content data and the license from distribution server 10 will be described.

FIGS. 10 to 12 are first to third flowcharts for describing initialization performed before personal computer 50 receives encrypted content data and a license from distribution server 10.

Referring to FIG. 10, when generation of a binding license is requested via keyboard 560 (step S10), license management module 51 is activated.
1 generates a binding key Kb (step S1).
2) Then, transaction IDb, content I
Db, and generates predetermined control information ACmb and ACpb (step S14). Steps S12 and S14 are binding license generation processing.

The license management module 511
Communicates with the license management device 520 via the bus BS2.
To output the authentication data via the command (step S1)
6).

Then, the license management device 52
0 receives the authentication data output instruction via terminal 5226, interface 5224, and bus BS5, and outputs authentication data {KPm7 // Cm7} K from authentication data holding unit 5200 via bus BS5.
Pa2 is acquired, bus BS5, interface 5224 are acquired.
And authentication data {KPm7 //
Cm7｝ KPa2 is output (step S18). The license management module 511 receives the authentication data {KPm7 // Cm7} KPa2 via the bus BS2 (step S20), and receives the authentication data {KPm7 // Cm7} K
Pa is decrypted with the level 2 authentication key KPa2 (step S22).

The license management module 511 determines from the decryption result whether or not the processing has been normally performed, that is, the license management device 520 holds the public encryption key KPm7 and the certificate Cm7 from the authorized license management device. In order to authenticate this, an authentication process is performed to determine whether or not an authorized organization has received authentication data encrypted for certifying its validity (step S2).
4). If it is determined that the authentication data is valid, the license management module 511 approves and accepts the public encryption key KPm7 and the certificate Cm7. Then, the process proceeds to the next process (step S26). If it is not valid authentication data, it is rejected and the process ends without accepting the public encryption key KPm7 and the certificate Cm7 (step S68).

If the license management module 511 recognizes that the device is a legitimate device as a result of the authentication,
The hard disk (HDD) 530 is inquired as to whether the class certificate Cm7 of the license management device is listed in the prohibited class list CRL. Ends the initialization (step S68).

On the other hand, if the class certificate of the license management device 520 is out of the prohibited class list, the process moves to the next step (step S26).

As a result of the authentication, if it is confirmed that the access is from a license management device having valid authentication data and the class is out of the prohibited class list, the license management module 511 sets the session key Ks
2a is generated (step S28).

Referring to FIG. 11, license management module 511 encrypts session key Ks2a with class public encryption key KPm7 to generate encrypted data {Ks2
a @ Km7 is generated (step S30), and the encrypted data {Ks2a} Km7 is output to the license management device 520 via the bus BS2 (step S32). The controller 5220 of the license management device 520
Terminal 5226, interface 5224, and bus B
Receiving the encrypted data {Ks2a} Km7 through S5,
The decryption processing unit 5222 uses the class secret decryption key Km7 output from the Km holding unit 5221 to generate the encrypted data {K
It decrypts s2a @ Km7 and receives the session key Ks2a (step S34). Controller 5220 is
Upon receiving the session key Ks2a, the session key generator 5218 controls the session key Ks
2b is generated. Then, the session key generation unit 5218 generates the session key Ks2b (step S36), and the controller 5220 acquires the update date and time CRLdate of the prohibited class list CRL from the CRL area 5215A of the memory 5215 via the bus BS5,
The acquired update date and time CRLdate is output to the changeover switch 5246 via the bus BS5 (step S3).
8). Then, the encryption processing unit 5206 encrypts the session key Ks2b, the individual public encryption key KPmc8, and the update date and time CRLdate received by sequentially switching the changeover switch 5246 using the session key Ks2a from the decryption processing unit 5222. Controller 5220 transmits encrypted data {Ks2b /
/ KPmc8 // CRLdate @ Ks2a is output via the interface 5224 and the terminal 5226 (step S40).

The license management module 511 transmits the encrypted data {Ks2b // KPmc8 via the bus BS2.
// CRLdate \ Ks2a is received, and the encrypted data {Ks2b // KPmc8 // CRLdate \ Ks2
a is decrypted with the session key Ks2a, and the session key Ks2b, the individual public encryption key KPmc8, and the update date and time CRLdate are received (step S42).
Then, the license management module 511 generates the binding license (transaction IDb, content IDb, binding key Kb, and control information ACmb, ACpb) generated in steps S12 and S14.
Is encrypted with the public encryption key KPmc8, and the encrypted data {transaction IDb // content IDb //
Kb // ACmb // ACpb｝ Kmc8 is generated (step S44).

Referring to FIG. 12, license management module 511 updates update date and time CRLdat of the prohibited class list transmitted from license management device 520.
Based on the update date and time of the prohibited class list CRL stored in the hard disk (HDD) 530, a comparison is made as to which is the newer prohibited class list. When the prohibited class list CRL of the license management device 520 is newer, the process proceeds to step S48. Conversely, when the prohibited class list CRL of the license management module 511 is newer, the process proceeds to step S52 (step S46).

When it is determined that the prohibition class list CRL of the license management device 520 is newer, the license management module 511 sends the encrypted data {transaction IDb // content IDb // Kb // AC
mb // ACpb @ Kmc8 is encrypted by the session key Ks2b generated in the license management device 520, and the encrypted data @ transaction IDb // content IDb // Kb // ACmb //
ACpb ¥ Kmc8 ¥ Ks2b is output to the license management device 520 via the bus BS2 (step S4).
8).

Then, the controller 5220 of the license management device 520 transmits the encrypted data {transaction IDb // content IDb // Kb // ACm
b // ACpb {Kmc8} Ks2b is received via terminal 5226 and interface 5224, decrypted by session key Ks2b generated by session key generator 5218, and {transaction IDb
/// Content IDb // Kc // ACmb // ACp
b｝ Kmc8 is received (step S50). afterwards,
Move to step S60.

On the other hand, if the license management module 511 determines that the prohibited class list CRL of the license management module 511 is newer, the license management module 511 sets the license management device 52
In order to update the prohibited class list CRL held by 0,
Update date and time CRLd from HDD 530 via bus BS2
Then, the updated data after the “date” is acquired as the difference CRL (step S52).

The license management module 511
Is the difference CRL of the prohibited class list and the encrypted data {transaction IDb // content IDb // Kb /
/ ACmb // ACpb @ Kmc8 with the session key K generated in the license management device 520.
encrypted by s2b, encrypted data {CRLdat
e // @ Transaction IDb // Content IDb
// Kb // ACmb // ACpb｝ Kmc8｝ Ks2
b to the license management device 520 via the bus BS2.
(Step S54).

The controller 5220 of the license management device 520 has a terminal 5226 and an interface 5
The decoding processing unit 5212 decodes the received data given to the bus BS5 via the 224. Decryption processing unit 52
12 uses the session key Ks2b given from the session key generation unit 5218 to decode the received data on the bus BS5 and output it to the bus BS5 (step S56).

At this stage, in the bus BS5, the transaction IDb // content IDb that can be decrypted with the individual secret decryption key Kmc8 held in the Kmc holding unit 5221
// Kb // ACmb // ACpb｝ Kmc8 and the difference CRL are output (step S56). The CRL area 5215A in the memory 5215 is stored in the CRL area 5215A in accordance with the difference CRL received by the instruction of the controller 5220.
(Step S58).

Steps S48 and S50 correspond to the prohibited class list CRL of the license management module 511 on the transmitting side.
Thus, the binding key Kb when the prohibited class list CRL of the license management device 520 on the receiving side is new.
And the like. The transmission operation to the license management device 520 is performed in steps S52, S54, S56, and S58 based on the prohibition class list CRL of the license management device 520 on the reception side.
Is a transmission operation of the binding key Kb and the like to the license management device 520 when the prohibited class list CRL is new. Thus, the license management device 520
Date and time of update of prohibited class list sent from CRLd
are compared, and when the prohibited class list CRL on the receiving side is older than the prohibited class list CRL on the transmitting side, the difference CRL which is the difference data of the prohibited class list is stored in the HDD 530.
From the license management device 52
By distributing to 0, a new prohibited class list CRL is always held.

After step S50 or step S58, the encrypted data {transaction IDb // content IDb //
Kb // ACmb // ACpb @ Kmc8 is decrypted by the decryption processing unit 5204 using the secret decryption key Kmc8, and the binding license (binding key K
b, transaction IDb, content IDb, control information ACmZ, ACp) are received (step S6).
0).

The license management module 511
Inputs the entry number “0” for storing the binding license to the license management device 520 (step S62), and the controller 5220 of the license management device 520 sends the entry number via the terminal 5226, the interface 5224, and the bus BS5. Upon receiving “0”, the license area 52 of the memory 5215 is received.
15B, the binding license (transaction IDb, content IDb, binding key K) is assigned to the area specified by the received entry number “0”.
b, control information ACmb, ACpb) is stored (step S64).

License management module 511 checks the area of license management device 520 to record binding key Kb, and prepares for registration.
A series of processing from step 16 to step 42 in FIG. 11 is referred to as “device confirmation processing”, and the binding key Kb is stored in the license area 521 of the license management device 520.
A series of processing from step S44 in FIG. 11 to step S64 in FIG. 12 stored in 5B is referred to as “binding key registration processing”.

On the other hand, the license management module 511
Generates a plaintext confidential file with empty confidential information (level 1 license and checkout information), generates an encrypted confidential file 160 obtained by encrypting the confidential file with the binding key Kb, and generates an encrypted confidential file 16.
0 is recorded in the HDD 530 (step S66), and the initialization operation ends (step S68).

As described above, the personal computer 50
In the initialization operation, the license management module 511 generates a binding license and stores the generated binding license in an area specified by the entry number “0” in the license area 5215B of the memory 5215 in the license management device 520. At the same time, an encrypted confidential file 160 is generated by encrypting the confidential file using the binding key Kb included in the generated binding license. The encrypted confidential file 160 is for storing the license received from the distribution server 10 by the license management module 511. Further, by encrypting the confidential file with the binding key Kb in this manner, the license cannot be taken out from the encrypted confidential file 160 without the binding key Kb, so that the binding key Kb manages the license of the encrypted content data. Is a common key for Since the binding key Kb is stored in the memory 5215 of the license management device 520, the binding key Kb can be managed by hardware. As a result, the license of the encrypted content data managed by software in the encrypted confidential file 160 recorded on the HDD 530 via the binding key Kb is managed by hardware. Therefore, as described later, the encrypted content data and license received by the software can be transferred to another personal computer 80.

[Distribution 1] Next, in the data distribution system shown in FIG. 1, the operation of distributing the encrypted content data and the level 2 license requesting the security level 2 from the distribution server 10 to the license management device 520 of the personal computer 50. Will be described.
This operation is referred to as “delivery 1”.

FIGS. 13 to 16 show a distribution operation (hereinafter also referred to as a distribution session) to a license management device 520 built in the personal computer 50, which occurs when the encrypted content data is purchased in the data distribution system shown in FIG. 5 is a first to a fourth flowchart for explaining the above.

Prior to the processing in FIG. 13, it is assumed that the user of personal computer 50 has connected to distribution server 10 via modem 40 and has acquired the content ID of the content desired to be purchased.

Referring to FIG. 13, a user of personal computer 50 issues a distribution request by designating a content ID via keyboard 560 (step S100). Then, the purchase condition AC for purchasing the license of the encrypted content data is input via the keyboard 560 (step S102). That is,
In order to purchase a license key Kc for decrypting the selected encrypted content data, the purchase condition AC is set by setting the access restriction information ACm of the encrypted content data and the playback time limit ACp.

When the purchase condition AC for the encrypted content data is input, controller 510 gives an instruction to output the authentication data to license management device 520 via bus BS2 (step S104). The controller 5220 of the license management device 520 has a terminal 522
6. Receive an instruction to output authentication data via the interface 5224 and the bus BS5. Then, the controller 5220 communicates with the authentication data holding unit 52 via the bus BS5.
The authentication data {KPm7 // Cm7} KPa2 is read from 00 and {KPm7 // Cm7} KPa2 is transferred to the bus BS.
5, and output via the interface 5224 and the terminal 5226 (step S106).

The controller 510 of the personal computer 50 sends the content ID, license purchase condition data AC, and a distribution request to the distribution server 10 in addition to the authentication data {KPm7 // Cm7} KPa2 from the license management device 520. It transmits (step S108).

The distribution server 10 receives the distribution request, the content ID, the authentication data {KPm7 // Cm7} KPa2, and the license purchase condition data AC from the personal computer 50 (step S11).
0), the decryption processing unit 312 converts the authentication data output from the license management device 520 into a level 2 authentication key K
The decryption process is executed with Pa (step S112).

The distribution control unit 315 performs an authentication process of judging from the decryption processing result of the decryption processing unit 312 whether or not an authorized organization has received the encrypted authentication data for certifying its validity. (Step S114). If it is determined that the authentication data is valid, the distribution control unit 3
15 approves and accepts the class public encryption key KPm7 and the class certificate Cm7. Then, the process proceeds to the next process (step S116). If it is not valid authentication data, it is rejected and the distribution session is terminated without accepting the class public encryption key KPm7 and the class certificate Cm7 (step S198). If a distribution request is made from level 1, the level 2 authentication key KPa2 cannot authenticate level 1 authentication data, so the process ends here.

As a result of the authentication, if the class public encryption key KPm7 and the class certificate Cm7 are approved, the distribution control unit 315 then sets the class certificate Cm7 of the license management device to the prohibited class. List C
The CRL database 306 is checked to see if it is listed in the RL. If these class certificates are subject to the prohibited class list, the distribution session is ended here (step S198).

On the other hand, if the class certificate of the license management device 520 is not included in the prohibited class list, the process shifts to the next process (step S116).

As a result of the authentication, it is confirmed that the access is from a personal computer having a license management device having valid authentication data, and that the class is out of the prohibited class list. The unit 315 generates a transaction ID that is a management code for specifying distribution (step S118). Further, the session key generation unit 316 generates a session key Ks1 for distribution (step S120). The session key Ks1 is stored in the decryption processing unit 31
2 is encrypted by the encryption processing unit 318 using the class public encryption key KPm7 corresponding to the license management device 520 obtained in Step S122 (Step S122).

[0209] The transaction ID and the encrypted session key Ks1 correspond to the transaction ID //
As {Ks1} Km7, the bus BS1 and the communication device 3
The data is output to the outside through the device 50 (step S124).

Referring to FIG. 14, personal computer 50 has a transaction ID /// {Ks1} Km7
Is received (step S126), the controller 51
0 inputs the transaction ID // {Ks1} Km7 to the license management device 520 (step S1).
28). Then, in the license management device 520, the terminal 5226 and the interface 5224
, The decryption processing unit 5222 decrypts the received data given to the bus BS5 to the license management device 520 stored in the storage unit 5221 using the class secret decryption key Km7, thereby decrypting the session key Ks1. Receives the session key Ks1 (step S1).
30).

[0211] The controller 5220
After confirming the reception of the session key Ks1 generated in the above, the license management device 520 is instructed to generate the session key Ks2 generated at the time of the distribution operation to the session key generation unit 5218. Then, the session key generation unit 5218 generates a session key Ks2 (Step S132).

In the distribution session, controller 5220 operates as described above, in which forbidden class list CR recorded in memory 5215 in license management device 520 is stored.
The update date and time CRLdate is extracted from the memory 1415 from L and output to the changeover switch 5246 (step S1).
34).

The encryption processing unit 5206 is provided with a changeover switch 5
The switch 5 is switched by the session key Ks1 given from the decryption processing unit 5222 via the contact point Pa
246, the session key Ks2, the individual public encryption key KPmc8, and the update date / time CRLdate of the forbidden class list are encrypted as one data string.
CRLdate @ Ks1 is output to bus BS3 (step S136).

[0214] Encrypted data $ K output to bus BS3
s2 // KPmc8 // CRLdate @ Ks1 is transmitted from the bus BS3 to the interface 5224 and the terminal 522.
6 to the personal computer 50 and transmitted from the personal computer 50 to the distribution server 10 (step S138).

The distribution server 10 has a transaction ID
// \ Ks2 // KPmc8 // CRLdate \ Ks
1, the decryption processing unit 320 performs decryption processing using the session key Ks1, and the session key Ks2 generated by the license management device 520, the individual public encryption key KPmc unique to the license management device 520.
8 and the update date and time CRLdate of the prohibition class list in the license management device 520 are received (step S142).

The distribution control unit 315 determines the content ID and license purchase condition AC acquired in step S110.
According to the access restriction information ACm and the playback time limit AC
p is generated (step S144). Further, a license key Kc for decrypting the encrypted content data is obtained from the information database 304 (step S14).
6).

The distribution control unit 315 determines the generated license, that is, the transaction ID, the content I
D, the license key Kc, the reproduction time limit ACp, and the access restriction information ACm are provided to the encryption processing unit 326. The encryption processing unit 326 outputs the individual public encryption key K unique to the license management device 520 obtained by the decryption processing unit 320.
The license is encrypted by Pmc8 and the encrypted data {transaction ID // content ID // Kc /
/ ACm // ACp @ Kmc8 is generated (step S
148).

Referring to FIG. 15, in distribution server 10, the update date and time CRLdate of the prohibited class list transmitted from license management device 520 is updated by the update date and time of prohibited class list CRL of distribution server 10 held in CRL database 306. By comparing with the license management device 520, the license management device 520 determines whether or not the prohibited class list CRL held is the latest one. If it is not the latest, the process proceeds to step S160 (step S15).
0).

[0219] When it is determined that it is the latest, the encryption processing unit 32
8 is the encrypted data output from the encryption processing unit 326 {transaction ID // content ID // Kc /
/ ACm // ACp @ Kmc8 is encrypted with the session key Ks2 generated in the license management device 520, and the encrypted data {transaction ID // content ID // Kc // ACm // AC
p｝ Kmc8｝ Ks2 is output to the bus BS1. Then, the distribution control unit 315 determines that the encrypted data on the bus BS1 {transaction ID // content ID // Kc
// ACm // ACp {Kmc8} Ks2
The data is transmitted to the personal computer 50 through the personal computer 50 (step S152).

The controller 510 of the personal computer 50 transmits the encrypted data {transaction ID // content ID // Kc // ACm // AC
p｝ Kmc8｝ Ks2 is received (step S154),
The data is input to the license management device 520 via the bus BS5. Decryption processing unit 5 of license management device 520
212 is the encrypted data {transaction ID //
Content ID // Kc // ACm // ACp @ Kmc
8｝ Ks2 is supplied to the terminal 5226 and the interface 522.
4 and decrypted by the session key Ks2 generated by the session key generator 5218,
｛Transaction ID // Content ID // Kc /
/ ACm // ACp @ Kmc8 is accepted (step S
158). Thereafter, the process proceeds to step S172.

On the other hand, if it is determined that the current class is not the latest, the distribution control unit 315 obtains the latest prohibited class list CRL from the CRL database 306 via the bus BS1, and generates a difference CRL as difference data (step S16).
0).

The encryption processing unit 328 includes the encryption processing unit 32
6 and the difference CRL of the prohibition class list supplied via the bus BS1 by the distribution control unit 315, and encrypts it with the session key Ks2 generated in the license management device 520. Encryption processing unit 328
Encrypted data output from ｛Differential CRL // ｛Transaction ID // Content ID // Kc // ACm
// ACp {Kmc8} Ks2 is transmitted to personal computer 50 via bus BS1 and communication device 350 (step S162).

The personal computer 50 transmits the encrypted data {differential CRL //} transaction I
D // content ID // Kc // ACm // ACp｝
Kmc8 @ Ks2 is received (step S164), and is input to the license management device 520 via the bus BS5 (step S166). License management device 52
0, terminal 5226 and interface 52
The decoding processing unit 5212 decodes the received data given to the bus BS5 via the decoding processing unit 2412. Decryption processing unit 521
2 uses the session key Ks2 given from the session key generator 5218 to decode the data received on the bus BS5 and output it to the bus BS5 (step S168).

At this stage, an encryption license {transaction ID // content ID // Kc // ACm // ACp {Kmc8} that can be decrypted with the secret decryption key Kmc8 held in the Kmc holding unit 5221 is provided on the bus BS5.
And the difference CRL are output (step S168).
Difference CR received according to the instruction of controller 5220
L is used to update the CRL area 5215A in the memory 5215 based on the difference CRL (step S170).

Steps S152, S154, S156
In step S158, the license key K when the prohibition class list CRL held by the license management device 520 is the latest is displayed.
c) to the license management device 520. Steps S160, S162, S164, S16
6, S168 and S170 are the license management device 5
The license management device 52 such as the license key Kc when the prohibited class list CRL held by the device 20 is not the latest.
This is a distribution operation to 0. As described above, it is determined whether or not the update date and time CRLdate of the prohibited class list sent from the license management device 520 is the latest update date and time.
Check, if not the latest, the latest banned class list CR
By obtaining the Ldate from the CRL database 306 and distributing the differential CRL to the license management device 520, it is possible to prevent the outflow of the distributed license to the license management device whose license has been broken.

Step S158 or S170
After that, the encryption license {transaction ID // content ID /
/ Kc // ACm // ACp @ Kmc8 is decrypted by the individual secret decryption key Kmc8 in the decryption processing unit 5204, and the license (license key Kc, transaction ID, content ID, access restriction information ACm, and playback time limit ACp) is received. (Step S17)
2).

Referring to FIG. 16, controller 510
Inputs an entry number for instructing an entry for storing the license received by the license management device 520 to the license management device 520 (step S174). Then, the license management device 5
20 receives the entry number via terminal 5226 and interface 5224;
Memory 5 specified by the received entry number
Step S17 is added to the license area 5215B of the H.215.
The license (license key Kc, transaction ID, content ID, access restriction information ACm, and playback time limit ACp) acquired in step 2 is stored (step S176).

The controller 510 of the personal computer 50 transmits the transaction ID sent from the distribution server 10 and the distribution request of the encrypted content data to the distribution server 10 (Step S178).

[0229] The distribution server 10 has the transaction ID
And a request for distribution of the encrypted content data is received (step S180), and the encrypted content data {Dc} Kc and the additional information Dc-
inf, and outputs these data via the bus BS1 and the communication device 350 (step S18).
2).

The personal computer 50 operates as {Dc}
Kc // Dc-inf is received, and encrypted content data {Dc} Kc and additional information Dc-inf are received (step S184). Then, the controller 5
10 records the encrypted content data {Dc} Kc and the additional information Dc-inf as one content file on the hard disk (HDD) 530 via the bus BS2 (step S186). The controller 5
Reference numeral 10 denotes a license entry number stored in the license management device 520 and a plaintext transaction I.
D and a license management file for the additional information Dc-inf including the content ID, and the HDD 5 via the bus BS2.
30 (step S188). Further, the controller 510 determines, as the information of the content received in the content list file recorded in the HDD 530, the names of the recorded content file and the license management file, and information on the encrypted content data extracted from the additional information Dc-inf ( The song ID and the artist name are added (step S190), and the transaction ID and the distribution acceptance are transmitted to the distribution server 10 (step S192).

[0231] The distribution server 10 has the transaction ID
// Upon receiving the distribution acceptance (step S194), the accounting data is stored in the accounting database 302, and the transaction ID is recorded in the distribution record database 308, and the process of terminating the distribution is executed (step S1).
96), and the entire process ends (step S198).

As described above, the license management device 50 built in the personal computer 50 is a device that holds regular authentication data, and at the same time, the public encryption key KPm7 that can be encrypted and transmitted together with the class certificate Cm7 is After confirming that the class certificate Cm7 is valid, the class certificate Cm7 is stored in the prohibited class list, that is, the public encryption key K.
Content data can be delivered only in response to a delivery request from a license management device that is not listed in the class certificate list that has been encrypted by Pm7,
Distribution to an unauthorized license management device and distribution using the decrypted class key can be prohibited.

Also, by transmitting and receiving the encryption keys respectively generated by the distribution server and the license management device, executing the encryption using the encryption keys received by each other, and transmitting the encrypted data to the other party, Mutual authentication can be performed in practice even when each encrypted data is transmitted and received, and the security of the data distribution system can be improved.

Also, the license management device 520
When receiving the encrypted content data and the license from the distribution server 10, the data is exchanged with the distribution server 10 in a hardware manner, and the license for reproducing the encrypted content data is stored in the hardware. Its security level is high. Therefore, by using the license management device 520, the personal computer 50 can receive the encrypted content data and the license by the distribution with the high security level, and can manage the level 2 license with the high security level.

[Distribution 2] In the data distribution system shown in FIG. 1, an operation of distributing encrypted content data and a license from distribution server 10 to license management module 511 of personal computer 50 will be described. This operation is referred to as “delivery 2”.

FIGS. 17 to 21 show first to third operations for explaining the distribution operation to the license management module 511 built in the personal computer 50 which occurs when the encrypted content data is purchased in the data distribution system shown in FIG. It is a 5th flowchart. The license management module 511 executes reception of the encrypted content data and the license from the distribution server 10 by a program.

Prior to the processing in FIG. 17, it is assumed that the user of personal computer 50 has connected to distribution server 10 via modem 40 and has acquired the content ID of the content desired to be purchased.

Referring to FIG. 17, a user of personal computer 50 issues a distribution request by designating a content ID via keyboard 560 (step S200). Then, the purchase condition AC for purchasing the license of the encrypted content data is input via the keyboard 560 (step S202). That is,
In order to purchase a license key Kc for decrypting the selected encrypted content data, the purchase condition AC is set by setting the access restriction information ACm of the encrypted content data and the playback time limit ACp.

When the purchase condition AC for the encrypted content data is input, controller 510 sends authentication data {KPm5 // Cm from license management module 511.
5 KPa2 is read, and the read authentication data KP
m5 // Cm5 @ KPa2, content ID,
The data AC of the license purchase condition and the distribution request are transmitted to the distribution server 10 (step S20).
4).

The distribution server 10 receives the distribution request, the content ID, the authentication data {KPm5 // Cm5} KPa2, and the license purchase condition data AC from the personal computer 50 (step S20).
6) The decryption processing unit 312 decrypts the authentication data output from the license management module 511 using the level 1 authentication key KPa1 (step S208).

The distribution control unit 315 determines from the decryption processing result of the decryption processing unit 312 whether the processing has been normally performed, that is, the class public encryption key KPm5
Then, an authentication process is performed to determine whether or not authentication data encrypted for proving the validity of the class certificate Cm5 has been received (step S210). If it is determined that the authentication data is valid, the distribution control unit 315 approves and accepts the class public encryption key KPm5 and the class certificate Cm5. Then, the process proceeds to the next process (step S212). If it is not valid authentication data, it will be disapproved,
The process ends without accepting the class public encryption key KPm5 and the class certificate Cm5 (step S288).

[0243] When the authentication result indicates that the module is a legitimate module, the distribution control unit 315 then checks whether the class certificate Cm5 of the license management module 511 is listed in the prohibited class list CRL. Querying the CRL database 306, if these class certificates are included in the prohibited class list,
Here, the distribution session ends (step S28).
8).

On the other hand, if the class certificate of the license management module 511 is out of the prohibited class list, the process moves to the next step (step S214).

As a result of the authentication, it is confirmed that the access is from a personal computer having a license management module having valid authentication data, and that the class is not included in the prohibited class list. The unit 315 generates a transaction ID, which is a management code for specifying distribution (step S214). Further, the session key generation unit 316 generates a session key Ks1 for distribution (step S216). The session key Ks1 is stored in the decryption processing unit 31
2 is encrypted by the encryption processing unit 318 using the class public encryption key KPm5 corresponding to the license management module 511 obtained in Step 2 (Step S21).
8).

The transaction ID and the encrypted session key Ks1 have the transaction ID //
As {Ks1} Km5, the bus BS1 and the communication device 3
The data is output to the outside through the device 50 (step S220).

Referring to FIG. 18, the controller 510 of the personal computer 50 transmits the transaction ID
/// {Ks1} Km5 is received (step S22)
2), the license management module 511 sets {Ks1}
Receiving Km5, it decrypts with class secret decryption key Km5 unique to license management module 511, and receives session key Ks1 (step S224).

Upon confirming the acceptance of the session key Ks1 generated by the distribution server 10, the license management module 511 generates a session key Ks2 (step S226). Then, the controller 510
The license management module 511 reads out the encrypted CRL stored in the HDD 530 via S2, and
The RL is decrypted to obtain a prohibited class list CRL, and the updated date and time CRLdate of the prohibited class list is obtained based on the decoded prohibited class list CRL (step S2).
28). The license management module 511 further includes:
Session key Ks generated in distribution server 10
1, the session key Ks2 generated by the license management module 511 and the individual public encryption key KPmc6
And encrypts the data CRLdate of the forbidden class list as one data string, and generates $ Ks2 // KPmc6
// CRLdate @ Ks1 is output (step S2
30).

The controller 510 outputs the encrypted data $ K
s2 // KPmc6 // CRLdate @ Transaction ID obtained by adding transaction ID to Ks1 //
{Ks2 // KPmc6 // CRLdate} Ks1 is transmitted to the distribution server 10 (step S232).

The distribution server 10 has a transaction ID
// \ Ks2 // KPmc6 // CRLdate \ Ks
1 (step S234), and the decryption processing unit 320
Performs decryption processing using the session key Ks1, and receives the session key Ks2 generated by the license management module 511, the individual public encryption key KPmc6 unique to the license management module 511, and the update date / time CRLdate of the prohibited class list in the license management module 511. (Step S236).

The distribution control unit 315 generates the access restriction information ACm and the reproduction time limit ACp according to the content ID and the license purchase condition data AC acquired in step S206 (step S238). further,
The license key Kc for decrypting the encrypted content data is obtained from the information database 304 (step S240).

The distribution control unit 315 determines the generated license, ie, the transaction ID and the content I
D, the license key Kc, the reproduction time limit ACp, and the access restriction information ACm are provided to the encryption processing unit 326. The encryption processing unit 326 encrypts the license with the individual public encryption key KPmc6 unique to the license management module 511 obtained by the decryption processing unit 320, and encrypts the encrypted data {transaction ID // content ID // K.
c // ACm // ACp｝ Kmc6 is generated (step S242).

Referring to FIG. 19, in distribution server 10, whether or not the prohibition class list CRL of license management device 520 that has requested distribution is latest based on the update date and time CRLdate of the prohibition class list transmitted from license management module 511. When it is determined that the prohibited class list CRL of the license management module is the latest, the process proceeds to step S246. If it is determined that it is not the latest, the process proceeds to step S252 (step S244).

When it is determined that the encryption processing is the latest,
8 is the encrypted data output from the encryption processing unit 326 {transaction ID // content ID // Kc /
/ ACm // ACp @ Kmc6 is encrypted using the session key Ks2 generated in the license management module 511, and the encrypted data {transaction ID // content ID // Kc // ACm // AC
p｝ Kmc6｝ Ks2 is output to the bus BS1. Then, the distribution control unit 315 determines that the encrypted data on the bus BS1 {transaction ID // content ID // Kc
/// ACm // ACp {Kmc6} Ks2
The data is transmitted to the personal computer 50 via the personal computer 50 (step S246).

The controller 510 of the personal computer 50 transmits the encrypted data {transaction ID // content ID // Kc // ACm // AC
p｝ Kmc6｝ Ks2 is received (step S248),
The license management module 511 calculates the encrypted data {transaction ID // content ID // Kc
// ACm // ACp {Kmc6} Ks2 is decrypted with the session key Ks2, and {transaction ID /
/ Content ID // Kc // ACm // ACp @ Km
c6 is received (step S250). Thereafter, the process proceeds to step S262.

On the other hand, if it is determined that the current class is not the latest, the distribution control unit 315 obtains the latest prohibited class list CRL from the CRL database 306 via the bus BS1, and generates a difference CRL as difference data (step S25).
2).

The encryption processing unit 328 includes the encryption processing unit 32
6 and the difference CRL of the prohibition class list supplied via the bus BS1 by the distribution control unit 315, and encrypts it with the session key Ks2 generated in the license management module 511. Encryption processing unit 32
8 encrypted data {difference CRL /// transaction ID // content ID // Kc // AC
m // ACp {Kmc6} Ks2 is transmitted to personal computer 50 via bus BS1 and communication device 350 (step S254).

The personal computer 50 transmits the encrypted data {differential CRL /// transaction I
D // content ID // Kc // ACm // ACp｝
Kmc6 @ Ks2 is received (step S256), and the license management module 511 sends the session key Ks2.
The received data is decrypted by using the CRL and the encrypted data {transaction ID // content ID // Kc
// Acm // ACp｝ Kmc6 is accepted (step S258).

The controller 510 sets the received difference CRL in the prohibited class list CRL recorded in the HDD 530.
, And performs a unique encryption process to rewrite the prohibited class list CRL in the HDD 530 (step S260).

Steps S246, S248, S250
Is based on the update date and time CRLdate of the prohibited class list sent from the license management module 511.
This is a distribution operation of the license to the license management module 511 when the prohibition class list CRL managed by the license management module 511 is the latest.
52, S254, S256, S258, and S260 are distribution operations of the license to the license management module 511 when the prohibition class list CRL is not the latest.
As described above, the license management device 52 that has requested distribution is based on the update date and time CRLdate of the prohibited class list sent from the license management module 511.
It is checked every time whether or not the prohibited class list CRL of 0 is the latest. If not, the latest prohibited class list CRL is checked.
Is acquired from the CRL database 306 and the differential CRL is distributed to the license management module 511, whereby the license distributed to the license management module can be prevented from being leaked to a device whose security has been broken.

Step S250 or step S260
After that, the encryption license {transaction ID // content ID // Kc // ACm // ACp} Kmc6
Is decrypted by the individual secret decryption key Kmc6, and the license (license key Kc, transaction ID, content ID, access restriction information ACm, and reproduction time limit A
Cp) is accepted (step S262).

In this way, the distribution server and the license management module exchange the encryption keys respectively generated, execute encryption using the encryption keys received by each other, and transmit the encrypted data to the other party. Thereby, the mutual authentication can be effectively performed even in the transmission and reception of each encrypted data, and the security of the data distribution system can be improved.

The license management module 511 determines whether or not the number of times of reproduction is restricted by the received access restriction information ACm. If the number of times of reproduction is not restricted, the flow shifts to step S266 to restrict the number of times of reproduction. Then, the process proceeds to step S268 (step S26).
4). Then, when the number of times of reproduction is not limited, the license management module 511 generates checkout information including the number of possible checkouts for lending the encrypted content and the license received from the distribution server 10 to another device ( Step S266). In this case, the initial value of the checkout is set to “3”. Further, when the number of times of reproduction is limited, the license management module 511 sets the number of possible check-outs for lending the encrypted content data to another device to “0” and generates check-out information (step). S268). Step S268 is a process for managing the number of times of reproduction by checking out.

Referring to FIG. 20, after step S266 or step S268, license management module 5
11 outputs the authentication data {KPm5 // Cm5} KPa1 to the license management device 520 via the bus 2 (step S270). License management device 52
0, the authentication data {KPm5 // Cm5} KPa1 is received from the license management module 511, and the decryption processing unit 5208 receives the authentication data authentication data {KPm5 // C
m5 @ KPa1 is received and authentication data authentication data @ K
Based on Pm5 // Cm5 @ KPa1, a level 1 authentication key KPa1 is received from KPa holding unit 5214, and authentication data {KPm is received using received level 1 authentication key KPa1.
5 // Cm5 @ KPa1 is decrypted (step S27)
1).

The controller 5220 includes a decryption processing unit 52
08, it is determined whether or not the processing has been performed normally, that is, the class public encryption key K
An authentication process is performed to determine whether or not authentication data encrypted to certify the validity of Pm5 and the class certificate Cm5 has been received (step S272). If it is determined that the authentication data is valid, the controller 5220
Is the class public encryption key KPm5 and the class certificate Cm
Approve and accept 5 Then, the next processing (step S
273). If it is not valid authentication data, it is rejected, and the process ends without accepting the class public encryption key KPm5 and the class certificate Cm5 (step S298).

[0265] As a result of the authentication, when it is recognized that the regular authentication data has been received, the controller 5220 next proceeds to
Class certificate Cm5 of license management module 511
Is inquired in the CRL area 5215A of the memory 5215 whether or not is listed in the prohibited class list CRL. If these class certificates are subject to the prohibited class list, the distribution session is ended here ( Step S298).

On the other hand, if the class certificate of the license management module 511 is out of the prohibited class list, the process moves to the next step (step S273).

As a result of the authentication, it is confirmed that the access is from the license management module 511 including the license management device having valid authentication data, and that the class is out of the prohibited class list. , Session key generation unit 520
8 generates a session key Ks2a (step S2).
74), The encryption processing unit 5210 determines that the session key Ks2
a is encrypted with the class public encryption key KPm5, and the encrypted data {Ks2a} Km5 is output (step S2).
75).

Controller 5220 transmits encrypted data {Ks2a} Km5 to bus BS5 and interface 52
24, and the terminal 5226, and the license management module 511 receives the encrypted data {Ks2a} Km5 via the bus BS2 and outputs the class secret decryption key K
m5 to decrypt the encrypted data {Ks2a} Km5 and receive the session key Ks2a (step S27).
6). Then, the license management module 511 generates a session key Ks2b (Step S277),
The session key Ks2b is encrypted with the session key Ks2a, and the encrypted data {Ks2b} Ks2a is output to the license management device 520 via the bus BS2 (step S278).

A controller 5220 of the license management device 520 includes a terminal 5226, an interface 522,
4, and encrypted data $ Ks2 via bus BS5
Receiving b｝ Ks2a, the decryption processing unit 5212 outputs the session key K output from the session key generation unit 5208.
s2a to decrypt the encrypted data {Ks2b} Ks2a and accept the session key Ks2b (step S
279). Then, the license management module 51
1 designates the entry number “0” as the license management device 5
20 (step S280), and the controller 5220 of the license management device 520 connects to the terminal 522.
6, via interface 5224, and bus BS5 to receive entry number "0". Then, the controller 5220 reads the license area 5215 of the memory 5215.
Among B, a binding license (transaction IDb, content IDb, binding key Kb, and control information ACmb, ACpb) stored in the area specified by the entry number “0” is obtained (step S281). And the controller 52
20 determines whether or not the binding license is valid based on the control information ACmb. Here, the valid case means that the number of times of reproduction in the control information ACmb is not 0 and that the security level of the control information ACmb is level 1 because the process is authenticated by the level 1 authentication key KPa1. I do.

On the other hand, if the binding license is valid, the flow shifts to step S283 (step S28).
2).

If it is determined in step S282 that the binding license is valid, the encryption processing unit 520
6, the decryption processing unit 5 converts the binding key Kb and the control information ACpb acquired
The encrypted data {Kb // ACpb} Ks2b is output by encrypting with the session key Ks2b decrypted by the switch 212 and acquired via the switch 5242 (step S283).

Referring to FIG. 21, controller 5220
Transmits the encrypted data {Kb // ACpb} Ks2b to the bus BS5, the interface 5224, and the terminal 5226.
And the license management module 511 outputs
Encrypted data {Kb // ACpb} via bus BS2
Ks2b is received, and encrypted data {Kb // ACpb} Ks2b is decrypted with session key Ks2b to obtain binding key Kb and control information ACpb (step S284).

[0273] A series of processes from step S270 to step S284 is a process of obtaining the binding key Kb from the license management device 520, and is collectively referred to as "binding key obtaining process".

The license management module 511
Acquires the encrypted confidential file 160 from the HDD 530 via the bus BS2, and decrypts the acquired encrypted confidential file 160 with the binding key Kb to acquire a plaintext confidential file (step S285). Then, the license management module 511 transmits the license (transaction I) received from the distribution server 10.
D, content ID, license key Kc, access restriction information ACm, and reproduction time limit ACp) and step S26.
6 or the chuck-out information generated in step S268 is added as confidential information n to the plaintext confidential file (step S286). Thereafter, the license management module 511 re-encrypts the plaintext confidential file using the binding key Kb, and updates the encrypted confidential file 160 recorded on the HDD 530 with the encrypted confidential file 160 (step S).
287). After storing the license in the encrypted confidential file 160, the license management module 511 transmits the transaction ID transmitted from the distribution server 10 and the distribution request of the encrypted content data to the distribution server 10 (Step S288).

The distribution server 10 has the transaction ID
And the distribution request of the encrypted content data is received (step S289), and the encrypted content data {Dc} Kc and the additional information Dc-
inf, and outputs these data via the bus BS1 and the communication device 350 (step S29).
0).

The license management module 511 has a $ D
c @ Kc // Dc-inf is received, and the encrypted content data $ Dc @ Kc and additional information Dc-inf are received (step S291). Then, the license management module 511 sends the encrypted content data {Dc}
Kc and additional information Dc-inf as a content file via a bus BS2 as a hard disk (HDD) 5
30 (step S292). The license management module 511 also stores the encrypted confidential file 160
A license management file corresponding to a content file (encrypted content data {Dc} Kc and additional information Dc-inf) including the confidential information number n of the confidential information n stored in the file and the plaintext transaction ID and the content ID is generated. Is recorded on the HDD 530 via the bus BS2 (step S293). Further, the license management module 511 includes, as the content information received in the content list file recorded on the HDD 530, information on the name of the recorded content file and the license management file, and information on the encrypted content data extracted from the additional information Dc-inf. (Song name, artist name) and the like are added (step S294), and the transaction ID and the distribution acceptance are transmitted to the distribution server 10 (step S295).

The distribution server 10 has a transaction ID
// Upon receipt of the distribution acceptance (step S296), the accounting data is stored in accounting database 302, and the transaction ID is recorded in distribution record database 308, and the process of terminating the distribution is executed (step S296).
297), the entire process ends (step S29).
8).

Thus, the license management module 5
11 exchanges data with the distribution server 10 by software, and receives the encrypted content data and the license from the distribution server 10 by software. Also, the received encrypted content data is stored in the HDD 5.
30 and writes the license as confidential information n to a confidential file, and stores the confidential file in a binding key K
b, and stores the license in the encrypted confidential file 160. Then, the encrypted confidential file 160
Is stored in the license management device 520. Therefore, the distribution of the encrypted content data and the license by the license management module 511 is lower in security level than the distribution of the encrypted content data and the license by the license management device 520, but the recording management is not associated with the personal computer 50. In, it is close to that.

[Ripping] Personal Computer 5
In addition to acquiring the encrypted content and the license by distribution, the user 0 can acquire and use music data from a music CD owned by the user. Digital duplication of music CDs is not free from the standpoint of protecting the rights of copyright holders. Enjoyment is allowed. Therefore, the license management module 511 also includes a program that acquires music data from a music CD and implements a ripping function of generating encrypted content data and a license that can be managed by the license management module 511.

In some recent music CDs, an electronic watermark called a watermark is inserted in music data. In this watermark, the range of use of the copyright owner by the user is written as a usage rule. When ripping from music data in which a usage rule has been written, the usage rule must be obeyed from the viewpoint of copyright protection. Hereinafter, it is assumed that a copy condition (copy prohibited / one-generation copy permitted / copy permitted) and the maximum number of check-outs are described as usage rules. Even in the case of a conventional music CD, it is assumed that one generation can be duplicated and the maximum number of checkouts is "3" in order to protect the rights of the copyright holder.

With reference to FIGS. 22 to 24, description will be given of the acquisition of encrypted content data and a license by ripping from a music CD on which music data is recorded.

FIGS. 22 to 24 are first to third flowcharts for obtaining encrypted content data and a license from a music CD by ripping.

Referring to FIG. 22, when the ripping operation is started, CD-ROM drive 540 fetches music data detected from the music CD, and uses the usage rule described by the watermark from the fetched music data. Detection is performed (step S700). Then, it is determined whether or not copying is possible based on the detected usage rule (step S701). If the copy condition of the usage rule is unlimited, the process proceeds to step S203. If the copy condition is one-generation copy permitted, the process proceeds to step S702. If the copy condition is prohibited, the copy is prohibited. The operation ends. Furthermore, when the watermark is not included in the mounted CD and the usage rule cannot be obtained, the process proceeds to step S705.

[0284] In step S701, if the copy rule of the usage rule is one-generation copy permitted, the license management module 511 changes the copy condition of the use rule that has acquired the watermark included in the acquired music data to copy prohibited. Change to mark (Step S70)
2). Then, control goes to a step S703. When a usage rule that can be copied is detected, in step S703, the license management module 511 sets the access restriction information ACm reflecting the usage rule and the playback time limit ACp.
Is generated (step S703). Here, according to the copy condition, if the copy is permitted, the move / copy flag of the access restriction information ACm is set to move / copy permitted (= 3). Set to prohibition (= 0). Although there is no corresponding usage rule, the number of times of reproduction is unlimited, and the security level is set to level 1. After that, the license management module 511 sets the maximum number of checkouts by reflecting the maximum number of checkouts in the usage rule. If the maximum number of check-outs is not specified, the number of check-outs is set to three. Then, checkout information including the set possible number of checkouts is generated (step S704).

On the other hand, if it is determined in step S701 that no watermark has been detected and there is no usage rule, the license management module 511 sets the move / copy flag in the access restriction information ACm to move / copy prohibited (=
0), the number of reproductions is unlimited (= 255), and the security level is set to 1. The reproduction time limit ACp makes the reproduction indefinite (step S705). Thereafter, the license management module 511 generates checkout information including the number of possible checkouts whose initial value is 3 (step S).
706).

After step S704 or S706, the license management module 511 generates a license key Kc using a random number or the like (step S707), and uses the transaction ID and the content ID for local use.
Is generated (step S708). Next, the license management module 511 performs a binding key acquisition process. Step S709 in FIG. 23 to Step 7 in FIG.
23 is a binding key acquisition process,
This is the same as the series of processes from step S270 in FIG. 20 to step S284 in FIG. 21 in the distribution process of distribution 2. Therefore, description is omitted.

Referring to FIG. 24, binding key Kb
The license management module 511 that has obtained the
Encrypted confidential file 16 from HDD 530 via S2
0, and obtains a plaintext confidential file by decrypting the obtained encrypted confidential file 160 using the binding key Kb (step S724). Then, the license management module 511 encodes the music data obtained from the music CD into a predetermined format to generate content data Dc (step S725), encrypts the content data with the license key Kc, and encrypts the encrypted content data {Dc. ｝ Kc is generated (step S72)
6). After that, the license management module 511 sends information from the user input through the keyboard 560,
And the additional information Dc-inf of the content data is generated based on the information from the music CD (step S72).
7), the encrypted content data {Dc} Kc and the additional information Dc-inf are recorded as content files on the HDD 530 via the bus BS2 (step S728).

Then, the license management module 5
11 is the generated license (transaction ID,
The content ID, the license key Kc, the access restriction information ACm, and the playback expiration date ACp) and the checkout information generated in step S704 or S706 are added to the plaintext confidential file as confidential information n (step S729). Thereafter, the license management module 511 encrypts the plaintext confidential file with the binding key Kb, and updates the encrypted confidential file 160 recorded on the HDD 530 with the encrypted confidential file 160 (step S73).
0). After storing the license in the encrypted confidential file 160, the license management module 511 sends the confidential information number n of the confidential information n stored in the encrypted confidential file 160.
And the plaintext transaction ID and content ID
And a license management file for the content file (encrypted content data {Dc} Kc and additional information Dc-inf) including
530 (step S731). Further, the license management module 511 includes, as information of the content received in the content list file recorded on the HDD 530, the names of the recorded content file and the license management file, and the encrypted content data extracted from the additional information Dc-inf. Information (song name, artist name) and the like are added (step S73)
2), the entire process ends (step S733).

Thus, encrypted content data and a license can be obtained from a music CD by ripping. The license management module 511 manages the encrypted content data and the license obtained by ripping from the music CD in the same manner as the encrypted content data and the level 1 license obtained by distribution.

With reference to FIG. 25, the management of the encrypted content data and the license received by license management module 511 or license management device 520 of personal computer 50 will be described. The HDD 530 of the personal computer 50 stores the content list file 150, and the content list file 150 stores the content files 1531 to 153.
n, license management files 1521 to 152n,
And encrypted confidential files.

The contents list file 150 is a data file in the form of a list of owned contents, and includes information on individual contents (music name, artist name, etc.) and information indicating the contents file and license management file (file name). It is included. The information for each content is added to the additional information Dc-i at the time of reception.
Necessary information is obtained from the nf and described automatically or according to a user's instruction. In addition, it is possible to manage in the list the contents that cannot be reproduced, such as only the content file and the license management file.

Content files 1531 to 153n
Is a file for recording the encrypted content data {Dc} Kc and the additional information Dc-inf received by the license management module 511 or the license management device 520, and is provided for each content.

The license management files 1521 to 1521
152n are content files 1531 to 1531, respectively.
153n, and is a file for managing the license received by the license management module 511 or the license management device 520, and includes information for specifying the storage location of the license and information on the license.

The information for specifying the storage location is an entry number when a license is recorded in the license management device 520 or a confidential information number for specifying confidential information recorded in the encrypted confidential file. .

The information related to the license is limited by the transaction ID and the content ID which can be referred to in plain text when the license is received, the access restriction information ACm and the reproduction control information ACp which can be easily determined from the license purchase condition AC. This is a copy of the plain text of the matter in question. As you can see from the explanation so far,
It is protected and recorded so that it cannot be referenced for content protection. However, the license key Kc
Other information except, unless you can even rewrite
Even if the contents are referred to, there is no problem from the standpoint of content protection. In the application program, each process is started with reference to the information on the license.

The encrypted confidential information file contains confidential information including licenses managed by the license management module 511 and checkout information. The encrypted confidential information file is encrypted with the binding key Kb.

A specific description is given with reference to FIG. The license management files 1521 and 1524 include entry numbers 1 and m, respectively. This is received by the license management device 520, and the license area 521 in the memory 5215 of the license management device 520 is received.
License managed in 5B (license ID,
This is a number for designating a management area for the license key Kc, the access restriction information ACm, and the reproduction time limit ACm).

Therefore, the content file 1531
When the encrypted content data having the file name recorded in the storage device is moved to the memory card 110 attached to the playback terminal 100, if the content files 1531 to 153n are searched and the content file 1531 is extracted, the encrypted content data is played back. You can see where the licenses are managed. Since the entry number included in the license management file 1521 corresponding to the content file 1531 is “1”, the content file 1
The license for playing back the encrypted content data having the file name recorded in 531 is a license management device 5
20 is recorded in the area designated by the entry number 1 of the license area 5215B of the memory 5215. Then, the license management file 152 of the content list file 150 recorded on the HDD 530
By reading the entry number 1 from the “1” and inputting the read entry number 1 to the license management device 520, the license area 5215B of the memory 5215 is read.
The license can be easily taken out and transferred to the memory card 110. After the license is moved, the license in the entry number 1 designated in the license area 5215B of the memory 5215 is deleted.
Correspondingly, "no license" is recorded as in the license management file 1523.

The confidential information storing the license of the encrypted content data received by the license management module 511 is stored in the license management file 152.
2, 1524,..., 152n.
License management files 1522,..., 152n
Includes a confidential information number of confidential information for storing a license for reproducing the encrypted content data received by the license management module 511.

Then, for example, when moving the encrypted content data having the file name recorded in the content file 1532 to the personal computer 80, the content files 1531 to 153n are searched to extract the content file 1532, and the content file 1532 is extracted. Corresponding license management file 152
Then, confidential information number 1 is obtained from 2. On the other hand, a binding key Kb is obtained from the license management device 520,
The encrypted confidential file 160 is decrypted with the obtained binding key Kb to obtain a plaintext confidential file. Then, confidential information 1 in the confidential file corresponding to confidential information number 1 acquired from the license management file
Can be obtained.

As described above, in the first embodiment of the present invention, the license of the encrypted content data received by the license management module 511 is stored in the encrypted confidential file 160 as confidential information n, and The file 160 contains the license management device 5
20 the binding key K held in hardware
Decoding is possible only by b. That is, the binding key Kb is a common key for managing the license of the encrypted content data, and has a structure in which a license cannot be obtained without the binding key Kb.
Therefore, the license of the encrypted content data received by the license management module 511 is written in the encrypted confidential file 160 and recorded on the HDD 530, and is actually managed as software. Since the license cannot be taken out from the encrypted confidential file 160 without the binding key Kb stored in the, the license is substantially managed by hardware.

On the other hand, the license received by license management device 520 is stored in license area 5215B of memory 5215. Therefore, according to the first embodiment of the present invention, the management level of the license received by the license management module 511 can be close to the management level of the license received by the license management device 520.

[0303] It is assumed that the binding license is stored in the entry number "0".

[Move 1] In the data distribution system shown in FIG. 1, the reproduction terminal 100 reproduces the encrypted content data and the license distributed from the distribution server 10 to the license management device 520 of the personal computer 50.
The operation of transmitting data to the memory card 110 inserted in the device will be described. This operation is referred to as “movement 1”. 26 to 29, in which the movement is performed only when the security level is between level 2 and FIG. 26, FIG. 26 to FIG. 29 show a case where the encrypted content data and the license received by the license Memory card 1 inserted in playback terminal 100
10 is a first to a fourth flowchart for explaining a movement operation for moving to 10;

Before the processing in FIG. 18, the user of the personal computer 50 determines the content to be moved according to the content list file, and
The description will be made on the assumption that the content file 530 and the license management file 530 can be specified, and the playlist file of the memory card 110 has been obtained.

Referring to FIG. 26, when a movement request is input from keyboard 560 of personal computer 50 (step S300), controller 510 causes
The authentication data transmission request a is transmitted to the USB interface 55
0, the terminal 580, and the USB cable 70 to the playback terminal 100 (step S302). Then, the controller 1106 of the playback terminal 100 communicates with the terminal 1114, the USB interface 1112, and the bus B
A transmission request for authentication data is received via S3, and the bus BS
3 and a request to transmit authentication data to the memory card 110 via the memory card interface 1200. Then, the controller 142 of the memory card 110
0 receives a request for transmitting authentication data via the terminal 1426, the interface 1424, and the bus BS4 (step S304).

Upon receiving the authentication data transmission request, controller 1420 transmits authentication data {KPm3 // Cm3} KPa2 from authentication data holding section 1400 to bus BS4.
And the read authentication data {KPm3 /
/ Cm3 @ KPa2 to bus BS4, interface 14
24 and the terminal 1426 to the playback terminal 100. Then, the controller 1106 of the playback terminal 100
Are the memory card interface 1200 and the bus B
Authentication data via S3 {KPm3 // Cm3} KPa
2, the bus BS3, the USB interface 111
2, authentication data $ KPm3 // to the personal computer 50 via the terminal 1114 and the USB cable 70.
Cm3 @ KPa2 is transmitted (step S306).

Then, the personal computer 50
Controller 510 receives authentication data {KPm3 // C via terminal 580 and USB interface 550.
m3 @ KPa2 is received (step S308), and the received authentication data {KPm3 // Cm3} KPa2 is transmitted to the license management device 520 via the bus BS2. Controller 5 of license management device 520
220 receives the authentication data {KPm3 // Cm via the terminal 5226, the interface 5224, and the bus BS5.
3｝ KPa2 is received, and the received authentication data ｛KP
m3 // Cm3｝ KPa2 is supplied to the decoding processing unit 5208. The authentication processing unit 5208 includes: a KPa holding unit 5214;
Authentication data Authentication data {KPm3 // Cm3} KPa2
Receiving the authentication data {KPm3 // Cm3} KPa
2, the level 2 authentication key KPa2 is received from the KPa holding unit 5214, and the received level 2 authentication key KP2 is received.
Authentication data {KPm3 // Cm3} KPa by a2
2 is performed (step S310). The controller 5220 determines from the decryption processing result in the decryption processing unit 5208 whether or not the processing has been normally performed, that is, the memory card 110 holds the class public encryption key KPm3 and the class certificate Cm3 from the authorized memory card. In order to authenticate this, an authentication process is performed to determine whether or not an authorized organization has received authentication data encrypted to prove its validity (step S312).
When it is determined that the authentication data is valid, the controller 5220 approves and accepts the class public encryption key KPm3 and the class certificate Cm3. Then, control goes to the next process (step S314). If it is not valid authentication data, it is rejected and the class public encryption key KPm3
Then, the process ends without accepting the class certificate Cm3 (step S404).

[0309] As a result of the authentication, if the controller 5220 recognizes that the memory card is a legitimate memory card, the controller 5220 next determines whether or not the class certificate Cm3 of the memory card 110 is listed in the prohibited class list CRL. The CRL area 5215A is referred to, and if these class certificates are targets of the prohibited class list, the moving operation is ended here (step S40).
4).

On the other hand, if the class certificate of the memory card 110 is not included in the prohibited class list, the process proceeds to the next processing (step S314).

[0311] As a result of the authentication, it is confirmed that the access is from a playback terminal equipped with a memory card having valid authentication data, and that the class is out of the prohibited class list. Acquires the transaction ID, which is the management code for specifying the transfer, from the license area 5215B of the memory 5215 (step S316). Then, the session key generation unit 5218 generates a session key Ks22 for movement (step S31).
8). The session key Ks22 is stored in the decryption processing unit 5208.
Is encrypted by the encryption processing unit 5210 using the class public encryption key KPm3 corresponding to the memory card 110 obtained in step S320 (step S320). Controller 5220 transmits encrypted data {Ks via bus BS5.
22Km3 is obtained, and the transaction ID obtained from the memory 5215 is stored in the encrypted data {Ks22} Km3.
Transaction ID added to // {Ks22} Km
3 to bus BS5, interface 5224 and terminal 5
The output is made via the 226 (step S322).

Referring to FIG. 27, controller 510 of personal computer 50 receives transaction ID // {Ks22} Km3 via bus BS2 (step S324), and receives the USB interface 550,
The transaction ID /// {Ks22} Km3 is supplied to the reproduction terminal 10 via the terminal 580 and the USB cable 70.
0 (step S324). Then, the controller 1106 of the playback terminal 100 connects to the terminal 1114,
Transaction ID /// {Ks22} Km3 is received via USB interface 1112 and BS3, and the received transaction ID //// Ks2
2 @ Km3 is transmitted to the memory card 110 via the memory card interface 1200. The controller 1420 of the memory card 110 includes a terminal 1426,
The transaction ID // {Ks22} Km3 is received via the interface 1424 and the bus BS4 (step S326). The decoding processing unit 1422 outputs {Ks22} K from the controller 1420 via the bus BS4.
m3, and {Ks22} Km3 is decrypted with the class secret decryption key Km3 from the Km holding unit 1421, and the session key Ks22 is received (step S328).
Then, the session key generation unit 1418 generates a session key Ks2 (step S330), and the controller 1420 transmits the Cs in the memory 1415 via the bus BS4.
Update date / time C of prohibited class list from RL area 1415A
RLdate is acquired, and the acquired update date and time CRLd
ate to the changeover switch 1446 (step S3
32).

Then, encryption processing section 1406 sets session key Ks2 and individual public encryption key KPm obtained by sequentially switching the terminals of changeover switch 1446.
c4 and the update date and time CRLdate are
04, encrypted with the session key Ks22 decrypted, and the encrypted data {Ks2 // KPmc4 //
Generate CRLdate @ Ks22. Controller 1
420 is the encrypted data {Ks2 // KPmc4 // C
RLdate @ Ks22 is output to the reproduction terminal 100 via the bus BS4, the interface 1424, and the terminal 1426, and the controller 1106 of the reproduction terminal 100 transmits the encrypted data {Ks2 // KPmc4 // CRLdate @ Ks2 via the memory card interface 1200.
Receive 2 Then, the controller 1106
Interface 1112, terminal 1114, and USB
The data is transmitted to the personal computer 50 via the cable 70 (step S334).

The controller 510 of the personal computer 50 has a terminal 580 and a USB interface 5
50 and the encrypted data {Ks2 // KPmc4 //
CRLdate @ Ks22 is received (step S33)
6), encrypted data {Ks2 // K via bus BS2
Pmc4 // CRLdate @ Ks22 is input to the license management device 520 (step S338). Controller 5220 of license management device 520
Transmits the encrypted data {Ks2 // KPmc4 / via the terminal 5226, the interface 5224 and the bus BS5.
/ CRLdate \ Ks22 and the received encrypted data {Ks2 // KPmc4 // CRLdat
e｝ Ks22 is given to the decryption processing unit 5212. The decryption processing unit 5212 uses the session key Ks22 from the session key generation unit 5218 to generate the encrypted data {Ks2 /
/ KPmc4 // CRLdate @ Ks22 is decoded,
The session key Ks2, the public encryption key KPmc4, and the forbidden class list CRLdate are received (step S).
340).

Then, the personal computer 50
Of the controller 510 in step S324
The license entry number contained in the license management file is read from HDD 530. Then, controller 510 inputs the read entry number to license management device 520 via bus BS2 (step S342). The controller 5220 of the license management device 520 includes a terminal 5226, an interface 5
224 and the entry number received via the bus BS5, and from the area designated by the received entry number in the license area 5215B of the memory 5215, the license (transaction ID, content ID, license key Kc, access restriction information ACm, reproduction time limit) A
Cp) is read (step S344).

In response to the reception of the access restriction information ACm,
The controller 5220 checks the access restriction information ACm (Step S346). That is, the controller 5
220 determines the security level, the number of times of reproduction, and the move / copy flag of the obtained access restriction information ACm in order. First, based on the security level of the access restriction information ACm and the authentication key used in step S310, if the level 1 authentication key KPa1 is used and the security level of the access restriction information ACm is 2, the license Since output is performed to a security level lower than the management request level, the process proceeds to step S404,
Stop the movement operation. Otherwise, the following determination is made. Based on the number of times of reproduction of the access restriction information ACm, it is determined whether or not the license to be moved to the memory card 110 attached to the reproduction terminal 100 is a license that cannot reproduce the encrypted content data by the access restriction information ACm. Confirm. When the number of times of reproduction has reached the number of times limited by the access control information ACm (=
0), the encrypted content data cannot be reproduced by the license, and there is no point in moving the encrypted content data and the license to the memory card 110 attached to the reproduction terminal 100. When the number of times of reproduction is “0”, the process proceeds to step S404, and the moving operation is stopped. Otherwise (the number of reproductions 再生 0), the following determination is made. Based on the move / copy flag of the access restriction information ACm, when move / copy is prohibited “= 0”, step S4
04 In parallel, the movement operation is stopped. When you can move only,
In parallel with step S348, the controller 522
0 deletes the license in the entry number specified in the license area 5215B of the memory 5215 (step S348), and performs the processing in parallel with step S350. Step S35 without performing Step S348
0 parallel.

Referring to FIG. 28, encryption processing section 5217
Encrypts the license using the individual public encryption key KPmc4 unique to the license management device 520 obtained by the decryption processing unit 5212, and encrypts the encrypted data {transaction ID // content ID // Kc // ACm //
ACp @ Kmc4 is generated (step S350). Then, the update date and time CR transmitted from the memory card 110
The Ldate is compared with the update date and time of the prohibited class list held in the CRL area 5215A by the license management device 520, and it is determined which of the prohibited class lists is newer. The process moves to step S352. If it is determined that the license management device 520 is newer, the process shifts to step S362 (step S352).

When it is determined that the data CRLdate is the latest, the encryption processing unit 5206
Data output from ｛Transaction ID /
/ Content ID // Kc // ACm // ACp @ Km
c4 is encrypted using the session key Ks2 generated by the session key generation unit 5218, and the encrypted data {transaction ID // content ID /
/ Kc // ACm // ACp {Kmc4} Ks2 is output to the bus BS5. Then, the controller 5220
Encrypted data on bus BS5 @ transaction ID
/// Content ID // Kc // ACm // ACp @ K
mc4 @ Ks2 is connected to interface 5224 and terminal 5
The data is transmitted to the personal computer 50 via the 226 (step S354).

The controller 510 of the personal computer 50 transmits the encrypted data {transaction ID /
/ Content ID // Kc // ACm // ACp @ Km
c4 @ Ks2 is received, the USB interface 550,
The data is transmitted to the reproduction terminal 100 via the terminal 580 and the USB cable 70 (step S356).

The controller 1106 of the reproduction terminal 100
Is the encrypted data via the terminal 1114, the USB interface 1112, and the bus BS3 {transaction ID // content ID // Kc // ACm // A
Cp {Kmc4} Ks2 is received, and the received encrypted data {transaction ID // content ID /
/ Kc // ACm // ACp {Kmc4} Ks2 is transmitted to the memory card 110 via the bus BS3 and the memory card interface 1200. The controller 1420 of the memory card 110 includes a terminal 1426,
Encrypted data via terminal 1424 and bus BS4 {transaction ID // content ID // Kc
// ACm // ACp {Kmc4} Ks2 is received (step S358).

[0321] Decryption processing unit 1412 of memory card 110
Is the encrypted data {transaction ID // content ID // Kc // ACm // ACp {Kmc4} K
s2 is received via the bus BS4, decrypted by the session key Ks2 generated by the session key generation unit 1418, and {transaction ID // content ID // Kc // ACm // ACp} Kmc4 is received (step S360). . Thereafter, the flow shifts to step S376 shown in FIG.

On the other hand, if it is determined in step S350 that the license management device 520 is newer,
Controller 5220 of license management device 520
Is the CRL area 5 of the memory 5215 via the bus BS5.
The latest prohibited class list CRL is obtained from the 215A (step S362).

The encryption processing section 5206 is
217 and the data CRL of the prohibited class list acquired from the memory 5215 by the controller 5220 via the bus BS5 via the changeover switches 5242 and 5246, respectively.
At 218, encryption is performed using the session key Ks2. Encrypted data output from encryption processing section 5206 {CRL // @ transaction ID // content ID / interface 5224, and terminal 5
The data is output to the personal computer 50 via 226 (step S364).

The controller 510 of the personal computer 50 outputs the encrypted data {CRL /// transaction ID // content ID // Kc // A
Cm // ACp {Kmc4} Ks2 is received, and encrypted data {CRL // {transaction ID // content ID // Kc // ACm // via the USB interface 550, the terminal 580, and the USB cable 70.
ACp {Kmc4} Ks2 is transmitted to reproduction terminal 100 (step S368). The controller 1106 of the playback terminal 100 includes a terminal 1114, a USB interface 11
12, and the encrypted data @CRL via the bus BS3
// Transaction ID // Content ID // K
c // ACm // ACp {Kmc4} Ks2
Bus BS3 and memory card interface 1200
Encrypted data {CRL /// transaction ID // content ID // Kc // ACm // AC
Transmit p {Kmc4} Ks2 to memory card 110. Then, the controller 142 of the memory card 110
0 is the encrypted data {CRL /// transaction ID // content ID // Kc // ACm via terminal 1426, interface 1424 and bus BS4.
// ACp {Kmc4} Ks2 is received (step S
370).

In memory card 110, decryption processing section 1412 decrypts the received data on bus BS4 using session key Ks2 given from session key generation section 1418, and decrypts CRL and $ transaction ID //
Content ID // Kc // ACm // ACp @ Kmc
4 is received (step 372). Controller 14
20 receives the data CRL received by the decoding processing unit 1412 via the bus BS4, and according to the received data CRL, the CRL area 1415 of the memory 1415.
A is rewritten (step S374).

Steps S354, S356, S358,
In S360, the prohibition class list CRL of the memory card 110 on the transmitting side is stored in the license management device 52 on the receiving side.
This is an operation of moving the license key Kc or the like to the memory card 110 from the prohibited class list CRL of 0 in the case of a new one.
0, S372, and S374 are operations for moving the license key Kc and the like to the memory card 110 when the prohibition class list CRL of the license management device 520 on the transmission side is newer than the prohibition class list CRL of the memory card 110 on the reception side. is there. Thus, the update date and time CRLdat of the prohibited class list sent from the memory card 110
e, each time it is confirmed, the more recent prohibited class list CRL is stored in the prohibited class list CR of the memory card 110.
By storing L as the L in the CRL area 1514A, it is possible to prevent the license from being leaked to a device whose security function has been broken, such as leakage of the class secret key.

Referring to FIG. 29, after step S360 or step S374, the encryption license @ transaction ID /
/ Content ID // Kc // ACm // ACp @ Km
The decryption unit c4 is decrypted by the decryption unit 1404 using the individual secret decryption key Kmc4, and a license (license key Kc, transaction ID, content ID, access restriction information ACm, and playback time limit ACp) is received (step S376).

As described above, the encryption keys generated by the license management device and the memory card are exchanged, encryption is performed using the encryption keys received by each other, and the encrypted data is transmitted to the other party. Thereby, the mutual authentication can be effectively performed even in the transmission and reception of each encrypted data, and the security in the movement operation of the encrypted content data and the license can be improved.

The controller 510 of the personal computer 50 transmits the entry number for storing the license transferred to the memory card 110 to the reproduction terminal 100 via the USB interface 550, the terminal 580, and the USB cable 70 (Step S378) ).
Then, the controller 1106 of the playback terminal 100
Receives the entry number via the terminal 1114, the USB interface 1112, and the bus BS3, and
The controller 1420 of the memory card 110 receives the entry number via the terminal 1426 and the interface 1424 and transmits the memory 1415 specified by the received entry number to the memory card 110 via the memory card 110 via the memory card interface 1200.
The license (license key Kc, transaction ID, content ID, access restriction information AC) acquired in step S376 is stored in the license area 1415B of
m and the playback time limit ACp) (step S38).
0).

[0330] The controller 510 of the personal computer 50 transmits the encrypted content data $ D to be transferred to the memory card 110 including the license entry number stored in the memory 1415 of the memory card 110, the plaintext transaction ID and the content ID.
A license management file for c @ Kc and the additional information Dc-inf is generated and transmitted to the memory card 110 (step S382).

The controller 142 of the memory card 110
No. 0 receives the license management file via the playback terminal 100 and records the received license management file in the data area 1415C of the memory 1415 (Step S).
384).

Then, in accordance with the determination of step S346, controller 510 of personal computer 50 proceeds to step S388 if it is a move, and does not perform step S388 if it is a copy, but instead proceeds to step S39.
Zero parallel (step S386). Then, in the case of transfer, the license entry number of the license management file for the license transferred to the memory card 110 among the licenses recorded on the HDD 530 is updated to no license (step S386).

Thereafter, controller 510 transmits the content file (encrypted content data {Dc} Kc and additional information Dc-i) to be moved to memory card 110.
nf) and {Dc} Kc //
Dc-inf is transmitted to memory card 110 (step S390). Controller 14 of memory card 110
20 is {Dc} Kc // Dc via the playback terminal 100
-Inf (step S392), and {Dc} Kc // Dc-inf received via the bus BS4 as a content file in the data area 141 of the memory 1415.
5C (step S394).

Then, the personal computer 50
The controller 510 creates a playlist file in which the music moved to the memory card 110 is added (step S396), and sends the playlist file and a playlist file rewrite instruction to the memory card 110 (step S398). The controller 1420 of the memory card 110 receives the playlist file and the rewrite instruction via the playback terminal 100 (step S400), and
The playlist file recorded in the data area 1415C of the memory 1415 via S4 is rewritten to the received playlist file (step S402), and the moving operation ends (step S404).

[0335] The playback list file is a management information file for a playback terminal created for the same purpose as the content list file recorded on the HDD. The reproduction terminal 100 specifies and reproduces the content file and the license management file in the order of appearance of the content included in the reproduction list file.

In this way, it is confirmed that the memory card 110 attached to the reproduction terminal 100 is an authorized device, and at the same time, that the public encryption key KPm3, which has been encrypted and transmitted together with the class certificate Cm3, is valid. After doing
The content data can be moved only in response to a move request to a memory card that is not listed in the class certificate list in which the class certificate Cm3 is prohibited, that is, the class certificate list in which encryption with the public encryption key KPm3 has been broken. Movement to an unauthorized memory card and movement using a decrypted class key can be prohibited. Further, by using this moving operation, the user of the reproduction terminal 102 having no communication function with the distribution server 10 can also receive the encrypted content data and the license via the personal computer 50 into the memory card, The convenience for the user is improved.

Although the transfer processing has been described as is clear from the description, if the license of the license is permitted by the content provider, the transfer processing is executed as a copy processing, and the license management device 511 on the transmission side receives the license. Is kept as it is. In this case, the copying is performed only when the content provider, that is, the copyright holder permits the copying at the time of distribution and the moving copy flag of the access restriction information ACm is set to the moving copying permitted. It is not an act that hinders the rights of the copyright owner. The access restriction information is a part of the license, its confidentiality is guaranteed, and its copyright is protected.

In the above description, the license transfer from the license management device 520 of the personal computer 50 to the memory card 110 has been described.
The transfer of the license to 20 is also performed according to the flowcharts shown in FIGS. Further, the personal computer 50 transmits the encrypted content data and the license received from the distribution server 10 to the memory card 110.
Can be moved to the license management device 520 only the encrypted content data and the license received from the distribution server 10 by hardware, and the license management module 511 receives the encrypted content data and the license received from the distribution server 10 by the software. Cannot be transmitted to the memory card by the concept of “move”. The license management module 511 exchanges authentication data and an encryption key with the distribution server 10 by software at a lower security level than the license management device 520, and receives the encrypted content data and the license. The likelihood of encryption being broken in operation is higher than if encrypted content data and a license were received by the license management device 520. Accordingly, the encrypted content data and license received and managed at the lower security level are “migrated” to the memory card 110 that receives and manages the encrypted content data and license at the same security level as the license management device 520. If it can be moved freely by the concept of, the memory card 1
10, the encrypted content data and license received by the license management module 511 cannot be transmitted to the memory card 110 by the concept of “migration” in order to prevent this.

However, if the encrypted content data and the license with a low security level received by the license management module 511 cannot be transferred to the memory card 110 at all, it is possible to freely copy the content data while protecting the copyright. Contrary to the purpose of the data distribution system that allows the user, the convenience of the user is not improved. Therefore, the encrypted content data and the license received by the license management module 511 can be transmitted to the memory card 110 by the concept of check-out and check-in described below.

[Checkout] In the data distribution system shown in FIG. 1, the encrypted content data and the license distributed from the distribution server 10 to the license management module 511 of the personal computer 50 are transferred to the memory card 110 mounted on the reproduction terminal 100. The transmitting operation will be described. This operation is called “checkout”.

FIGS. 30 to 34 illustrate the data distribution system shown in FIG. 1 in which the license management module 511 transfers the encrypted content data and the license received from the distribution server 10 to the memory mounted on the reproduction terminal 100 on condition that the license is returned. It is a 1st-5th flowchart for demonstrating the checkout operation | movement lent to the card 110. Before the processing in FIG. 30, the user of the personal computer 50 determines the content to be checked out according to the content list file, and
The description will be made on the assumption that the content file and the license management file of D530 can be specified and the playlist file of the memory card 110 has been obtained.

Referring to FIG. 30, when a check-out request is input from keyboard 560 of personal computer 50 (step S500), license management module 511 performs a binding key acquisition process. 30 from step S501 in FIG. 30 to step 5 in FIG.
A series of 15 processes is a binding key acquisition process,
Step S2 in FIG. 20 in the flowchart of the distribution 2
The processing is the same as the series of processing from step 70 to step S284 in FIG. Therefore, description is omitted.

The license management module 511 that has obtained the binding key Kb sends the license management module 511 to the HDD via the bus BS2.
530, and obtains the encrypted confidential file 160 by using the binding key K
b to obtain a plaintext confidential file (step S516). Thereafter, the license management module 511 sends the confidential information n (transaction ID, content ID, license key K) in the confidential file corresponding to the confidential information number n recorded in the license management file.
c, access restriction information ACm, playback time limit ACp, and checkout information) (step S51).
7).

Then, the license management module 5
11 checks whether the license can be checked out based on the acquired access restriction information ACm (step S518), that is, the license management module 5
11 is a memory card 11 attached to the playback terminal 100
It is checked whether the license to be checked out to 0 has no restriction on the number of times of reproduction of the encrypted content data depending on the number of times of reproduction of the access restriction information ACm, and whether or not the license cannot be reproduced. If the number of times of reproduction is limited, do not check out the encrypted content data and license.

[0345] If it is determined in step S518 that the reproduction is restricted, the flow shifts to step S564, and the checkout operation ends. In step S518, if the number of times of reproduction of the encrypted content data has not reached the number of times limited by the access restriction information ACm, the process proceeds to step S519. Then, the license management module 511
Checks whether the number of possible check-outs included in the acquired check-out information is larger than "0" (step S519). In step S519, if the number of possible check-outs is “0”, there is no license that can be checked out, and the process proceeds to step S564.
The checkout operation ends. In step S519, when the number of check-outs is larger than “0”, the license management module 511 sends the USB interface 550, the terminal 580, and the USB cable 7
Then, a request for transmitting the authentication data is transmitted via “0” (step S520). Controller 1106 of playback terminal 100
Receives the authentication data transmission request via the terminal 1114, the USB interface 1112, and the bus BS3, and transmits the received authentication data transmission request to the memory card 110 via the bus BS3 and the memory card interface 1200. Then, the memory card 11
The controller 1420 of “0” receives a request for transmitting authentication data via the terminal 1426, the interface 1424, and the bus BS4 (step S521).

Upon receiving the authentication data transmission request, controller 1420 transmits authentication data {KPm3 // Cm3} KPa2 from authentication data holding section 1400 to bus BS4.
And the read authentication data {KPm3 /
/ Cm3 @ KPa2 to bus BS4, interface 14
24 and the terminal 1426 to the playback terminal 100. Then, the controller 1106 of the playback terminal 100
Are the memory card interface 1200 and the bus B
Authentication data via S3 {KPm3 // Cm3} KPa
2, the bus BS3, the USB interface 111
2, authentication data $ KPm3 // to the personal computer 50 via the terminal 1114 and the USB cable 70.
Cm3 @ KPa2 is transmitted (step S522).

Then, the personal computer 50
License management module 511 transmits authentication data $ K via terminal 580 and USB interface 550.
Pm3 // Cm3｝ KPa2 is received (step S52).
3), the received authentication data {KPm3 // Cm3}
KPa2 is decrypted with the level 2 authentication key KPa2 (step S524).

Referring to FIG. 32, license management module 511 determines whether or not the processing has been normally performed based on the result of the decryption processing, ie, whether memory card 110 has class public encryption key KPm3 In order to authenticate that the certificate Cm3 is held, authentication processing is performed to determine whether or not an authorized organization has received encrypted authentication data for certifying its validity (step S525). If it is determined that the authentication data is valid, the license management module 511 approves the class public encryption key KPm3 and the class certificate Cm3,
Accept. Then, control proceeds to the next process (step S526). If it is not valid authentication data, it is rejected and the class public encryption key KPm3 and class certificate Cm
3 is not received and the process is terminated (step S56).
4).

As a result of the authentication, when it is recognized that the memory card is a legitimate memory card, the license management module 511
Next inquires of the HDD 530 whether or not the class certificate Cm3 of the memory card 110 is listed in the forbidden class list CRL. Here, the checkout operation ends (step S564).
On the other hand, if the class certificate of the memory card 110 is out of the prohibited class list, the process proceeds to the next process (step S526).

As a result of the authentication, it is confirmed that the access is from a playback terminal equipped with a memory card having valid authentication data, and that the class is out of the prohibited class list, the license management module 511 checks out The transaction ID for checkout, which is a management code for specifying the transaction ID, takes a value different from all the transaction IDs stored in the memory card 110 and is generated as a transaction ID for local use. It is generated (step S527). Then, the license management module 511 generates a session key Ks2b for checkout (step S52).
8) The session key Ks2 generated by the class public encryption key KPm3 transmitted from the memory card 110.
b is encrypted (step S529). Then, the license management module 511 sends the encrypted data {Ks2
Checkout transaction ID /// added with checkout transaction ID to b @ Km3
{Ks2b} Km3 is transmitted to the reproduction terminal 100 via the USB interface 550, the terminal 580, and the USB cable 70 (step S530). Then,
The controller 1106 of the playback terminal 100
4, USB interface 1112, and bus BS3
Transaction ID for checkout //
{Ks2b} Km3 is received, and the received check-out transaction ID /// {Ks2b} Km3 is transmitted to memory card 110 via memory card interface 1200. Then, the controller 1420 of the memory card 110 receives the check-out transaction ID // Ks2bKm3 via the terminal 1426, the interface 1424, and the bus BS4 (step S531). The decryption processing unit 1422 outputs {Ks2b} from the controller 1420 via the bus BS4.
Km3 is received, and {Ks2b} Km3 is decrypted with secret decryption key Km3 from Km holding unit 1421, and session key Ks2b is received (step S532). Then, the session key generation unit 1418 generates the session key Ks2c (step S533), and the controller 1420 sends the CR of the memory 1415 via the bus BS4.
Update date / time CR of prohibited class list from L area 1415A
Ldate is acquired, and the acquired update date and time CRLda
te is given to the changeover switch 1446 (step S53)
4).

Then, encryption processing section 1406 sets session key Ks2c and individual public encryption key KP obtained by sequentially switching the terminals of changeover switch 1446.
mc4 and the update date and time CRLdate are stored in the decryption processing unit 1
The encrypted data {Ks2c // KPmc4> encrypted by the session key Ks2b decrypted by 404.
// CRLdate @ Ks2b is generated. The controller 1420 transmits the encrypted data {Ks2c // KPmc4
// CRLdate @ Ks2b is connected to the playback terminal 1 via the bus BS4, the interface 1424, and the terminal 1426.
00 to the controller 1106 of the playback terminal 100.
Is the encrypted data {Ks2c // KPmc4 // CRLdat via the memory card interface 1200.
e @ Ks2b is received. Then, the controller 1106
Is transmitted to the personal computer 50 via the USB interface 1112, the terminal 1114, and the USB cable 70 (step S535).

The license management module 511 of the personal computer 50 transmits the encrypted data $ Ks2c // via the terminal 580 and the USB interface 550.
KPmc4 // CRLdate @ Ks2b is received (step S536), and the received encrypted data @ Ks2 is received.
c // KPmc4 // CRLdate @ Ks2b is decrypted with the session key Ks2b, and the session key K
s2c, individual public encryption key KPmc4, and update date and time CR
Ldate is received (step S537). And
The license management module 511 generates check-out access restriction information ACm that prohibits a license from being transferred / copied from a memory card mounted on the reproduction terminal 100 to another memory card or the like. That is, access restriction information ACm in which the number of times of reproduction is unlimited (= 255), the move / copy flag is not move / copy (= 3), and the security level is set to 1 is generated (step S538).

Referring to FIG. 33, license management module 511 encrypts the license with public encryption key KPmc4 unique to memory card 110 received in step S537, and encrypts the data with the encrypted data {checkout transaction ID // content ID. // Kc /
/ ACm for checkout // ACp @ Kmc4 is generated (step S539). Then, the memory card 11
The updated date and time CRLdate transmitted from 0 is compared with the updated date and time of the prohibited class list held in the HDD 530 managed by the license management module 511, and it is determined which prohibited class list is newer. When it is determined that it is new, step S54
Move to 1. Conversely, if it is determined that the license management module 511 is newer, the process proceeds to step S54.
4 (step S540).

When it is determined that the memory card 110 is newer, the license management module 511 sends the encrypted data {checkout transaction ID // content ID // Kc // checkout ACm //.
ACp @ Kmc4 is encrypted with the session key Ks2c, and the encrypted data @ checkout transaction ID // content ID // Kc // checkout ACm // ACp @ Kmc4 @ Ks2c is converted to U
SB interface 550, terminal 580, and USB
The data is transmitted to the reproduction terminal 100 via the cable 70 (step S541).

[0355] Controller 1106 of playback terminal 100
Is the encrypted data via the terminal 1114, the USB interface 1112, and the bus BS3. The transaction ID for checkout // the content ID // Kc
// ACm for checkout // ACp {Kmc4} K
s2c, and the received encrypted data {checkout transaction ID // content ID /
/ Kc // ACm for checkout // ACp @ Kmc
4 @ Ks2c is transmitted to the memory card 110 via the bus BS3 and the memory card interface 1200. Then, the controller 142 of the memory card 110
0 is the terminal 1426, the terminal 1424, and the bus BS4.
, The encrypted data {checkout transaction ID // content ID // Kc // checkout ACm // ACp {Kmc4} Ks2c is received (step S542).

The decryption processing unit 1412 of the memory card 110
Indicates the encrypted data {checkout transaction ID // content ID // Kc // checkout ACm // ACp {Kmc4} Ks2c to the bus BS4.
And decrypted by the session key Ks2c generated by the session key generation unit 1418,
ト ラ ン ザ ク シ ョ ン Transaction ID for Checkout // Content ID // Kc // ACm // AC for Checkout
p｝ Kmc4 is received (step S543). Thereafter, the flow shifts to step S549 shown in FIG.

If it is determined in step S540 that the prohibited class list of the license management module 511 is newer, the license management module 51
1 is the license management module 51 from the HDD 530.
The forbidden class list CRL managed by No. 1 is acquired (step S544).

The license management module 511
Is the transaction ID for checkout // content ID // Kc // ACm // A for checkout
Cp @ Kmc4 and data CRL of the forbidden class list obtained from HDD 530 are encrypted with session key Ks2c, and the encrypted data {CRL //} transaction ID for checkout // content ID
// Kc // ACm for checkout // ACp @ Km
c4 @ Ks2c to USB interface 550, terminal 5
Playback terminal 100 via USB cable 80 and USB cable 70
(Step S545). The controller 1106 of the playback terminal 100 transmits the encrypted data {CRL //} checkout transaction I via the terminal 1114, the USB interface 1112, and the bus BS3.
D // Content ID // Kc // A for Checkout
Cm // ACp {Kmc4} Ks2c is received, and the received encrypted data {CRL /// checkout transaction ID // content ID // Kc // checkout ACm // ACp {Kmc4} Ks2c
To the bus BS3 and the memory card interface 120.
0 to the memory card 110. Then, the controller 1420 of the memory card 110 communicates with the terminal 1426, the interface 1424, and the bus BS.
4, the encrypted data {CRL //} transaction ID for checkout // content ID // Kc /
/ Checkout ACm // ACp @ Kmc4 @ Ks
2c is received (step S546).

In memory card 110, decryption processing section 1412 decrypts the received data on bus BS4 using session key Ks2c provided from session key generation section 1418, and decrypts the CRL and the {transaction ID for checkout / contents}. ID // Kc // ACm // ACp @ Kmc4 for checkout is received (step 547). The controller 1420 transmits the data CRL received by the decryption processing unit 1412 to the bus B
The data is received via S4, and the CRL area 1415A of the memory 1415 is rewritten with the received data CRL (step S548).

Steps S541, S542, S543
Is the license key K when the prohibited class list CRL of the memory card 110 on the receiving side is newer than the prohibited class list CRL of the license management module 511 on the transmitting side.
This is a check-out operation to the memory card 110 such as c.
7, S548 is a check-out operation of the license key Kc and the like to the memory card 110 when the prohibition class list CRL of the license management module 511 of the transmission side is newer than the prohibition class list CRL of the memory card 110 of the reception side. Thus, when transmitting the license to the memory card 110, the memory card 100
When a new prohibited class list CRL is recorded in the HDD 530 from the prohibited class list CRL held in the L area 1415B, the prohibited class list CRL is stored in the HDD 530.
530, and distributes the prohibited class list CRL to the memory card 110.
0 can update the prohibition class list held in the CRL area 1415B. It can prohibit transmission on the stub to the memory card 110 whose class key has been broken. Can be prevented.

Referring to FIG. 34, after step S543 or step S548, the encryption license {checkout transaction ID // content ID // Kc // checkout ACm // ACp} is instructed by controller 1420. Kmc4 is decrypted by the decryption processing unit 1404 using the secret decryption key Kmc4, and a license (license key Kc, checkout transaction ID, content ID, checkout ACm, and playback time limit ACp) is received (step S549).

The license management module 511 of the personal computer 50
The entry number for storing the license checked out to the USB interface 550 and the terminal 58
0, and the playback terminal 102 via the USB cable 70
(Step S550). Then, the controller 1106 of the playback terminal 102 connects to the terminal 1114,
The entry number is received via the USB interface 1112 and the bus BS3, and the license area 1 of the memory 1415 specified by the received entry number is received.
The license (license key Kc, checkout transaction ID, content ID, checkout ACm) received in step S566 is stored in 415B.
And playback control information ACp) (step S5).
51).

The license management module 511 of the personal computer 50 transmits the encryption entry number of the license stored in the memory 1415 of the memory card 110 and the encryption to be transferred to the memory card 110 including the plain text checkout transaction ID and the content ID. Content data {Dc} Kc and additional information Dc
A license management file for -inf is generated and transmitted to the memory card 110 (step S552).

The controller 142 of the memory card 110
No. 0 receives the license management file via the playback terminal 102 and records the received license management file in the data area 1415C of the memory 1415 (Step S).
553).

The license management module 511 of the personal computer 50 subtracts 1 from the number of possible check-outs, and checks out the transaction ID for check-out and the public encryption key KPmc unique to the memory card at the check-out destination.
4 and the checkout information is updated (step S554). Then, the license management module 51
1 is a transaction ID, a content ID, a license key Kc, access restriction information ACm, and a playback time limit AC.
p and the updated address information (the number of possible check-outs, the transaction ID for check-out, and the individual door-to-door public encryption key KPmc4 added to the check-out destination memory card 110) as the new confidential information n Update the confidential file (step S55)
5). Since the individual public key KPmc4 at the checkout destination is stored in the memory card without the tamper-resistant module, and has a unique value for each memory card obtained by highly secure communication means using encryption by authentication. It is suitable as identification information for specifying a memory card.

After that, the license management module 511
Encrypts the plaintext confidential file with the binding key Kb and updates the encrypted confidential file 160 recorded in the HDD 530 (step S556).

The license management module 511 acquires the encrypted content data {Dc} Kc to be checked out to the memory card 110 and the additional information Dc-inf from the HDD 530, and {Dc} Kc // Dc-i
nf to the memory card 110 (step S55)
7). The controller 1420 of the memory card 110
{Dc} Kc // Dc-inf via the playback terminal 100
Is received (step S558), and {Dc} Kc // Dc-inf received via the bus BS4 is stored in the memory 1415.
Is recorded in the data area 1415C (step S55).
9).

Then, the personal computer 50
License management module 511 of the memory card 1
Then, a playlist file in which the tune checked out to 10 is added is created (step S560), and the playlist file and an instruction to rewrite the playlist file are transmitted to the memory card 110 (step S561). The controller 1420 of the memory card 110
And the rewrite instruction are received via the terminal (step S
562), the playlist file recorded in the data area 1415C of the memory 1415 via the bus BS4 is rewritten to the received playlist file (step S56).
3), the check-out operation ends (step S56)
4).

[0369] In this way, it is confirmed that the memory card 110 attached to the reproduction terminal 100 is an authorized device, and that the class public encryption key KPm3 encrypted and transmitted together with the class certificate Cm3 is valid. After the confirmation, the content data is stored only in response to a check-out request to a memory card that is not included in the prohibited certificate list of the class certificate Cm3, that is, the class certificate list in which the encryption by the class public encryption key KPm3 has been broken. Can be checked out, and checkout to an unauthorized memory card and checkout using the decrypted class key can be prohibited. In addition, the encryption key generated by the license management module and the memory card are exchanged, encryption is performed using the encryption key received by each other, and the encrypted data is transmitted to the other party. Mutual authentication can be performed in the transmission and reception of the encrypted data, and security in the check-out operation of the encrypted content data and the license can be improved.
Further, by using this check-out operation, the reproduction terminal 1 having no communication function with the distribution server 10
00 can also receive the encrypted content data and the license received by the personal computer 50 by the software on the memory card, thereby improving the user's convenience.

[Check-in] In the data distribution system shown in FIG. 1, the operation of returning the encrypted content data and license checked out from the license management module 511 of the personal computer 50 to the memory card 110 to the license management module 511 will be described. . This operation is called “check-in”.

FIGS. 35 to 38 illustrate a check-in operation in which the encrypted content data and the license lent to the memory card 110 by the check-out operation described with reference to FIGS. 30 to 34 are returned. 5 is a first to fourth flowcharts of FIG. Prior to the processing in FIG. 35, the user of the personal computer 50 can read the content list file recorded on the HDD 520 and the data area 1415B of the memory card 110.
Get the playlist file recorded in, determine the content to check in according to both files,
The content file and the license management file of the HDD 530 and the memo card 110 can be specified, and
The description will be made on the assumption that the license management file of the memory card 110 has been obtained.

Referring to FIG. 35, when a check-in request is input from keyboard 560 of personal computer 50 (step S600), license management module 511 performs a binding key acquisition process. Step S601 in FIG. 35 to Step 6 in FIG.
A series of 15 processes is a binding key acquisition process,
Step S2 in FIG. 20 in the flowchart of the distribution 2
The processing is the same as the series of processing from step 70 to step S284 in FIG. Therefore, description is omitted.

The license management module 511 that has acquired the binding key Kb sends the license management module 511 to the HDD via the bus BS2.
530, and obtains the encrypted confidential file 160 by using the binding key K
b to obtain a plaintext confidential file (step S616). After that, the license management module 511 sends the confidential information n (license (transaction ID, content ID, license key Kc, access restriction information ACm, reproduction limit ACm) in the confidential file corresponding to the confidential information number n recorded in the license management file.
p) and checkout information (number of checkouts possible, checkout transaction ID, individual public encryption key KPmc of the memory card at the checkout destination)
x)) is obtained (step S617). Then, the license management module 511 transmits a request for transmitting authentication data to the reproduction terminal 100 via the USB interface 550, the terminal 580, and the USB cable 70 (Step S618).

Then, the controller 1106 of the reproduction terminal 100 connects the terminal 1114 and the USB interface 1
A request for transmitting authentication data is received via 112 and bus BS3, and a transmission request for authentication data is transmitted to memory card 110 via bus BS3 and memory card interface 1200. Then, the controller 1420 of the memory card 110 receives the authentication data transmission request via the terminal 1426, the interface 1424, and the bus BS4 (Step S619).

When controller 1420 receives the authentication data transmission request, controller 1420 transmits authentication data {KPm3 // Cm3} KPa2 from authentication data holding section 1400 to bus BS4.
And the read authentication data {KPm3 /
/ Cm3 @ KPa2 to bus BS4, interface 14
24 and the terminal 1426 to the playback terminal 100. Then, the controller 1106 of the playback terminal 100
Are the memory card interface 1200 and the bus B
Authentication data via S3 {KPm3 // Cm3} KPa
2, the bus BS3, the USB interface 111
2, authentication data $ KPm3 // to the personal computer 50 via the terminal 1114 and the USB cable 70.
Cm3 @ KPa2 is transmitted (step S620).

The license management module 511 of the personal computer 50 sends the authentication data $ KPm3 // C via the terminal 580 and the USB interface 550.
m3 @ KPa2 is received (step S621), and the received authentication data {KPm3 // Cm3} KPa2 is decrypted with the level 2 authentication key KPa (step S62).
2). Then, the license management module 511 determines from the decryption processing result whether or not the processing has been normally performed, that is, the memory card 110 holds the class public encryption key KPm3 and the class certificate Cm3 from the authorized memory card. In order to authenticate the user, an authentication process is performed to determine whether or not an authorized organization has received encrypted authentication data for proving its validity (step S62).
3). If it is determined that the authentication data is valid, the license management module 511 sends the class public encryption key KP
m3 and the class certificate Cm3 are approved and accepted. Then, control goes to the next process (step S624). If it is not valid authentication data, it is rejected and the process ends without accepting the class public encryption key KPm3 and the class certificate Cm3 (step S653). As a result of authentication,
When the license management module 511 recognizes that the memory card is a legitimate memory card, the license management module 511 generates a dummy transaction ID (step S624). The dummy transaction ID always takes a value different from all the transaction IDs stored in the memory card 110 and is generated as a transaction ID for local use.

Referring to FIG. 37, license management module 511 has a check-in session key Ks2.
b is generated (step S625). Then, the license management module 511 sends the generated session key K
s2b is encrypted with the class public encryption key KPm3 received from the memory card 110, and the encrypted data {Ks2
b｝ Km3 is generated (step S626), and a dummy transaction ID // {Ks2b} obtained by adding a dummy transaction ID to the encrypted data {Ks2b} Km3.
Km3 is transmitted to the reproduction terminal 100 via the USB interface 550, the terminal 580, and the USB cable 70 (Step S627). The controller 1106 of the reproduction terminal 100 receives the dummy transaction ID /// {Ks2b} Km3 via the terminal 1114, the USB interface 1112, and the BS3, and transmits the received dummy transaction ID // {Ks2b} Km3 to the memory card interface 1200. To the memory card 110 via. Then, the controller 1420 of the memory card 110 receives the dummy transaction ID // {Ks2b} Km3 via the terminal 1426, the interface 1424, and the bus BS4 (Step S628). The decryption processing unit 1422 includes the controller 1
{Ks2b} Km3 is received from bus 420 via bus BS4, and class secret decryption key Km from Km holding unit 1421 is received.
3, and decrypts {Ks2b} Km3 to accept the session key Ks2b (step S629). And
The session key generation unit 1418 outputs the session key Ks
2c (step S630), and the controller 14
Reference numeral 20 denotes an update date / time CRLd of the prohibited class list from the CRL area 1415A of the memory 1415 via the bus BS4.
ate, and the obtained update date and time CRLdate
Is given to the changeover switch 1446 (step S63)
1).

Then, encryption processing section 1406 sets session key Ks2c and individual public encryption key KP obtained by sequentially switching the terminals of changeover switch 1446.
mc4 and the update date and time CRLdate are stored in the decryption processing unit 1
422, encrypted by the session key Ks2b obtained through the terminal Pa of the changeover switch 1442, and the encrypted data {Ks2c // KPmc4 //
Generate CRLdate @ Ks2b. Controller 1
420 is the encrypted data {Ks2c // KPmc4 //
The CRLdate @ Ks2b is transferred to the reproduction terminal 100 via the bus BS4, the interface 1424, and the terminal 1426.
And the controller 1106 of the playback terminal 100
Encrypted data {Ks2c // KPmc4 // CRLdate} K via memory card interface 1200
s2b is received. Then, the controller 1106 transmits the encrypted data {Ks2c // KPmc4 // CRLdat
e @ Ks2b to USB interface 1112, terminal 1
114 and to the personal computer 50 via the USB cable 70 (step S632).

The license management module 511 of the personal computer 50 transmits the encrypted data {Ks2c // via the terminal 580 and the USB interface 550.
KPmc4 // CRLdate @ Ks2b is received (step S633), and the received encrypted data @ Ks2 is received.
c // KPmc4 // CRLdate @ Ks2b is decrypted with the session key Ks2b, and the session key K
s2c, individual public encryption key KPmc4, and update date and time CR
Ldate is received (step S634).

Then, the license management module 5
11 indicates whether the received individual public encryption key KPmc4 is included in the checkout information of the confidential information n acquired in step S617, that is, the transaction ID for checkout of the license to be checked out.
It is determined whether or not it matches the individual public encryption key KPmcx stored corresponding to (step S635).

The received individual public encryption key KPmc4 is
When the encrypted content data and license are checked out, they are included in the updated checkout information (see step S551 in FIG. 34). Therefore, the check-out destination checked out at the time of check-in can be easily specified by including the individual public encryption key KPmc4 corresponding to the check-out destination of the encrypted content data or the like in the check-out information.

In step S635, when the individual public encryption key KPmc4 is not included in the check-out information, the check-in operation ends (step S653).
In step S635, the individual public encryption key KPmc4
Is included in the checkout information, the license management module 511 determines the dummy license, that is, the dummy transaction ID, the dummy content ID for which the corresponding content does not exist, and the dummy license key Kc (represented as dummy Kc) that cannot participate in reproduction. ), Dummy access restriction information ACm (represented as dummy ACm) whose moving copy flag indicates “prohibited moving duplication” and the number of times of reproduction is “0”, and a dummy reproduction time limit ACp (represented as dummy ACp). Encrypted with the key KPmc4 to generate encrypted data {dummy transaction ID // dummy content ID // Kc // dummy ACm // dummy ACp} Kmc4 (step S636).

The license management module 511 encrypts the encrypted data {dummy transaction ID // dummy content ID // dummy Kc // dummy ACm // dummy ACp} Kmc4 using the session key Ks2c, and encrypts the encrypted data. Dummy transaction ID // Dummy content ID // Dummy Kc // Dummy ACm // Dummy ACp {Kmc4} Ks2c is generated and the generated encrypted data {Dummy transaction ID // Dummy content ID // Kc // Dummy ACm // Dummy ACp {Kmc4} Ks2c to USB
The data is transmitted to the reproduction terminal 100 via the interface 550, the terminal 580, and the USB cable 70 (step S637).

[0384] Controller 1106 of playback terminal 100
Is encrypted data {dummy transaction ID // dummy content ID // dummy K via terminal 1114, USB interface 1112, and bus BS3.
c // Dummy ACm // Dummy ACp {Kmc4} Ks
2c is received. The controller 1106 transfers the received encrypted data {dummy transaction ID // dummy content ID // dummy Kc // dummy ACm // dummy ACp} / Kmc4 / Ks2c to the memory card 110 via the bus BS3 and the memory card interface 1200. Send. The controller 1420 of the memory card 110 includes a terminal 1426, a terminal 1424,
And a dummy transaction ID // dummy content ID // dummy Kc // dummy ACm // dummy ACp {Kmc4} Ks2c is received via the bus BS4 (step S638).

Referring to FIG. 38, the decryption processing unit 1412 of the memory card 110
D // Dummy content ID // Dummy Kc // Dummy ACm // Dummy ACp {Kmc4} Ks2c to bus B
Received through S4, decrypted by the session key Ks2c generated by the session key generation unit 1418, {Dummy transaction ID // Dummy content ID // Dummy Kc // Dummy ACm // Dummy AC
p｝ Kmc4 is received (step S639). Then, decryption processing section 1404 receives encrypted data {dummy transaction ID // dummy content ID // dummy Kc // dummy ACm // dummy ACp} Kmc4 from decryption processing section 1412 and receives the received encrypted data {dummy Transaction ID // Dummy content ID // Dummy Kc // Dummy ACm // Dummy AC
p @ Kmc4 is decrypted with the individual secret decryption key Kmc4 from the Kmc holding unit 1402, and the dummy transaction ID, the dummy content ID, the dummy Kc, and the dummy AC are decrypted.
m and the dummy ACp (step S64)
0).

The license management module 511 of the personal computer 50 obtains the entry number storing the license to be checked out described in the license management file of the memory card 110,
The dummy license is transmitted to the reproduction terminal 102 via the USB interface 550, the terminal 580, and the USB cable 70 as an entry number for storing the dummy license (step S641). Then, the controller 1106 of the playback terminal 102 receives the entry number via the terminal 1114, the USB interface 1112, and the bus BS3, and stores the entry number in the license area 1415B of the memory 1415 specified by the received entry number via the bus BS4. A dummy license (dummy transaction ID, dummy content ID, dummy license key Kc, dummy access restriction information ACm, and dummy playback time limit ACp) is recorded (step S642).
By recording the dummy transaction ID, the dummy content ID, the dummy license key Kc, the dummy access restriction information ACm, and the dummy playback time limit ACp, the license checked out to the memory card 110 can be erased.

After that, the license management module 511 of the personal computer 50 increases the number of checkouts in the checkout information by one, and deletes the checkout transaction ID and the individual public key KPmc4 of the checkout destination memory card. To update the checkout information (step S643). Then, the license management module 511 updates the plaintext confidential file with the transaction ID, the content ID, the license key Kc, the access restriction information ACm, the playback expiration date ACp, and the updated checkout information as new confidential information n (Step S10). S644). afterwards,
The license management module 511 encrypts the plaintext confidential file with the binding key Kb, and
Update the encrypted confidential file 160 recorded in 30 (step S645).

Then, the license management module 5
Reference numeral 11 denotes a content file (encrypted content data {Dc}) corresponding to the checked-in license recorded in the data area 1415C of the memory card 100.
Kc, additional information Dc-inf), and a deletion instruction to delete the license management file,
The data is transmitted to the reproduction terminal 100 via the terminal 580 and the USB cable 70 (step S646). Reproduction terminal 1
00, the controller 1106 has a terminal 1114, a USB
Via the interface 1112 and the bus BS3, the content file (encrypted content data {Dc} K
c and additional information Dc-inf) and an instruction to delete the license management file (step S647). Then, controller 1106 outputs an instruction to delete (encrypted content data {Dc} Kc and additional information Dc-inf) and the license management file to memory card 110, and controller 1 of memory card 110
420 transmits the encrypted content data $ D via the terminal 1426, the interface 1424, and the bus BS4.
Upon receiving an instruction to delete the c @ Kc, the additional information Dc-inf, and the license management file, the encrypted content data $ D in the memory 1415 is received via the bus BS4.
c @ Kc and additional information Dc-inf) and the license management file are deleted (step S648).

The license management module 511 of the personal computer 50 creates a play list from which the checked-in music has been deleted (step S649), and sends the play list and the instruction to rewrite the play list to the memory card 110.
(Step S650). Memory card 110
The controller 1420 receives the playlist and the rewrite instruction via the playback terminal 100 (step S651),
The playlist in the memory 1415 is rewritten to the received playlist via the bus BS4 (step S652), and the check-in operation ends (step S653).

As described above, by receiving the encrypted content data and the license from the other party who has checked out the encrypted content data and the license, the license management module having a low security level, in which the transfer of the license is prohibited, is prohibited. A license is lent to a memory card with a higher security level, and a license acquired by a license management module with a lower security level can be transmitted to the memory card. Can be enjoyed by playing the encrypted content data.

Also, the license rented to the memory card is such that the checked-out license cannot be output from the memory card to other recording devices (memory card, license management device and license management module) by the access restriction information ACm. Since it is designated, the borrowed license will not be leaked.
By checking in (returning) the borrowed license management module, the rights of the borrowed license are
It returns to the rented license management module. Therefore, it does not allow the reproduction to be performed against the author's will, does not lower the security level, and protects the copyright.

[Reproduction] Next, with reference to FIG. 39 and FIG. 40, the reproduction operation of the content terminal moved to the memory card 110 and checked out at the reproduction terminal 100 (hereinafter, also referred to as content reproduction device) will be described. I do. Note that it is assumed that before the processing in FIG. 29, the user of the playback terminal 102 determines the content (song) to be played, specifies the content file, and acquires the license management file according to the playlist file. I do.

Referring to FIG. 39, at the start of the reproducing operation, a reproducing instruction is input from the user of reproducing terminal 100 to reproducing terminal 100 via operation panel 1108 (step S1000). Then, controller 1
106 is an authentication data holding unit 150 via the bus BS3.
Read the authentication data {KPp1 // Cp1} KPa2 from 0 and send the authentication data {KPp1 // Cp1} to the memory card 110 via the memory card interface 1200.
KPa2 is output (step S1002).

Then, memory card 110 receives authentication data {KPp1 // Cp1} KPa2 (step S1004). Then, the decryption processing unit 1408 of the memory card 110 receives the received authentication data {KPp1 /
/ Cp1 @ KPa2 is decrypted by the level-2 authentication key KPa2 held in the KPa holding unit 1414 (step S1006), and the controller 1420
Authentication processing is performed based on the decryption processing result in step 08. That is, an authentication process is performed to determine whether the authentication data {KPp1 // Cp1} KPa2 is legitimate authentication data (step S1008). If decryption failed,
The process moves to step S1048 and the reproduction operation ends. If the authentication data can be decrypted, the controller 1420
The acquired class certificate Cp1 is stored in the CRL of the memory 1415.
It is determined whether or not it is included in the prohibited class list CRL read from the area 1415A (step S1010). In this case, an identification number is assigned to the class certificate Cp1, and the controller 1420 determines whether or not the identification number of the received class certificate Cp1 exists in the prohibited class list CRL. If it is determined that the class certificate Cp1 is included in the prohibited class list data, step S
The flow shifts to 1048, where the reproducing operation ends.

If it is determined in step S1010 that class certificate Cp1 is not included in prohibited class list data CRL, session key generating section 1418 of memory card 110 generates a session key Ks2 for a reproduction session (step S1010). Step S1012). Then, the encryption processing unit 1410
The decryption unit 140 converts the session key Ks2 from
{Ks2} Kp1 encrypted with the class public encryption key KPp1 decrypted in step 8 is output to the bus BS3 (step S1014). Then, the controller 1420
Is transmitted to the memory card interface 1200 via the interface 1424 and the terminal 1426 {Ks2} K
p1 is output (step S1016). Playback terminal 10
0 controller 1106 acquires {Ks2} Kp1 via the memory card interface 1200. Then, Kp1 holding section 1502 outputs secret decryption key Kp1 to decryption processing section 1504.

[0396] The decryption processing unit 1504
{Ks2} Kp1 is decrypted by the secret decryption key Kp1 paired with the public encryption key KPp1 output from the public key 02 and the session key Ks2 is output to the encryption processing unit 1506 (step S1018). Then, session key generating section 1508 generates a session key Ks3 for the reproduction session, and outputs session key Ks3 to encryption processing section 1506 (step S1020). The encryption processing unit 1506 encrypts the session key Ks3 from the session key generation unit 1508 with the session key Ks2 from the decryption processing unit 1504, and {Ks3} Ks
2 and the controller 1106 outputs $ Ks via the bus BS3 and the memory card interface 1200.
3 @ Ks2 is output to memory card 110 (step S1022).

Then, the decryption processing unit 1412 of the memory card 110
4, and {Ks3} Ks2 are input via the bus BS4 (step S1024).

Referring to FIG. 40, decoding processing section 1412
Decrypts {Ks3} Ks2 with the session key Ks2 generated by the session key generation unit 1418, and outputs the session key Ks generated by the playback terminal 100.
3 is received (step S1026).

[0399] The controller 1106 of the reproduction terminal obtains the entry number in which the license is stored from the license management file of the reproduction request music previously obtained from the memory card 110, and obtains the entry number in the memory card 110 via the memory card interface 1200. The output entry number is output (step S1027).

[0400] In response to the entry of the entry number, controller 1420 checks access restriction information ACm (step S1028). In step S1028,
Specifically, by confirming the access limit information ACm, which is information regarding the restriction on the access to the memory, by confirming the number of times of reproduction, if the reproduction is already disabled, the reproduction operation is terminated. When the number of times of reproduction of the restriction information is limited, the number of reproductions of the access restriction information ACm is updated (decreased by one), and the process proceeds to the next step (step S1030). On the other hand, when the number of times of reproduction is not limited by the number of times of access restriction information ACm, step S1030 is skipped, and the process proceeds to the next step (step S1032) without updating access restriction information ACm. .

[0401] If it is determined in step S1028 that the reproduction operation can be performed, the license key Kc and the reproduction time limit A of the reproduction request music recorded in the license area 1415B of the memory 1415 are determined.
Cp is output on bus BS4 (step S103)
2).

The obtained license key Kc and reproduction time limit AC
p is sent to the encryption processing unit 1406 via the contact point Pf of the changeover switch 1446. The encryption processing unit 1406 includes:
Decoding processing unit 1 via contact Pb of changeover switch 1442
The license key Kc and the playback time limit ACp received via the changeover switch 1446 are encrypted with the session key Ks3 received from the switch 412, and {Kc // ACp} Ks3 is output to the bus BS4 (step S1034).

[0403] The encrypted data output to the bus BS4 is
Playback terminal 100 via interface 1424, terminal 1426, and memory card interface 1200.
Sent to

In reproduction terminal 100, encrypted data {Kc // ACp} Ks3 transmitted to bus BS3 via memory card interface 1200 is decrypted by decryption processing section 1510, and license key Kc
And the playback time limit ACp is received (step S103).
6). The decryption processing unit 1510 transmits the license key Kc to the decryption processing unit 1516, and outputs the playback time limit ACp to the bus BS3.
Output to

The controller 1106 receives the playback time limit ACp via the bus BS3 and checks whether or not playback is possible (step S1040).

[0406] If it is determined in step S1040 that reproduction is not possible due to the reproduction expiration date ACp, the reproduction operation ends.

If it is determined in step S1040 that the content can be reproduced, controller 1106 requests encrypted content data {Dc} Kc recorded as a content file in data area 1415C of memory card 110 via memory card interface 1200. . Then, the controller 1 of the memory card 110
420 acquires the encrypted content data {Dc} Kc from the memory 1415,
424 and to the memory card interface 1200 via the terminal 1426 (step S104)
2).

[0408] Controller 1106 of playback terminal 100
Acquires the encrypted content data {Dc} Kc via the memory card interface 1200, and
The encrypted content data {Dc} Kc is provided to the decryption processing unit 1516 via

[0409] The decryption processing unit 1516 decrypts the encrypted content data {Dc} Kc using the content key Kc output from the decryption processing unit 1510, and acquires the content data Data (step S1044).

Then, the decrypted content data Dc
Is output to the music playback unit 1518 and the music playback unit 1518
Reproduces the content data, the DA converter 1519 converts the digital signal into an analog signal,
Output to Then, the music data is output from the terminal 1530 to the headphone 130 via the external output device and reproduced (step S1046). Thus, the reproduction operation ends.

[0411] In the above description, the case where the encrypted content data recorded on the memory card 110 is reproduced by the reproduction terminal 100 has been described. However, the personal computer 50, 80 may have the content reproduction device 1550 shown in FIG. Thus, the encrypted content data received by the license management module 511 and the license management device 520 can be reproduced. The license management module 51
In the case where the encrypted content data obtained in step 1 is reproduced by the content reproduction device 1550, the license management module 511 obtains the binding key Kb stored in the license management device 520, and
The encrypted confidential file 160 recorded in the DD 530 is decrypted with the binding key Kb, the license is read from the plaintext confidential file, and the content reproduction device 1
Give to 550.

The personal computers 50 and 80
By incorporating a playback unit that functions according to software for playing back encrypted content data, the encrypted content data acquired by the license management module 511 can be played back by software.
Also in this case, the license management module 511 acquires the binding key Kb stored in the license management device 520, decrypts the encrypted confidential file 160 recorded on the HDD 530 with the binding key Kb, and obtains the license from the plaintext confidential file. The content is read and provided to the content reproduction device 1550. Compared to the reproduction with hardware confidentiality (level 2) using the content reproduction device 1550, the reproduction by software is the reproduction with software confidentiality (level 1). is there. Therefore, the license held by the license management device 520 cannot be used for reproduction by this software.

[Move 2] In the data distribution system shown in FIG. 1, the operation of moving the encrypted content data and license acquired by the license management module 511 of the personal computer 50 to the personal computer 80 will be described. This movement is referred to as [movement 2].

FIGS. 41 to 48 are first to eighth flowcharts for explaining the transfer of the encrypted content data and license acquired by the license management module 511 to the personal computer 80. In addition,
Before the processing in FIG. 41, the personal computer 5
The user 0 determines the content to be moved according to the content list file, and the description will be made on the assumption that the content file and the license management file of the HDD 530 and the memo card 110 are specified. Also,
The natural number w for identifying the class of the license management module in the receiving personal computer 80 is w = 5.
And a natural number y identifying the license management module
Is y = 5.

Referring to FIG. 41, when a license transfer request obtained by license management module 511 of personal computer 50 is input via keyboard 560 of personal computer 50 (step S800), the license of personal computer 50 is entered. The management module 511 performs a binding key acquisition process. 42 from step S801 in FIG.
Is a binding key acquisition process, which is the same as the series of processes from step S270 in FIG. 20 to step S284 in FIG. 21 in the distribution 2 flowchart. Therefore, description is omitted.

When a binding license is obtained,
The license management module 511 of the personal computer 50 obtains the encrypted confidential file 160 from the HDD 530 via the bus BS2, and decrypts the obtained encrypted confidential file 160 with the binding key Kb to obtain a plaintext confidential file ( Step S81
6). After that, the license management module 511 of the personal computer 50 transmits the confidential information n (transaction ID, content ID, content ID) in the confidential file corresponding to the confidential information number n recorded in the license management file.
The license key Kc, the access restriction information ACm, the reproduction time limit ACp, and the checkout information) are obtained (step S817).

Then, the personal computer 50
The license management module 511 confirms whether the movement and duplication of the encrypted content data are possible based on the acquired access restriction information ACm (step S5).
18) That is, the license management module 511
Based on the number of times of reproduction of the obtained access restriction information ACm and the move / copy flag, whether or not the license to be moved to the personal computer 80 is a license that cannot move and copy the encrypted content data by the access restriction information ACm. Check.

[0418] In step S818, if the movement and duplication of the encrypted content data are prohibited, the flow shifts to step S903, and the movement operation ends. If it is determined in step S818 that movement and duplication of the encrypted content data are not prohibited, the process proceeds to step S819. Then, the license management module 511
Confirms whether checkout is possible based on the acquired checkout information (step S819). If check-out is not possible in step S819, check-out is prohibited, so the flow shifts to step S903, and the check-out operation ends. If it is determined in step S819 that the new binding key can be stored in the license management device 520, the license management device 520 cannot be authenticated in the device confirmation process for confirming whether a new binding key can be stored in the license management device 520, or If a new binding key cannot be recorded by the prohibited class list CRL, the processing is interrupted to maintain the current state. A series of processing from step S821 in FIG. 42 to step 833 in FIG. 43 is device confirmation processing, which is the same as a series of processing from step S16 in FIG. 10 to step S42 in FIG. 11 in the initialization flowchart. Therefore, description is omitted.

When the device confirmation processing is completed, the license management module 511 of the personal computer 50
Transmits a transmission request for authentication data to the personal computer 80 via the communication cable 90 (step S8).
34). Then, the license management module of the personal computer 80 receives the request for transmitting the authentication data (step S835).

[0420] Upon receiving the request for transmitting the authentication data, the license management module of the personal computer 80 transmits the authentication data {KPm5 // Cm5} KPa1 to the personal computer 50 (step S83).
6). The license management module 511 of the personal computer 50 sends the authentication data {KPm5 // Cm5} via the terminal 580 and the USB interface 550.
KPa1 is received (step S837), and the received authentication data {KPm5 // Cm5} KPa1 is level 1
Decryption is performed using the authentication key KPa1 (step S83).
8).

Referring to FIG. 44, license management module 511 determines whether or not the processing has been normally performed based on the result of the decryption processing, that is, whether memory card 110 has the class public encryption key KPm5 from the authorized memory card and the class public encryption key KPm5. In order to authenticate the holding of the certificate Cm5, an authentication process is performed to determine whether or not an authorized organization has received authentication data encrypted for certifying its validity (step S839). If it is determined that the authentication data is valid, the license management module 511 approves and accepts the public encryption key KPm3 and the certificate Cm3. Then, control proceeds to the next process (step S840). If it is not valid authentication data, it is rejected, and the process ends without accepting the class public encryption key KPm5 and the class certificate Cm5 (step S903). As a result of authentication,
When the license management module 511 recognizes that the memory card is a legitimate memory card,
The HDD 530 is inquired of whether or not the class certificate Cm3 of 0 is listed in the prohibited class list CRL. If these class certificates are targets of the prohibited class list, the moving operation is ended here. (Step S903). On the other hand, if the class certificate of the memory card 110 is out of the prohibited class list, the process proceeds to the next process (step S840).

[0422] As a result of the authentication, it is confirmed that the access is from a playback terminal equipped with a memory card having valid authentication data, and that the class is out of the prohibited class list, the license management module 511 moves A session key Ks2d is generated (step S841). Then, the license management module 511 encrypts the generated session key Ks2d with the class public encryption key KPm5 received from the personal computer 80, generates encrypted data {Ks2d} Km5 (step S842), and generates the encrypted data {Ks2d}. Transaction ID with transaction ID added to Km5 //
{Ks2d} Km5 is transmitted to the personal computer 80 via the communication cable 90 (step S84).
3). The license management module of the personal computer 80 has a transaction ID /// {Ks2d} K
m5 is received (step S844). The license management module of the personal computer 80
{Ks2d} Km5 is decrypted with the class secret decryption key Km3, and the session key Ks2d is received (step S845). Then, the license management module of the personal computer 80 generates the session key Ks2e (Step S846), and acquires the update date and time CRLdate of the prohibited class list CRL from the HDD (Step S847).

Then, the license management module of the personal computer 80 sets the session key Ks2e,
Individual public encryption key KPmc5 and prohibited class list CR
Ldate is encrypted with the session key Ks2d, and the encrypted data {Ks2e // KPmc5 // CRL
data @ Ks2d is generated, and the encrypted data @ Ks2e is generated.
// KPmc5 // CRLdate @ Ks2d is transmitted to the personal computer 50 via the communication cable 90 (step S848).

[0424] The license management module 511 of the personal computer 50 transmits the encrypted data {Ks2e // via the terminal 580 and the USB interface 550.
KPmc5 // CRLdate @ Ks2d is received (step S849), and the received encrypted data @ Ks2 is received.
e // KPmc5 // CRLdate @ Ks2d is decrypted by the session key Ks2d, and the session key K
s2e, individual public encryption key KPmc5, and update date CR
Ldate is received (step S850). And
The license management module 511 encrypts the transaction ID, the content ID, the license key Kc, the access restriction information ACm, and the playback expiration date ACp with the individual public encryption key KPmc5 unique to the personal computer 80, and encrypts the encrypted data {transaction ID //
Content ID // Kc // ACm // ACp @ Kmc
5 is generated (step S851).

Referring to FIG. 45, license management module 511 of personal computer 50 manages the license management module of personal computer 80 based on the update date and time CRLdate of the prohibited class list transmitted from the license management module of personal computer 80. It is determined whether the prohibited class list managed by itself is newer or the prohibited class list managed by itself is newer. If it is determined that the prohibited class list CRL managed by itself is older, the process moves to step S853. On the other hand, when it is determined that the prohibition class list CRL managed by itself is newer, the process proceeds to step S856 (step S8).
52).

When it is determined that the prohibited class list CRL managed by itself is old, the license management module 51
1 encrypts the encrypted data {transaction ID // content ID // Kc // ACm // ACp} Kmc5 using the session key Ks2e generated in the license management module 511, and encrypts the encrypted data {transaction ID / / Content ID // K
c // ACm // ACp {Kmc5} Ks2e is transmitted to the personal computer 80 via the communication cable 90 (step S853).

Then, the license management module of the personal computer 80 sets the encrypted data {transaction ID // content ID // Kc // ACm /
/ ACp {Kmc5} Ks2e is received (step S8).
54), encrypted data {transaction ID // content ID // Kc // ACm // ACp} Kmc
5 Decrypt Ks2e with session key Ks2e, and {Transaction ID // Content ID // K
c // ACm // ACp @ Kmc5 is received (step S855). After that, the procedure moves to Step S861.

[0428] On the other hand, if it is determined in step S852 that the prohibition class list CRL managed by itself is new, the license management module 511 of the personal computer 50 transmits the prohibition class list CRL from the HDD 530.
The RL is obtained (step S856). Then, the license management module 511 checks the prohibited class list CRL.
And encrypted data {transaction ID // content ID // Kc // ACm // ACp} Kmc5, and encrypts the data with the session key Ks2e to encrypt the data {CRL /// transaction ID // content ID // Kc // ACm // ACp {Kmc5} K
s2e is transmitted to the personal computer 80 via the communication cable 90 (step S857).

The personal computer 80 transmits the encrypted data {CRL //// transaction ID /
/ Content ID // Kc // ACm // ACp @ Km
c5 @ Ks2e is received (step S858), and the license management module decrypts the received data using the session key Ks2e to obtain the CRL and the encrypted data {transaction ID // content ID // Kc // ACm.
// Acp @ Kmc5 is accepted (step S85)
9).

The license management module of the personal computer 80 rewrites the prohibited class list CRL recorded in the HDD with the received CRL (step S860).

Steps S853, S854, S855
Depends on the update date and time CRLdate of the prohibited class list sent from the personal computer 80, but the prohibited class list CRL held by the receiving personal computer 80 is different from the personal computer 50 on the fare side.
This is an operation of moving the license key Kc and the like to the personal computer 80 when the prohibited class list CRL held by the user is newer.
56, S857, and S860 are sent to the personal computer 80 such as the license key Kc when the prohibited class list CRL held by the personal computer 80 on the receiving side is older than the prohibited class list CRL held by the personal computer 50 on the sending side. This is the moving operation.

Step S855 or step S860
After that, the license management module of the personal computer 80 transmits the encrypted data {transaction ID //
Content ID // Kc // ACm // ACp @ Kmc
5 is decrypted using the individual secret decryption key Kmc5 and the license (license key Kc, transaction ID, content ID, access restriction information ACm,
Cp) is received (step S861). Then, the license management module transmits the received access restriction information A
It is determined whether or not the number of times of reproduction is limited by Cm. If the number of times of reproduction is not limited, step S863 is performed.
Move to step S8 when the number of times of reproduction is limited
The process moves to 64 (step S862). Then, when the number of times of reproduction is not limited, the license management module generates checkout information including the number of possible checkouts for lending the encrypted content and the license received from the personal computer 50 to another device (step). S863). In this case, the initial value of the checkout is set to “3”. When the number of times of reproduction is limited, the license management module sets the number of possible checkouts for lending the encrypted content data to another device to “0” and generates checkout information (step S864). ). Thereafter, the flow shifts to step S880 in FIG.

Step S853 or step S857
Thereafter, in parallel with the transfer of the license from the personal computer 50 to the personal computer 80, the rewriting operation of the binding license held by the personal computer 50 is performed. After step S853 or step S857, the personal computer 50
The license management module 511 determines whether the license can be copied based on the access restriction information ACm (step 865). If the license can be copied, the process returns to step S898 in FIG. 48, where the encrypted content data {Dc} Kc and additional information Dc-i are added.
nf to the personal computer 80. In step S865, the license access restriction information A
When only movement is possible by the movement decoding flag of Cm, the license management module 511 reads the license management file 152n of the content list file 150 related to the moved license recorded in the HDD 530, and reads the confidential information number recorded in the license management file. n is changed to no license and the license management file 152n is updated (step S866), and a new binding key Kbb different from the first generated binding key Kb is generated (step S867). Then, the license management module 511 deletes the confidential information n from the plaintext confidential file, encrypts the confidential file with the newly generated binding key Kbb, and
Update the encrypted confidential file 160 in 30 (step S868).

Referring to FIG. 46, license management module 511 sets a newly generated binding key Kbb.
Is stored in the license management device 520, a binding key registration process from step S869 to step S879 is performed. FIG. 1 in the initialization flowchart
The processing is the same as the series of processing from step S44 of FIG. 1 to step S66 of FIG. 12, except that the binding key Kb is changed to a new binding key Kbb and the session key Ks2b is changed to the session key Ks2c. Therefore, description is omitted.

When the registration of the new binding key Kbb is completed, the flow shifts to step S898 in FIG.

Referring to FIG. 47, step S8 in FIG.
61 or after step S862, the personal computer 80 acquires the binding key Kb2 from the built-in license management module, that is, acquires the binding key. The personal computer 80 is the same as the personal computer 50, and the steps from S878 to S893 in FIG.
Is a binding key acquisition process,
Step S2 in FIG. 20 in the flowchart of the distribution 2
70 is the same as the series of processes from step S284 to step S284 in FIG. 21. The acquired binding licenses (transaction IDb2, content IDb2, binding key Kb2, and control information ACmb2, ACpb
In 2), the session keys Ks2a and Ks2b are only changed to Ks2g and Ks2f, respectively. Therefore, description is omitted.

[0437] Upon obtaining the binding key Kb2, the license management module of the personal computer 80 obtains the encrypted confidential file 160 from the HDD 530 via the bus BS2, and decrypts the obtained encrypted confidential file 160 with the binding key Kb2. To obtain a plaintext confidential file (step S895). After that, the license management module converts the license (transaction ID, content ID, license key Kc, access restriction information ACm, playback time limit ACp) and checkout information received from the personal computer 50 to the plaintext confidential file as new confidential information n2. Additional information is added (step S896). Then, the license management module encrypts the plaintext confidential file with the binding key Kb2 and updates the encrypted confidential file 160 recorded in the HDD (step S89).
7).

Then, the personal computer 50
When step S868 and step S897 of FIG. 45 are both completed, the license management module 511 of FIG.
Content files (encrypted content data {Dc} Kc and additional information Dc-i) recorded on HDD 530
nf) and reads the encrypted content data {Dc} Kc
And the additional information Dc-inf to the personal computer 80 via the communication cable 90 (step S8).
98).

[0439] The license management module of the personal computer 80 stores the encrypted content data {Dc} K
c and the additional information Dc-inf, and receives the encrypted content data {Dc} Kc and the additional information Dc-inf (step S899). Then, the license management module transmits the received encrypted content data {Dc}.
Kc and the additional information Dc-inf are recorded on the HDD via the bus BS2 as a content file (Step S)
900). Further, the license management module includes a secret information number n2, a transaction ID, and a content I.
A license management file for the content file containing the encrypted content data {Dc} Kc including D and the additional information Dc-inf is created and recorded on the HDD (step S901). Then, the license management module adds the name of the received content to the content file of the content list file recorded on the HDD (step S902), and the moving operation ends (step S903).

As described above, the personal computer 50
By managing the license of the encrypted content data acquired by the license management module 511 with the binding key Kb, the encrypted content data and the license can be transferred from the personal computer 50 to the personal computer 80.

According to the first embodiment, the license management module built in the personal computer manages the license of the encrypted content data acquired by the software using the binding key that is managed by the license management device in hardware. Like the license of the encrypted content data acquired by the license management device, the encrypted content data and the license can be transmitted to another personal computer by the concept of “movement”.

[Second Embodiment] Referring to FIG. 49, a method of managing a license for encrypted content data acquired by license management module 511 in a second embodiment will be described.

The structure of content list file 150 is the same as the structure in the first embodiment. HDD 530
Has recorded therein an encrypted confidential file 160, in which the same transaction IDb, content IDb, and binding key Kb stored in the license management device 520 are stored. The encrypted confidential file 160 is uniquely encrypted so that it cannot be taken out of the personal computer 50 depending on the serial number of the CPU of the personal computer 50 or the like. Of the license management files 1522,..., 152n, the license management files 1522 and 152n correspond to the license management file for the license acquired by the license management module 511. It includes encrypted confidential information obtained by encrypting confidential information including license and checkout information in the same manner as the encrypted confidential file, and plaintext information on the license. The license management device 520 that stores the binding license
Is always stored in the entry number “0”.

Also, the license management file corresponding to the license whose license is stored in the license management device and the license management files 1521 and 152n correspond to the license confidential information, and specify the entry to be licensed in the license area 1415B of the license management device. The entry number is recorded.
The other files and the configuration of the license area 1415B are the same as those in FIG. 25 of the first embodiment, and a description thereof will not be repeated.

The license management file 1522,.
When the license is taken out from the license management device 520, the license management file 520 sends the entry number “0” to the license management device 520 if the license management file 1522,.
And obtains the binding key Kb from the encrypted secret file 160, and confirms that the obtained binding key Kb matches the binding key Kb stored in the encrypted confidential file 160.
If they match, the encrypted confidential information is decrypted to obtain license and checkout information. If they do not match, the license acquisition is prohibited and the processing is stopped.
On the other hand, if the entry number is included, the process is entrusted to the license management device 520. Further, when there is no license, the process is stopped because there is no license. Therefore, in the second embodiment, the license management device 520 is used in all processes for licensees with a low security level (level 1).
If the binding key Kb stored in the encrypted key file does not match the binding key Kb stored in the encrypted confidential file 160, the license management file 1522,.
The operation is performed so that the license of the encrypted content data cannot be taken out from 2n.

As a result, also in the second embodiment,
The license of the encrypted content data acquired by the license management module 511 can be managed by the binding key Kb, and the encrypted content is transferred from the personal computer 50 to the personal computer 80 in the same manner as described in the first embodiment. Data and licenses can be moved.

[Initialization] FIGS. 50 to 52 are first to third flowcharts for describing initialization of the encrypted confidential file 160 in the second embodiment. FIG.
The flowchart shown in FIG. 52 is the same as the flowcharts of FIGS. 10 to 12 except that step S66a of the flowcharts of FIGS. 10 to 12 is replaced with step S66a. Therefore, referring to FIG. 52, after step S64, license management module 511
Stores the transaction IDb, the content IDb and the binding key Kb in a plaintext confidential file,
A unique encryption is performed on the plaintext confidential file to create an encrypted confidential file 160, and the created encrypted confidential file 160 is recorded on the HDD 530 (step S66).
a). Then, the initialization operation ends (step S6).
8).

[Distribution 2] FIGS. 53 to 56 are first to first diagrams for describing an operation when receiving encrypted content data and a license from the distribution server 10 from the license management module 511 in the second embodiment. 4 is a flowchart of FIG. The flowcharts shown in FIGS. 53 to 56 are different from the flowcharts shown in FIGS. 17 to 21 in that steps S266, S268 and S288 are replaced with steps S287a to S287a. This is the same as the flowchart shown in FIG. Referring to FIG. 56, step S26
6, after the checkout information is generated in S268, the license management module 511 checks the received license (transaction ID, content ID, license key Kc, access restriction information ACm, and reproduction time limit ACp), checkout information, and binding information. And performs unique encryption to generate encrypted confidential information (step S286a). Then, the license management module 511 creates a license management file including the generated encrypted confidential information, the transaction ID, and the content ID, and records the license management file on the HDD 530 (Step S287a). After that, the process shifts to step S288 to execute the above-described steps, and the operation of distributing the encrypted content data and the license ends.

[Ripping] FIGS. 57 and 58 show the license management module 511 in the second embodiment.
Are first and second flowcharts for explaining an operation of ripping for obtaining encrypted content data and a license from a music CD. FIG. 57 and FIG.
22 is different from the flowcharts shown in FIGS. 22 to 24 in that the steps between steps S708 and S725 are replaced with steps S720a to S724a.
This is the same as the flowchart shown in FIG. Referring to FIG. 58, after step S708, the license management module 511 converts the received license (transaction ID, content ID, license key Kc, access restriction information ACm, and reproduction time limit ACp), checkout information, and binding information into Unique encryption is performed to generate encrypted confidential information (step S723a). Then, the license management module 511 creates a license management file including the generated encrypted confidential information, the transaction ID, and the content ID, and
30 (step S724a). Thereafter, the process proceeds to step S725, where the above-described steps are executed, and the operation of ripping the encrypted content data and the license is completed.

[Checkout] FIGS. 59 to 63 show the license management module 511 in the second embodiment.
10 is a first to a fifth flowchart for explaining an operation of checking out the encrypted content data and the license acquired by the user into the memory card 110 attached to the reproduction terminal 100. The flowcharts shown in FIGS. 59 to 63 correspond to steps S516a and S516 in the flowcharts shown in FIGS.
Steps S552 and S553 are replaced with Steps S552a and S553a instead of Steps b and S517a, and the rest is the same as the flowcharts shown in FIGS. Referring to FIG. 60, after step S515, the license management module 511 acquires the encrypted confidential file 160 recorded on the HDD 530, and acquires the binding key Kb that is decrypted and stored (step S516a). . Then, the license management module 511 determines whether the binding key Kb obtained from the license management device 520 matches the binding key Kb obtained from the encrypted confidential file 160, and the two binding keys Kb do not match each other. Then, the process proceeds to step S564, and the checkout operation ends. If the two binding keys Kb match each other, the process moves to the next step S517a (step S516b).

When the binding key Kb obtained from the license management device 520 matches the binding key Kb obtained from the encrypted confidential file 160, the encrypted confidential information is obtained from the license management file and the decrypted license (license key Kc, transaction ID, content ID, access restriction information A
Cm and the number of times of reproduction ACp) are obtained (step 517).
a). Then, the process proceeds to the next step S5118 in FIG.
Referring to FIG. 3, after step S551, the license management module 511 performs unique encryption on the confidential information reflecting the updated checkout information to generate encrypted confidential information (step S552a). Update the license management file including the confidential information (step S5)
53a). Thereafter, the process proceeds to step S554, and the above-described steps are executed, thereby completing the operation of checking out the encrypted content data and the license.

As described above, the license management device 52
Only when the binding key stored in 0 is the same as the binding key stored in the encrypted confidential file 160, the license management module acquires the license of the encrypted content data from the license management file. Therefore, also in the second embodiment, the license of the encrypted content data is substantially managed using the binding key.

[Check-in] FIGS. 64 to 67 show an operation in which the license management module 511 checks in the encrypted content data and the license checked out to the memory card 110 attached to the reproduction terminal 100 in the second embodiment. First to fourth for explaining
It is a flowchart of FIG. The flowcharts shown in FIG. 64 to FIG. 67 are the same as the flowcharts shown in FIG. 35 to FIG.
Steps S643 and S644 are replaced with steps S643a and S644a instead of 6b and 617a, and the rest is the same as the flowcharts shown in FIGS.

Referring to FIG. 65, after step S615, the license management module 511
Obtains the encrypted confidential file 160 recorded in
The binding key Kb decrypted and stored is obtained (step S616a). Then, the license management module 511 stores the binding key Kb acquired from the license management device 520 in the encrypted confidential file 1.
It is determined whether or not the binding key Kb obtained from the key 60 matches the binding key Kb. If the two binding keys Kb do not match each other, the process proceeds to step S653 and the check-in operation ends. If the two binding keys Kb match each other, the process moves to the next step S618 (step S616b).

When the binding key Kb obtained from the license management device 520 matches the binding key Kb obtained from the encrypted confidential file 160, the encrypted confidential information is obtained from the license management file and the decrypted license (license key Kc , Transaction ID, content ID, access restriction information ACm, and reproduction count ACp) (step 617a). Then, control goes to the next step S5118.

Referring to FIG. 67, after step S642, license management module 511 performs unique encryption on the confidential information reflecting the updated checkout information to generate encrypted confidential information (step S644).
a), the license management file including the encrypted confidential information is updated (step S645a). Then, step S
The flow shifts to 646, where the above steps are executed, and the operation of checking in the encrypted content data and the license ends.

[Move 2] FIGS. 68 to 74 illustrate the operation of moving the encrypted content data and license received by license management module 511 from personal computer 50 to personal computer 80 in the second embodiment. It is a 1st-7th flowchart. The flowcharts shown in FIGS.
Step S80 of the flowcharts shown in FIGS.
Steps S800a to S800c are inserted between 0 and step S801, and steps between steps S815 and S820 are replaced with steps S816a and S816a.
Step S867 instead of Step S867a
And steps S862 and S8 instead of steps S867b
Step between step S63 and step S897
895a to 896a, and otherwise,
This is the same as the flowcharts shown in FIGS.

Referring to FIG. 68, after step S800, the license management module 511 decrypts the encrypted confidential information of the license management file to obtain the confidential information (transaction ID,
The content ID, license key Kc, access restriction information ACm, playback time limit ACp, and checkout information are obtained (step S800a). Then, the license management module 511 determines whether the encrypted content data and the license can be moved and copied based on the ACm acquired in step S800a. When the movement and copying of the encrypted content data and the license are prohibited, the license management module 511 proceeds to step S903 to end the movement operation, and when the movement and copying are not prohibited, proceeds to step S800c. (Step S800b).

[0459] The license management module 511 determines whether or not check-out is possible based on check-out information when the transfer and duplication of the encrypted content data and the license b are possible, and when not possible, proceeds to step S903. The process moves and the moving operation ends, and when check-out is possible, the process moves to step S801.

Referring to FIG. 69, after step S815, the license management module 511
Obtains the encrypted confidential file 160 recorded in
The decrypted binding key Kb is obtained (step S816a). Then, the license management module 511 stores the binding key Kb acquired from the license management device 520 in the encrypted confidential file 1.
It is determined whether or not the binding key Kb obtained from the key 60 matches the binding key Kb. If the two binding keys Kb do not match each other, the process moves to step S903 and the movement operation ends. If the two binding keys Kb match each other, the process moves to the next step S820 (step S817a).

Referring to FIG. 72, after step S867, license management module 511 rewrites binding key Kb stored in the secret confidential file into binding key Kbb (step S868a), and performs unique encryption. Generated encrypted confidential file, and
Rewrite with the encrypted secret file of DD530 (step S868b). Next, the flow shifts to step S869 in FIG.

Referring to FIG. 74, steps S862, S8
At 63, after the checkout information is generated, the license management module 511 checks the received license (transaction ID, content ID, license key Kc, access restriction information ACm, and playback time limit AC).
The unique encryption is performed on p) and the checkout information to generate encrypted confidential information (step S895a). Then, the license management module 511 creates a license management file including the generated encrypted confidential information, the transaction ID, and the content ID, and
30 (step S896a). After that, the flow shifts to step S897 to execute the above-described steps, and the distribution operation of the encrypted content data and the license is completed.

The other parts are the same as in the first embodiment. According to the second embodiment, the license management module incorporated in the personal computer manages the license of the encrypted content data acquired by the software using the binding key that is managed by the license management device in a hardware manner. It is possible to transmit the encrypted content data and the license to another personal computer by the concept of “movement” in the same manner as the license of the encrypted content data acquired by the above.

In the first and second embodiments, the license management device 520 can store a binding license and a distribution license.
It may be a management device dedicated to the binding license.

Although the entry number is specified to specify the binding license, it may have a dedicated entry and may be handled separately from a higher-level license.

The embodiments disclosed this time are to be considered in all respects as illustrative and not restrictive. The scope of the present invention is defined by the terms of the claims, rather than the description of the embodiments, and is intended to include any modifications within the scope and meaning equivalent to the terms of the claims.

[Brief description of the drawings]

FIG. 1 is a schematic diagram conceptually illustrating a data distribution system according to a first embodiment of the present invention.

FIG. 2 is a diagram showing characteristics of data, information, and the like for communication in the data distribution system shown in FIG.

FIG. 3 is a diagram showing characteristics of data, information, and the like for communication in the data distribution system shown in FIG. 1;

4 is a diagram showing characteristics of data, information, and the like for communication in the data distribution system shown in FIG.

FIG. 5 is a schematic block diagram showing a configuration of a distribution server in the data distribution system shown in FIG.

FIG. 6 is a schematic block diagram showing a configuration of a personal computer in the data distribution system shown in FIG.

FIG. 7 is a schematic block diagram showing a configuration of a reproduction terminal in the data distribution system shown in FIG.

FIG. 8 is a schematic block diagram showing a configuration of a memory card in the data distribution system shown in FIG.

9 is a schematic block diagram showing a configuration of a license management device built in the personal computer shown in FIG.

10 is a first flowchart for explaining initialization of a confidential file in the personal computer shown in FIG. 1;

11 is a second flowchart for describing initialization of a confidential file in the personal computer shown in FIG. 1.

12 is a third flowchart for describing initialization of a confidential file in the personal computer shown in FIG. 1;

13 is a first diagram for explaining a distribution operation with a high security level in the data distribution system shown in FIG. 1;
It is a flowchart of FIG.

FIG. 14 is a second example for explaining a distribution operation with a high security level in the data distribution system shown in FIG. 1;
It is a flowchart of FIG.

FIG. 15 is a third view for explaining a delivery operation with a high security level in the data delivery system shown in FIG. 1;
It is a flowchart of FIG.

FIG. 16 is a fourth flowchart for explaining a delivery operation with a high security level in the data delivery system shown in FIG. 1;
It is a flowchart of FIG.

FIG. 17 is a first flowchart for explaining a delivery operation with a low security level in the data delivery system shown in FIG. 1;
It is a flowchart of FIG.

FIG. 18 is a second flowchart for explaining a delivery operation with a low security level in the data delivery system shown in FIG. 1;
It is a flowchart of FIG.

FIG. 19 is a third example for explaining a distribution operation with a low security level in the data distribution system shown in FIG. 1;
It is a flowchart of FIG.

20 is a fourth example for explaining a distribution operation with a low security level in the data distribution system shown in FIG. 1;
It is a flowchart of FIG.

FIG. 21 is a fifth flowchart for explaining a delivery operation with a low security level in the data delivery system shown in FIG. 1;
It is a flowchart of FIG.

FIG. 22 is a first flowchart for explaining a ripping operation in the data distribution system shown in FIG. 1;

FIG. 23 is a second flowchart for explaining the ripping operation in the data distribution system shown in FIG. 1;

FIG. 24 is a third flowchart for explaining the ripping operation in the data distribution system shown in FIG. 1;

FIG. 25 is a diagram showing a configuration of a content list file on a hard disk of a personal computer.

26 is a first flowchart for explaining a license transfer operation of encrypted content data in the data distribution system shown in FIG. 1;

FIG. 27 is a second flowchart for explaining the operation of transferring a license of encrypted content data in the data distribution system shown in FIG. 1;

FIG. 28 is a third flowchart for explaining a license transfer operation of the encrypted content data in the data distribution system shown in FIG. 1;

FIG. 29 is a fourth flowchart for explaining the operation of moving the license of the encrypted content data in the data distribution system shown in FIG. 1;

30 is a first flowchart for explaining a license check-out operation of encrypted content data in the data distribution system shown in FIG. 1;

FIG. 31 is a second flowchart for explaining the license check-out operation of the encrypted content data in the data distribution system shown in FIG. 1;

FIG. 32 is a third flowchart illustrating the license check-out operation of the encrypted content data in the data distribution system illustrated in FIG. 1;

FIG. 33 is a fourth flowchart illustrating the license check-out operation of the encrypted content data in the data distribution system shown in FIG. 1;

FIG. 34 is a fifth flowchart illustrating the license check-out operation of the encrypted content data in the data distribution system shown in FIG. 1;

FIG. 35 is a first flowchart for explaining a license check-in operation of encrypted content data in the data distribution system shown in FIG. 1;

FIG. 36 is a second flowchart illustrating the license check-in operation of the encrypted content data in the data distribution system shown in FIG. 1;

FIG. 37 is a third flowchart for explaining the license check-in operation of the encrypted content data in the data distribution system shown in FIG. 1;

FIG. 38 is a fourth flowchart for explaining the license check-in operation of the encrypted content data in the data distribution system shown in FIG. 1;

FIG. 39 is a first flowchart for describing a playback operation in the playback terminal.

FIG. 40 is a second flowchart for describing the playback operation in the playback terminal.

FIG. 41 is a first flowchart for illustrating movement of encrypted content data and a license between personal computers in the data distribution system shown in FIG. 1;

FIG. 42 is a second flowchart for describing movement of encrypted content data and a license between personal computers in the data distribution system shown in FIG. 1;

FIG. 43 is a third flowchart for describing movement of encrypted content data and a license between personal computers in the data distribution system shown in FIG. 1;

FIG. 44 is a fourth flowchart for explaining movement of encrypted content data and a license between personal computers in the data distribution system shown in FIG. 1;

FIG. 45 is a fifth flowchart for describing movement of encrypted content data and a license between personal computers in the data distribution system shown in FIG. 1;

FIG. 46 is a sixth flowchart for describing movement of encrypted content data and a license between personal computers in the data distribution system shown in FIG. 1;

FIG. 47 is a seventh flowchart for explaining movement of encrypted content data and a license between personal computers in the data distribution system shown in FIG. 1;

FIG. 48 is an eighth flowchart for explaining movement of encrypted content data and a license between personal computers in the data distribution system shown in FIG. 1;

FIG. 49 is a diagram showing another configuration of the content list file on the hard disk of the personal computer.

50 is a first flowchart for describing another operation of initializing a confidential file in the personal computer shown in FIG. 1;

FIG. 51 is a second flowchart for describing another operation of initializing the confidential file in the personal computer shown in FIG. 1;

FIG. 52 is a third flowchart for explaining another operation of initializing the confidential file in the personal computer shown in FIG. 1;

FIG. 53 is a first flowchart for describing another distribution operation with a low security level in the data distribution system shown in FIG. 1;

FIG. 54 is a second flowchart for explaining another distribution operation with a low security level in the data distribution system shown in FIG. 1;

FIG. 55 is a third flowchart for explaining another delivery operation with a low security level in the data delivery system shown in FIG. 1;

FIG. 56 is a fourth flowchart for explaining another delivery operation with a low security level in the data delivery system shown in FIG. 1;

FIG. 57 is a first flowchart for explaining another operation of ripping in the data distribution system shown in FIG. 1;

FIG. 58 is a second flowchart for explaining another operation of ripping in the data distribution system shown in FIG. 1;

FIG. 59 is a first flowchart for explaining another operation of checking out a license of encrypted content data in the data distribution system shown in FIG. 1;

60 is a second flowchart for describing another operation of license check-out of encrypted content data in the data distribution system shown in FIG. 1. FIG.

FIG. 61 is a third flowchart for explaining another operation of checking out the license of the encrypted content data in the data distribution system shown in FIG. 1;

FIG. 62 is a fourth flowchart for explaining another operation of checking out a license of encrypted content data in the data distribution system shown in FIG. 1;

FIG. 63 is a fifth flowchart for explaining another operation of checking out the license of the encrypted content data in the data distribution system shown in FIG. 1;

FIG. 64 is a first flowchart for explaining another operation of checking in a license of encrypted content data in the data distribution system shown in FIG. 1;

FIG. 65 is a second flowchart for describing another operation of license check-in of encrypted content data in the data distribution system shown in FIG. 1;

FIG. 66 is a third flowchart for explaining another operation of checking in a license of encrypted content data in the data distribution system shown in FIG. 1;

FIG. 67 is a fourth flowchart for explaining another operation of the license check-in of the encrypted content data in the data distribution system shown in FIG. 1;

FIG. 68 is a first flowchart for explaining another transfer of encrypted content data and a license between personal computers in the data distribution system shown in FIG. 1;

FIG. 69 is a second flowchart for describing another operation of moving the encrypted content data and the license between the personal computers in the data distribution system shown in FIG. 1;

70 is a third flowchart for describing another operation of moving the encrypted content data and the license between the personal computers in the data distribution system shown in FIG. 1;

FIG. 71 is a fourth flowchart for explaining another operation of moving encrypted content data and a license between personal computers in the data distribution system shown in FIG. 1;

FIG. 72 is a fifth flowchart for explaining another operation of moving the encrypted content data and the license between the personal computers in the data distribution system shown in FIG. 1;

73 is a sixth flowchart illustrating another operation of moving the encrypted content data and the license between the personal computers in the data distribution system illustrated in FIG. 1;

74 is a seventh flowchart for describing another operation of moving the encrypted content data and the license between the personal computers in the data distribution system shown in FIG. 1;

[Explanation of symbols]

Reference Signs List 10 distribution server, 20 distribution carrier, 30 Internet network, 40 modem, 50,80 personal computer, 60 CD, 70 USB cable, 90
Communication cable, 100 playback terminal, 110 memory card, 130 headphone, 150 content list file, 160 encrypted confidential file, 302 billing database, 304 information database, 306 C
RL database, 307 menu database, 3
08 distribution record database, 310 data processing unit,
312,320,1404,1408,1412,14
22, 1504, 1510, 1516, 5204, 52
08, 5212, 5222 Decryption processing unit, 313 Authentication key holding unit, 315 Distribution control unit, 316, Session key generation unit, 318, 326, 328, 1406, 14
10, 1417, 1506, 5206, 5210, 52
17, 5405 Cryptographic processing unit, 350 communication device, 51
0, 1106, 1420, 5220 Controller, 5
11 License management module, 520 License management device, 530 Hard disk, 540 CD
-ROM drive, 550, 1112 USB interface, 560 keyboard, 570 display,
580, 1114, 1426, 1530, 5226 terminals, 1108 operation panel, 1110 display panel, 1
200 Memory card interface, 1400, 15
00,5200 Authentication data holding unit, 1402,520
2 Kmc holding unit, 1414, 5214 KPa holding unit, 1415, 5215 memory, 1415A, 521
5A CRL area, 1415B, 5215B License area, 1415C data area, 1416, 5216
KPmc holding unit, 1418, 5218 Session key generation unit, 1421, 5221 Km holding unit, 142
4,5224 interface, 1442,1446
Changeover switch, 1502 Kp1 holding unit, 1518 Music playback unit, 1519 DA converter, 1521 to 152n
License management file, 1531 to 153n content file, 1550 content playback device.

──────────────────────────────────────────────────続 き Continued on the front page (51) Int.Cl. ⁷ Identification symbol FI Theme coat ゛ (Reference) H04L 9/00 601E 675B (71) Applicant 000005108 Hitachi, Ltd. 4-6-6 Kanda Surugadai, Chiyoda-ku, Tokyo ( 71) Applicant 000004167 Nippon Columbia Co., Ltd. 4-14-14 Akasaka, Minato-ku, Tokyo (72) Inventor Yoshihiro Hori 2-5-5-Keihanhondori, Moriguchi-shi, Osaka Sanyo Electric Co., Ltd. (72) Invention Person Toru Uemura Sanyo Electric Co., Ltd. 2-5-2-5 Keihanhondori, Moriguchi-shi, Osaka (72) Inventor Takuhisa Hatakeyama 4-1-1, Kamidadanaka, Nakahara-ku, Kawasaki-shi, Kanagawa Prefecture Inside Fujitsu Limited (72) Inventor Masataka Takahashi 98, Unoki-nu, Unoki-cho, Hebei-gun, Ishikawa Pref. Inside PFU Co., Ltd. (72) Inventor Takashi Tsunehiro Kanagawa 292 Yoshida-cho, Totsuka-ku, Hama-shi Inside Hitachi Laboratory System Development Laboratory Yokohama Laboratory (72) Inventor Yoshio Omori 5-1 Minatomachi, Kawasaki-ku, Kawasaki-shi, Kanagawa Japan F-term in Kawasaki Plant, Columbia Co., Ltd. (Reference) 5J104 AA07 AA13 AA15 AA16 EA06 EA19 KA02 KA05 NA02 NA03 NA06 NA35 NA37 NA38 NA41 NA42 PA07 PA11

Claims (27)

[Claims] An encrypted content data obtained by encrypting content data and a license for decrypting the encrypted content data to obtain an original plaintext are obtained, and the encrypted content data and the license are transferred to another data terminal. A data terminal device that outputs the encrypted content data and the license by software, a storage unit that stores the encrypted content data, a license management file, and an encrypted confidential file. And a device unit for decrypting the encrypted confidential file, and storing a binding license including a binding key for encrypting the decrypted confidential file in a dedicated area, wherein the confidential file comprises the license. Including confidential information as an element, License management file, in correspondence with the encrypted content file, and includes a management number of the confidential information contained in the confidential files, data terminal equipment. 2. When initializing the encrypted confidential file, the module unit generates the binding license including the binding key, generates a confidential file with empty confidential information, and stores the generated confidential file. 2. The data terminal device according to claim 1, wherein the encrypted terminal is encrypted with the generated binding key to generate the encrypted confidential file, and the generated binding license is given to the device unit. 3. 3. When acquiring the license, the module unit decrypts the encrypted confidential file read from the storage unit using the binding key acquired from the device unit, and obtains the encrypted confidential file in the decrypted confidential file. Updating the confidential file by writing the license as confidential information; encrypting the updated confidential file with the binding key; updating and recording the encrypted confidential file in the storage unit; 2. The data terminal device according to claim 1, wherein a license management file including a management number of the confidential information having the following as a constituent element is created and written into the storage unit. 4. When transmitting the license, the module unit obtains a license by decrypting the encrypted confidential file read from the storage unit using the binding key obtained from the device unit, and obtains the license. The data terminal device according to claim 1, wherein the data terminal device outputs the data to the outside. 5. The module according to claim 4, wherein when outputting the license, the module unit outputs the encrypted content data and the license corresponding to the license and recorded in the storage unit to the outside. Data terminal equipment. 6. The device according to claim 1, wherein the device unit receives a dedicated registration number designating the dedicated area from the module unit, and stores the binding license in the dedicated area according to the received dedicated registration number. Data terminal equipment. 7. The data terminal device according to claim 6, wherein upon outputting the license, the module unit acquires the binding key by transmitting the dedicated registration number to the device unit. 8. When outputting the license, the module unit transmits authentication data for the device unit to the device unit, and acquires the binding key when the authentication data is authenticated in the device unit. The data terminal device according to any one of claims 1 to 7. 9. The data terminal device according to claim 1, wherein at the time of outputting the license, the device unit encrypts and outputs the binding key. 10. When outputting the license, the module unit obtains a confidential file by decrypting the encrypted confidential file using the obtained binding key, and includes the confidential file in the license management file read from the storage unit. The data terminal device according to claim 4, wherein a license to be output to the outside is acquired by reading confidential information corresponding to a management number of the confidential information to be obtained from the acquired confidential file. 11. When transmitting the license to another data terminal device, the module unit further receives a public encryption key held in the device unit, so that the device unit can write a binding license. The data terminal device according to any one of claims 1 to 9, which confirms that there is a data terminal. 12. When the encrypted content data is moved to another data terminal device, the module unit is configured to include a license transmitted to the other data terminal device as a component when the license cannot be copied. The information is deleted, the management number of the deleted confidential information is deleted, the license management file is updated, another binding key is generated, the confidential file is encrypted with the generated another banding key, and the encryption is performed. Updating the encrypted confidential file.
0. The data terminal device according to 0. 13. When the encrypted content data is transferred to another data terminal device, the device unit receives another binding license including the another binding key from the module unit, and receives the received license from the module unit. The data terminal device according to claim 11, wherein one binding license is overwritten and stored in the dedicated area. 14. When transmitting the license to another data terminal device, the module unit transmits the license to another data terminal device when authenticating the authentication data received from the another data terminal device. The data terminal device according to any one of claims 1 to 12. 15. The data terminal device according to claim 13, wherein the module unit outputs the license after encrypting the license. 16. An encrypted content data obtained by encrypting content data and a license for decrypting the encrypted content data to obtain an original plaintext are obtained, and the encrypted content data and the license are transferred to another data terminal. A data terminal device that outputs the encrypted content data and the license by software; a module unit that obtains the encrypted content data and the license by software; the encrypted content data; a license management file; A storage unit for storing a confidential file; and a device unit for storing a binding license including a binding key in a dedicated area. The confidential file obtained by decrypting the encrypted confidential file is the same as the binding license stored in the device unit. Binding rice Wherein the scan, the license management file, in correspondence with the encrypted content data, and includes the encrypted confidential information which has been subjected to own encryption confidential information to components the license, the data terminal equipment. 17. When initializing the encrypted confidential file, the module unit generates the binding license including the binding key, generates a confidential file storing the generated binding license, and generates the confidential file. 17. The data terminal device according to claim 16, wherein the confidential file is uniquely encrypted to generate the encrypted confidential file, and the generated binding license is given to the device unit. 18. When the license is obtained, the module unit performs unique encryption on the license to generate encrypted confidential information, generates a license management file including the encrypted confidential information, and stores the license management file. 17. The data terminal device according to claim 16, wherein the data terminal device writes the data to a data terminal. 19. When transmitting the license, the module unit reads out from the storage unit when the binding key obtained from the device unit matches the binding key obtained by decrypting the encrypted confidential file. 19. The data terminal device according to claim 18, wherein the license is obtained by decrypting the encrypted confidential information, and the obtained license and the encrypted content data read from the storage unit are transmitted to another data terminal device. 20. The data terminal device according to claim 16, wherein the unique encryption system is an encryption system associated with information unique to the data terminal device that can be obtained from the data terminal device. 21. The device unit receives a dedicated registration number designating the dedicated area from the module unit, and stores the binding license in the dedicated area according to the received dedicated registration number. 17. The data terminal device according to claim 16, wherein the encrypted confidential file and the license management file are generated including a dedicated registration number. 22. The data terminal device according to claim 21, wherein, when transmitting the license, the module unit acquires the binding key by transmitting the dedicated registration number to the device unit. 23. When transmitting the license to another data terminal device, the module unit transmits authentication data for the device unit to the device unit, and when the authentication data is authenticated in the device unit, 24. The method according to claim 16, wherein the binding key is obtained.
A data terminal device according to the item. 24. When transmitting the license to another data terminal device, the module unit authenticates the authentication data received from the other data terminal device, and transmits the license to another data terminal device. The data terminal device according to any one of claims 16 to 23. 25. The module according to claim 1, wherein the module unit acquires the encrypted content data and the license from a distribution server via the Internet.
5. The data terminal device according to any one of 4. 26. A medium drive unit for reading plaintext content data from a recording medium, wherein the module unit generates a license based on copy permission / non-permission information included in the content data read by the medium drive unit, 25. The encrypted content data and the license are obtained by encrypting the content data with a license key included in the generated license to generate encrypted content data. A data terminal device according to claim 1. 27. The device unit further receives the encrypted content data and the license from a distribution server, and holds the received license. The storage unit stores the encrypted content data and the license received by the device unit. 3 is stored.
5. The data terminal device according to any one of 4.