JP2002288377A - Data terminal equipment and device - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a data terminal equipment capable of moving enciphered contents data and a license received by software or hardware to another data terminal equipment in the same way. SOLUTION: A hard disk 530 of a personal computer is provided with license management files 1521-152n. A license managing device 520 stores a binding license for managing a license obtained by software and a license obtained by hardware corresponding to entry numbers included in the license management files 1521-152n of the hard disk 530 in a license area 5215B of a memory. The license management files 1521-152n include security information obtained by enciphering the license obtained by the software by the binding key included in the binding license.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

[0001] 1. Field of the Invention [0002] The present invention relates to a data terminal device and a device used in a data distribution system capable of protecting copyright of copied information.

[0002]

2. Description of the Related Art In recent years, with the progress of information communication networks such as the Internet, it has become possible for each user to easily access information on the network using personal terminals using cellular phones and the like.

In such an information communication network, information is transmitted by digital signals. Therefore, for example, even when music or video data transmitted in the information communication network described above is copied by each individual user, the data is copied with almost no deterioration in sound quality or image quality due to such copying. It is possible.

Therefore, when content data such as music data and image data created by the creator is transmitted over such an information communication network, appropriate copyright protection measures must be taken. , The rights of the copyright holder may be significantly infringed.

On the other hand, giving priority to the purpose of copyright protection,
If it is not possible to distribute content data via a rapidly expanding information communication network, basically, even for copyright owners who can collect a certain copyright fee when copying content data, Disadvantageous.

[0006] Here, considering a recording medium on which digital data is recorded as an example instead of the distribution via the information communication network as described above, a CD (compact disk) on which music data that is normally sold is recorded is considered. For C
Copying of music data from D to a magneto-optical disk (MD or the like) can be freely performed in principle as long as the copied music is stopped for personal use. However, an individual user who performs digital recording, etc., uses the digital recording device itself or M
A certain amount of the price of the medium such as D is indirectly paid as a deposit to the copyright holder.

In addition, when music data, which is a digital signal, is copied from a CD to an MD, the music information is transferred from a recordable MD to another MD in consideration of the fact that the information is digital data with little copy deterioration. Copying as digital data is not possible due to copyright protection due to the configuration of the device.

[0008] Even in such circumstances, distributing music data and image data to the public through an information communication network is itself an act limited by the public transmission right of the copyright holder. Adequate measures need to be taken.

In this case, it is necessary to prevent content data, such as music data and image data, transmitted to the public through the information communication network from being copied and used without permission once received. Become.

[0010] Therefore, a distribution server that holds encrypted content data obtained by encrypting the content data is a data server that distributes the encrypted content data to a memory card mounted on a terminal device such as a mobile phone via the terminal device. A distribution system has been proposed. In this data distribution system, a public encryption key of a memory card and a certificate thereof, which have been authenticated by a certificate authority in advance, are transmitted to a distribution server at the time of a distribution request of encrypted content data. After confirming the reception, the encrypted content data and the license key for decrypting the encrypted content data are transmitted to the memory card. When distributing the encrypted content data and the license key, the distribution server and the memory card generate a different session key for each distribution, and encrypt the public encryption key with the generated session key. The keys are exchanged between the memory cards.

[0011] Finally, the distribution server transmits the license encrypted with the unique public encryption key assigned to each memory card and further encrypted with the session key and the encrypted content data to the memory card. Then, the memory card records the received license key and the encrypted content data on the memory card.

When playing back the encrypted content data recorded on the memory card, the memory card is attached to a mobile phone or a playback terminal equipped with a dedicated playback circuit.

As described above, the user of the mobile phone can use the mobile phone to receive the encrypted content data from the distribution server and reproduce the encrypted content data.

[0014] On the other hand, distribution of encrypted content data to personal computers using the Internet has also been performed. In the distribution of the encrypted content data to the personal computer, the distribution of the encrypted content data is performed by software installed in the personal computer.
Moving the received encrypted content data and license to another personal computer is a device that allows the personal computer to easily make a copy,
It is not implemented from the viewpoint of copyright protection due to difficulties in protection.

That is, if the encrypted content data and the license delivered to the personal computer can be transferred to another personal computer, the encrypted content data and the license are backed up, and the encrypted content data and the license are transferred to another personal computer. Then, if the encrypted content data and the license are backed up and returned to the personal computer, the same operation as when the encrypted content data and the license are duplicated is obtained. Therefore, moving the encrypted content data and license delivered to the personal computer by software to another personal computer provides a copy, and the transfer of the encrypted content data and license is prohibited from the viewpoint of copyright protection. Have been.

Further, if encrypted content data and a license are distributed to a personal computer having a device having the same configuration as a memory card via the Internet, the license is stored in the device, and the encrypted content data is stored in the hard disk, This is the same as delivering the encrypted content data and license from the server to the memory card. In this case, the license is stored in hardware called a device,
Since the problem does not occur when the license is managed by software, the license can be transferred to another personal computer.

[0017]

However, even though the personal computer can receive the encrypted content data and license by software and hardware, the personal computer only transmits the license to another personal computer when it receives the license by software. A problem arises that you cannot move to the computer.

Accordingly, the present invention has been made to solve such a problem, and an object of the present invention is to encrypt data and a license received by software or hardware in a similar manner to another data terminal device. To provide a data terminal device and a device that can be moved to a data terminal.

[0019]

The data terminal device according to the present invention obtains the encrypted content data obtained by encrypting the content data and the license for decrypting the encrypted content data to obtain the original plaintext. A data terminal device that acquires encrypted content data and a license by software, and generates an encrypted license obtained by encrypting the acquired license with a binding key and a binding license including the binding key; A device unit for performing exchange for acquiring the encrypted content data and the license, storing the license acquired by the exchange, the binding license, and the first and second management files, and a storage unit for storing data A control unit for controlling exchange between the device unit and the outside, wherein the storage unit includes a plurality of encrypted content data, and when the encrypted content data is obtained, the control unit transmits the encrypted content obtained from the outside. Providing the data to the storage unit, generating a first management file, providing the license and the generated first management file to the device unit, the module unit generating a second management file including the encrypted license, The binding license and the generated second management file are provided to the device unit.

In the data terminal device according to the present invention, the license of the encrypted content data obtained by the device section is stored in the device section, and the license of the encrypted content data obtained by the module section is encrypted by the binding key. And stored in the second license management file recorded in the device section as an encrypted license. Then, the encrypted content data obtained by the device unit or the module unit is stored in the storage unit. The device unit also stores a binding key for encrypting the license of the encrypted content data acquired by the module unit.
Unless the encrypted license is decrypted with the binding key, the license of the encrypted content data obtained by the module unit cannot be extracted. That is, the license of the encrypted content data acquired by the software is managed by the binding license including the binding key. Then, the binding license and the license of the encrypted content data acquired by the device unit are:
It is stored in hardware called a device section.

Therefore, according to the present invention, a license for encrypted content data obtained by software and a license for encrypted content data obtained by hardware can be managed at the same security level. As a result, the license of the encrypted content data obtained by the software can be transferred to another data terminal device in the same manner as the license of the encrypted content data obtained by the hardware.

Preferably, the device unit of the data terminal device includes a first recording unit that records a license and a binding license in association with the first and second management numbers, respectively, and a plurality of first or second management units. A second recording unit that records a file.

The device section records the license acquired by the device section in the first recording section in association with the first management number, and stores the binding license for managing the license acquired by the module section in the second management section. The information is recorded in the first recording unit in association with the number. Further, the device unit includes a first management file including the first management number, an encryption license encrypted by a binding key included in the binding license, and a second management file including the first management file.
And a second management file including the management number of the second management file in the second storage unit.

Therefore, according to the present invention, a license or a binding license can be obtained based on the management number.

Preferably, the control unit of the data terminal device comprises:
When the device unit acquires the license, it generates a first management number and gives it to the device unit, and when it acquires the license, it generates a second management number and gives it to the device unit.

When the license is obtained, a first or second management number for managing the license is input to the device section, and the device section stores the license in the designated area according to the input first or second management number. Stores licenses or binding licenses.

Therefore, according to the present invention, a license can be input / output based on the management number.

Preferably, the module of the data terminal device acquires the encrypted content data and the license from the distribution server.

The module exchanges with the distribution server according to the software to obtain the encrypted content data and the license.

Therefore, according to the present invention, the license of the encrypted content data obtained by the software via the communication means such as the Internet can be managed by the hardware.

Preferably, the data terminal device further includes a medium driving unit for reading the content data from the recording medium, and when acquiring the encrypted content data, the module unit rips the content data read by the medium driving unit. To obtain the encrypted content data and the license.

The module acquires the encrypted content data and the license by ripping.

Therefore, according to the present invention, the license of the encrypted content data obtained by the software from the recording medium on which the content data is recorded can be managed by the hardware.

Preferably, the device section of the data terminal device exchanges data with the distribution server that holds the encrypted content data and the license.

The device unit communicates with the distribution server using communication means such as the Internet, and acquires encrypted content data and a license.

Therefore, according to the present invention, a license for encrypted content data can be acquired and managed by hardware via communication means such as the Internet.

[0037] Preferably, the binding key is a license key required to decrypt the encrypted content data.

An encrypted license encrypted by the software using the license key received from the distribution server is generated. Then, the generated encrypted license is stored in the device section.

Therefore, according to the present invention, when encrypted content data and a license are obtained by software, a license for decrypting the encrypted content data can be easily managed by a binding license.

Further, in the data terminal device according to the present invention, the encrypted content data obtained by encrypting the content data and the license for decrypting the encrypted content data to obtain the original plaintext are obtained, and the obtained encrypted data is obtained. A data terminal device for transferring content data and a license to another data terminal device, comprising: an encrypted license and a binding key obtained by acquiring encrypted content data and a license by software, and encrypting the obtained license with a binding key. And a module unit for generating a binding license including: a license exchange unit that exchanges encrypted content data and a license, and obtains the license acquired by the exchange, the binding license, and the first and second licenses. A storage unit for storing data, a storage unit for storing data, and a control unit for controlling the exchange between the device unit and the outside, the storage unit including a plurality of encrypted content data, When acquiring the encrypted content data, the control unit provides the encrypted content data acquired from the outside to the storage unit, generates a first management file, and provides the license and the generated first management file to the device unit; The module unit generates a second management file including the encryption license, gives the binding license and the generated second management file to the device unit, and when the encrypted content data is moved, the control unit:
The license of the encrypted content data to be moved and the first management file are read from the device unit, the encrypted content data to be moved is read from the storage unit, and the read license, the first management file, and the encrypted content data are transferred to another device. The module transmits to the data terminal device, the module reads the binding license including the binding key obtained by encrypting the license of the moving encrypted content data and the second management file from the device, and stores the moving encrypted content data in the storage. And transmits the read binding license, the second management file, and the encrypted content data to another data terminal device.

In the data terminal device according to the present invention, the license of the encrypted content data obtained by the device section is stored in the device section, and the license of the encrypted content data obtained by the module section is encrypted by the binding key. And stored in the second license management file stored in the storage unit as an encrypted license. Then, the encrypted content data obtained by the device unit or the module unit is stored in the storage unit. The device unit also stores a binding key for encrypting the license of the encrypted content data acquired by the module unit. Unless the encrypted license is decrypted with the binding key, the license of the encrypted content data obtained by the module unit cannot be extracted.
That is, the license of the encrypted content data acquired by the software is managed by the binding license including the binding key. And
The binding license and the license of the encrypted content data acquired by the device unit are stored in hardware called a device unit.

When the encrypted content data acquired by the module unit is moved, the binding license, the license, and the encrypted content data are moved to another data terminal device, and the encrypted content data acquired by the device unit is transferred. When moving, license,
Then, the encrypted content data is moved to another data terminal device.

Therefore, according to the present invention, the license of the encrypted content data obtained by the software and the license of the encrypted content data obtained by the hardware can be similarly transferred to another data terminal device. It is.

Preferably, when the encrypted content data is moved, the control unit of the data terminal device acquires the first management number stored in the first license management file, and stores the read first management number in the first license management file. The license is read from the device unit by inputting to the device unit, the module unit obtains the second management number stored in the second license management file, and sends the read second management number to the device unit. By inputting, the binding license is read from the device section.

The control unit or the module unit acquires a license or a binding license based on the management number stored in the license management file, respectively.

Therefore, according to the present invention, a license or a binding license can be accurately obtained via a management number.

Preferably, the data terminal device further includes a receiving unit for receiving an instruction, and when the encrypted content data is moved, the control unit is requested to move the encrypted content data in response to the moving request for the encrypted content data from the receiving unit. A first content file that stores the name of the encrypted content data obtained, and obtains a first management number by reading a first license management file corresponding to the specified first content file; The module unit specifies a second content file storing the name of the encrypted content data requested to be moved in response to a request to move the encrypted content data from the reception unit, and assigns the second content file to the specified second content file. The second management number is obtained by reading the corresponding second license management file.

The control unit or the module unit obtains, from the license management file corresponding to the content file storing the name of the encrypted content data to be moved, the management number storing the license of the encrypted content data to be moved or the binding license. get.

Therefore, according to the present invention, if the encrypted content data to be moved is determined, a license or a binding license can be easily obtained.

Preferably, when the encrypted content data is moved, the device unit of the data terminal device authenticates the authentication data from another device unit built in the other data terminal device based on the authentication data. Or output the binding license.

The device section outputs a license or a binding license to a valid destination.

Therefore, according to the present invention, unauthorized movement of the license or the binding license can be prevented.

Preferably, when moving the encrypted content data, the device section of the data terminal device receives the public encryption key held in another device section, and encrypts the license or the binding license with the received public encryption key. And output.

The license or the binding license stored in the device is encrypted by the public encryption key held by the destination device and output from the device.

Therefore, according to the present invention, a license or a binding license can be moved while being protected by encryption.

[0056] Preferably, when the encrypted content data is moved, the control unit of the data terminal device transmits the license or the binding license stored in the device unit to another device unit.

The license of the encrypted content data and the binding license are transmitted from the source device to the destination device.

Therefore, according to the present invention, the license of the encrypted content data and the binding license can be held by the hardware even at the destination.

Preferably, when the encrypted content data is moved, the device section of the data terminal device deletes the moved license when copying of the license is prohibited.

When license duplication is prohibited,
The source license is deleted. Therefore, according to the present invention, unauthorized duplication of the license can be prevented.

Preferably, when the encrypted content data is moved, the module unit of the data terminal device transmits the encrypted license from the second license management file storing the moved license when the copying of the license is prohibited. A deletion request for deleting the second management number is output to the device unit.

When license duplication is prohibited,
The source license is deleted. Therefore, according to the present invention, unauthorized duplication of the license can be prevented.

[0063] Preferably, the binding key is a license key required to decrypt the encrypted content data.

An encrypted license encrypted by the software using the license key received from the distribution server is generated. Then, the generated encrypted license is stored in the device section.

Therefore, according to the present invention, when encrypted content data and a license are obtained by software, a license for decrypting the encrypted content data can be easily managed by a binding license.

Further, the device according to the present invention is a device used for a data terminal device for encrypting content data and obtaining a license for decrypting the encrypted content data to obtain the original plaintext. An input / output terminal for exchanging data with other parts of the data terminal device, an interface for exchanging data with the input / output terminal, a recording unit for recording data, and a control unit, When acquiring the encrypted content data, the control unit writes the acquired license into the recording unit by exchanging with the outside through the interface and the input / output terminal, and writes the binding license input through the input / output terminal and the interface. And write the binding license to the software Thus a license including a binding key for encrypting the acquired licenses.

The device according to the present invention writes the license acquired by the device itself and the input binding license in the recording unit and manages them collectively.

Therefore, according to the present invention, a license acquired by hardware and a binding license for managing a license acquired by software can be managed at the same security level.

Preferably, when a first management number for managing a license or a second management number for managing a binding license is input via an input / output terminal and an interface, Furthermore, the first or second management number is given to the recording unit, and the recording unit manages the license and the binding license in association with the first and second management numbers, respectively.

A license and a binding license are managed corresponding to the first and second management numbers, respectively.

Therefore, according to the present invention, a license or a binding license can be input / output using the management number.

Preferably, the control unit of the device stores the first management file containing the first management number or the second management file containing the second management number and the encryption license encrypted by the binding key. When input via the input / output terminal and the interface, the first or second management file is further provided to the recording unit.

When a license for encrypted content data is obtained, a first management file including a first management number for designating a storage area of a license obtained by hardware and a license obtained by software are An encrypted license and a second management file including a second management number designating a storage area of the license acquired as software are input, and the input first or second input is performed.
Is recorded in the recording unit.

Therefore, according to the present invention, a license acquired as software and a license acquired as hardware can be managed at the same security level.

Preferably, the recording unit of the device records a first recording unit for recording the license and the binding license in association with the first and second management numbers, respectively, and a first and a second management file. And a second recording unit.

The license and the binding license, and the first and second management files, respectively,
Recorded in different recording units.

Therefore, according to the present invention, a license acquired as software and a binding license for managing the license acquired as software can be managed separately.

Preferably, the device further includes an authentication data holding unit for holding the authentication data, and the control unit outputs the authentication data via the interface and the input / output terminal, and the license data is output when the authentication data is authenticated. Alternatively, a binding license is received via an input / output terminal and an interface.

When the authentication data held by the device is authenticated, a license or a binding license is input to the device.

Therefore, according to the present invention, it is possible to prevent a license or a binding license from being transmitted to an unauthorized device.

Preferably, the binding license includes a license key required to decrypt the encrypted content data.

The software generates an encrypted license encrypted with the license key included in the license received from the distribution server. Then, the generated encrypted license is stored in the device section.

Therefore, according to the present invention, when encrypted content data and a license are obtained by software, a license for decrypting the encrypted content data can be easily managed by a binding license.

[0084]

Embodiments of the present invention will be described in detail with reference to the drawings. In the drawings, the same or corresponding portions have the same reference characters allotted, and description thereof will not be repeated.

FIG. 1 shows a data distribution system in which a data terminal device (personal computer) according to the present invention acquires encrypted content data and moves the acquired encrypted content data to another data terminal device (personal computer). FIG. 2 is a schematic diagram conceptually illustrating the overall configuration of FIG.

The following describes an example of the configuration of a data distribution system that distributes music data to users of personal computers via the Internet.
As will be apparent from the following description, the present invention is not limited to such a case, and may be applied to a case where content data as another copyrighted work, for example, image data, moving image data, a game program, or the like is distributed. It can be applied.

Referring to FIG. 1, personal computer 50 transmits a distribution request (distribution request) from a user of each personal computer to distribution server 10 via Internet network 30. The distribution server 10 that manages the copyrighted music data determines whether or not the personal computer 50 owned by the user of the personal computer who has accessed for data distribution has valid authentication data. Is provided with a legitimate program or a legitimate recording device necessary for receiving the distribution of the content, and performs an authentication process as to whether or not the distribution server 10 is accessed using the legitimate program or the legitimate recording device, After encrypting music data (hereinafter also referred to as content data) by a predetermined encryption method with respect to a personal computer accessed using a legitimate program or a legitimate recording device, such encrypted content data and encryption are performed. Required to play content data To deliver a license as such information into the personal computer 50.

In this case, the personal computer 50
Receives encrypted content data and licenses from the distribution server 10 via the Internet network 30 at different security levels. That is, the personal computer 50 has a built-in license management device that is a legitimate recording device, and the distribution server 10 distributes the license to the license management device via the Internet network 30 or the like. This license management device has a hardware for holding a license for reproducing the encrypted content data, and has a high security level. In addition, the personal computer 5
No. 0 has a built-in license management module which is a legitimate program for receiving encrypted content data and a license from the distribution server 10 via the Internet network 30 or the like by software. The license management module receives and manages a license at a lower security level than the license management device.
Although the encrypted content data is a data string that cannot be decrypted and reproduced without a decryption key (license key) included in the license, the acquisition route does not matter.
In the data distribution system shown in FIG. 1, the personal computer 50 receives the encrypted content data from the distribution server 10 via the Internet network 30 in the same manner as the license, and stores the received encrypted content data in an HDD (Hard Disk Drive). ) (Not shown). The license management device and the license management module will be described later in detail.

Further, in FIG. 1, personal computer 50 has a music CD (Co
The encrypted content data and a license for reproducing the encrypted content data are generated by ripping from the disc 60.
The details will be described later.

Further, the personal computer 50
Is USB (UniversalSerial Bu)
s) It is possible to connect to the reproduction terminal 100 via the cable 70 and transmit the encrypted content data and the license received from the distribution server 10 to the memory card 110 attached to the reproduction terminal 100.

Further, the personal computer 50
Transmits the received encrypted content data and license to the personal computer 80 via the communication cable 90.

Therefore, in the data distribution system shown in FIG. 1, personal computer 50 receives the encrypted content data and the license from distribution server 10 via Internet network 30, and transmits the encrypted content data from the music CD. To get a license. In addition, the memory card 110 mounted on the reproduction terminal 100 is connected to the personal computer 50 by the distribution server 1.
0 or the encrypted content data and the license acquired from the music CD 60 are received. The user of the reproduction terminal 100 can obtain the encrypted content data and the license from the music CD via the personal computer 50.

In FIG. 1, for example, a removable memory card 110 is attached to a reproduction terminal 100 of a portable telephone user.
Is attached. Memory card 110
Receives the encrypted content data received by the playback terminal 100, decrypts the encryption performed for the distribution, and provides the content music playback circuit (not shown) in the playback terminal 100.

Further, for example, a portable telephone user can “play back” and listen to such content data via the headphone 130 or the like connected to the playback terminal 100.

With such a configuration, it is difficult to receive the distribution of the content data from the distribution server 10 and transmit the encrypted content data to the personal computer 80 and the reproduction terminal 100 unless the computer is a legitimate personal computer. Configuration.

Moreover, the distribution server 10 counts the frequency each time one piece of content data is distributed, for example, so that the copyright generated each time the personal computer user receives (downloads) the content data is counted. If the fee is collected together with the fee for using the Internet network, it becomes easier for the copyright holder to secure the copyright fee.

In the configuration as shown in FIG. 1, first, what is required in the system in order to make the content data distributed in an encrypted form reproducible on the user side of the reproducing terminal or personal computer is as follows. Is a method for distributing an encryption key in communication, the second is a method itself for encrypting content data to be distributed, and the third is a method for encrypting content data thus distributed. This is a configuration that implements content data protection for preventing unauthorized copying.

In the embodiment of the present invention, the authentication and check functions for the destination of the content data are enhanced particularly when each of the distribution, transfer, check-out, check-in, and playback sessions occurs. A configuration for enhancing the copyright protection of content data by preventing output of content data to a recording device and a data playback terminal (a playback terminal having a dedicated content playback circuit or a personal computer) in which an unauthenticated or decrypted key is broken. explain.

In the following description, the process of transmitting content data from the distribution server 10 to each personal computer or the like will be referred to as “distribution”.

FIG. 2 is a diagram for explaining characteristics of data, information, and the like for communication used in the data distribution system shown in FIG.

First, data distributed from the distribution server 10 will be described. Dc is content data such as music data. The content data Dc is encrypted so as to be decryptable with the license key Kc. License key K
The encrypted content data {Dc} Kc, which has been encrypted by decryption by c, is distributed from the distribution server 10 to the user of the personal computer in this format.

In the following, it is assumed that the notation {Y} X indicates that the data Y has been encrypted with the decryption key X.

Further, the distribution server 10 distributes, along with the encrypted content data, additional information Dc-inf as plaintext information such as a copyright relating to the content data or server access. Also, a transaction ID, which is a management code for specifying the distribution of the encrypted content data and the license key from the distribution server 10, is exchanged between the distribution server 10 and the personal computer 50. Further, the license information includes a content ID which is a code for identifying the content data Dc, a license ID which is a management code for specifying issuance of a license, and a license determined by designation from the content provider and the user. Recording device (memory card, memory card, etc.) generated based on license purchase condition AC including information such as the number and function limitation
Alternatively, there are access restriction information ACm which is information relating to restriction on access to the license management device) and reproduction restriction information ACp which is control information in the content reproduction circuit. Specifically, access restriction information A
Cm is information indicating a restriction on outputting a license key from a memory card, a license management device, and a license management module to the outside. It is assumed that there are restrictions on copying, security levels at which licenses can be output, and the like. The reproduction information includes a reproducible period, a restriction on a change in reproduction speed, a restriction on editing, and a reproduction range (partial license).
And so on. Hereinafter, the transaction ID and the content ID are collectively referred to as a license ID, and the license key Kc, the license ID, and the access restriction information ACm
And the playback restriction information ACp are collectively referred to as a license.

In the following, for the sake of simplicity, the access restriction information is limited to the number of reproductions (0 to 244: remaining number of reproductions, 2
55: no restriction), a movement flag (0: movement prohibited, 1: movement permitted), and a security flag (1: software management permitted, 2: hardware management only permitted), and reproduction restriction information can be reproduced. This is one item of the playback time limit indicating the time limit (date and time).

In the embodiment of the present invention, distribution and reproduction of content data can be prohibited for each class of a recording device (memory card or license management device) or a content reproduction circuit for reproducing content data. Certificate revocation list CRL (Cer
ificate Revocation List)
The operation of. In the following, the data in the certificate revocation list may be represented by the symbol CRL as needed.

The certificate revocation list-related information lists the classes of the content reproduction circuit, memory card, license management module, and license management device for which distribution, transfer, check-out, check-in, and reproduction of the license are prohibited. Certificate revocation list data CRL.

The certificate revocation list data CRL is managed in the distribution server 10, and is also recorded and held in a memory card, an HDD in the personal computer 50, or a license management device. Such a certificate revocation list needs to be upgraded and data updated at any time, but data changes are basically made based on the date and time when licenses such as license keys are distributed. It is determined whether the certificate revocation list received from the computer (the license management device or the license management module) has been updated. If the certificate revocation list has not been updated, the updated certificate revocation list is delivered to the personal computer. The license management module, the license management device, and the playback terminal 100
The certificate revocation list is exchanged during the period, and the data change is the same as described above. Further, regarding the change of the certificate revocation list, the new certificate revocation list CRL
May be transmitted, or a difference CRL, which is difference data reflecting only the changed point, is generated from the distribution server 10 side, and the certificate revocation list in the memory card, the hard disk, and the license management device is correspondingly generated. CRL
May be rewritten. The version of the certificate revocation list is information on the date and time when the certificate revocation list was updated, and the update date and time CRLdate
Is output from the memory card, the hard disk, and the license management device, and the distribution server 10 confirms the output to execute the version management. In addition,
The certificate revocation list CRL also includes the update date and time CRLdate. Therefore, the update date and time CRLdate is also included in the difference CRL that is the difference data.

As described above, the certificate revocation list CRL is
By holding and operating not only in the distribution server but also in the memory card or personal computer, the decryption key unique to the class, that is, the content reproduction circuit and the type of the memory card or personal computer (license management device or license management module) is broken. Supply of the license key to the content reproduction circuit and the memory card or the personal computer. For this reason, the content reproduction circuit or personal computer cannot reproduce the content data, and the memory card, the license management module, and the license management device cannot move the content data.

As described above, the certificate revocation list CRL in the memory card or the license management device is configured to update the data each time a license is newly stored. The management of the certificate revocation list CRL in the memory card, the license management module, and the license management device is performed by a tamper-resistant module using a memory card, a license management device, and a hard disk controlled by the license management module independently of the upper level. (TamperResistance
In such a case, the certificate revocation list data CRL cannot be falsified from a higher level by a file system, an application program, or the like, by recording the certificate revocation list data CRL in a Tent Module). As a result, copyright protection for data can be further strengthened.

FIG. 3 is a diagram for explaining characteristics of data, information, and the like for authentication used in the data distribution system shown in FIG.

The content reproduction circuit, the memory card, the license management device, and the license management module are provided with unique public encryption keys KPpy and KPmw, respectively. The public encryption keys KPpy and KPmw are provided with secret decryption keys Kpy and KPm unique to the mobile phone. Memory card,
It can be decrypted by a secret decryption key Kmw unique to the license management device and the license management module. These public encryption key and secret decryption key have different values for each type of mobile phone, memory card, license management device, and license management module. These public encryption keys and secret decryption keys are collectively called class keys.

Cpy is provided as a class certificate of the content reproduction device (mobile phone), and Cmw is provided as a class certificate of the memory card, the license management device, and the license management module.

[0113] These class certificates have different information for each class of the content reproduction circuit, the memory card, the license management device, and the license management module. The class key whose encryption by the class key has been broken, that is, the class key for which the secret decryption key has been obtained, is listed in the certificate revocation list and is subject to license prohibition.

The public encryption key and class certificate unique to the content reproduction circuit, memory card, license management device, and license management module are in the form of authentication data {KPpy // Cpy} KPa or authentication data {KPmw // In the format of Cmw @ KPa, the data is recorded in the data reproduction circuit, the memory card, the license management device, and the license management module at the time of shipment. As will be described in detail later, KPa is a public authentication key common to the entire distribution system.

The difference between the security level of the license management module managed by software and the security level of the memory card and the license management device managed by hardware can be determined by referring to the certificate Cmw. .

Each time content data is distributed and reproduced, the distribution server 10 and the memory card 11 are used as encryption keys for maintaining confidentiality in license transfer.
0, common keys Ks1 to Ks3 generated in the license management device, the license management module, and the content reproduction circuit are used.

Here, the common keys Ks1 to Ks3 are used for each “session” which is a communication unit or an access unit between any one of a distribution server, a memory card, a license management device, a license management module, or a content reproduction circuit. The common keys Ks1 to Ks3 are also referred to as “session keys” hereinafter.

These session keys Ks1 to Ks3
Is generated and managed by the distribution server, the memory card, the license management device, the license management module, and the content reproduction circuit by having a unique value for each session. Specifically, the session key Ks1 is generated by the distribution server for each distribution session. The session key Ks2 is generated by the memory card, the license management device, and the license management module for each session in every session, and the session key Ks3 is generated in the content reproduction circuit for each reproduction session. In each session, these session keys are exchanged, a session key generated by another device is received, a license key and the like are transmitted after encrypting with the session key, and the security strength in the session is increased. Can be improved.

As a key for managing data processing in the memory card 110, the license management device, and the license management module, a public encryption key set for each medium such as a memory card, a license management device, and a license management module. KPmcx,
A secret decryption key Km unique to each memory card capable of decrypting data encrypted with the public encryption key KPmcx.
cx exists.

FIG. 4 shows a binding license required to make the license acquired by the software (license management module) movable to another personal computer, and checkout management information in a checkout session to be lent to the memory card 110. It is shown.

The binding license is a license for reproducing the encrypted content data, a binding key as a common key for managing the number of checkable encrypted content data and licenses, and control information for the binding license. Certain access restriction information ACmb, reproduction restriction information ACpb,
The transaction ID includes a transaction IDb that is a transaction ID for a binding license, a content IDb that is a dummy for the binding ID, and a binding ID that is a generic name of the transaction IDb and the content IDb.

The binding key Kb is for managing the license of the encrypted content data acquired by the software with the license management device.
It is held by a license management device (hardware). Then, the license cannot be taken out without using the binding key Kb held by the hardware. The access restriction information ACmb and the reproduction restriction information ACpb have one fixed value of the access restriction information ACm and the reproduction restriction information ACp included in the license for reproducing the encrypted content data. Is to prohibit duplication and transfer of the license, and to make the number of reproductions unlimited, and the reproduction restriction information ACpb allows the encrypted content data to be reproduced indefinitely. The configuration of the binding license is the same as the license, and is managed by the license management device. The binding license is managed in the same manner as hardware, that is, a license acquired at a high security level that is movable.

The check-out management information includes a check-out possible number, a check-out destination individual ID, and a check-out transaction ID. The possible number of checkouts indicates the number of times that the encrypted content data can be rented out. The number is reduced by one each time the encrypted content data is checked out, and each time the encrypted content data is checked in. The numerical value is incremented by one. Check-out destination I
D specifies a memory card for checking out encrypted content data, and corresponds to a public encryption key KPmcx held by the memory card. The checkout-time transaction ID is a transaction ID used when checking out.

FIG. 5 is a schematic block diagram showing the configuration of distribution server 10 shown in FIG. The distribution server 10 follows the data obtained by encrypting the content data according to a predetermined method, the information database 304 for storing distribution information such as a license ID, and the start of access to the content data for each user of the personal computer. A billing database 302 for holding billing information;
A CRL database 306 for managing the certificate revocation list CRL, a menu database 307 for holding a menu of content data held in the information database 304, and a delivery record for holding a transaction ID for specifying delivery of content data and a license key. Communication between the database 308, the information database 304, the charging database 302, the CRL database 306, the menu database 307, and the data processing unit 310 for receiving data from the distribution record database 308 via the bus BS1 and performing predetermined processing. A communication device 350 for exchanging data between the distribution carrier 20 and the data processing section 310 via a network is provided.

The data processing unit 310 is controlled by the distribution control unit 315 for controlling the operation of the data processing unit 310 in accordance with the data on the bus BS1, and the session key Ks1 during the distribution session. Key generation unit 316 for generating an authentication data, and the authentication data {KPmw // Cm for authentication transmitted from the license management device and the license management module.
an authentication key holding unit 313 for holding a public authentication key for decrypting w @ KPa, and a communication device for transmitting authentication data {KPmw // Cmw} KPa for authentication sent from the license management device and the license management module. 3
50 and the authentication key holding unit 3
13 and a session key Ks1 generated by the session key generation unit 316 by using the public encryption key KPmcx obtained by the decryption unit 312, Encryption processing unit 318 for outputting to bus BS1
And a decryption processing unit 320 that receives data encrypted and transmitted by the session key Ks1 from the bus BS1 and performs decryption processing.

Data processing section 310 further transmits license key Kc and access restriction information ACm provided from distribution control section 315 to memory card, license management device, and license management module obtained by decryption processing section 320. An encryption processing unit 326 for encrypting with the public encryption key KPmw and an output of the encryption processing unit 326 are further encrypted by the session key Ks2 given from the decryption processing unit 320, and the bus B
And an encryption processing unit 328 for outputting to S1.

The operation of the distribution server 10 in a distribution session will be described later in detail using a flowchart.

FIG. 6 is a schematic block diagram for describing a configuration of personal computer 50 shown in FIG. The personal computer 50 has a bus BS for exchanging data with each unit of the personal computer 50.
2, a modem 40 for connecting to the Internet network and the public telephone network, and a license management device 520 or a license management module 511 via the Internet network to receive the encrypted content data and the like from the distribution server 10 in order to receive it. A controller 510 for controlling transmission and reception of data to and from the server 10 and for controlling when the encrypted content data and the license are obtained by ripping from the music CD via the CD-ROM drive 540; License management for exchanging various keys with the distribution server 10 when receiving encrypted content data and a license from the server, and hardware-managing a license for reproducing the distributed encrypted content data Device 520, Included in the controller 510, executes encryption transmission and reception of content data and the license from the distribution server 10 by a program, and a content management module 511 for generating a unique license subjected to own encryption license received. Furthermore, the content management module 511 can also have a content reproduction function. In this case, the acquired encrypted content data {Dc} Kc can be decrypted and reproduced using the acquired license key Kc.

The license management device 520 performs hardware exchange of data when receiving the encrypted content data and license from the distribution server 10 and manages the received license hardware.
This enables distribution of encrypted content data and the like and management of licenses at a high security level. The license management device 520 manages a dedicated license acquired by the license management module 511 and generated based on the acquired license. Note that the license management device 520 is
It is detachable from the personal computer 50 and can be moved to another personal computer.

On the other hand, the license management module 511
Is a software having a lower security level than that of the license management device 520 because the transmission and reception of the encrypted content data and the license when receiving the license from the distribution server 10 are performed by software using a program. In the following, the license management module 5
The security level 11 is called “level 1”, and the security level of the license management device is called “level 2”.

[0131] The personal computer 50 further comprises:
The encrypted content data received from the distribution server 10 by the license management module 511 or the license management device 520 and the CD-ROM drive 540
And a content list file for managing the license of the encrypted content data received by the license management module 511 or the license management device 520 in association with the file name of the encrypted content data. Is stored. The details of the content list file will be described later.

The personal computer 50 further comprises
Playback terminal 1 for encrypted content data and license
00 and the like, the controller 510 and the terminal 580
A USB interface 550 for controlling the transfer of data to and from the CD-ROM, a CD-ROM drive 540 for acquiring content data from a music CD, a keyboard 560 for inputting instructions from a user, and various types of information. 570 for visually providing the user with
And a terminal 580 for connecting the USB cable 70.

Thus, the personal computer 50
The license management module 511 and the license management device 520 for receiving the encrypted content data and the license from the distribution server 10 via the Internet 30 and the license management module 520 for obtaining the encrypted content data and the license from the music CD by ripping. It has a built-in CD-ROM drive 540. Note that the acquisition of the encrypted content data and the license by the CD-ROM drive 540 is performed at the same security level 1 as the reception of the encrypted content data and the license by the license management module 511.

FIG. 7 is a schematic block diagram for describing a configuration of reproduction terminal 100 shown in FIG.

The reproduction terminal 100 includes a bus BS3 for transmitting and receiving data to and from each section of the reproduction terminal 100, and a bus BS3.
A controller 1106 for controlling the operation of the playback terminal 100 via the CPU, an operation panel 1108 for giving an external instruction to the playback terminal 100, and a controller 11
And a display panel 1110 for giving information output from the mobile phone 06 or the like as visual information to a mobile phone user.

[0136] The reproduction terminal 100 further includes the distribution server 1
Memory card 110 for storing and decrypting content data (music data) from 0
And a memory interface 1200 for controlling transmission and reception of data between the memory card 110 and the bus BS3.
And a USB for controlling data transfer between the bus BS3 and the terminal 1114 when receiving the encrypted content data and the license from the personal computer 50.
An interface 1112 and a terminal 1114 for connecting the USB cable 70 are included.

The playback terminal 100 further includes a public encryption key KPp1 and a class certificate Cp set for each type (class) of the playback terminal (content playback circuit).
1 is decrypted with the public decryption key KPa to encrypt the authentication data {KPp1 // C
An authentication data holding unit 1500 that holds p1 @ KPa is included. Here, it is assumed that the class y of the mobile phone (data terminal device) 100 is y = 1.

[0138] The reproduction terminal 100 further has a Kp1 holding unit 1502 for holding a decoding key Kp1 unique to the reproduction terminal (content reproduction circuit), and a memory card 110 which decodes data received from the bus BS3 by Kp1. Decryption processing unit 15 for obtaining the restored session key Ks2
04.

[0139] The reproduction terminal 100 further includes a session key Ks3 for encrypting data exchanged on the bus BS3 with the memory card 110 in a reproduction session for reproducing the content data stored in the memory card 110. And a session key generation unit 1508 for generating a license key Kc and reproduction restriction information ACp from the memory card 110 in a reproduction session of encrypted content data.
And an encryption processing unit 1506 that encrypts the session key Ks3 generated by the session key generation unit 1508 with the session key Ks2 obtained by the decryption processing unit 1504 and outputs the result to the bus BS3.

The playback terminal 100 further receives a decryption processing unit 1510 for decrypting the data on the bus BS3 with the session key Ks3 and outputting the decrypted data, and a decryption processing unit 151 receiving the encrypted content data {Dc} Kc from the bus BS3.
0, a decryption processing unit 1516 that decrypts the license key Kc and outputs the content data, a music reproduction unit 1518 for receiving the output of the decryption processing unit 1516 and reproducing the content data, and an output of the music reproduction unit 1518. It includes a DA converter 1519 for converting a digital signal to an analog signal, and a terminal 1530 for outputting the output of the DA converter 1519 to an external output device (not shown).

In FIG. 7, the area surrounded by the dotted line constitutes a content reproducing device 1550 for decrypting the encrypted content data and reproducing the music data. The content reproduction device 1550 is configured as a highly confidential tamper-resistant module in which the content reproduction circuit is realized by a semiconductor integrated circuit. Playback terminal 100
For the operation of each component in each session,
This will be described later in detail using a flowchart.

FIG. 8 is a schematic block diagram for explaining a configuration of memory card 110. Referring to FIG. As described above, KPmw and Kmw are provided as the public encryption key and the secret decryption key unique to the memory card, and the class certificate Cmw of the memory card is provided. 3, respectively.

Therefore, memory card 110 has authentication data holding section 1400 holding authentication data {KPm3 // Cm3} KPa, and Kmc holding section 1 holding unique decoding key Kmc4 set for each memory card.
402, a Km holding unit 1421 holding a unique secret decryption key Km3 set for each type of memory card,
and a KPmc holding unit 1416 for holding a public encryption key KPmc4 that can be decrypted by mc4. The authentication data holding unit 1400 decrypts the secret encryption key KPm3 and the class certificate Cm3 that are set for each type and class of the memory card with the public authentication key KPa, thereby encrypting the authentication so that its validity can be authenticated. Data @ KPm
3 // Cm3｝ KPa.

By providing an encryption key for a recording device called a memory card, management of distributed content data and an encrypted license key is executed for each memory card, as will be apparent from the following description. It becomes possible to do.

The memory card 110 further includes an interface 1424 for transmitting / receiving signals to / from the memory interface 1200 via the terminal 1426, a bus BS4 for transmitting / receiving signals to / from the interface 1424,
From the data provided from the interface 1424 to the bus BS4, a unique private decryption key Km3 for each type of memory card is received from the Km holding unit 1421, and the distribution server 1
0 is the session key K generated in the distribution session
a decoding processing unit 1422 that outputs s1 to the contact point Pa;
a receiving the authentication key KPa from the holding unit 1414, and
4, a decryption unit 1408 that performs a decryption process using KPa from the data provided to the decryption unit 4 and outputs the decryption result to the encryption processing unit 1410, and a key selectively provided by the changeover switch 1442, and selectively switches by the changeover switch 1446. And an encryption processing unit 1406 for encrypting the given data and outputting it to the bus BS4.

The memory card 110 further includes a session key generator 1418 for generating a session key Ks2 in the reproduction session, and a session key generator 1418.
18 decrypts the session key Ks2 output by
08 public encryption key KPpy or KP
an encryption processing unit 1410 for encrypting the data with mw and transmitting the encrypted data to the bus BS4;
Processing unit 1412 that receives data encrypted by the session key generation unit 1418 and decrypts the data with the session key Ks2, the license key Kc read from the memory 1415 in the playback session of the encrypted content data, and the playback restriction information. The encryption processing unit 141 encrypts ACp with the public encryption key KPmcx unique to the memory card 110 decrypted by the decryption processing unit 1412.
7 is included.

The memory card 110 further includes a bus BS.
4 is sequentially updated by a decryption processing unit 1404 for decrypting the data on the CRL 4 with the secret decryption key Kmc4 unique to the memory card 110 paired with the public encryption key KPmc4, and data CRL_dat for updating the version of the certificate revocation list. Certificate revocation list data CRL, encrypted content data {Dc} Kc, and a license (Kc,
ACp, ACm, license ID) and additional information Dat
a memory 14 for receiving and storing a-inf, a playlist of encrypted content data, and a license management file for managing a license from the bus BS4.
15 is included. The memory 1415 is configured by, for example, a semiconductor memory. The memory 1415 includes a CRL area 1415A in which a certificate revocation list CRL is recorded,
A license area 1415B in which a license is recorded, a data area 1415C in which encrypted content data {Dc} Kc, related information Dc-inf of the encrypted content data, a playlist, and a license management file are recorded.

The memory card 110 further includes a bus BS.
4. Data is exchanged with the outside via bus 4 and bus BS
And a controller 1420 for controlling the operation of the memory card 110 by receiving reproduction information and the like between the memory card 110 and the memory card 110.
Interface 1424, terminal 1426 and memory 1
Memory card 11 excluding 415 data area 1415C
Each part of 0 is composed of a tamper resistant module, and guarantees high confidentiality.

FIG. 9 is a schematic block diagram showing the configuration of the license management device 520 built in the personal computer 50. License management device 520
Has basically the same configuration as the memory card 110.
Authentication data holding unit 52 of license management device 520
00, Kmc holding unit 5202, decryption processing unit 5204, encryption processing unit 5206, decryption processing unit 5208, encryption processing unit 5
210, a decryption processing unit 5212, a KPa holding unit 5214,
KPmc holding unit 5216, encryption processing unit 5217, session key generation unit 5218, controller 5220, Km
Holding unit 5221, decoding processing unit 5222, interface 5224, terminal 5226, changeover switches 5242, 52
46 denotes an authentication data holding unit 1400, a Kmc holding unit 1402, and a decryption processing unit 14 of the memory card 110, respectively.
04, encryption processing unit 1406, decryption processing unit 1408, encryption processing unit 1410, decryption processing unit 1412, KPa holding unit 1
414, KPmc holding unit 1416, encryption processing unit 141
7. Session key generator 1418, controller 14
20, Km holding unit 1421, decoding processing unit 1422, interface 1424, terminal 1426, changeover switch 14
42, 1446. However, the authentication data holding unit 5200 holds the authentication data in the format of {KPm7 // Cm7} KPa, the Km holding unit 5202 holds the secret decryption key Km7, and the Kmc holding unit 5221 stores the secret decryption key Kmc8. Hold.

The license management device 520 stores the certificate revocation list CRL and the license (Kc, ACp, AC
m, license ID) and license management file 152
A memory 5215 for recording 1 to 152n is included in place of the memory 1415 of the memory card 110. Memory 52
Reference numeral 15 denotes a CRL area 5215A in which a certificate revocation list CRL is recorded, and a license area 5 in which a license is recorded.
215B and the license management files 1521 to 152
and a management file area 5215C in which n is recorded.
Interface 5224, terminal 5226 and memory 5
Each part of the license management device 520 except the management file area 5215C of 215 is configured by a tamper resistant module, and guarantees high confidentiality.

The operation of each session in the data distribution system shown in FIG. 1 will be described below.

[Distribution 1] Next, the operation of distributing the encrypted content data and the license from the distribution server 10 to the license management device 520 of the personal computer 50 in the data distribution system shown in FIG. 1 will be described. This operation is referred to as “delivery 1”.

FIGS. 10 to 13 show a distribution operation (hereinafter, also referred to as a distribution session) to a license management device 520 built in the personal computer 50, which is generated when the encrypted content data is purchased in the data distribution system shown in FIG. 5 is a first to a fourth flowchart for explaining the above.

Referring to FIG. 10, a user of personal computer 50 issues a distribution request by designating a content ID via keyboard 560 (step S100). Then, the purchase condition AC for purchasing the license of the encrypted content data is input via the keyboard 560 (step S102). That is,
In order to purchase a license key Kc for decrypting the selected encrypted content data, access restriction information ACm and reproduction restriction information ACp of the encrypted content data are set, and a purchase condition AC is input.

When the purchase condition AC for the encrypted content data is input, controller 510 gives an instruction to output the authentication data to license management device 520 via bus BS2 (step S104). The controller 5220 of the license management device 520 has a terminal 522
6. Receive an instruction to output authentication data via the interface 5224 and the bus BS5. Then, the controller 5220 communicates with the authentication data holding unit 52 via the bus BS5.
Authentication data {KPm7 // Cm7} KPa is read from 00, and {KPm7 // Cm7} KPa is output via bus BS5, interface 5224 and terminal 5226 (step S106).

Controller 510 of personal computer 50 transmits content ID, license purchase condition data AC, and a distribution request to distribution server 10 in addition to authentication data {KPm7 // Cm7} KPa from license management device 520. It transmits (step S108).

The distribution server 10 receives the distribution request, the content ID, the authentication data {KPm7 // Cm7} KPa, and the license purchase condition data AC from the personal computer 50 (step S110),
In the decryption processing unit 312, the license management device 52
The authentication data output from 0 is decrypted with the public authentication key KPa (step S112).

The distribution control unit 315 determines from the decryption processing result of the decryption processing unit 312 whether the processing has been normally performed, that is, the license management device 520 determines whether the public encryption key KPm7 and the certificate In order to authenticate that Cm7 is held, an authentication process is performed to determine whether or not an authorized organization has received authentication data encrypted for proving its validity (step S114). If it is determined that the authentication data is valid, the distribution control unit 315 approves and accepts the public encryption key KPm7 and the certificate Cm7. Then, the process proceeds to the next process (step S116). If it is not valid authentication data, it is rejected and the process ends without accepting the public encryption key KPm7 and the certificate Cm7 (step S198).

As a result of the authentication, when it is recognized that the device is a legitimate device, the distribution control unit 315 then stores the class certificate Cm7 of the license management device in the certificate revocation list CR.
The CRL database 306 is inquired as to whether or not the class certificate is listed in L. If these class certificates are subject to the certificate revocation list, the distribution session is ended here (step S198).

On the other hand, if the class certificate of the license management device 520 is not included in the certificate revocation list, the process proceeds to the next processing (step S116).

As a result of the authentication, it is confirmed that the access is from a personal computer having a license management device having valid authentication data, and that the class is out of the target of the certificate revocation list. The control unit 315 generates a transaction ID, which is a management code for specifying the distribution (step S118). Further, the session key generation unit 316 generates a session key Ks1 for distribution (step S120). The session key Ks1 is stored in the decryption processing unit 31
The encryption processing unit 31 uses the public encryption key KPm7 corresponding to the license management device 520 obtained in Step 2
8 (step S122).

The transaction ID and the encrypted session key Ks1 have the transaction ID //
As {Ks1} Km7, the bus BS1 and the communication device 3
The data is output to the outside through the device 50 (step S124).

Referring to FIG. 11, personal computer 50 has a transaction ID /// {Ks1} Km7
Is received (step S126), the controller 51
0 inputs the transaction ID // {Ks1} Km7 to the license management device 520 (step S1).
28). Then, in the license management device 520, the terminal 5226 and the interface 5224
, The decryption processing unit 5222 decrypts the received data given to the bus BS5 with the secret decryption key Km7 unique to the license management device 520 held in the holding unit 5221 to decrypt the session key Ks1. Then, the session key Ks1 is received (step S1).
30).

[0164] The controller 5220
After confirming the reception of the session key Ks1 generated in the above, the license management device 520 is instructed to generate the session key Ks2 generated at the time of the distribution operation to the session key generation unit 5218. Then, the session key generation unit 5218 generates a session key Ks2 (Step S132).

In the distribution session, the controller 5220 updates the date and time CRLdat from the certificate revocation list CRL recorded in the CRL area 5215A of the memory 5215 in the license management device 520.
e is extracted and output to the changeover switch 5246 (step S134).

The encryption processing unit 5206 includes a changeover switch 5
The switch 5 is switched by the session key Ks1 provided from the decryption processing unit 5222 via the contact point Pa of the switch 242.
246, the session key Ks2, the public encryption key KPmc8 and the certificate revocation list update date and time CRLdate given by successively switching the contacts are encrypted as one data string, and {Ks2 // KPmc8 // CR
Ldate @ Ks1 is output to bus BS3 (step S136).

Encrypted data $ K output to bus BS3
s2 // KPmc8 // CRLdate @ Ks1 is transmitted from the bus BS3 to the interface 5224 and the terminal 522.
6 to the personal computer 50 and transmitted from the personal computer 50 to the distribution server 10 (step S138).

The distribution server 10 has a transaction ID
// \ Ks2 // KPmc8 // CRLdate \ Ks
1, the decryption processing unit 320 performs decryption processing using the session key Ks1, and the session key Ks2 generated by the license management device 520, the public encryption key KPmc8 unique to the license management device 520, and the certification in the license management device 520. The update date and time CRLdate of the revocation list is received (step S142).

The distribution control unit 315 generates the access restriction information ACm and the reproduction restriction information ACp according to the content ID and the license purchase condition data AC acquired in step S110 (step S144). Further, a license key Kc for decrypting the encrypted content data is obtained from the information database 304 (step S146).

The distribution control unit 315 determines the generated license, that is, the transaction ID, the content I
D, the license key Kc, the reproduction restriction information ACp, and the access restriction information ACm are provided to the encryption processing unit 326.
The encryption processing unit 326 generates the public encryption key K unique to the license management device 520 obtained by the decryption processing unit 320.
The license is encrypted by Pmc8 and the encrypted data {transaction ID // content ID // Kc /
/ ACm // ACp @ Kmc8 is generated (step S
148).

Referring to FIG. 12, in distribution server 10, certificate revocation list CRL stored in license management device 520 is updated based on the update date and time CRLdate of the certificate revocation list transmitted from license management device 520. Is determined, the certificate revocation list CR stored in the license management device 520 is determined.
When it is determined that L is the latest, the process proceeds to step S152. If the certificate revocation list CRL stored in the license management device 520 is not the latest, the process proceeds to step S160 (step S150).

When it is determined that the certificate revocation list CRL stored in the license management device 520 is the latest, the encryption processing unit 328 outputs the encrypted data {transaction ID // contents} output from the encryption processing unit 326. ID // Kc // ACm // ACp @ Kmc8 is encrypted using the session key Ks2 generated in the license management device 520, and the encrypted data {transaction ID // content ID // Kc
// ACm // ACp {Kmc8} Ks2 to bus BS1
Output to Then, the distribution control unit 315 controls the bus BS1.
The above encrypted data {Transaction ID // Content ID // Kc // ACm // ACp {Kmc8} K
s2 is transmitted to the personal computer 50 via the communication device 350 (step S152).

The controller 510 of the personal computer 50 transmits the encrypted data {transaction ID // content ID // Kc // ACm // AC
p｝ Kmc8｝ Ks2 is received (step S154),
The data is input to the license management device 520 via the bus BS5. Decryption processing unit 5 of license management device 520
212 is the encrypted data {transaction ID //
Content ID // Kc // ACm // ACp @ Kmc
8｝ Ks2 is supplied to the terminal 5226 and the interface 522.
4 and decrypted by the session key Ks2 generated by the session key generator 5218,
｛Transaction ID // Content ID // Kc /
/ ACm // ACp @ Kmc8 is accepted (step S
158). Thereafter, the process proceeds to step S172.

On the other hand, if the distribution server 10 determines that the certificate revocation list CRL stored in the license management device 520 is not the latest, the distribution control unit 31
5 obtains the latest certificate revocation list CRL from the CRL database 306 via the bus BS1, and generates a difference CRL as difference data (step S160).

The encryption processing unit 328 includes the encryption processing unit 32
6 and the difference CRL of the certificate revocation list supplied via the bus BS1 by the distribution control unit 315, and encrypts it with the session key Ks2 generated in the license management device 520. Encryption processing unit 328
Encrypted data output from {Differential CRL // Transaction ID // Content ID // Kc // ACm
// ACp {Kmc8} Ks2 is transmitted to personal computer 50 via bus BS1 and communication device 350 (step S162).

The personal computer 50 transmits the encrypted data {differential CRL /// transaction I
D // content ID // Kc // ACm // ACp｝
Kmc8 @ Ks2 is received (step S164), and is input to the license management device 520 via the bus BS5 (step S166). License management device 52
0, terminal 5226 and interface 52
The decoding processing unit 5212 decodes the reception data given to the bus BS5 via the H.24. Decryption processing unit 521
2 decrypts the data received on the bus BS5 using the session key Ks2 given from the session key generator 5218 and outputs the data to the bus BS5 (step S168).

At this stage, an encryption license {transaction ID // content ID // Kc // ACm // ACp {Kmc8} that can be decrypted with the secret decryption key Kmc8 held in the Kmc holding unit 5221 is stored in the bus BS5.
And the difference CRL are output (step S168).
Difference CR received according to the instruction of controller 5220
L updates the certificate revocation list CRL recorded in the CRL area 5215A in the memory 5215 based on the difference CRL (step S170).

Steps S152, S154, S156
S158 is an operation of distributing the license key Kc and the like to the license management device 520 when the certificate revocation list CRL recorded in the license management device 520 is the latest, and the steps S160, S162, S164, S
Steps 166, S168, and S170 are operations for distributing the license key Kc and the like to the license management device 520 when the certificate revocation list CRL recorded in the license management device 520 is not the latest. In this way, it is checked every time whether the certificate revocation list CRL stored in the license management device 520 is up to date based on the certificate revocation list CRLdate sent from the license management device 520. By obtaining the latest certificate revocation list CRL from the CRL database 306 and distributing the difference CRL to the license management device 520, the certificate revocation list CRL stored in the license management device 520 is sequentially updated. By updating, the license key Kc can be prevented from being output from the license management device 520 to other license management devices, license management modules, memory cards, and content reproduction devices whose licenses have been broken.

Step S158 or S170
After that, the encryption license {transaction ID // content ID /
/ Kc // ACm // ACp @ Kmc8 is decrypted by the decryption processing unit 5204 using the secret decryption key Kmc8, and the license (license key Kc, transaction ID, content ID, access restriction information ACm, and reproduction restriction information ACp) is received. (Step S17)
2).

In this manner, the distribution server and the license management device exchange the encryption keys respectively generated, execute encryption using the encryption keys received by each other, and transmit the encrypted data to the other party. Thereby, the mutual authentication can be effectively performed even in the transmission and reception of each encrypted data, and the security of the data distribution system can be improved.

Referring to FIG. 13, controller 510
Inputs the entry number for storing the license received by the license management device 520 to the license management device 520 (step S174). Then, the controller 5 of the license management device 520
220 is a terminal 5226 and interface 5224
And the license (the license key Kc, the transaction ID, the transaction ID, and the like) acquired in step S172 is stored in the license area 5215B of the memory 5215 specified by the received entry number.
The content ID, the access restriction information ACm, and the reproduction restriction information ACp are stored (step S176).

The controller 510 of the personal computer 50 transmits the transaction ID sent from the distribution server 10 and the distribution request of the encrypted content data to the distribution server 10 (Step S178).

The distribution server 10 has a transaction ID
And a distribution request for the encrypted content data is received (step S180), and the encrypted content data {Dc} Kc and the additional information Dc-
inf, and outputs these data via the bus BS1 and the communication device 350 (step S18).
2).

The personal computer 50 operates as {Dc}
Kc // Dc-inf is received, and encrypted content data {Dc} Kc and additional information Dc-inf are received (step S184). Then, the controller 5
10 transmits the encrypted content data {Dc} Kc and the additional information Dc-inf to the HDD 530 via the bus BS2.
(Step S186). Further, the controller 510 generates a license management file for the encrypted content data {Dc} Kc including the transaction entry ID and the content ID of the plaintext stored in the license management device 520, and the additional information Dc-inf. And the license management file generated via the bus BS2.
20 to the management file area 52 of the memory 5215.
An instruction is given to record the information on the 15C (step S188).
Controller 5220 of license management device 520
Receives the license management file and the instruction via the terminal 5226, the interface 5224, and the bus BS5, and stores the received license management file in the memory 5
215 is recorded in the management file area 5215C (step S189). After that, the controller 510
The name of the received content is added to the content list file recorded in D530 (step S19).
0), the transaction ID and the delivery acceptance are sent to the delivery server 1
0 (step S192).

The distribution server 10 has a transaction ID
// Upon receiving the distribution acceptance (step S194), the accounting data is stored in the accounting database 302, and the transaction ID is recorded in the distribution record database 308, and the process of terminating the distribution is executed (step S1).
96), the entire process ends (step S198).

As described above, it is confirmed that the license management device 50 built in the personal computer 50 is an authorized device, and that the public encryption key KPm7 encrypted and transmitted together with the class certificate Cm7 is valid. After the confirmation, the content data is stored only in response to a distribution request from a license management device that is not included in the class certificate list in which the class certificate Cm7 is not revoked in the certificate revocation list, that is, the class certificate list in which encryption with the public encryption key KPm7 has been broken. Can be distributed, and distribution to an unauthorized license management device and distribution using a decrypted class key can be prohibited.

The license management device 520 is
When receiving the encrypted content data and the license from the distribution server 10, the data is exchanged with the distribution server 10 in a hardware manner, and the license for reproducing the encrypted content data is stored in the hardware. Its security level is high. Therefore, if the license management device 520 is used, the personal computer 50 can receive the encrypted content data and the license by the distribution with the high security level, and can manage the license with the high security level.

[Distribution 2] The operation of distributing the encrypted content data and the license from the distribution server 10 to the license management module 511 of the personal computer 50 in the data distribution system shown in FIG. 1 will be described. This operation is referred to as “delivery 2”.

FIGS. 14 to 19 are first to third views for explaining the distribution operation to the license management module 511 incorporated in the personal computer 50 which occurs when the encrypted content data is purchased in the data distribution system shown in FIG. It is a 6th flowchart. The license management module 511 executes reception of the encrypted content data and the license from the distribution server 10 by a program.

Referring to FIG. 14, a user of personal computer 50 issues a distribution request by designating a content ID via keyboard 560 (step S200). Then, a purchase condition AC for purchasing a license of the encrypted content data is input via the keyboard 560 (step S202). That is,
In order to purchase a license key Kc for decrypting the selected encrypted content data, access restriction information ACm and reproduction restriction information ACp of the encrypted content data are set, and a purchase condition AC is input.

When the purchase condition AC for the encrypted content data is input, controller 510 sends authentication data {KPm5 // Cm from license management module 511.
5 KPa is read, and the read authentication data KPm
In addition to 5 // Cm5 @ KPa, a content ID, license purchase condition data AC, and a distribution request are transmitted to distribution server 10 (step S20).
4).

The distribution server 10 receives the distribution request, the content ID, the authentication data {KPm5 // Cm5} KPa, and the license purchase condition data AC from the personal computer 50 (step S206).
The license management module 5 in the decryption processing unit 312
A decryption process is performed on the authentication data output from the public key 11 with the public authentication key KPa (step S208).

The distribution control unit 315 determines from the decryption processing result of the decryption processing unit 312 whether the processing has been performed normally, that is, the license management module 511 determines whether the public encryption key KPm5 and the certificate In order to authenticate that Cm5 is held, an authentication process is performed to determine whether or not an authorized organization has received authentication data encrypted for certifying its validity (step S210). If it is determined that the authentication data is valid, the distribution control unit 315 determines that the public encryption key KPm5
And approve and accept the certificate Cm5. Then, the process proceeds to the next process (step S212). If it is not valid authentication data, it is rejected and the process ends without accepting the public encryption key KPm5 and the certificate Cm5 (step S299k).

As a result of the authentication, if it is recognized that the module is a legitimate module, the distribution control unit 315 then checks whether the class certificate Cm5 of the license management module is listed in the certificate revocation list CRL. CRL
The database 306 is referred to, and if these class certificates are the targets of the certificate revocation list, the distribution session is ended here (step S299k).

On the other hand, if the class certificate of the license management module 511 is out of the target of the certificate revocation list, the process moves to the next process (step S214).

As a result of the authentication, it is determined that the access is from a personal computer having a license management module having valid authentication data, and that the class is out of the target of the certificate revocation list. The control unit 315 generates a transaction ID which is a management code for specifying the distribution (Step S214). Further, the session key generation unit 316 generates a session key Ks1 for distribution (step S216). The session key Ks1 is stored in the decryption processing unit 31
The encryption processing unit 3 uses the public encryption key KPm5 corresponding to the license management module 511 obtained by
18 (step S218).

The transaction ID and the encrypted session key Ks1 have the transaction ID //
As {Ks1} Km5, the bus BS1 and the communication device 3
The data is output to the outside through the device 50 (step S220).

Referring to FIG. 15, controller 510 of personal computer 50 transmits transaction ID
/// {Ks1} Km5 is received (step S22)
2), the license management module 511 sets {Ks1}
Receiving Km5, it decrypts with the secret decryption key Km5 unique to the license management module 511, and receives the session key Ks1 (step S224).

Upon confirming the acceptance of the session key Ks1 generated by the distribution server 10, the license management module 511 generates a session key Ks2 (step S226). Then, the controller 510 controls the bus B
The license management module 511 reads out the encrypted CRL stored in the HDD 530 via S2, and
The RL is decrypted to obtain the certificate revocation list CRL, and the updated date and time CRLdate of the certificate revocation list is obtained from the decrypted certificate revocation list CRL (step S22).
8). The license management module 511 further includes a session key Ks1 generated in the distribution server 10.
Thus, the session key Ks2 generated by the license management module 511, the public encryption key KPmc6, and the update date and time CRLdate of the certificate revocation list are encrypted as a single data string, and $ Ks2 // KPmc6 //
CRLdate @ Ks1 is output (Step S23)
0).

The controller 510 sends the encrypted data $ K
s2 // KPmc6 // CRLdate @ Transaction ID obtained by adding transaction ID to Ks1 //
{Ks2 // KPmc6 // CRLdate} Ks1 is transmitted to the distribution server 10 (step S232).

The distribution server 10 has a transaction ID
// \ Ks2 // KPmc6 // CRLdate \ Ks
1 (step S234), and the decryption processing unit 320
Performs a decryption process using the session key Ks1, the session key Ks2 generated by the license management module 511, the public encryption key KPmc6 unique to the license management module 511, and the certificate revocation list update date CR in the license management module 511.
Ldate is received (step S236).

The distribution control unit 315 generates the access restriction information ACm and the reproduction restriction information ACp according to the content ID and the license purchase condition data AC acquired in step S206 (step S238). Further, a license key Kc for decrypting the encrypted content data is obtained from the information database 304 (step S240).

The distribution control unit 315 determines the generated license, that is, the transaction ID, the content I
D, the license key Kc, the reproduction restriction information ACp, and the access restriction information ACm are provided to the encryption processing unit 326.
The encryption processing unit 326 encrypts the license with the public encryption key KPmc6 unique to the license management module 511 obtained by the decryption processing unit 320, and encrypts the encrypted data {transaction ID // content ID // K.
c // ACm // ACp｝ Kmc6 is generated (step S242).

Referring to FIG. 16, in distribution server 10, certificate revocation list CRL managed by license management module 511 is updated based on the update date and time CRLdate of the certificate revocation list transmitted from license management module 511. It is determined whether or not it is the latest, and when it is determined that it is the latest, the process proceeds to step S246. If it is not the latest, the process proceeds to step S252 (step S2
44).

When it is determined that the certificate revocation list CRL managed by the license management module 511 is the latest, the encryption processing unit 328 outputs the encrypted data {transaction ID // contents} output from the encryption processing unit 326. ID // Kc // ACm // ACp @ Kmc6 is encrypted with the session key Ks2 generated in the license management module 511, and the encrypted data @ transaction ID // content ID // K
c // ACm // ACp {Kmc6} Ks2 to bus BS
Output to 1. Then, the distribution control unit 315 determines that the bus BS
1 encrypted data {transaction ID // content ID // Kc // ACm // ACp {Kmc6}
Ks2 is transmitted to the personal computer 50 via the communication device 350 (step S246).

Then, controller 510 of personal computer 50 transmits the encrypted data {transaction ID // content ID // Kc // ACm // AC
p｝ Kmc6｝ Ks2 is received (step S248),
The license management module 511 calculates the encrypted data {transaction ID // content ID // Kc
// ACm // ACp {Kmc6} Ks2 is decrypted with the session key Ks2, and {transaction ID /
/ Content ID // Kc // ACm // ACp @ Km
c6 is received (step S250). Thereafter, the process proceeds to step S262.

If the distribution server 10 determines that the certificate revocation list CRL managed by the license management module 511 is not the latest, the distribution control unit 315
Acquires the latest certificate revocation list from the CRL database 306 via the bus BS1, and generates a difference CRL as difference data (step S252).

The encryption processing unit 328 includes the encryption processing unit 32
6 and the certificate control unit 315 receives the certificate revocation list difference CRL supplied via the bus BS1 and encrypts it with the session key Ks2 generated in the license management module 511. Encryption processing unit 32
8 encrypted data {difference CRL /// transaction ID // content ID // Kc // AC
m // ACp {Kmc6} Ks2 is transmitted to personal computer 50 via bus BS1 and communication device 350 (step S254).

The personal computer 50 transmits the encrypted data {differential CRL //} transaction I
D // content ID // Kc // ACm // ACp｝
Kmc6 @ Ks2 is received (step S256), and the license management module 511 sends the session key Ks2.
The received data is decrypted using the CRL and the encrypted data {transaction ID // content ID // Kc
// Acm // ACp @ Kmc6 is accepted (step S258).

The controller 510 sends the received difference CRL to the certificate revocation list CRL recorded in the HDD 530.
And performs an original encryption process to rewrite the certificate revocation list CRL in the HDD 530 (step S260).

Steps S246, S248, S250
Is the license key Kc when the certificate revocation list CRL managed by the license management module 511 is the latest.
Etc. to the license management module 511. Steps S252, S254, S256, S25
8. In S260, the license management module 511 such as the license key Kc when the certificate revocation list CRL managed by the license management module 511 is not the latest.
This is the distribution operation. In this way, based on the update date and time of the certificate revocation list sent from the license management module 511, it is determined whether the certificate revocation list CRL managed by the license management module 511 is the latest one by one.
When it is confirmed and not updated, the latest certificate revocation list CRLdate is obtained from the CRL database 306, and the difference CRL is distributed to the license management module 511, thereby obtaining the license management module 511.
Can prevent the license key Kc from being output to other license management modules, license management devices, memory cards, and content reproduction circuits whose licenses have been broken.

Step S250 or step S260
After that, the encryption license {transaction ID // content ID // Kc // ACm // ACp} Kmc6
Is decrypted with the secret decryption key Kmc6 and the license (license key Kc, transaction ID, content ID, access restriction information ACm, and reproduction restriction information A
Cp) is accepted (step S262).

In this way, the distribution server and the license management module exchange the generated encryption keys, execute encryption using the received encryption keys, and transmit the encrypted data to the other party. Thereby, the mutual authentication can be effectively performed even in the transmission and reception of each encrypted data, and the security of the data distribution system can be improved.

[0214] The license management module 511 determines whether or not the number of times of reproduction is restricted by the received access restriction information ACm. If the number of times of reproduction is not restricted, the flow shifts to step S266 to restrict the number of times of reproduction. Then, the process proceeds to step S268 (step S26).
4). Then, when the number of times of reproduction is not limited, the license management module 511 generates checkout information including the number of possible checkouts for lending the encrypted content and the license received from the distribution server 10 to another device ( Step S266). In this case, the initial value of the checkout is set to “3”. Further, when the number of times of reproduction is limited, the license management module 511 sets the number of possible check-outs for lending the encrypted content data to another device to “0” and generates check-out information (step). S268).

Referring to FIG. 17, after step S266 or step S268, license management module 5
11 generates a binding key Kb (step S2).
70), the received license (transaction ID,
The content ID, the license key Kc, the access restriction information ACm, and the reproduction restriction information ACp) and the checkout information are encrypted with the binding key Kb, and the encrypted confidential information @ transaction ID // content I
D // license key Kc // access restriction information ACm /
/ Reproduction restriction information ACp // checkout information $ Kb is generated (step S271). Then, the license management module 511 generates a transaction IDb and a content IDb for the binding license,
The reproduction restriction information ACpb that allows normal reproduction of the encrypted content data indefinitely is assigned (step S27).
2). Thereafter, the access restriction information ACm is copied as the access restriction information ACmb, and the reproduction count restriction is changed to no restriction (= 255) (step S273). At this time, the security flag is set in the license management module 51.
Since the distribution is to "1", it is always "1" indicating that management by software is possible.

Thereafter, the license management module 511
Communicates with the license management device 520 via the bus BS2.
Is given an instruction to output authentication data (step S27).
4). Controller 5 of license management device 520
220 receives an instruction to output authentication data via terminal 5226, interface 5224, and bus BS5.
Then, the controller 5220 sends the authentication data $ KPm7 / from the authentication data holding unit 5200 via the bus BS5.
/ Cm7｝ KPa is read out, and {KPm7 // Cm7｝ K
Pa is output via the bus BS5, the interface 5224, and the terminal 5226 (step S275).

The license management module 511 checks the authentication data $ KPm7 from the license management device 520.
In addition to // Cm7 @ KPa, a content ID, license purchase condition data AC, and a distribution request are received (step S276).

In the license management module 511, the authentication data $ KPm from the license management device 520 is used.
7 // Cm7 @ KPa is decrypted with the public authentication key KPa (step S277). Then, the license management module 511 determines from the decryption processing result whether or not the processing has been normally performed, that is, the license management device 520 holds the public encryption key KPm7 and the certificate Cm7 from the authorized license management device. In order to authenticate the user, an authentication process is performed to determine whether or not an authorized organization has received authentication data encrypted to prove its validity (step S278). If it is determined that the authentication data is valid, the license management module 51
1 approves and accepts the public encryption key KPm7 and the certificate Cm7. Then, the next processing (step S279)
Move to. If it is not valid authentication data, it is rejected and the process ends without accepting the public encryption key KPm7 and the certificate Cm7 (step S299k).

When the license management module 511 recognizes that the device is a legitimate device as a result of the authentication,
The HDD 530 is inquired as to whether or not the class certificate Cm7 of the license management device 520 is listed in the updated latest certificate revocation list CRL, and these class certificates are subjected to the updated latest certificate revocation list. If so, the distribution session is ended here (step S299k).

On the other hand, if the class certificate of the license management device 520 is not included in the certificate revocation list, the process moves to the next step (step S279).

As a result of the authentication, if it is confirmed that the access is from a license management device having valid authentication data and the class is out of the target of the certificate revocation list, the license management module 511 transmits a new session key. Ks2a is generated (step S280). The license management module 511 encrypts the session key Ks2a using the public encryption key KPm7, generates encrypted data {Ks2a} Km7 (step S281), and converts the encrypted data {Ks2a} Km7 into the license management device 520 via the bus BS2. (Step S2)
82). Then, the controller 5220 of the license management device 520 transmits the encrypted data $ K via the terminal 5226, the no-face 5224, and the bus BS5.
Upon receiving s2a @ Km7, the decryption processing unit 5222 decrypts the encrypted data {Ks2a} Km7 with the secret decryption key Km7 and receives the session key Ks2a (step S283).

Referring to FIG. 18, session key generating section 5218 generates session key Ks2b (step S284), and controller 5220 transmits the certificate recorded in CRL area 5215A of memory 5215 via bus BS5. Update date and time CRLd from revocation list CRL
ate and the changeover switch 52 via the bus BS5.
The update date and time CRLdate is given to the server 46 (Step S2)
85). The encryption processing unit 5206 includes a changeover switch 5246
Key K obtained by sequentially switching
s2b, public encryption key KPmc8, and update date and time CRL
date is encrypted with the session key Ks2a from the decryption processing unit 5222, and the encrypted data {Ks2b /
/ KPmc8 // CRLdate @ Ks2a,
The controller 5220 transmits the encrypted data {Ks2b //
KPmc8 // CRLdate @ Ks2a bus BS
5, and output via the interface 5224 and the terminal 5226 (step S286).

The license management module 511 stores the encrypted data {Ks2b // KPmc8 // CRLdat
e @ Ks2a is received and decrypted by the session key Ks2a to obtain the session key Ks2b and the public encryption key KPm.
c8 and the update date and time CRLdate are received (step S287). And the license management module 5
Reference numeral 11 denotes a binding license (transaction IDb, content IDb, binding key Kb, access restriction information ACmb, and reproduction restriction information ACp).
b) is encrypted using the public encryption key KPmc8 and encrypted data {transaction IDb // content IDb
// Kb // ACmb // ACpb｝ KPmc8 is generated.

Thereafter, the license management module 511
Is a CRL area 5215 of the memory 5215 of the license management device 520 based on the update date and time CRLdate.
It is determined whether or not the certificate revocation list CRL recorded in A is the latest.
Move to. If it is not the latest, step S292
The process proceeds to (Step S289).

Memory 5 of License Management Device 520
When it is determined that the certificate revocation list CRL recorded in the CRL area 5215A of the H.215 is the latest, the license management module 511 transmits the encrypted data {transaction IDb // content IDb // Kb // ACmb.
// ACpb @ KPmc8 to license management device 5
20, encryption is performed using the session key Ks2b generated, and the encrypted data {transaction I
Db // content IDb // Kb // ACmb // A
It generates Cpb {KPmc8} Ks2b and outputs it to the license management device 520 (step S290).

Then, controller 5220 of license management device 520 transmits encrypted data {transaction IDb // content IDb // via terminal 5226, interface 5224, and bus BS5.
Kb // ACmb // ACpb｝ KPmc8｝ Ks2b
The decryption processing unit 5212 receives the encrypted data {transaction IDb // content IDb // Kb /
/ ACmb // ACpb {KPmc8} Ks2b is decrypted with the session key Ks2b, and the encrypted data {transaction IDb // content IDb // K
b // ACmb // ACpb @ KPmc8 is received (step S291). Thereafter, step S2 in FIG.
Move to 96.

On the other hand, if it is determined in step S289 that the certificate revocation list CRL recorded in the CRL area 5215A of the memory 5215 of the license management device 520 is not the latest, the license management module 511 sends the license revocation list via the bus BS2. The latest certificate revocation list CRL is obtained from the HDD 530, and a difference CRL, which is difference data, is generated (step S292). Then, the license management module 511 determines the difference C of the certificate revocation list supplied from the HDD 530 via the bus BS2.
RL, encrypted data @ transaction IDb
/// content IDb // Kb // ACmb // ACp
b｝ Kmc8 and the difference CRL of the certificate revocation list are encrypted with the session key Ks2b generated in the license management device 520, and the encrypted data ｛difference CRL // ｛transaction IDb // content I
Db // Kb // ACmb // ACpb {Kmc8} K
s2b is output to the license management device 520 (step S293).

The controller 5220 of the license management device 520 includes a terminal 5226, an interface 522
4, and encrypted data ｛difference CR via bus BS5
L // @ Transaction IDb // Content IDb
// Kb // ACmb // ACpb｝ Kmc8｝ Ks2
b, the decryption processing unit 5212 receives the encrypted data {difference CRL // {transaction IDb // content IDb // Kb // ACmb // ACpb {Kmc8}
Ks2b is decrypted with the session key Ks2b, and the difference CRL and the encrypted data {transaction IDb //
Content IDb // Kb // ACmb // ACpb｝
Kmc8 is accepted (step S294).

The controller 5220 has a memory 5215
The certificate revocation list CRL recorded in the CRL area 5215A is updated with the received difference CRL (step S295). Steps S290 and S291 are operations for transmitting the binding license to the license management device 520 when the certificate revocation list CRL recorded in the CRL area 5215A of the memory 5215 of the license management device 520 is the latest.
2, S293, S294, and S295 correspond to the CRL area 5215 of the memory 5215 of the license management device 520.
This is an operation of transmitting the binding license to the license management device 520 when the certificate revocation list CRL recorded in A is not the latest. As described above, the memory 5215 is based on the update date and time CRLdate of the certificate revocation list sent from the license management device 520.
Of the certificate revocation list CRL recorded in the CRL area 5215A of each of the above, and if it is not the latest, it is transmitted to the latest certificate revocation list CRL updated by the differential CRL received from the distribution server 10. I do.

Referring to FIG. 19, after step S 291 or step S 295, decoding processing section 5204 determines that Km
c using the secret decryption key Kmc8 from the c holding unit 5202 {transaction IDb // contents I
Db // Kb // ACmb // ACpb @ Kmc8 is decrypted, and transaction IDb, content IDb, binding key Kb, access restriction information ACmb, and reproduction restriction information ACpb are received (step S29).
6).

As described above, the encryption keys generated by the license management device and the license management module are exchanged, encryption is performed using the encryption keys received by each other, and the encrypted data is transmitted to the other party. Thereby, the mutual authentication can be effectively performed even in the transmission and reception of each encrypted data, and the security of the data distribution system can be improved.

Then, the license management module 5
11 inputs the entry number for storing the binding license to the license management device 520 via the bus BS2 (step S297). The controller 5220 of the license management device 520 has a terminal 5
226, the interface 5224, and the entry number received via the bus BS5, and the transaction IDb, the content IDb, the binding key Kb, the access restriction information ACmb received in the license area 5215B of the memory 5215 specified by the received entry number. And the playback restriction information ACpb (step S298).

Then, the license management module 511
Is the transaction ID sent from the distribution server 10.
And a distribution request for the encrypted content data.
0 (step S299).

The distribution server 10 has a transaction ID
And the distribution request of the encrypted content data is received (step S299a), and the encrypted content data {Dc} Kc and the additional information Dc are received from the information database 304.
-Inf, and outputs these data via the bus BS1 and the communication device 350 (step S299).
b).

The license management module 511 stores the $ D
c @ Kc // Dc-inf is received, and the encrypted content data $ Dc @ Kc and additional information Dc-inf are received (step S299c). Then, the license management module 511 sends the encrypted content data $ D
c @ Kc and the additional information Dc-inf are recorded on the HDD 530 via the bus BS2 (step S299d).
The license management module 511 also stores the recorded encrypted content data {Dc} Kc and the additional information Dc, including the entry number of the binding license, the encrypted confidential information, the transaction ID, and the content ID.
A license management file for -inf is generated, and the license management file is transmitted to the license management device 520 via the bus BS2 (step S299).
e). Control unit 5220 of license management device 520
Receives the license management file via the terminal 5226, the interface 5224, and the bus BS5, and records the received license management file in the management file area 5215C of the memory 5215 (step S2).
99f). After that, the license management module 511
Appends the name of the received content to the content list file recorded in the HDD 530 (step S299g), and transmits the transaction ID and the distribution reception to the distribution server 10 (step S299h).

The distribution server 10 has a transaction ID
// Upon receiving the distribution acceptance (step S299i), the accounting data is stored in accounting database 302, and the transaction ID is recorded in distribution record database 308, and the process of terminating the distribution is executed (step S299j). Is completed (step S29).
9k).

Thus, the license management module 5
11 exchanges data with the distribution server 10 by software, and receives the encrypted content data and the license from the distribution server 10 by software. Also, the received encrypted content data is stored in the HDD 5.
The license is encrypted with the binding key Kb to create encrypted confidential information, which is stored in the license management file. Then, the binding key Kb for decrypting the encrypted confidential information and the license management file are stored in the license management device 520. In this case, without the binding key Kb, the license received by the license management module 511 cannot be obtained. Therefore, the binding key Kb
Manages the license received by the license management module 511, and the binding key Kb is stored in the license management device 520.
Is stored in the license management device 520 in the same manner as the license acquired by the license management device 520. Accordingly, the license received by the license management module 511 and the license received by the license management device 520 can be managed in the same manner.

In the embodiment of the present invention, a new binding key Kb is generated each time the encrypted content data and the license are received by the license management module 511.

[Ripping] Next, generation of encrypted content data and a license by ripping from a music CD on which music data is recorded will be described.

FIGS. 20 to 23 are first to fourth flowcharts for generating encrypted content data and a license from a music CD by ripping.

Referring to FIG. 20, when the ripping operation is started, a rule for using a watermark is detected based on music data detected by CD-ROM drive 540 from a music CD (step S700). Then, it is determined whether or not duplication is possible based on the detected usage rule of the watermark (step S701). If the usage rule of the watermark has regularity, the process proceeds to step S702. If the usage rule of the watermark does not have regularity, copying is prohibited, and the process proceeds to step S743 and the ripping operation ends. If the watermark is not included in the mounted CD, the process proceeds to step S705.

If it is determined in step S701 that the watermark usage rule has regularity, the music C
The music data is fetched from D, and the license management module 511 replaces the watermark included in the music data with the watermark whose duplication condition has been changed (step S702). In other words, if the watermark usage rule permits the copying up to three times, the watermark is replaced with the watermark whose number of times of copying is set to two. Then, the license management module 511 generates the access restriction information ACm and the reproduction restriction information ACp that reflect the usage rule (step S703). Thereafter, the license management module 511 generates check-out information including the number of possible check-outs reflecting the usage rule (step S7).
04).

On the other hand, if it is determined in step S701 that no watermark is detected and there is no usage rule, the license management module 511 prohibits the license transfer flag from moving (= 0) and limits the number of times of reproduction. None (= 255), access restriction information ACm that allows security flag to be managed by software (= 1)
And the reproduction restriction information ACp that allows normal reproduction indefinitely (step S705). Thereafter, the license management module 511 generates check-out information including the number of possible check-outs whose initial value is 3 (step S706).

After step S704 or S706, the license management module 511 generates a license key Kc (step S707), generates a transaction ID and a content ID (step S708), and further generates a binding key Kb (step S708). S7
09).

Referring to FIG. 21, license management module 511 combines generated license (transaction ID, content ID, license key Kc, reproduction restriction information ACm, reproduction restriction information ACp) and checkout information with binding key Kb. Confidential information, which is encrypted by means of {Transaction ID // Content I
D // license key Kc // access restriction information ACm /
/ Reproduction restriction information ACp // checkout information $ Kb is generated (step S710). Then, the license management module 511 generates the transaction IDb and the content IDb, and assigns the reproduction restriction information ACpb that allows normal reproduction indefinitely (step S71).
1). After that, the license management module 511 copies the access restriction information ACm as the access restriction information ACmb, and changes the reproduction count restriction to no restriction (= 255) (step S712).

The license management module 511 gives an instruction to output the authentication data to the license management device 520 via the bus BS2 (step S712a). The controller 5220 of the license management device 520
Terminal 5226, interface 5224 and bus BS
5, an authentication data output instruction is received. Then, controller 5220 sends authentication data {KPm7 // Cm7} from authentication data holding unit 5200 via bus BS5.
KPa is read, and {KPm7 // Cm7} KPa is output via bus BS5, interface 5224, and terminal 5226 (step S713).

[0247] The license management module 511 checks the authentication data $ KPm7 from the license management device 520.
In addition to // Cm7 @ KPa, a content ID, license purchase condition data AC, and a distribution request are received (step S714).

In license management module 511, authentication data {KPm} from license management device 520.
7 / Cm7 @ KPa is decrypted with the public authentication key KPa (step S715). Then, the license management module 511 determines from the decryption processing result whether or not the processing has been normally performed, that is, the license management device 520 holds the public encryption key KPm7 and the certificate Cm7 from the authorized license management device. In order to authenticate, authentication processing is performed to determine whether or not an authorized organization has received authentication data encrypted for certifying its validity (step S716). If it is determined that the authentication data is valid, the license management module 51
1 approves and accepts the public encryption key KPm7 and the certificate Cm7. Then, the next processing (step S717)
Move to. If it is not valid authentication data, it is rejected and the process ends without accepting the public encryption key KPm7 and the certificate Cm7 (step S743).

[0249] As a result of the authentication, if it is recognized that the device is a legitimate device, the license management module 511 next proceeds
The HDD 530 is checked whether or not the class certificate Cm7 of the license management device 520 is listed in the certificate revocation list CRL. The ripping ends (step S743).

On the other hand, if the class certificate of the license management device 520 is out of the target of the certificate revocation list, the process moves to the next process (step S717).

As a result of the authentication, if it is confirmed that the access is from a license management device having valid authentication data and the class is out of the target of the certificate revocation list, the license management module 511 transmits a new session key. Ks2 is generated (step S718). The license management module 511 encrypts the session key Ks2 with the public encryption key KPm7, and generates the encrypted data {Ks
2Km7 is generated (step S719), and the encrypted data {Ks2} Km7 is output to the license management device 520 via the bus BS2 (step S720). Then, the controller 5220 of the license management device 520 has the terminal 5226, the interface 522
4, and the encrypted data {Ks2} via the bus BS5.
Receiving Km7, decryption processing section 5222 decrypts encrypted data {Ks2} Km7 using secret decryption key Km7 and receives session key Ks2 (step S72).
1).

Referring to FIG. 22, session key generating section 5218 generates session key Ks2a (step S722), and controller 5220 transmits the certificate revocation list CRL from CRL area 5215A of memory 5215 via bus BS5. The update date and time CRLdate is acquired, and the update date and time CRLdate is given to the changeover switch 5246 via the bus BS5 (step S723). The encryption processing unit 5206 encrypts the session key Ks2a, the public encryption key KPmc8, and the update date and time CRLdate obtained by sequentially switching the changeover switch 5246 using the session key Ks2 from the decryption processing unit 5222 to encrypt the data {Ks2a / / KPmc8 //
CRLdate @ Ks2 is generated, and the controller 522
0 is the encrypted data {Ks2a // KPmc8 // CR
Ldate @ Ks2 is transferred to bus BS5, interface 52
24, and output via a terminal 5226 (step S724).

The license management module 511 stores the encrypted data {Ks2a // KPmc8 // CRLdat
e｝ Ks2 is received, decrypted by the session key Ks2, and the session key Ks2a and the public encryption key KPmc are received.
8 and the update date and time CRLdate are received (step S725). Then, the license management module 51
1 is a binding license (transaction I
Db, content IDb, binding key Kb, access restriction information ACmb, and reproduction restriction information ACpb)
Is encrypted with the public encryption key KPmc8, and the encrypted data {transaction IDb // content IDb //
Kb // ACmb // ACpb｝ Kmc8 is generated (step S726).

Thereafter, the license management module 511
Is a CRL area 5215 of the memory 5215 of the license management device 520 based on the update date and time CRLdate.
It is determined whether the certificate revocation list stored in A is the latest. If it is determined that the certificate revocation list is the latest, the process shifts to step S728. If the certificate revocation list is not the latest, the process proceeds to step S730 (step S727).

When the certificate revocation list is determined to be the latest, the license management module 511 sends the encrypted data {transaction IDb // content IDb // K
b // ACmb // ACpb @ Kmc8 with the session key K generated in the license management device 520
s2a, and encrypts the encrypted data {transaction IDb // content IDb // Kb // A
Generate Cmb // ACpb {Kmc8} Ks2a and output it to license management device 520 (step S7)
28).

The controller 5220 of the license management device 520 sends the encrypted data {transaction IDb // content IDb // via the terminal 5226, the interface 5224 and the bus BS5.
Kb // ACmb // ACpb {Kmc8} Ks2a is received, and decryption processing section 5212 encrypts data {transaction IDb // content IDb // Kb //
ACmb // ACpb {Kmc8} Ks2a is decrypted with session key Ks2a, and encrypted data {transaction IDb // content IDb // Kb //
ACmb // ACpb @ Kmc8 is received (step S729). Thereafter, the flow shifts to step S734 in FIG.

On the other hand, if it is determined in step S727 that the certificate revocation list is not the latest, the license management module
0, the latest certificate revocation list CRL is obtained, and a difference CRL that is difference data is generated (step S73).
0). Then, the license management module 511
In response to the difference CRL of the certificate revocation list supplied from DD 530 via bus BS2, encrypted data {transaction IDb // content IDb // Kb // A
Cmb // ACpb @ Kmc8 and the difference CRL of the certificate revocation list are encrypted with the session key Ks2a generated in the license management device 520, and the encrypted data {difference CRL //} transaction IDb
/// content IDb // Kb // ACmb // ACp
b｝ Kmc8｝ Ks2a to license management device 52
0 (step S731).

The controller 5220 of the license management device 520 includes a terminal 5226, an interface 522
4, and encrypted data ｛difference CR via bus BS5
L // @ Transaction IDb // Content IDb
// Kb // ACmb // ACpb｝ Kmc8｝ Ks2
a, the decryption processing unit 5212 receives the encrypted data {difference CRL // {transaction IDb // content IDb // Kb // ACmb // ACpb {Kmc8}
Ks2a is decrypted with the session key Ks2a, and the differential CRL and the encrypted data {transaction IDb //
Content IDb // Kb // ACmb // ACpb｝
Kmc8 is accepted (step S732).

Referring to FIG. 23, after step S729 or step S733, decoding processing section 5204 determines that Km
c using the secret decryption key Kmc8 from the c holding unit 5202 {transaction IDb // contents I
Db // Kb // ACmb // ACpb @ Kmc8 is decrypted, and transaction IDb, content IDb, binding key Kb, access restriction information ACmb, and reproduction restriction information ACpb are received (step S73).
4).

Then, the license management module 5
11 inputs the entry number for storing the binding license to the license management device 520 via the bus BS2 (step S735). The controller 5220 of the license management device 520 has a terminal 5
226, the interface 5224, and the entry number received via the bus BS5, and the transaction IDb, the content IDb, the binding key Kb, the access restriction information ACmb received in the license area 5215B of the memory 5215 specified by the received entry number. And the playback restriction information ACpb (step S736).

The license management module 511
Generates content data Dc by encoding the music data obtained from the music CD into a predetermined format.
37) The content data is encrypted with the license key Kc to generate encrypted content data {Dc} Kc (step S738). Thereafter, the license management module 511 generates additional information Dc-inf of the content data based on the information from the user input via the keyboard 560 and the information from the music CD (step S739), and the encrypted content. Data No. D
The c @ Kc and the additional information Dc-inf are recorded on the HDD 530 via the bus BS2 (step S739a).

Then, the license management module 5
11 is the generated license (transaction ID,
Content ID, license key Kc, access restriction information ACm, and reproduction restriction information ACp) and step S70
4 or the confidential information generated by encrypting the chuck-out information generated in step S706 with the binding key Kb (step S740). Then, the license management module 511 records the encrypted encrypted content data $ D including the encrypted confidential information and the plaintext transaction ID and content ID.
A license management file for c @ Kc and the additional information Dc-inf is created, and a license management device 520 is created.
The license management file is transmitted to (S741). The control unit 5220 of the license management device 520 includes a terminal 5226, an interface 5224, and a bus BS5.
And records the received license management file in the management file area 5215C of the memory 5215 (step S741).
a). After that, the license management module 511
The received content name is added to the content list file recorded in the DD 530 (step S74).
2), the entire process ends (step S743).

As described above, encrypted content data and a license can be obtained from a music CD by ripping. Then, the encrypted content data and the license obtained by ripping from the music CD are managed by the same method as the encrypted content data and the license obtained by the license management module 511.

FIGS. 14, 15, 16, 17, and 18
And storing the binding license in the license management device 520 in the distribution 2 flowchart shown in FIG. 19 from step S274 to step S29.
8 and FIGS. 20, 21, 22, and 23.
Are the same processes in steps S712a to S739 in the ripping flowchart shown in FIG.

With reference to FIG. 24, the management of the encrypted content data and the license received by license management module 511 or license management device 520 of personal computer 50 will be described. The HDD 530 of the personal computer 50 stores the content list file 150 and the content file 1
531 to 153n.

[0266] The content list file 150 is a data file in the form of a list of owned content, and stores information (music name, artist name, etc.) for each content, content files 1531 to 153n, and a license management file 1521 to 152n. Information (file name). The information for each content is described automatically when receiving necessary information from the additional information Data-inf at the time of reception, or described by a user's instruction. Also, only content files,
Alternatively, contents that cannot be reproduced only by the license management file can be managed in the list.

Content files 1531 to 153n
Is a file for recording the encrypted content data {Dc} Kc and the additional information Dc-inf received by the license management module 511 or the license management device 520, and is provided for each content.

The memory 5215 of the license management device 520 stores a license area 521 including the license acquired in the distribution 1 and the binding license.
5B and a management file area 5215C including the license management files 1521 to 152n.

License management files 1521 to 152
n is the content files 1531 to 153n, respectively.
And the license management module 5
11 or a file for managing the license received by the license management device 520. As is clear from the above description, the license cannot be normally referred to, but there is no problem in terms of copyright protection as long as the user cannot rewrite other information except the license key Kc. However, it is not preferable to manage separately from the license key Kc in operation because it leads to a decrease in security. Therefore, a copy of a transaction ID and a content ID that can be referred to in plain text when receiving license distribution, and a copy of items restricted by the access control information ACm and reproduction control information ACp that can be easily determined from the license purchase condition AC are written in plain text. Record. Further, when a license is recorded in the license management device 520, an entry number is recorded, and confidential information (license and tick-out information) is recorded for a license under the control of the license management module 511. The confidential information is stored in the license management module 51.
The license and the checkout information received are encrypted by the binding key generated in step 1.

License management files 1521, 152
2, 1524, and 151n include entry numbers 0, 1, 2, and m, respectively. This is received by the license management device 520 and the license management device 5
The licenses managed in the license area 5215B of the memory 5215 (the license ID, the license key Kc, the access restriction information ACm, and the reproduction time limit AC)
m) is a number that specifies the management area.

Therefore, content list file 1
When moving the encrypted content data recorded on the storage terminal 531 to the memory card 110 attached to the playback terminal 100, the name of the encrypted content data to be moved is specified in the content list file 150, and the content corresponding to the specified name is specified. Extract the file name of the file and the file name of the license management file. Then, the content files 1531 to 153n are searched to extract the content file 1531, and the encrypted content data to be moved is read from the content file 1531.

On the other hand, the file name of the license management file corresponding to content file 1531 is input to license management device 520, and license management file 1521 is read from management file area 5215C based on the input file name. Then, the entry number “0” stored in the license management file 1521 is read, and the read entry number “0” is read.
, The license recorded in the area designated by the entry number “0” is read. As a result, the license for decrypting the encrypted content data to be moved is read from the license management device 520.

Then, after copying the license, if copying of the license is prohibited, the license in the entry number 0 designated in the license area 5215B of the memory 5215 is deleted. "No license" is recorded like 1523.

The confidential information storing the license of the encrypted content data received by the license management module 511 is stored in the license management file 152.
2, 152n. The license management files 1522 and 152n include confidential information obtained by encrypting a license for reproducing the encrypted content data received by the license management module 511 using a binding key, and an entry number for specifying an area in which the binding license is stored. And

Then, for example, when moving the encrypted content data recorded in the content file 1532 to the personal computer 80, the content files 1531 to 153n are searched based on the file name specified in the content list file 150, and the content file is searched. 1532, and reads the encrypted content data from the content file 1532.
In addition, the file name of license management file 1522 corresponding to content file 1532 is input to license management device 520, and license management file 1522 is read based on the file name. Then, the entry number “1” is obtained from the license management file 1522, the binding key Kb stored in the area specified by the obtained entry number “1” is obtained, and the confidential information is obtained by the obtained binding key Kb. Decrypt and obtain a plaintext license. Therefore, the license of the encrypted content data obtained by the license management module 511 cannot be obtained without the binding key Kb. That is, it is considered that the binding license including the binding key Kb is a license for acquiring the license acquired by the license management module 511.

Then, the license management module 5
Similarly, the license of the encrypted content data acquired by the license management device 520 and the license of the encrypted content data acquired by the license management device 520 correspond to the license area 5215 of the memory 5215 of the license management device 520.
B.

When there are a plurality of pieces of encrypted content data obtained by the license management module 511, a new binding license is generated each time the encrypted content data and the license are obtained.

[Move 1] In the data distribution system shown in FIG. 1, the reproduction terminal 100 reproduces the encrypted content data and the license distributed from the distribution server 10 to the license management device 520 of the personal computer 50.
The operation of transmitting data to the memory card 110 inserted in the device will be described. This operation is referred to as “movement 1”.

FIGS. 25 to 28 show that in the data distribution system shown in FIG. 1, the license management device 520 moves the encrypted content data and the license received from the distribution server 10 to the memory card 110 mounted on the reproduction terminal 100. It is the 1st-4th flowchart for demonstrating a moving operation.

Referring to FIG. 25, when a move request is input from keyboard 560 of personal computer 50 (step S300), controller 510 causes
The authentication data transmission request a is transmitted to the USB interface 55
0, the terminal 580, and the USB cable 70 to the playback terminal 100 (step S302). Then, the controller 1106 of the playback terminal 100 communicates with the terminal 1114, the USB interface 1112, and the bus B
A transmission request for authentication data is received via S3, and the bus BS
3 and a request to transmit authentication data to the memory card 110 via the memory card interface 1200. Then, the controller 142 of the memory card 110
0 receives a request for transmitting authentication data via the terminal 1426, the interface 1424, and the bus BS4 (step S304).

Upon receiving authentication data transmission request a, controller 1420 transmits authentication data {KPm3 // Cm3} KPa from authentication data holding unit 1400 to bus BS4.
And the read authentication data {KPm3 /
/ Cm3 @ KPa to bus BS4, interface 142
4 and the terminal 1426 to the playback terminal 100. Then, the controller 1106 of the playback terminal 100
Are the memory card interface 1200 and the bus B
Authentication data via S3 {KPm3 // Cm3} KPa
Received, bus BS3, USB interface 111
2, authentication data $ KPm3 // to the personal computer 50 via the terminal 1114 and the USB cable 70.
Cm3 @ KPa is transmitted (step S306).

Then, the personal computer 50
Controller 510 receives authentication data {KPm3 // C via terminal 580 and USB interface 550.
m3 @ KPa is received (step S308), and the received authentication data {KPm3 // Cm3} KPa is transferred to the bus B.
The data is transmitted to the license management device 520 via S2. Controller 52 of license management device 520
Reference numeral 20 denotes the authentication data {KPm3 // Cm via the terminal 5226, the interface 5224, and the bus BS5.
3 KPa is received and the received authentication data KPm
3 // Cm3｝ KPa is supplied to the decoding processing unit 5208.
Authentication processing section 5208 uses authentication key KPa from KPa holding section 5214 to generate authentication data {KPm3 // Cm3}.
A KPa decryption process is performed (step S310). The controller 5220 determines from the decryption processing result in the decryption processing unit 5208 whether or not the processing has been normally performed, that is, whether the memory card 110 holds the public encryption key KPm3 and the certificate Cm3 from the authorized memory card. In order to perform authentication, an authenticating process is performed to determine whether or not authentication data that has been encrypted for certifying its validity has been received by an authorized organization (step S312). If it is determined that the authentication data is valid, the controller 5220
Approves the public encryption key KPm3 and the certificate Cm3,
Accept. Then, control goes to the next process (step S314). If it is not valid authentication data, it is rejected and the process ends without accepting the public encryption key KPm3 and the certificate Cm3 (step S404).

[0283] As a result of the authentication, if the controller 5220 recognizes that the memory card is a legitimate memory card, the controller 5220 next determines whether or not the class certificate Cm3 of the memory card 110 is listed in the certificate revocation list CRL. Reference is made to the CRL area 5215A of the 5215, and if these class certificates are included in the certificate revocation list, the movement operation is ended here (step S40).
4).

On the other hand, if the class certificate of the memory card 110 is out of the target of the certificate revocation list, the process shifts to the next processing (step S314).

As a result of the authentication, it is confirmed that the access is from a portable telephone equipped with a memory card having valid authentication data, and that the class is out of the target of the certificate revocation list. In step S316, the transaction ID 5220 acquires a transaction ID, which is a management code for specifying the transfer, from the license area 5215B of the memory 5215.
Then, the session key generation unit 5218 generates a session key Ks22 for movement (step S31).
8). The session key Ks22 is stored in the decryption processing unit 5208.
Is encrypted by the encryption processing unit 5210 using the public encryption key KPm3 corresponding to the memory card 110 obtained in step S320 (step S320). Controller 522
0 is the encrypted data {Ks22} K via the bus BS5.
m3, and adds the transaction ID obtained from the memory 5215 to the encrypted data {Ks22} Km3, and outputs the transaction ID // {Ks22} Km3 via the bus BS5, the interface 5224, and the terminal 5226 (step S322).

Referring to FIG. 26, controller 510 of personal computer 50 receives transaction ID // {Ks22} Km3 via bus BS2 (step S324), and receives the USB interface 550,
The transaction ID /// {Ks22} Km3 is supplied to the reproduction terminal 10 via the terminal 580 and the USB cable 70.
0 (step S324). Then, the controller 1106 of the playback terminal 100 connects to the terminal 1114,
A transaction ID // $ Ks22 @ Km3 is received via the USB interface 1112 and the BS3, and the received transaction ID // $ Ks2
2 @ Km3 is transmitted to the memory card 110 via the memory card interface 1200. The controller 1420 of the memory card 110 has a terminal 1426,
The transaction ID // {Ks22} Km3 is received via the interface 1424 and the bus BS4 (step S326). The decoding processing unit 1422 outputs {Ks22} K from the controller 1420 via the bus BS4.
m3, and receives the secret decryption key K from the Km holding unit 1421.
Decrypt {Ks22} Km3 with m3 and accept the session key Ks22 (step S328). Then, the session key generation unit 1418 generates a session key Ks2 (step S330), and the controller 1
420 is the CRL of the memory 1415 via the bus BS4.
The update date and time CRLdate of the certificate revocation list CRL is obtained from the area 1415A, and the obtained update date and time CRL is obtained.
is given to the changeover switch 1446 (step S
332).

Then, encryption processing section 1406 encrypts session key Ks2, public encryption key KPmc4 and update date and time CRLdate obtained by sequentially switching the terminals of changeover switch 1446, using session key Ks22 decrypted by decryption processing section 1404. And encrypted data {Ks2 // KPmc4 // CRL
date @ Ks22 is generated. Controller 1420
Is the encrypted data {Ks2 // KPmc4 // CRLd
ate @ Ks22 to bus BS4, interface 142
4 and the terminal 1426 to the playback terminal 100, and the controller 1106 of the playback terminal 100 transmits the encrypted data {Ks2 // KPmc4 // CRLdate} Ks22 via the memory card interface 1200.
Receive. Then, the controller 1106 transmits the data to the personal computer 50 via the USB interface 1112, the terminal 1114, and the USB cable 70 (Step S334).

The controller 510 of the personal computer 50 has a terminal 580 and a USB interface 5.
50 and the encrypted data {Ks2 // KPmc4 //
CRLdate @ Ks22 is received (step S33)
6), encrypted data {Ks2 // K via bus BS2
Pmc4 // CRLdate @ Ks22 is input to the license management device 520 (step S338). Controller 5220 of license management device 520
Transmits the encrypted data {Ks2 // KPmc4 / via the terminal 5226, the interface 5224 and the bus BS5.
/ CRLdate \ Ks22 and the received encrypted data {Ks2 // KPmc4 // CRLdat
e｝ Ks22 is given to the decryption processing unit 5212. The decryption processing unit 5212 uses the session key Ks22 from the session key generation unit 5218 to generate the encrypted data {Ks2 /
/ KPmc4 // CRLdate @ Ks22 is decoded,
The session key Ks2, the public encryption key KPmc4, and the update date / time list CRLdate are received (step S3).
40).

Then, controller 5220 searches for a license management file based on the input file name, and stores the license entry number included in the searched license management file in management file area 52.
15C (step S342). Then, the controller 5220 reads the transaction ID, the content ID, the license key Kc, the access restriction information ACm, and the reproduction restriction information ACp from the area specified by the obtained entry number (Step S344).

According to the reception of access restriction information ACm,
The controller 5220 checks the access restriction information ACm (Step S346). That is, the controller 5
The license 220 to be transferred to the memory card 110 attached to the playback terminal 100 is based on the acquired access restriction information ACm.
Confirm three items. First, it is confirmed that the movement flag is movable. If the movement flag is prohibited, movement is not possible. Second, it confirms that the security level of the destination is a level permitted by the security flag. Based on the certificate Cm3 received in step S312, whether the license is managed by hardware or software at the destination of the license can be identified by confirming the contents of the certificate Cm3, By comparing with a security flag in the access restriction information ACm, it is determined whether the license can be transferred. Third, if the license does not allow the reproduction of the encrypted content data, that is, if the number of times of reproduction has reached the limit number of access restriction information ACm, the encrypted content data cannot be reproduced by the license. This is because there is no point in moving the encrypted content data and the license to the memory card 110 mounted on the reproduction terminal 100. When the above three items are satisfied, it is determined that the license can be moved, and the process proceeds to step S348.

If it is determined in step S346 that at least one of the above three items is not satisfied, the flow shifts to step S404, and the moving operation ends.

Referring to FIG. 27, encryption processing section 5217
Encrypts the license using the public encryption key KPmc4 unique to the license management device 520 obtained by the decryption processing unit 5212, and encrypts the encrypted data {transaction ID // content ID // Kc // ACm // AC
Generate p｝ Kmc4 (step S348). Then, the update date and time CRLdate of the certificate revocation list transmitted from the memory card 110 and the CRL of the memory 5215 are stored.
Certificate revocation list CR stored in area 5215A
L, and obtains the update date and time.
Compare whether the RL is new, and check the CRL area 5 in the memory 5215.
Certificate revocation list CRL stored in memory card 110 and certificate revocation list CRL stored in memory card 110
Judge the old and new. When the certificate revocation list CRL stored in the memory card 110 is newer or the same, the process proceeds to step S350. Conversely, if the certificate revocation list CRL stored in the memory card 110 is older, the process moves to step S362 (step S350).

When it is determined that the certificate revocation list CRL stored in the memory card 110 is newer or the same, the encryption processor 5206
7 encrypted data output @ transaction ID
/// Content ID // Kc // ACm // ACp @ K
mc4 is encrypted using the session key Ks2 generated by the session key generation unit 5218, and the encrypted data {transaction ID // content ID}
// Kc // ACm // ACp {Kmc4} Ks2 is output to the bus BS5. And the controller 5220
Is the encrypted data on the bus BS5 {transaction ID // content ID // Kc // ACm // AC
It transmits p @ Kmc4 @ Ks2 to the personal computer 50 via the interface 5224 and the terminal 5226 (step S352). And the controller 5
220 is a license area 5215B of the memory 5215
The license within the entry number specified in is deleted (step S354).

The controller 510 of the personal computer 50 transmits the encrypted data {transaction ID /
/ Content ID // Kc // ACm // ACp @ Km
c4 @ Ks2 is received, the USB interface 550,
The data is transmitted to the reproduction terminal 100 via the terminal 580 and the USB cable 70 (step S356).

Controller 1106 of playback terminal 100
Is the encrypted data via the terminal 1114, the USB interface 1112, and the bus BS3 {transaction ID // content ID // Kc // ACm // A
Cp {Kmc4} Ks2 is received, and the received encrypted data {transaction ID // content ID /
/ Kc // ACm // ACp {Kmc4} Ks2 is transmitted to the memory card 110 via the bus BS3 and the memory card interface 1200. The controller 1420 of the memory card 110 has a terminal 1426,
Encrypted data via terminal 1424 and bus BS4 {transaction ID // content ID // Kc
// ACm // ACp {Kmc4} Ks2 is received (step S358).

Decryption processing section 1412 of memory card 110
Is the encrypted data {transaction ID // content ID // Kc // ACm // ACp {Kmc4} K
s2 is received via the bus BS4, decrypted with the session key Ks2 generated by the session key generation unit 1418, and {transaction ID // content ID // Kc // ACm // ACp} Kmc4 is received (step S360). . Thereafter, the flow shifts to step S376 shown in FIG.

On the other hand, if it is determined in step S350 that the certificate revocation list CRL stored in memory card 110 is older, license management device 520
Controller 5220 obtains the latest certificate revocation list data CRL from the CRL area 5215A of the memory 5215 via the bus BS5 (step S36).
2).

[0298] The encryption processing unit 5206 includes an encryption processing unit 521.
7 and the certificate revocation list data CRL acquired by the controller 5220 from the memory 5215 via the bus BS5 via the changeover switches 5242 and 5246, respectively, and the session key generator 521
8 encrypts with the session key Ks2 generated. Encrypted data output from encryption processing section 5206 {CRL // @ transaction ID // content ID / interface 5224 and terminal 5226
(Step S364). And the controller 5220
The license in the designated entry number in the license area 5215B of the memory 5215 is deleted (step S366).

The controller 510 of the personal computer 50 outputs the encrypted data {CRL /// transaction ID // content ID // Kc // A
Cm // ACp {Kmc4} Ks2 is received, and encrypted data {CRL // {transaction ID // content ID // Kc // ACm // via the USB interface 550, the terminal 580, and the USB cable 70.
ACp {Kmc4} Ks2 is transmitted to reproduction terminal 100 (step S368). The controller 1106 of the playback terminal 100 includes a terminal 1114, a USB interface 11
12, and the encrypted data @CRL via the bus BS3
// Transaction ID // Content ID // K
c // ACm // ACp {Kmc4} Ks2
Bus BS3 and memory card interface 1200
Encrypted data {CRL //} transaction ID // content ID // Kc // ACm // AC
Transmit p｝ Kmc4｝ Ks2 to memory card 110. Then, the controller 142 of the memory card 110
0 indicates encrypted data {CRL /// transaction ID // content ID // Kc // ACm via terminal 1426, interface 1424 and bus BS4.
// ACp {Kmc4} Ks2 is received (step S
370).

In memory card 110, decryption processing section 1412 decrypts the received data on bus BS4 using session key Ks2 given from session key generation section 1418, and decrypts CRL and {transaction ID //
Content ID // Kc // ACm // ACp @ Kmc
4 is received (step 372). Controller 14
20 receives the data CRL received by the decoding processing unit 1412 via the bus BS4, and according to the received data CRL, the CRL area 1415 of the memory 1415.
A is rewritten (step S374).

Steps S352, S354, S356
In steps S358 and S360, the certificate revocation list CRL stored in the memory card 110 is newer than or the same as the certificate revocation list CRL stored in the license management device 520. Step S362, S
364, S366, S368, S370, S372, S
Reference numeral 374 denotes an operation of moving the license key Kc and the like to the memory card 110 when the certificate revocation list CRL stored in the memory card 110 is older than the certificate revocation list CRL stored in the license management device 520. As described above, the certificate revocation list CRL stored in the memory card 110 is confirmed one by one, and when not updated, is updated to a newer certificate revocation list CRL. Therefore, it is possible to prevent the license from being output from the memory card 110 to another memory card whose license has been broken, a license management device, a license management module, and a content reproduction circuit.

Referring to FIG. 28, after step S360 or step S374, the encryption license @ transaction ID /
/ Content ID // Kc // ACm // ACp @ Km
The decryption processing unit 1404 uses the secret decryption key Km
c4, the license (license key K
c, the transaction ID, the content ID, the access restriction information ACm, and the reproduction restriction information ACp) are received (step S376).

As described above, the encryption keys generated respectively by the license management device and the memory card are exchanged, encryption is performed using the encryption keys received by each other, and the encrypted data is transmitted to the other party. Thereby, the mutual authentication can be effectively performed even in the transmission and reception of each encrypted data, and the security in the operation of moving the encrypted content data and the license can be improved.

The controller 510 of the personal computer 50 transmits the entry number for storing the license transferred to the memory card 110 to the reproduction terminal 100 via the USB interface 550, the terminal 580, and the USB cable 70. The controller 1106 of 100 receives the entry number via the terminal 1114, the USB interface 1112, and the bus BS3, and transmits the entry number to the memory card 110 via the bus BS3 and the memory card interface 1200 (step S378). Then, controller 1420 of memory card 110 receives the entry number via terminal 1426 and interface 1424, and stores the license (license key Kc acquired in step S376) in license area 1415B of memory 1415 specified by the received entry number. , Transaction ID, content ID, access restriction information ACm
And the playback restriction information ACp) (step S3).
80).

The controller 510 of the personal computer 50 transmits the encrypted content data {D} to be transferred to the memory card 110 including the license entry number stored in the memory 1415 of the memory card 110 and the plaintext transaction ID and content ID.
A license management file for c @ Kc and additional information Dc-inf is generated and transmitted to memory card 110 (step S382).

The controller 142 of the memory card 110
No. 0 receives the license management file via the reproduction terminal 100 and records the received license management file in the data area 1415D of the memory 1415 (Step S).
384).

[0307] Then, the controller 5220 of the license management device 520 updates the license management file corresponding to the license transferred to the memory card 110 among the licenses recorded in the memory 5215 without a license (step S386). Thereafter, the controller 510 of the personal computer 50 transmits the encrypted content data {Dc} Kc to be transferred to the memory card 110 and the additional information Dc-inf to the HDD 530.
And transmits {Dc} Kc // Dc-inf to the memory card 110 (step S390). The controller 1420 of the memory card 110
{Dc} Kc // Dc-inf is received via the bus BS4 (step S392), and {Dc} received via the bus BS4.
Kc // Dc-inf is stored in the data area 1 of the memory 1415.
415D (step S394).

Then, the personal computer 50
Controller 510 creates a playlist in which the songs moved to the memory card 110 are added.
6) The playlist and the instruction to rewrite the playlist are transmitted to the memory card 110 (step S398). The controller 1420 of the memory card 110
0 and receives the rewrite instruction via the bus BS4 (step S400).
2), the moving operation ends (step S404).

In this way, it is confirmed that the memory card 110 attached to the reproduction terminal 100 is an authorized device, and at the same time, that the public encryption key KPm3, which has been encrypted and transmitted together with the class certificate Cm3, is valid. After doing
The content data can be moved only in response to a move request to a memory card that is not listed in the class certificate list in which the class certificate Cm3 has been revoked in the certificate revocation list, that is, the class certificate list in which encryption with the public encryption key KPm3 has been broken. In addition, it is possible to prohibit movement to an unauthorized memory card and movement using a decrypted class key. Further, by using this moving operation, a user of the mobile phone 102 having no communication function with the distribution server 10 can also receive the encrypted content data and the license on the memory card via the personal computer 50, The convenience for the user is improved.

[0310] In the above, the transfer of the license from the license management device 520 of the personal computer 50 to the memory card 110 has been described.
The transfer of the license to 20 is also performed according to the flowcharts shown in FIGS. Further, it is possible to transfer a license from the memory card 110 to another memory card, and similarly, the transfer is performed according to the flowcharts shown in FIGS.

Since the personal computer 50 can move the encrypted content data and license received from the distribution server 10 to the memory card 110, only the encrypted content data and license received by the license management device 520 from the distribution server 10 by hardware are used. The license management module 511 cannot transmit the encrypted content data and the license received from the distribution server 10 by software to the memory card by the concept of “move”. The license management module 511 exchanges authentication data and an encryption key with the distribution server 10 by software at a lower security level than the license management device 520, and receives the encrypted content data and the license. The likelihood of encryption being broken in operation is higher than if encrypted content data and a license were received by the license management device 520. Accordingly, the encrypted content data and license received and managed at the lower security level are “migrated” to the memory card 110 that receives and manages the encrypted content data and license at the same security level as the license management device 520. If the security level of the memory card 110 can be freely reduced by the concept of “moving”, the encrypted content data and the license received by the license management module 511 are stored in the memory card 110 by the concept of “moving” in order to prevent this. The data cannot be transmitted to the card 110.

[0312] However, if the encrypted content data and the license with a low security level received by the license management module 511 cannot be transferred to the memory card 110 at all, it is possible to freely copy the content data while protecting the copyright. Contrary to the purpose of the data distribution system that allows the user, the convenience of the user is not improved. Therefore, the license can be transmitted to the memory card 110 by checking out the license received by the license management module 511 based on the concepts of lending (check-out) and check-in (return) described below.

[Check-out] In the data distribution system shown in FIG. The transmitting operation will be described. This operation is called “checkout”.

FIGS. 29 to 33 illustrate the data distribution system shown in FIG. 1, in which the license management module 511 transfers the encrypted content data and the license received from the distribution server 10 to the memory attached to the reproduction terminal 100 on condition that the license is returned. It is a 1st-5th flowchart for demonstrating the checkout operation | movement lent to the card 110.

Referring to FIG. 29, when a check-out request is input from keyboard 560 of personal computer 50 (step S500), license management module 511 causes authentication data $ KPm5 // Cm.
License management device 5 through bus 2
20 (step S501). In the license management device 520, the license management module 511
And the decryption processing unit 5208 decrypts the authentication data {KPm5 // Cm5} KPa using the public authentication key KPa (step S502).

[0316] The controller 5220 includes a decryption processing section 52.
08, it is determined whether or not the processing has been normally performed, that is, the license management module 511.
Is the public encryption key KP from the authorized license management module
In order to authenticate holding of the certificate m5 and the certificate Cm5, an authentication process is performed to determine whether or not an authorized organization has received authentication data encrypted for certifying its validity (step S503). ). If it is determined that the authentication data is valid, the controller 5220 approves and accepts the public encryption key KPm5 and the certificate Cm5. Then, control proceeds to the next process (step S504). If it is not valid authentication data, it is rejected and the process ends without accepting the public encryption key KPm5 and the certificate Cm5 (step S561).

[0317] As a result of the authentication, when it is recognized that the device is a legitimate device, the controller 5220 next determines whether or not the class certificate Cm5 of the license management module 511 is listed in the certificate revocation list CRL. Reference is made to the CRL area 5215A of 5215, and if these class certificates are the targets of the certificate revocation list, the distribution session is ended here (step S561).

On the other hand, if the class certificate of the license management module 511 is out of the target of the certificate revocation list, the process shifts to the next process (step S504).

[0319] As a result of the authentication, it is confirmed that the access is from the license management module 511 having the license management device having valid authentication data and that the class is out of the target of the certificate revocation list. In, the session key generator 520
8 generates a session key Ks2 (step S50).
5), the encryption processing unit 5210 encrypts the session key Ks2 with the public encryption key KPm5 and outputs encrypted data {Ks2} Km5 (step S506).

The controller 5220 transmits the encrypted data {Ks2} Km5 to the bus BS5 and the interface 522.
4 and the terminal 5226, and the license management module 511 receives the encrypted data {Ks2} Km5 via the bus BS2, decrypts the encrypted data {Ks2} Km5 with the secret decryption key Km5, and performs a session. The key Ks2 is received (step S507). And
The license management module 511 sets the session key K
s2a is generated (step S508), the session key Ks2a is encrypted with the session key Ks2, and the encrypted data {Ks2a} Ks2 is output to the license management device 520 via the bus BS2 (step S5).
09).

The controller 5220 of the license management device 520 includes a terminal 5226, an interface 522
4, and encrypted data $ Ks2 via bus BS5
Receiving b｝ Ks2a, the decryption processing unit 5212 outputs the session key K output from the session key generation unit 5208.
The encrypted data {Ks2a} Ks2 is decrypted by s2 and the session key Ks2a is received (step S51).
0). Then, the controller 5220 stores in the memory 5
From the license management file recorded in H.215, an entry number for specifying the area where the binding license is stored is obtained (step S511).

Referring to FIG. 30, the controller 5220 of the license management device 520 checks the binding license (transaction IDb, content IDb, binding key Kb, control information) stored in the area specified by the obtained entry number. ACmb, ACpb) (Step S51)
2). License management file 1522 in FIG.
When the license in the confidential information stored in is checked out, the entry number is “1”. And
Controller 5220 determines whether or not to output binding key Kb in the binding license based on control information ACmb. That is, the control information ACm
Confirm the security flag and the number limit included in b. Here, when generating the binding license,
Since the security flag is “1” indicating a low security level and the reproduction limit is unlimited, it is always determined that output is possible, and the process does not go to step S561 but goes to step S514 (step S5).
13).

However, if the license requesting a high security level distributed from the distribution server 10 to the license management device 520 is accessed by mistake, the certificate Cm obtained in step S503 is accessed.
5 prohibits the output of the license.

[0324] If it is determined in step S513 that the binding license can be output, the encryption processing unit 5
Reference numeral 206 denotes an encryption data {Kb // ACpb, which is obtained by decrypting the binding key Kb and the control information ACpb obtained through the changeover switch 5246 by the decryption processing unit 5212 and encrypting the binding key Kb and the control information ACpb with the session key Ks2a obtained through the switch 5242. ｝ Ks2a is output (step S514). Controller 5220 transmits encrypted data {Kb // ACpb} Ks2a to bus BS5,
The license management module 511 outputs via the interface 5224 and the terminal 5226, and the
2 via the encrypted data {Kb // ACpb} Ks2a
And decrypts the encrypted data {Kb // ACpb} Ks2a with the session key Ks2a to obtain the binding key Kb and the control information ACpb (step S515). Then, the license management module 51
1 is a license management device 52 via a bus BS2.
0, obtains confidential information from the license management file including the license to be checked out stored in the management file area 5215C, and decrypts the obtained confidential information with the binding key Kb to obtain the license (transaction ID, content ID, license key K
c, access restriction information ACm, reproduction restriction information ACp) and check-out information (the number of check-outs possible, and if the check-out has already been performed, the check-out transaction ID and the check-out used in the check-out of the checked-out number) A public encryption key KPmcx unique to the memory card is obtained (step S516).

Then, the license management module 5
11 checks whether the number of possible check-outs included in the acquired check-out information is larger than "0" (step S519). In step S519, if the possible number of checkouts is equal to or less than "0", checkout is prohibited, so the flow shifts to step S561, and the checkout operation ends. Step S519
In, when the number of checkouts is larger than “0”, the license management module 511 transmits a request for transmitting authentication data via the USB interface 550, the terminal 580, and the USB cable 70 (step S520). Controller 1106 of playback terminal 100
Receives the authentication data transmission request via the terminal 1114, the USB interface 1112, and the bus BS3, and transmits the received authentication data transmission request to the memory card 110 via the bus BS3 and the memory card interface 1200. Then, the memory card 11
The controller 1420 of “0” receives a request for transmitting authentication data via the terminal 1426, the interface 1424, and the bus BS4 (step S521).

Upon receiving the authentication data transmission request, controller 1420 reads authentication data {KPm3 // Cm3} KPa from authentication data holding section 1400 via bus BS4, and reads the read authentication data {KPm3 //
Cm3 @ KPa to bus BS4, interface 1424
And to the reproduction terminal 100 via the terminal 1426. Then, the controller 1106 of the playback terminal 100
Are the memory card interface 1200 and the bus B
Authentication data via S3 {KPm3 // Cm3} KPa
Received, bus BS3, USB interface 111
2, authentication data $ KPm3 // to the personal computer 50 via the terminal 1114 and the USB cable 70.
Cm3 @ KPa is transmitted (step S522).

Then, the personal computer 50
License management module 511 transmits authentication data $ K via terminal 580 and USB interface 550.
Pm3 // Cm3｝ KPa is received (step S52).
3), the received authentication data {KPm3 // Cm3}
KPa is decrypted with the authentication key KPa (step S5).
24).

Referring to FIG. 31, license management module 511 determines whether or not the processing has been normally performed based on the result of the decryption processing, that is, whether memory card 110 has a public encryption key KPm3 from an authorized memory card and a certificate. In order to authenticate that Cm3 is held, an authentication process is performed to determine whether or not an authorized institution has received authentication data encrypted for certifying its validity (step S52).
5). If it is determined that the authentication data is valid, the license management module 511 approves and accepts the public encryption key KPm3 and the certificate Cm3. Then, control proceeds to the next process (step S526). If it is not valid authentication data, it is rejected and the process ends without accepting the public encryption key KPm3 and the certificate Cm3 (step S561).

[0327] If it is recognized as a valid memory card as a result of the authentication, the license management module 511
Next inquires of the HDD 530 whether or not the class certificate Cm3 of the memory card 110 is listed in the certificate revocation list CRL. Terminates the checkout operation here (step S561).
On the other hand, if the class certificate of the memory card 110 is not included in the certificate revocation list, the process proceeds to the next processing (step S526).

[0330] As a result of the authentication, if it is confirmed that the access is from a mobile phone equipped with a memory card having valid authentication data and the class is out of the target of the certificate revocation list, the license management module 511 checks A checkout transaction ID, which is a management code for specifying the out, is generated (step S52).
7). Then, the license management module 511 generates a session key Ks2b for checkout (step S528), and encrypts the generated session key Ks2b with the public encryption key KPm3 transmitted from the memory card 110 (step S529). . Then, the license management module 511 checks out the checkout transaction I by adding the checkout transaction ID to the encrypted data {Ks2b} Km3.
D // {Ks2b} Km3 to USB interface 55
0, the terminal 580, and the USB cable 70 to the playback terminal 100 (step S530). Then, the controller 1106 of the playback terminal 100 sends the check-out transaction ID via the terminal 1114, the USB interface 1112, and the bus BS3.
// \ Ks2b \ Km3 is received and the received checkout transaction ID // Ks2b \ Km
3 is transmitted to the memory card 110 via the memory card interface 1200. Then, the memory card 11
The controller 1420 of “0” receives the transaction ID for checkout // {Ks2b} Km3 via the terminal 1426, the interface 1424, and the bus BS4 (step S531). The decryption processing unit 1422
$ Ks2 from the controller 1420 via the bus BS4
b｝ Km3 is received, and {Ks2b} Km3 is decrypted with the secret decryption key Km3 from the Km holding unit 1421, and the session key Ks2b is received (step S532).
Then, the session key generation unit 1418 generates the session key Ks2c (step S533), and the controller 1420 acquires the update date and time CRLdate of the certificate revocation list CRL from the CRL area 1415A of the memory 1415 via the bus BS4, and The acquired update date and time CRLdate is given to the changeover switch 1446 (step S534).

Then, encryption processing section 1406 sets session key Ks2c and public encryption key KPmc4 obtained by sequentially switching the terminals of changeover switch 1446.
And the update date and time CRLdate,
And encrypted data {Ks2c // KPmc4 // C
RLdate @ Ks2b is generated. Controller 14
20 is the encrypted data {Ks2c // KPmc4 // C
RLdate @ Ks2b is output to playback terminal 100 via bus BS4, interface 1424 and terminal 1426, and controller 1106 of playback terminal 100 transmits encrypted data {Ks2c // KPmc4 // CRLdate @ Ks via memory card interface 1200.
Receive 2b. Then, the controller 1106
B interface 1112, terminal 1114, and US
The data is transmitted to the personal computer 50 via the B cable 70 (step S535).

The license management module 511 of the personal computer 50 transmits the encrypted data $ Ks2c // via the terminal 580 and the USB interface 550.
KPmc4 // CRLdate @ Ks2b is received (step S536), and the received encrypted data @ Ks2
c // KPmc4 // CRLdate @ Ks2b is decrypted by the session key Ks2b, and the session key K
s2c, public encryption key KPmc4, and update date and time CRLd
ate is received (step S537). Then, the license management module 511 sets the move flag to prohibit the transfer of the license from the memory card mounted on the reproduction terminal 100 to another memory card or the like (=
The check-out access restriction information ACm of 1) is generated (step S538). No limit on the number of views (= 2
55), the security flag is controlled by software (=
1).

Referring to FIG. 32, license management module 511 encrypts the license with public encryption key KPmc4 unique to memory card 110 received in step S537, and encrypts the license data {transaction ID for checkout / content ID. // Kc /
/ ACm for checkout // ACp @ Kmc4 is generated (step S539). Then, the memory card 11
Update date / time CRLd of certificate revocation list sent from 0
H managed by the license management module 511
By comparing the update date and time of the certificate revocation list recorded in the DD 530, the certificate revocation list CRL stored in the memory card 110 and the license management module 51 are compared.
It is determined which one of the certificate revocation lists CRL managed by No. 1 is newer, and when it is determined that the certificate revocation list CRL stored in the memory card 110 is newer, the process proceeds to step S541. If the certificate revocation list CRL managed by the license management module 511 is new, the process moves to step S544 (step S540).

When the certificate revocation list CRL stored in the memory card 110 is determined to be new, the license management module 511 sends the encrypted data {checkout transaction ID // content ID // Kc
// Encrypt ACm for checkout // ACp @ Kmc4 with session key Ks2c and encrypt data @ transaction ID for checkout // content ID // Kc // ACm // for checkout
ACp @ Kmc4 @ Ks2c to USB interface 5
The data is transmitted to the reproduction terminal 100 via the terminal 50, the terminal 580, and the USB cable 70 (step S541).

[0335] Controller 1106 of playback terminal 100
Is the encrypted data via the terminal 1114, the USB interface 1112, and the bus BS3.
// ACm for checkout // ACp {Kmc4} K
s2c, and the received encrypted data {checkout transaction ID // content ID /
/ Kc // ACm // ACp @ Kmc for checkout
4 @ Ks2c is transmitted to the memory card 110 via the bus BS3 and the memory card interface 1200. Then, the controller 142 of the memory card 110
0 is the terminal 1426, the terminal 1424, and the bus BS4.
(Step S542), the encrypted data {checkout transaction ID // content ID // Kc // checkout ACm // ACp {Kmc4} Ks2c is received.

The decryption processing unit 1412 of the memory card 110
Is the encrypted data {checkout transaction ID // content ID // Kc // checkout ACm // ACp {Kmc4} Ks2c through the bus BS4.
And decrypted by the session key Ks2c generated by the session key generation unit 1418,
ト ラ ン ザ ク シ ョ ン Transaction ID for Checkout // Content ID // Kc // ACm // AC for Checkout
p｝ Kmc4 is received (step S543). Thereafter, the flow shifts to step S549 shown in FIG.

On the other hand, if it is determined in step S540 that the certificate revocation list CRL managed by the license management module 511 is new, the license management module 511 sends the latest certificate revocation list CRL for the license management module from the HDD 530. It is acquired (step S544).

The license management module 511
Is the transaction ID for checkout // content ID // Kc // ACm // A for checkout
Cp @ Kmc4 and the data CRL of the certificate revocation list acquired from the HDD 530 are encrypted with the session key Ks2c, and the encrypted data {CRL //} checkout transaction ID // content ID
// Kc // ACm for checkout // ACp @ Km
c4 @ Ks2c to USB interface 550, terminal 5
Playback terminal 100 via USB cable 80 and USB cable 70
(Step S545). The controller 1106 of the playback terminal 100 transmits the encrypted data {CRL //} checkout transaction I via the terminal 1114, the USB interface 1112, and the bus BS3.
D // Content ID // Kc // A for Checkout
Cm // ACp {Kmc4} Ks2c is received, and the received encrypted data {CRL /// checkout transaction ID // content ID // Kc // checkout ACm // ACp {Kmc4} Ks2c
To the bus BS3 and the memory card interface 120.
0 to the memory card 110. Then, the controller 1420 of the memory card 110 communicates with the terminal 1426, the interface 1424, and the bus BS.
4, the encrypted data {CRL //} transaction ID for checkout // content ID // Kc /
/ Checkout ACm // ACp @ Kmc4 @ Ks
2c is received (step S546).

In memory card 110, decryption processing section 1412 decrypts the received data on bus BS4 using session key Ks2c given from session key generation section 1418, and decrypts the CRL and the {transaction ID for checkout / contents}. ID // Kc // ACm // ACp @ Kmc4 for checkout is received (step 547). The controller 1420 transmits the data CRL received by the decryption processing unit 1412 to the bus B
The data is received via S4, and the CRL area 1415A of the memory 1415 is rewritten with the received data CRL (step S548).

Steps S541, S542, S543
Is a check-out operation of the license key Kc and the like to the memory card 110 when the certificate revocation list stored in the memory card 110 is newer or the same as the certificate revocation list CRL managed by the license management module 511. , Steps S544, S545, S546,
In steps S547 and S548, the certificate revocation list stored in the memory card 110 is stored in the license management module 511.
Is a check-out operation of the license key Kc and the like to the memory card 110 when the certificate revocation list is older than the certificate revocation list CRL managed by. In this way, the certificate revocation list CRL sent from the memory card 110 is checked one by one, and when a newer certificate revocation list is managed by the license management module 511, the certificate revocation list CRL is obtained from the HDD 530. Then, by transmitting the data CRL to the memory card 110, a newer certificate revocation list CRL is stored in the memory card. In this way, it is possible to prevent the sense key Kc stored in the memory card 110 from being output to the device whose license has been broken.

Referring to FIG. 33, after step S543 or step S548, an encryption license {checkout transaction ID // content ID // Kc // checkout ACm // ACp} is instructed by controller 1420. Kmc4 is decrypted by decryption processing section 1404 using secret decryption key Kmc4, and a license (license key Kc, checkout transaction ID, content ID, checkout ACm, and reproduction restriction information ACp) is received (step S549). . And the controller 1420
Is the accepted transaction ID for checkout,
The content ID, the license key Kc, the check-out ACm, and the reproduction restriction information ACp are recorded in the license area 1415B of the memory 1415 via the bus BS4 (Step S550).

As described above, the encryption key generated by the license management module and the memory card are exchanged, encryption is performed using the encryption key received by each other, and the encrypted data is transmitted to the other party. Accordingly, mutual authentication can be effectively performed even in the transmission and reception of each encrypted data, and the security in the check-out operation of the encrypted content data and the license can be improved.

The license management module 511 of the personal computer 50 subtracts 1 from the number that can be checked out (step S551), and
The checkout information is updated by adding the checkout transaction ID and the public encryption key KPmc4 unique to the checkout destination memory card, and the updated checkout information and the license (transaction I
D, the content ID, the license key Kc, the access restriction information ACm, and the reproduction restriction information ACp) are encrypted with the binding key Kb to update the confidential information. Then, the license management module 511 transmits the updated confidential information to the license management device 520 (Step S552). The controller 5220 of the license management device 520 receives the updated confidential information via the terminal 5226, the interface 5224, and the bus BS5, and updates and records the confidential information in the license management file with the received confidential information (step). S553).

The license management module 511 of the personal computer 50 checks the encrypted content data {Dc} to be checked out to the memory card 110.
Kc and additional information Dc-inf are obtained from HDD 530, and {Dc} Kc // Dc-inf is stored in memory card 11
0 (step S554). Memory card 11
0 controller 1420 receives {Dc} Kc // Dc-inf via the reproduction terminal 100 (step S5).
55) {Dc} Kc // received via bus BS4
Dc-inf is stored in the data area 1415D of the memory 1415.
(Step S556).

Then, the personal computer 50
License management module 511 of the memory card 1
Then, a playlist in which the tune checked out to 10 is added is created (step S557), and the playlist and a playlist rewriting instruction are transmitted to the memory card 110 (step S558). Controller 1 of memory card 110
420 receives the playlist and the rewrite instruction via the playback terminal 100 (step S559), rewrites the playlist in the memory 1415 via the bus BS4 to the received playlist (step S560), and ends the checkout operation. (Step S561).

In this way, it is confirmed that the memory card 110 attached to the reproduction terminal 100 is a legitimate device, and that the public encryption key KPm3 encrypted and transmitted together with the class certificate Cm3 is valid. After doing
Checking out content data only in response to a check-out request to a memory card whose class certificate Cm3 is not listed in a certificate revocation list, that is, a class certificate list in which encryption with the public encryption key KPm3 has been broken. It is possible to prohibit checkout to an unauthorized memory card and checkout using a decrypted class key. Further, it is possible to prevent the license key from being provided from the checkout destination memory card 110 to the content reproduction circuit having the decrypted class key. The details of the reproduction will be described later.

By using this check-out operation, the user of the reproduction terminal 100 having no communication function with the distribution server 10 can also receive the encrypted content data and the license received by the personal computer 50 by software on the memory card. User convenience is improved.

[Check-in] In the data distribution system shown in FIG. 1, the operation of returning the encrypted content data and license checked out from the license management module 511 of the personal computer 50 to the memory card 110 to the license management module 511 will be described. . This operation is called “check-in”.

FIGS. 34 to 37 show the state of the memory card 11 by the checkout operation described with reference to FIGS.
10 is a first to fourth flowchart for explaining a check-in operation for returning the encrypted content data and the license lent to 0.

Referring to FIG. 34, when a check-in request is input from keyboard 560 of personal computer 50 (step S600), license management module 511 causes authentication data $ KPm5 // Cm.
License management device 5 through bus 2
20 (step S601). In the license management device 520, the license management module 511
And the decryption processing unit 5208 decrypts the authentication data {KPm5 // Cm5} KPa using the public authentication key KPa (step S602).

[0351] The controller 5220 includes a decryption processing section 52.
08, it is determined whether or not the processing has been normally performed, that is, the license management module 511.
Is the public encryption key KP from the authorized license management module
In order to authenticate the holding of the certificate m5 and the certificate Cm5, an authentication process is performed to determine whether or not an authorized organization has received authentication data encrypted to prove its validity (step S603). ). If it is determined that the authentication data is valid, the controller 5220 approves and accepts the public encryption key KPm5 and the certificate Cm5. Then, control proceeds to the next process (step S604). If it is not valid authentication data, it is rejected and the process ends without accepting the public encryption key KPm5 and the certificate Cm5 (step S652).

[0352] If it is recognized as a result of the authentication that the device is a legitimate device, the controller 5220 then determines whether the class certificate Cm5 of the license management module 511 is listed in the certificate revocation list CRL. Reference is made to the CRL area 5215A of 5215, and if these class certificates are the targets of the certificate revocation list, the distribution session is ended here (step S652).

On the other hand, if the class certificate of the license management module 511 is out of the target of the certificate revocation list, the process shifts to the next process (step S604).

As a result of the authentication, it is confirmed that the access is from the license management module 511 having a license management device having valid authentication data and that the class is out of the target of the certificate revocation list. In, the session key generator 520
8 generates a session key Ks2 (step S60).
5), the encryption processing unit 5210 encrypts the session key Ks2 with the public encryption key KPm5 and outputs encrypted data {Ks2} Km5 (step S606).

The controller 5220 transmits the encrypted data {Ks2} Km5 to the bus BS5 and the interface 522.
4 and the terminal 5226, and the license management module 511 receives the encrypted data {Ks2} Km5 via the bus BS2, decrypts the encrypted data {Ks2} Km5 with the secret decryption key Km5, and performs a session. The key Ks2 is received (step S607). And
The license management module 511 sets the session key K
s2a is generated (step S608), the session key Ks2a is encrypted with the session key Ks2, and the encrypted data {Ks2a} Ks2 is output to the license management device 520 via the bus BS2 (step S6).
09).

The controller 5220 of the license management device 520 has a terminal 5226, an interface 522
4, and encrypted data $ Ks2 via bus BS5
Receiving b｝ Ks2a, the decryption processing unit 5212 outputs the session key K output from the session key generation unit 5208.
Decrypt the encrypted data {Ks2a} Ks2 by s2 and accept the session key Ks2a (step S61).
0). Then, the controller 5220 includes the memory 521
From the license management file recorded in No. 5, an entry number for specifying an area where the binding license is stored is obtained (step S611).

Referring to FIG. 35, controller 5220 of license management device 520 transmits the binding license (transaction ID) stored in the area designated by the obtained entry number “0”.
b, content IDb, binding key Kb, and control information ACmb, ACpb) (Step S)
612). Then, the controller 5220 determines whether or not the binding license is valid based on the control information ACmb. If the binding license is not valid, the process proceeds to step S652, and the distribution session ends. On the other hand, if the binding license is valid, the process moves to step S614 (step S613).

If it is determined in step S613 that the binding license is valid, the encryption processing unit 520
6, the decryption processing unit 5 converts the binding key Kb and control information ACpb acquired through the changeover switch 5246
The encrypted data {Kb // ACpb} Ks2a is output by encrypting with the session key Ks2a decrypted by the switch 212 and acquired via the switch 5242 (step S614). Controller 5220 outputs encrypted data {Kb // ACpb} Ks2a via bus BS5, interface 5224, and terminal 5226, and license management module 511 outputs encrypted data {Kb // ACpb} via bus BS2. Ks2a is received, and encrypted data {Kb // ACpb} Ks2a is decrypted with session key Ks2a to obtain binding key Kb and control information ACpb (step S615). Then, the license management module 511
Communicates with the license management device 520 via the bus BS2.
Confidential information is acquired from the license management file including the license to be checked in stored in the management file area 5215C, and the acquired confidential information is decrypted with the binding key Kb to obtain the license (transaction ID, content ID, license key Kc , Access-restriction information ACm, reproduction-restriction information ACp) and check-out information (the number of possible check-outs, the check-out transaction ID used at the time of check-out, and the public encryption key KPmcx unique to the check-out destination memory card). (Step S616). Then, the license management module 511 sends the authentication data transmission request to the USB interface 550 and the terminal 58.
0 and the playback terminal 100 via the USB cable 70
(Step S618).

Then, the controller 1106 of the reproduction terminal 100 connects the terminal 1114 and the USB interface 1
A request for transmitting authentication data is received via 112 and bus BS3, and a transmission request for authentication data is transmitted to memory card 110 via bus BS3 and memory card interface 1200. Then, the controller 1420 of the memory card 110 receives the authentication data transmission request via the terminal 1426, the interface 1424, and the bus BS4 (Step S619).

When controller 1420 receives the request to transmit the authentication data, controller 1420 reads authentication data {KPm3 // Cm3} KPa from authentication data holding section 1400 via bus BS4, and reads the read authentication data {KPm3 //
Cm3 @ KPa to bus BS4, interface 1424
And to the reproduction terminal 100 via the terminal 1426. Then, the controller 1106 of the playback terminal 100
Are the memory card interface 1200 and the bus B
Authentication data via S3 {KPm3 // Cm3} KPa
Received, bus BS3, USB interface 111
2, authentication data $ KPm3 // to the personal computer 50 via the terminal 1114 and the USB cable 70.
Cm3 @ KPa is transmitted (step S620).

The license management module 511 of the personal computer 50 transmits the authentication data $ KPm3 // C via the terminal 580 and the USB interface 550.
m3 @ KPa is received (step S621), and the received authentication data {KPm3 // Cm3} KPa is decrypted with the authentication key KPa (step S622). Then, the license management module 511 authenticates from the decryption processing result whether or not the processing has been normally performed, that is, that the memory card 110 holds the public encryption key KPm3 and the certificate Cm3 from the authorized memory card. In order to do so, authentication processing is performed to determine whether or not an authorized organization has received authentication data that has been encrypted to prove its validity (step S623). If it is determined that the authentication data is valid, the license management module 511
Approves the public encryption key KPm3 and the certificate Cm3,
Accept. Then, control goes to the next process (step S624). If it is not valid authentication data, it is rejected, and the process ends without accepting the public encryption key KPm3 and the certificate Cm3 (step S652). As a result of the authentication, when it is recognized that the memory card is a legitimate memory card, the license management module 511 generates a dummy transaction ID (step S624).

Referring to FIG. 36, the license management module 511 checks the session key Ks2 for check-in.
b is generated (step S625). Then, the license management module 511 sends the generated session key K
s2b is the public encryption key K received from the memory card 110
Encrypted with Pm3, encrypted data {Ks2b} K
m3 is generated (step S626), and the encrypted data $ K is generated.
Dummy transaction ID obtained by adding a dummy transaction ID to s2b ¥ Km3 /// {Ks2b} Km3
To the USB interface 550, terminal 580, and U
The data is transmitted to the reproduction terminal 100 via the SB cable 70 (step S627). The controller 1106 of the playback terminal 100 includes a terminal 1114, a USB interface 11
12, and dummy transaction I via BS3
D / {Ks2b} Km3 is received, and the received dummy transaction ID // {Ks2b} Km3 is transmitted to memory card 110 via memory card interface 1200. The controller 1420 of the memory card 110 includes a terminal 1426, an interface 1
424 and the bus BS4 to receive the dummy transaction ID // {Ks2b} Km3 (Step S)
628). The decryption processing unit 1422 includes a controller 142
0, via the bus BS4, receives {Ks2b} Km3, decrypts {Ks2b} Km3 with the secret decryption key Km3 from the Km holding unit 1421, and decrypts the session key Ks2.
b is received (step S629). Then, the session key generation unit 1418 generates a session key Ks2c (step S630), and the controller 1420
CRL area 141 of memory 1415 via bus BS4
Update date and time CRLda of certificate revocation list CRL from 5A
te is acquired, and the acquired update date and time CRLdate is given to the changeover switch 1446 (step S631).

Then, encryption processing section 1406 sets session key Ks2c and public encryption key KPmc4 obtained by sequentially switching the terminals of changeover switch 1446.
And the update date and time CRLdate,
And encrypted by the session key Ks2b obtained via the terminal Pa of the changeover switch 1442, and the encrypted data {Ks2c // KPmc4 // CRL
date @ Ks2b is generated. Controller 1420
Is the encrypted data $ Ks2c // KPmc4 // CRL
data @ Ks2b to bus BS4, interface 14
24 and the terminal 1426 to the playback terminal 100, and the controller 1106 of the playback terminal 100 transmits the encrypted data {Ks2c // KPmc4 // CRLdate} Ks2 via the memory card interface 1200.
Receive b. Then, the controller 1106 outputs the encrypted data {Ks2c // KPmc4 // CRLdate}.
Ks2b to USB interface 1112, terminal 111
4, and transmitted to the personal computer 50 via the USB cable 70 (step S632).

[0364] The license management module 511 of the personal computer 50 transmits the encrypted data $ Ks2c // via the terminal 580 and the USB interface 550.
KPmc4 // CRLdate @ Ks2b is received (step S633), and the received encrypted data @ Ks2 is received.
c // KPmc4 // CRLdate @ Ks2b is decrypted by the session key Ks2b, and the session key K
s2c, public encryption key KPmc4, and update date and time CRLd
ate is received (step S634).

Then, the license management module 5
11, the received public encryption key KPmc4 is stored in step S6.
It is confirmed whether or not it is the same as the public encryption key KPmcx unique to the checkout destination memory card obtained in step 16 (step S635).

The received public encryption key KPmc4 is included in the updated checkout information when checking out the encrypted content data and the license (see step S552 in FIG. 33). Therefore, the check-out destination memory card checked out at the time of check-in based on whether the public encryption key KPmc4 corresponding to the check-out destination of the encrypted content data or the like matches the public encryption key KPmcx included in the check-out information. Can be easily specified.

[0367] In step S635, public encryption key K
When Pmc4 does not match the public encryption key KPmcx unique to the checkout destination memory card, the check-in operation ends (step S652). In step S635, when the public encryption key KPmc4 matches the public encryption key KPmcx unique to the check-out destination memory card, the license management module 511 sets the dummy transaction ID, the dummy content ID, the dummy license key Kc, and the dummy access restriction information ACm. , And dummy reproduction restriction information ACp using a public encryption key KPmc4, and
D // Dummy content ID // Dummy license key K
c // Dummy access restriction information ACm // Dummy reproduction restriction information ACp @ Kmc4 is generated (step S63).
6).

The license management module 511 determines the encrypted data {dummy transaction ID // dummy content ID // dummy license key Kc // dummy access restriction information ACm // dummy reproduction restriction information ACp @ K
mc4 is encrypted with the session key Ks2c, and the encrypted data @ dummy transaction ID //
Dummy content ID // Dummy license key Kc //
Dummy access restriction information ACm // Dummy reproduction restriction information ACp {Kmc4} Ks2c is generated and the generated encrypted data {Dummy transaction ID // Dummy content ID // Dummy license key Kc // Dummy access restriction information ACm / / Dummy playback restriction information AC
p｝ Kmc4｝ Ks2c to USB interface 55
0, the terminal 580, and the USB cable 70 to the playback terminal 100 (step S637).

[0369] Controller 1106 of playback terminal 100
Is transmitted via terminal 1114, USB interface 1112, and bus BS3.
The dummy reproduction restriction information ACp {Kmc4} Ks2c is received. The controller 1106 receives the encrypted data {dummy transaction ID // dummy content ID // dummy license key Kc // dummy access restriction information ACm // dummy reproduction restriction information ACp @ Kmc
4 @ Ks2c is transmitted to the memory card 110 via the bus BS3 and the memory card interface 1200. Then, the controller 142 of the memory card 110
0 is the terminal 1426, the terminal 1424, and the bus BS4.
{Dummy transaction ID // Dummy content ID // Dummy license key Kc // Dummy access restriction information ACm // Dummy reproduction restriction information ACp}
Kmc4 @ Ks2c is received (step S638).

Referring to FIG. 37, the decryption processing unit 1412 of the memory card 110
D // Dummy content ID // Dummy license key K
c // Dummy access restriction information ACm // Dummy reproduction restriction information ACp {Kmc4} Ks2c is received via the bus BS4, decrypted by the session key Ks2c generated by the session key generation unit 1418, and {dummy transaction ID // dummy}. Content ID //
Dummy license key Kc // dummy access restriction information A
Cm // Dummy reproduction restriction information ACp @ Kmc4 is received (step S639). Then, the decryption processing unit 1404
Is the encrypted data @ dummy transaction ID // dummy content ID // dummy license key Kc // dummy access restriction information ACm // dummy reproduction restriction information A
Cp @ Kmc4 is received from the decryption processing unit 1412, and the received encrypted data @ dummy transaction ID /
/ Dummy content ID // dummy license key Kc /
/ Dummy access restriction information ACm // Dummy reproduction restriction information ACp @ Kmc4 is decrypted with the secret decryption key Kmc4 from the Kmc holding unit 1402, and the dummy transaction ID, the dummy content ID, and the dummy license key K are decrypted.
c, the dummy access restriction information ACm and the dummy reproduction restriction information ACp are received (step S640). Then, the controller 1420 sends the dummy transaction ID, the dummy content ID, the dummy license key Kc, the dummy access restriction information ACm,
And the dummy reproduction restriction information ACp is recorded in the license area 1415C of the memory 1415 (step S64).
1). Thus, the dummy transaction ID, the dummy content ID, the dummy license key Kc, the dummy access restriction information ACm, and the dummy reproduction restriction information ACp
Is recorded, the license checked out to the memory card 110 can be erased.

After that, the license management module 511 of the personal computer 50 increases the number of check-outs in the check-out information by one, and checks out the transaction ID for check-out recorded when the checked-in license is ticked out, and the check-out. The checkout information is updated by deleting the individual public key KPmc4 of the previous memory card (step S64)
2). Then, the license management module 511 updates the confidential information by encrypting the license (transaction ID, content ID, license key Kc, access restriction information ACm, and reproduction restriction information ACp) and the updated checkout information with the binding key Kb. Replace the confidential information with the updated confidential information,
Update the license management file. Then, the updated license management file is stored in the license management device 52.
0 (step S643). The controller 5220 of the license management device 520 has a terminal 622
6, the updated license management file is received via the interface 5224, and the bus BS5, and the received license management file is used to update and record the license management file storing the checked-in license in the management file area 5215C. (Step S644).

Then, the license management module 5
The USB interface 550, the terminal 580, and the USB cable 70 issue a deletion instruction for deleting the encrypted content data {Dc} Kc and the additional information Dc-inf.
(Step S64)
5). The controller 1106 of the playback terminal 100 receives the instruction to delete the encrypted content data {Dc} Kc and the additional information Dc-inf via the terminal 1114, the USB interface 1112, and the bus BS3, and
The memory card 110 issues an instruction to delete the encrypted content data {Dc} Kc and the additional information Dc-inf received via S3 and the memory card interface 1200.
Output to Then, the controller 1420 of the memory card 110 communicates with the terminal 1426 and the interface 14
24 and an instruction to delete the encrypted content data {Dc} Kc and the additional information Dc-inf via the bus BS4 (step S646). Then, the controller 1420 deletes the encrypted content data {Dc} Kc and the additional information Dc-inf recorded in the data area 1415D of the memory 1415 via the bus BS4 (Step S647).

The license management module 511 of the personal computer 50 creates a play list from which the checked-in music has been deleted (step S648), and sends the play list and the instruction to rewrite the play list to the memory card 110.
(Step S649). Memory card 110
The controller 1420 receives the playlist and the rewrite instruction via the playback terminal 100 (step S650),
The playlist in the memory 1415 is rewritten to the received playlist via the bus BS4 (step S651), and the check-in operation ends (step S652).

As described above, by receiving the encrypted content data and the license from the other party who has checked out the encrypted content data and the license, the encrypted content data and the license having a lower security level are successively changed to the security level. It is possible to prevent the security level of the memory card from being lowered by copying to a memory card with high security and to prevent unauthorized copying.

FIG. 38 shows the memory 1 of the memory card 110.
415 shows a playlist file 160 recorded in a data area 1415D. The playlist file 160 contains the content files 1611 to 1611.
1n and license management files 1621 to 162n. The content files 1611 to 161n are
The file name of the received encrypted content data {Dc} Kc and the additional information Dc-inf is recorded. The license management files 1621 to 162n are respectively
It is recorded corresponding to the content files 1611 to 161n.

When the memory card 110 receives the encrypted content data and the license from the personal computer 50 in the “checkout session”, the memory card 110 records the encrypted content data and the license in the memory 1415. That is, the memory card 110
The license of the encrypted content data received and managed by the license management module 511 of the personal computer 50 by the software is the same as the license of the encrypted content data received and managed by the license management device 520. Management (meaning high security level).

Therefore, the personal computer 50
The license of the encrypted content data with high security level received by the license management device 520 and transmitted to the memory card 110 by the mobile session, and received by the license management module 511, and by the checkout session. The license of the encrypted content data having the low security level transmitted to the memory 1415 is recorded in the area of the memory 1415 specified by the entry number of the license area 1415C. Then, by reading the license management file of the playlist file 160 recorded in the data area 1415D of the memory 1415, the entry number can be obtained, and the license corresponding to the obtained entry number is stored in the license area 141.
5C.

[0378] The license management file 1622 indicates "no license", which corresponds to, for example, a case where the reproduction terminal 100 receives only encrypted content data from another mobile phone. Means that there is no license for playing back the encrypted content data, although it exists in the memory 1415.

[Move 2] In the data distribution system shown in FIG. 1, the operation of moving the encrypted content data and license acquired by the license management module 511 of the personal computer 50 to the personal computer 80 will be described. This movement is referred to as [movement 2] (also referred to as "inter-host movement"). The personal computer 80 is a personal computer 5
0 has the same configuration as that of FIG. Also,
A license management module 511 and a license management device 520 that constitute the personal computer 50;
The license management module and the license management device constituting the personal computer 80 for distinguishing the license management module and the license management device constituting the personal computer 80 are referred to as a license management module 811 and a license management device 820, respectively.

FIGS. 39 to 42 show a first example for explaining the transfer of the encrypted content data and the license acquired by the license management module 511 or the license management module 520 to the personal computer 80.
It is a 4th flowchart.

Referring to FIG. 39, when a request to move the acquired license between hosts is input via keyboard 560 (step S800), license management module 511 sends a request to transmit authentication data to communication cable 90. (Step S801). Then, the license management module 811 of the personal computer 80 receives the authentication data transmission request (step S802), and inputs an authentication data output instruction to the license management device 820 via the bus BS2 (step S802a).
Controller 5220 of license management device 820
Receives authentication data output instruction via terminal 5226, interface 5224, and bus BS5, reads authentication data {Kpm7 // Cm7} KPa from authentication data holding unit 5200 via bus BS5, and reads bus BS
5, and outputs authentication data {Kpm7 // Cm7} KPa through interface 5224 and terminal 5226 (step S803). Then, the license management module 811 checks the authentication data {Kpm7 // Cm7} K
Pa is received via bus BS2, and authentication data {Kpm7 // Cm7} KPa is transmitted to personal computer 50 via communication cable 90 (step S80).
4).

Then, the personal computer 50
The license management module 511 of the
pm7 // Cm7 @ KPa is transmitted to the license management device 520 via the bus BS2 (step S80).
5). Controller 522 of license device 520
0 is the authentication data {Kpm7 // Cm7} via the terminal 5226, the interface 5224, and the bus BS5.
Receiving KPa, decryption processing section 5208 decrypts authentication data {Kpm7 // Cm7} KPa using public authentication key KPa (step S806).

[0383] The controller 5220 is
Based on the result of the decryption processing at step 08, it is verified whether the processing has been normally performed, that is, whether the license management device 820 of the personal computer 80 holds the public encryption key KPm7 and the certificate Cm7 from the authorized license management device. In order to do so, an authentication process is performed to determine whether or not an authorized organization has received authentication data encrypted to prove its validity (step S807).
If it is determined that the authentication data is valid, the controller 5220 determines whether the public encryption key KPm7 and the certificate Cm7
Approve and accept. Then, the next processing (step S8)
08). If it is not valid authentication data,
The process is not approved and the process ends without accepting the public encryption key KPm7 and the certificate Cm7 (step S854).

[0384] As a result of the authentication, when it is recognized that the device is a legitimate device, the controller 5220 next determines whether or not the class certificate Cm7 of the license management device is listed in the certificate revocation list CRL.
Inquiry is made to the CRL area 5215A of No. 15 and if these class certificates are the targets of the certificate revocation list, the distribution session is ended here (step S85).
4).

On the other hand, if the class certificate of the license management device 820 is out of the target of the certificate revocation list, the process moves to the next processing (step S808).

As a result of the authentication, it is confirmed that the access is from a personal computer having a license management device having valid authentication data, and that the class is out of the target of the certificate revocation list. The session key generation unit 5218 generates a session key Ks2 for movement between hosts (Step S809). Then, the encryption processing unit 5210
Encrypts the session key Ks2 with the public encryption key KPm7 corresponding to the license management device 820 obtained by the decryption processing unit 5208, and generates encrypted data {Ks2} Km7. Controller 5220
Outputs the encrypted data {Ks2} Km7 via the bus BS5, the interface 5224, and the terminal 5226 (step S810). Controller 5220 is
The transaction ID is obtained from the license management file in the memory 5215 (step S811).

Referring to FIG. 40, license management module 511 transmits encrypted data {Ks2} Km7 and transaction ID received from license management device 520 to personal computer 80 via communication cable 90 (step S812). ). License management module 811 of personal computer 80
Receives the transaction ID // {Ks2} Km7 (step S813), and receives the encrypted data {Ks2} Km
7 through the bus BS2 to the license management device 820.
(Step S814).

The decryption processing unit 5222 of the license management device 820 decrypts the encrypted data {Ks2} Km7 using the secret decryption key Km7 and receives the session key Ks2 (step S815). Controller 5220
Controls the session key generation unit 5208 to generate a session key in response to the reception of the session key Ks2. Then, the session key generation unit 5208 generates a session key Ks2a (step S816),
Controller 5220 communicates with memory 5 via bus BS5.
215 CRL area 5215A to certificate revocation list C
The RL update date and time CRLdate is acquired and given to the changeover switch 5246 (step S817). Then, the encryption processing unit 5206 receives the session key Ks2a, the public encryption key KPmc9, and the update date and time CRLdate obtained by sequentially switching the changeover switch 5246, and outputs the session key Ks received by the decryption processing unit 5222 to the session key Ks.
encrypted data {Ks2a // K
Generate pmc9 // CRLdate @ Ks2. Then, controller 5220 transmits encrypted data {Ks2a // Kpmc9 // CRLdate} Ks via bus BS5, interface 5224, and terminal 5226.
2 is output (step S818). The license management module 811 stores the encrypted data {Ks2a // Kpm
c9 // CRLdate @ Ks2 is received via bus BS2, and the received encrypted data {Ks2a // Kp
mc9 // CRLdate @ Ks2 to communication cable 90
Is transmitted to the personal computer 80 via the PC (step S819).

Then, the personal computer 50
License management module 511 of encrypted data {Ks2a // Kpmc9 // CRLdate} Ks2
(Step S820), and the encrypted data {Ks2a // Kpmc9 // CRLdat is received via the bus BS2.
e @ Ks2 is input to the license management device 520 (step S821). License management device 520
Of the encrypted data {Ks2a // Kpmc9 // CRLdate} Ks2 via terminal 5226, interface 5224, and bus BS5.
And the decryption processing unit 5212 sends the encrypted data {Ks2
a // Kpmc9 // CRLdate @ Ks2. The decryption processing unit 5212 outputs the encrypted data {Ks2a /
/ Kpmc9 // CRLdate @ Ks2 is decrypted by the session key Ks2 to obtain the session key Ks2a,
Public encryption key Kpmc9 and update date and time CRLdate
Is received (step S822).

[0390] Then, the controller 5220 reads the license management file 1521 recorded in the memory 5215.
The license management file relating to the license to be moved is referred to from among the license numbers of the licenses to be transferred, and an entry number storing the license to be transferred is acquired (step S823), and the license stored in the area designated by the acquired entry number (step S823). Transaction ID, content ID, license key Kc, access restriction information ACm,
And the playback restriction information ACp) (step S82).
4). This license may be a binding license. Then, the controller 5220 determines whether the license transfer and the reproduction are possible based on the read access restriction information ACm (Step S82).
5). When it is determined based on the access restriction information ACm that movement and reproduction of the license are prohibited,
The process moves to step S854, and the mobile session ends. If it is determined based on the access restriction information ACm that the movement and reproduction of the license are permitted, the flow shifts to the next step S826 in FIG. 41 (step S825).

Referring to FIG. 41, when it is determined in step S825 that the movement and reproduction of the license are permitted, the encryption processing unit 5217 causes the decryption processing unit 52
12, the transaction ID, the content ID, the license key Kc, and the access restriction information AC
m and the reproduction restriction information ACp by using the public encryption key Kpmc9.
And encrypted data @ transaction I
D // content ID // Kc // ACm // reproduction restriction information ACp @ Kmc9 is generated (step S82).
6). Then, the controller 5220 determines that the update date and time CR
Which of the certificate revocation list CRL stored in the license management device 820 of the destination personal computer 80 and the certificate revocation list CRL stored in the license management device 520 of the source personal computer 50 is based on the Ldate. It is determined whether the certificate revocation list CRL stored in the license management device 820 of the destination personal computer 80 is new or the same.
The process moves to step S828. When it is determined that the certificate revocation list CRL stored in the license management device 820 of the personal computer 80 of the transfer destination is old, the process proceeds to step S835 (step S8).
27).

When the certificate revocation list CRL stored in the license management device 820 of the destination personal computer 80 is determined to be new or the same, the encryption processing unit 5206 generates the certificate revocation list CRL generated by the encryption processing unit 5217. Encrypted data @ transaction ID //
Content ID // Kc // ACm // reproduction restriction information A
Cp @ Kmc9 is obtained through the terminal Pc of the changeover switch 5246, encryption is performed by the session key Ks2a obtained through the terminal Pd of the changeover switch 5246, and the encrypted data {transaction ID // content ID>
// Kc // ACm // ACp {Kmc9} Ks2a is generated. Then, the controller 5220 determines that the encrypted data {transaction ID // content ID //
Kc // ACm // ACp {Kmc9} Ks2a is connected to bus BS5, interface 5224, and terminal 5226.
(Step S828). Thereafter, the controller 5220 determines whether or not the license can be copied based on the access restriction information ACm. If the license can be copied, the process proceeds to step S831, and if the license cannot be copied, the process proceeds to step S830. Move to. If it is determined in step S829 that the license cannot be copied, the controller 5220 determines the license area 5 in the memory 5215 based on the entry number.
The license stored in 215B is deleted (step S830).

If it is determined in step S829 that the license can be copied, or
After 830, the license management module 511 sends the encrypted data encrypted data {transaction ID // content ID // Kc // ACm // ACp} Kmc.
9Ks2a is transmitted to the personal computer 80 via the communication cable 90 (step S831).

[0394] The license management module 811 of the personal computer 80 determines whether the encrypted data {transaction ID // content ID // Kc // ACm //
ACp {Kmc9} Ks2a is received (step S83).
2), encrypted data via the bus BS2 {transaction ID // content ID // Kc // ACm //
ACp {Kmc9} Ks2a is input to the license management device 820 (step S833). The controller 5220 of the license management device 820
26, the interface 5224, and the bus BS5, the encrypted data {transaction ID // content ID // Kc // ACm // ACp {Kmc9}
Upon receiving Ks2a, the decryption processing unit 5212 outputs the encrypted data {transaction ID // content ID // K
c // ACm // ACp {Kmc9} Ks2a is decrypted by the session key Ks2a, and the encrypted data {transaction ID // content ID // Kc // A
Cm // ACp @ Kmc9 is received (step S83)
4). Thereafter, the flow shifts to step S844 in FIG.

On the other hand, if it is determined in step S827 that the certificate revocation list CRL stored in the license management device 820 of the destination personal computer 80 is old, the controller 5220 of the license management device 520 transmits the certificate revocation list via the bus BS5. Memory 521
The latest certificate revocation list CRL is acquired from the CRL area 5215A of No. 5 (step S835). Then, the encryption processing unit 5206 outputs the encrypted data supplied from the encryption processing unit 5217 via the terminal Pc of the changeover switch 5246 {transaction ID // content ID // Kc /
/ ACm // ACp @ Kmc9 and changeover switch 524
Certificate revocation list CRL obtained via the terminal Pf of No. 6
In response, the encrypted data encrypted with the session key Ks2a {differential CRL // transaction I
D // content ID // Kc // ACm // ACp｝
Kmc9｝ Ks2a is generated. Then, the controller 5220 determines that the encrypted data {transaction ID /
/ Content ID // Kc // ACm // ACp @ Km
c9 @ Ks2a is transferred to the bus BS5 and the interface 522.
4 and output via the terminal 5226 (step S
836).

[0396] Thereafter, the controller 5220 determines whether or not the license can be copied based on the access restriction information ACm. If the license can be copied, the process proceeds to step S839. Shifts to step S838. If it is determined in step S837 that the license cannot be copied, the controller 5220 determines whether the license 5
The license stored in the license area 5215B of the H.215 is deleted (step S838).

Then, if it is determined in step S837 that the license can be copied, or
After 838, the license management module 511 sends the encrypted data encrypted data {CRL /// transaction ID // content ID // Kc // ACm // AC.
Transmit pKmc9Ks2a to the personal computer 80 via the communication cable 90 (step S83).
9).

Referring to FIG. 42, license management module 811 of personal computer 80 has encrypted data {CRL /// transaction ID // content ID // Kc // ACm // ACp {Kmc9} Ks
2a is received (step S840), and the encrypted data {CRL // {transaction ID /
/ Content ID // Kc // ACm // ACp @ Km
c9 @ Ks2a is input to the license management device 820 (step S841). License management device 8
20 via terminal 5226, interface 5224, and bus BS5. Encrypted data {CRL // {transaction ID // content ID // Kc // ACm // ACp {Kmc9} K>
s2a, the decryption processing unit 5212 outputs the encrypted data {CRL /// transaction ID // content I
D // Kc // ACm // ACp {Kmc9} Ks2a
Is decrypted by the session key Ks2a, and the certificate revocation list CRL and the encrypted data @ transaction ID
/// Content ID // Kc // ACm // ACp @ K
mc9 is received (step S842). Then, the controller 5220 acquires the certificate revocation list CRL via the bus BS5, and acquires the certificate revocation list CRL via the bus BS5.
Certificate revocation list CRL of 15 CRL area 5215A
Is rewritten with the obtained certificate revocation list (step S843).

After step S834 or step S843 in FIG. 41, the decryption processing unit 5204
12 {Transaction ID // Content ID // Kc // ACm // AC
p @ Kmc9 is decrypted with a secret decryption key Kmc9, and the transaction ID, the content ID, and the license key K are decrypted.
c, access restriction information ACm, and reproduction restriction information AC
p is received (step S844). Then, the license management module 811 inputs the entry number for storing the license into the license management device 820 (Step S845). Then, the controller 5220 of the license management device 820
26, the interface 5224, and the bus BS5 to receive the entry number, and store the license (transaction ID, content ID, license key Kc, access restriction information ACm, and reproduction restriction information ACp) in the area specified by the received entry number. Is stored (step S846).

As described above, the generated encryption keys are exchanged between the license management devices of the two personal computers, encryption is performed using the encryption keys received by each other, and the encrypted data is transmitted to the other party. By transmitting, it is possible to effectively perform mutual authentication in transmitting and receiving the respective encrypted data, and it is possible to improve the security of the data distribution system.

Then, the personal computer 50
Read the license management file from the license management device 520,
Transfer the read license management file to the communication cable 9
0 to the personal computer 80 (step S847). And the personal computer 8
The license management device 820 of 0 changes the entry number stored in the received license management file to the entry number received in step S845, and records the license management file with the changed entry number in the memory 5215 (step S848). ).

Then, the license management module 511 of the personal computer 50 reads the encrypted content data {Dc} Kc and the additional information Dc-inf from the HDD, and transmits the encrypted content data {Dc} Kc via the communication cable 90. The additional information Dc-inf is transmitted to the personal computer 80 (step S84).
9). The license management module 811 of the personal computer 80 stores the encrypted content data {Dc} K
c and the additional information Dc-inf are received (step S85).
0), the encrypted content data {Dc} Kc and the additional information Dc-inf are recorded in the HDD 530 via the bus BS2 (step S851).

Thereafter, the license management module 511 of the personal computer 50 sets the access restriction information A
Based on Cm, it is determined whether or not the license can be copied (step S852). If the license can be copied, the process proceeds to step S854, and the entire operation ends (step S854). If the license cannot be copied in step S852, the license management module 511 deletes the entry number of the license management file (step S853), and the entire operation ends (step S854).

In step S853, the entry number stored in the license management file is deleted.
This corresponds to the fact that the license stored in the license management device 520 has been deleted in step S838 (see FIG. 41).

The case where the encrypted content data and the license acquired by the license management device 50 of the personal computer 50 are moved to the personal computer 80 has been described above.
The operation of transferring the encrypted content data and license acquired by the software 1 to the personal computer 80 is also performed according to the flowcharts shown in FIGS. In this case, step S8 in FIG.
The transaction ID, the content ID, the license key Kc, the access restriction information ACm, and the reproduction restriction information ACp in step S854 of FIG. 24 to FIG. 42 are the transaction IDb, the content IDb, the binding key Kb, the access restriction information ACmb, and the reproduction restriction, respectively. Read as information ACpb. And FIG.
In step S853 of step 2, the license management module 511 deletes the entry number stored in the license management file corresponding to the moved license to make the license null, and the license management file includes confidential information obtained by encrypting the license. If so, a license management file from which the confidential information has been deleted is prepared, and the license management file corresponding to the moved license recorded in the management file area 5215C of the license management device 520 is rewritten.

As described above, when moving the encrypted content data acquired by the license management module 511 of the personal computer 50 to the personal computer 80, the encrypted content data and the license (stored in the license management file) Move) and the binding license to the personal computer 80. When the encrypted content data obtained by the license management device 520 of the personal computer 50 is moved to the personal computer 80, the encrypted content data and the license are moved to the personal computer 80. Then, the moved encrypted content data, etc.
The destination personal computer 80 is managed in the same manner as in the personal computer 50.

As described above, the personal computer 50
A license is generated each time the encrypted content data and the license are acquired by the license management module 511, and the license of the encrypted content data is managed by the binding license, whereby the encrypted content data acquired by the license management device 520 is obtained. And so on.

[Reproduction] Next, with reference to FIG. 43 and FIG. 44, the reproduction operation of the content terminal moved to the memory card 110 and checked out at the reproduction terminal 100 (hereinafter, also referred to as content reproduction device) will be described. I do. Referring to FIG. 43, when the reproduction operation starts, the user of reproduction terminal 100 operates control panel 110.
A playback instruction is input to the playback terminal 100 via the terminal 8 (step S1000). Then, the controller 1106 sends the authentication data holding unit 15 via the bus BS3.
00, the authentication data {KPp1 // Cm1} is read out to the memory card 110 via the memory card interface 1200.
KPa is output (step S1002).

Then, memory card 110 receives authentication data {KPp1 // Cm1} KPa (step S1004). Then, the decryption processing unit 1408 of the memory card 110 receives the received authentication data {KPp1 //
Cm1 @ KPa is decrypted with the public authentication key KPa held in the KPa holding unit 1414 (step S100).
6), the controller 1420 performs authentication processing based on the decryption processing result in the decryption processing unit 1408. That is,
An authentication process is performed to determine whether the authentication data {KPp1 // Cm1} KPa is legitimate authentication data (step S1008). If decryption failed, step S
The flow shifts to 1048, where the reproducing operation ends. If the authentication data has been successfully decrypted, the controller 1420 determines whether or not the obtained certificate Cm1 is included in the certificate revocation list data CRL read from the memory 1415 (step S1010). In this case, an ID is assigned to the certificate Cm1, and the controller 1420 determines whether the ID of the received certificate Cm1 exists in the certificate revocation list. If it is determined that the certificate Cm1 is included in the certificate revocation list, the process moves to step S1048, and the reproduction operation ends.

[0410] In step S1010, the certificate Cm
1 is determined not to be included in the certificate revocation list CRL, the session key generator 1
418 generates a session key Ks2 for the reproduction session (step S1012). Then, encryption processing section 1410 encrypts session key Ks2 from session key generation section 1418 with public encryption key KPp1 decrypted by decryption processing section 1408, {Ks2} K
p1 is output to the bus BS3 (step S1014).
Then, controller 1420 outputs {Ks2} Kp1 to memory card interface 1200 via interface 1424 and terminal 1426 (step S1016). Controller 1 of playback terminal 100
106 acquires {Ks2} Kp1 via the memory card interface 1200. Then, Kp1 holding section 1502 outputs secret decryption key Kp1 to decryption processing section 1504.

[0411] The decryption processing unit 1504
{Ks2} Kp1 is decrypted by the secret decryption key Kp1 paired with the public encryption key KPp1 output from the public key 02 and the session key Ks2 is output to the encryption processing unit 1506 (step S1018). Then, session key generating section 1508 generates a session key Ks3 for the reproduction session, and outputs session key Ks3 to encryption processing section 1506 (step S1020). The encryption processing unit 1506 encrypts the session key Ks3 from the session key generation unit 1508 with the session key Ks2 from the decryption processing unit 1504, and {Ks3} Ks
2 and the controller 1106 outputs $ Ks via the bus BS3 and the memory card interface 1200.
3 @ Ks2 is output to memory card 110 (step S1022).

Then, the decryption processing unit 1412 of the memory card 110
4, and {Ks3} Ks2 are input via the bus BS4 (step S1024).

Referring to FIG. 44, decoding processing section 1412
Decrypts {Ks3} Ks2 with the session key Ks2 generated by the session key generation unit 1418, and outputs the session key Ks generated by the playback terminal 100.
3 is received (step S1026). In response to receiving the session key Ks3, the controller 1420 checks the access restriction information ACm (Step S102)
8). In step S1028, access restriction information A, which is information relating to restrictions on memory access,
By confirming Cm, the reproduction operation is terminated if the reproduction is already disabled, and if the reproduction number limit is limited, the data of the access restriction information ACm is updated and the number of reproducible times is updated. (Step S1030). On the other hand, if the number of times of reproduction is not restricted by the access restriction information ACm, step S1030 is skipped, and the processing is performed without updating the access restriction information ACm and the process proceeds to the next step (step S1).
032).

[0414] If it is determined in step S1028 that the reproduction operation can be performed, the license key Kc and the reproduction restriction information ACp of the reproduction request music recorded in the license area 1415C of the memory 1415 are stored on the bus BS4. (Step S10)
32).

[0415] The obtained license key Kc and reproduction restriction information ACp are sent to the encryption processing unit 1406 via the contact Pf of the changeover switch 1446. The encryption processing unit 1406
Decoding processing unit 1 via contact Pb of changeover switch 1442
The license key Kc received through the changeover switch 1446 and the reproduction restriction information ACp are encrypted with the session key Ks3 received from the key 412, and {Kc // ACp} Ks
3 is output to the bus BS4 (step S1034).

[0416] The encrypted data output to the bus BS4 is
Playback terminal 100 via interface 1424, terminal 1426, and memory card interface 1200.
Sent to

In reproduction terminal 100, encrypted data {Kc // ACp} Ks3 transmitted to bus BS3 via memory card interface 1200 is decrypted by decryption processing section 1510, and license key Kc
And the playback restriction information ACp (step S10)
36). Decryption processing section 1510 transmits license key Kc to decryption processing section 1516, and outputs reproduction restriction information ACp to bus BS3.

[0418] The controller 1106 receives the reproduction restriction information ACp via the bus BS3 and checks whether or not reproduction is possible (step S1040).

[0419] In step S1040, when it is determined that reproduction is not possible based on the reproduction restriction information ACp, the reproduction operation is terminated.

[0420] If it is determined in step S1040 that reproduction is possible, the controller 1106 requests the memory card 110 via the memory card interface 1200 for the encrypted content data {Dc} Kc. Then, the controller 1420 of the memory card 110
Indicates that the encrypted content data {D
Acquires c を Kc, bus BS4, interface 142
4 and output to the memory card interface 1200 via the terminal 1426 (step S1042).

[0421] Controller 1106 of playback terminal 100
Acquires the encrypted content data {Dc} Kc via the memory card interface 1200, and
The encrypted content data {Dc} Kc is provided to the decryption processing unit 1516 via

[0422] Then, the decryption processing unit 1516 decrypts the encrypted content data {Dc} Kc using the content key Kc output from the decryption processing unit 1510, and acquires the content data Data (step S1044).

Then, the decrypted content data Dc
Is output to the music playback unit 1518 and the music playback unit 1518
Reproduces the content data, the DA converter 1519 converts the digital signal into an analog signal, and
Output to Then, the music data is output from the terminal 1530 to the headphone 130 via the external output device and reproduced (step S1046). Thus, the reproduction operation ends.

[0424] In the above description, the case where the encrypted content data recorded on the memory card 110 is reproduced by the reproduction terminal 100 has been described. However, the personal computers 50 and 80 have the content reproduction device 1550 shown in FIG. Thus, the encrypted content data received by the license management module 511 and the license management device 520 can be reproduced. The license management module 51
In the case where the encrypted content data obtained in step 1 is reproduced by the content reproduction device 1550, the license management module 511 obtains the binding key Kb stored in the license management device 520, and
The encrypted confidential information of the license management file recorded in the DD 530 is decrypted with the binding key Kb, the license is read from the plaintext confidential information, and given to the content reproduction device 1550.

The personal computers 50 and 80
By incorporating a playback unit that functions according to software for playing back encrypted content data, the encrypted content data acquired by the license management module 511 can be played back by software.
Also in this case, the license management module 511 acquires the binding key Kb stored in the license management device 520, and transmits the encrypted confidential information of the license management file recorded in the HDD 530 to the binding key Kb.
The license is read out from the plaintext confidential information, and given to the content reproduction device 1550.

According to the embodiment of the present invention, the license management module incorporated in the personal computer manages the license of the encrypted content data acquired by the software using the binding key that is managed by the license management device in hardware. So
Like the license of the encrypted content data acquired by the license management device, the encrypted content data and the license can be transmitted to another personal computer by the concept of “movement”.

As described above, the license management device 520 built in the personal computer 50 communicates with the distribution server 10, acquires encrypted content data and a license, and manages the acquired license. Also, the license management device 520
Means that the license management module 511
License of the encrypted content data obtained from
And a binding license including a binding key for encrypting the license. Then, the license management device 520 can be detached from the personal computer 50 and mounted on another personal computer 80 as shown in FIG. Therefore, after the encrypted content data and the license are obtained by the personal computer 50, the license management device 520 is detached from the personal computer 50 and attached to the personal computer 80. Can be performed. That is, the license management device 520 manages the license acquired by itself, the license acquired by the license management device 511, and the binding license.
The hard disk 83 of the personal computer 80 connects the content list file 150 and the content files 1531 to 153n stored in
0, the copied content file 15
The encrypted content data stored in 31 to 153n can be reproduced by the above-described method, and can be moved to another personal computer, checked out, and chucked in.

[0428] The license management device 520 operates under the condition that it has been authenticated by the authentication data held by itself.
Since the license, the binding license, and the license management file are obtained, even if the license management device 520 is moved between the personal computers, the license and the binding license are not illegally copied. Therefore, there is no security problem.

Further, a binding license including the binding key Kb is transferred to the license management device 520.
, The encrypted content data {Dc} K
The license key Kc for decrypting c can be used as it is as the binding key.

Further, when the license key Kc is used as the binding key, the license key Kc is not recorded in the confidential information recording the license, and when the binding key is read, the binding key is used as it is. Can be used as

[0431] The embodiments disclosed this time are to be considered in all respects as illustrative and not restrictive. The scope of the present invention is defined by the terms of the claims, rather than the description of the embodiments, and is intended to include any modifications within the scope and meaning equivalent to the terms of the claims.

[Brief description of the drawings]

FIG. 1 is a schematic diagram conceptually illustrating a data distribution system according to a first embodiment of the present invention.

FIG. 2 is a diagram showing characteristics of data, information, and the like for communication in the data distribution system shown in FIG.

FIG. 3 is a diagram showing characteristics of data, information, and the like for communication in the data distribution system shown in FIG. 1;

FIG. 4 shows a binding license required to enable a license acquired by software in the data distribution system shown in FIG. 1 to be transferred to another personal computer, and checkout management information in a checkout session to be lent to a memory card. FIG.

FIG. 5 is a schematic block diagram illustrating a configuration of a distribution server.

FIG. 6 is a schematic block diagram illustrating a configuration of a personal computer.

FIG. 7 is a block diagram illustrating a configuration of a playback terminal.

FIG. 8 is a block diagram showing a configuration of a memory card.

FIG. 9 is a schematic block diagram illustrating a configuration of a license management device.

FIG. 10 is a first flowchart for explaining a distribution operation with a high security level in the data distribution system shown in FIG. 1;
It is a flowchart of FIG.

FIG. 11 is a second flowchart for explaining a distribution operation with a high security level in the data distribution system shown in FIG. 1;
It is a flowchart of FIG.

FIG. 12 is a third example for explaining a high security level distribution operation in the data distribution system shown in FIG. 1;
It is a flowchart of FIG.

FIG. 13 is a fourth view for explaining a delivery operation with a high security level in the data delivery system shown in FIG. 1;
It is a flowchart of FIG.

FIG. 14 is a first diagram for explaining a delivery operation with a low security level in the data delivery system shown in FIG. 1;
It is a flowchart of FIG.

FIG. 15 is a second flowchart for explaining a delivery operation with a low security level in the data delivery system shown in FIG. 1;
It is a flowchart of FIG.

FIG. 16 is a third view for explaining a delivery operation with a low security level in the data delivery system shown in FIG. 1;
It is a flowchart of FIG.

FIG. 17 is a fourth diagram for explaining a delivery operation with a low security level in the data delivery system shown in FIG. 1;
It is a flowchart of FIG.

FIG. 18 is a fifth flowchart for explaining a delivery operation with a low security level in the data delivery system shown in FIG. 1;
It is a flowchart of FIG.

FIG. 19 is a sixth flowchart for explaining a delivery operation with a low security level in the data delivery system shown in FIG. 1;
It is a flowchart of FIG.

FIG. 20 is a first flowchart for explaining a ripping operation in the data distribution system shown in FIG. 1;

FIG. 21 is a second flowchart for explaining the ripping operation in the data distribution system shown in FIG. 1;

FIG. 22 is a third flowchart for explaining the ripping operation in the data distribution system shown in FIG. 1;

FIG. 23 is a fourth flowchart for explaining the ripping operation in the data distribution system shown in FIG. 1;

FIG. 24 is a diagram showing a configuration of a content list file on a hard disk of a personal computer.

25 is a first flowchart for explaining an operation of transferring a license of encrypted content data in the data distribution system shown in FIG. 1;

FIG. 26 is a second flowchart for explaining an operation of transferring a license of encrypted content data in the data distribution system shown in FIG. 1;

FIG. 27 is a third flowchart illustrating an operation of transferring a license of encrypted content data in the data distribution system illustrated in FIG. 1;

FIG. 28 is a fourth flowchart for explaining the operation of transferring a license of encrypted content data in the data distribution system shown in FIG. 1;

FIG. 29 is a first flowchart for explaining a license check-out operation of encrypted content data in the data distribution system shown in FIG. 1;

FIG. 30 is a second flowchart for explaining the license check-out operation of the encrypted content data in the data distribution system shown in FIG. 1;

FIG. 31 is a third flowchart for explaining the license check-out operation of the encrypted content data in the data distribution system shown in FIG. 1;

FIG. 32 is a fourth flowchart illustrating the license check-out operation of the encrypted content data in the data distribution system shown in FIG. 1;

FIG. 33 is a fifth flowchart for explaining the license check-out operation of the encrypted content data in the data distribution system shown in FIG. 1;

FIG. 34 is a first flowchart for explaining a license check-in operation of encrypted content data in the data distribution system shown in FIG. 1;

FIG. 35 is a second flowchart for explaining the license check-in operation of the encrypted content data in the data distribution system shown in FIG. 1;

FIG. 36 is a third flowchart illustrating the license check-in operation of the encrypted content data in the data distribution system illustrated in FIG. 1;

FIG. 37 is a fourth flowchart for explaining the license check-in operation of the encrypted content data in the data distribution system shown in FIG. 1;

FIG. 38 is a diagram showing a configuration of a playlist file in the memory card.

FIG. 39 is a first flowchart for explaining movement of encrypted content data and a license between personal computers in the data distribution system shown in FIG. 1;

FIG. 40 is a second flowchart for describing movement of encrypted content data and a license between personal computers in the data distribution system shown in FIG. 1;

FIG. 41 is a third flowchart for explaining movement of encrypted content data and a license between personal computers in the data distribution system shown in FIG. 1;

FIG. 42 is a fourth flowchart for explaining movement of encrypted content data and a license between personal computers in the data distribution system shown in FIG. 1;

FIG. 43 is a first flowchart for describing a playback operation in a playback terminal.

FIG. 44 is a second flowchart for describing the playback operation in the playback terminal.

FIG. 45 is a diagram illustrating a method of using the license management device.

[Explanation of symbols]

Reference Signs List 10 distribution server, 20 distribution carrier, 30 Internet network, 40 modem, 50, 80 personal computer, 60 CD, 70 USB cable, 90
Communication cable, 100 playback terminal, 110 memory card, 130 headphone, 150 content list file, 160 playlist file, 302 charging database, 304 information database, 306 C
RL database, 307 menu database, 3
08 distribution record database, 310 data processing unit,
312,320,1404,1408,1412,14
22, 1504, 1510, 1516, 5204, 52
08, 5212, 5222 Decryption processing unit, 313 Authentication key holding unit, 315 Distribution control unit, 316, Session key generation unit, 318, 326, 328, 1406, 14
10, 1417, 1506, 5206, 5210, 52
17, 5405 Cryptographic processing unit, 350 communication device, 51
0, 1106, 1420, 5220 Controller, 5
11,811 License management module, 520,8
20 license management device, 530, 830 hard disk, 540 CD-ROM drive, 550,
1112 USB interface, 560 keyboard, 570 display, 580, 1114, 142
6, 1530, 5226 terminals, 1108 operation panel, 1110 display panel, 1200 memory card interface, 1400, 1500, 5200 authentication data holding unit, 1402, 5202 Kmc holding unit, 14
14,5214 KPa holding part, 1415,5215
Memory, 1415A, 5215A CRL area, 141
5B, 5215B License area, 1415C data area, 5215C management file area, 1416, 5
216 KPmc holding unit, 1418, 5218 Session key generation unit, 1421, 5221 Km holding unit, 14
24,5224 interface, 1442,144
6,5242,5246 Changeover switch, 1502 K
p1 holding unit, 1518 music reproducing unit, 1519 DA converter, 1521 to 152n, 1621 to 162n license management file, 1531 to 153n, 1611
1612n content file, 1550 content playback device.

Continued on the front page F term (reference) 5C064 BA07 BB02 BC06 BC17 BC18 BC22 BC23 BC25 BD02 BD08 BD09 BD13 CA14 CA16 CB01 CC04 5J104 AA07 AA16 EA05 EA19 JA03 JA03 KA01 KA05 KA10 NA02 NA36 NA37 NA38 NA40 NA42

Claims (22)

[Claims] 1. A data terminal device for obtaining encrypted content data obtained by encrypting content data and a license for decrypting the encrypted content data to obtain an original plaintext, wherein the encrypted content data is obtained by software. A module for obtaining data and the license, generating an encrypted license obtained by encrypting the obtained license with a binding key, and a binding license including the binding key; and obtaining the encrypted content data and the license. And a device unit for storing the license acquired by the exchange, the binding license, and the first and second management files, a storage unit for storing data, and a communication unit between the device unit and the outside. A control unit for controlling exchange, wherein the storage unit includes a plurality of encrypted content data, and when the encrypted content data is obtained, the control unit stores the encrypted content data obtained from the outside in the storage unit , Generating the first management file, providing the license and the generated first management file to the device unit, and the module unit transmits the second management file including the encrypted license to the device unit. A data terminal device that generates and provides the binding license and the generated second management file to the device unit. 2. The device unit, comprising: a first recording unit that records the license and the binding license in association with first and second management numbers, respectively; and a plurality of first or second management files. The data terminal device according to claim 1, further comprising: a second recording unit that records. 3. The control unit generates the first management number when the device unit acquires the license and gives it to the device unit, and the module unit acquires the license when the device unit acquires the license. 3. The data terminal device according to claim 2, wherein a number is generated and given to the device unit. 4. The data terminal device according to claim 1, wherein the module unit acquires the encrypted content data and the license from a distribution server. 5. A medium drive unit for reading content data from a recording medium, wherein when acquiring the encrypted content data, the module unit rips the content data read by the medium drive unit to obtain the encrypted data. The data terminal device according to any one of claims 1 to 3, wherein the data terminal device acquires encrypted content data and the license. 6. The data terminal device according to claim 1, wherein the device unit exchanges the encrypted content data with a distribution server that holds the license. 7. The data terminal device according to claim 1, wherein the binding key is a license key required for decrypting the encrypted content data. 8. An encrypted content data obtained by encrypting content data and a license for decrypting the encrypted content data to obtain the original plaintext are obtained, and the obtained encrypted content data and license are transferred to other data. A data terminal device moving to a terminal device, wherein the encrypted content data and the license are acquired by software, and the acquired license is encrypted with a binding key. And a module for generating the license, the exchange for acquiring the encrypted content data and the license, the license acquired by the exchange, the binding license, and the first and second management files. A storage unit that stores data, a storage unit that stores data, and a control unit that controls an exchange between the device unit and the outside. The storage unit includes a plurality of encrypted content data, When acquiring encrypted content data, the control unit supplies the encrypted content data acquired from the outside to the storage unit, generates the first management file, and associates the license with the generated first management file. The module unit generates the second management file including the encryption license, and provides the binding license and the generated second management file to the device unit. When moving the content data, the control unit transmits the license of the moving encrypted content data and the first management file. Reading from the device unit, reading the moving encrypted content data from the storage unit, transmitting the read license, the first management file, and the encrypted content data to the another data terminal device; Reads the binding license including the binding key obtained by encrypting the license of the moving encrypted content data and the second management file from the device unit, reads the moving encrypted content data from the storage unit, A data terminal device that transmits the binding license, the second management file, and the encrypted content data to the another data terminal device. 9. When moving the encrypted content data, the control unit obtains a first management number stored in the first management file, and transfers the obtained first management number to the device unit. To obtain the license from the device unit by inputting to the device unit, the module unit obtains a second management number stored in the second management file, and the obtained second management number is stored in the device. Acquiring the binding license from the device unit by inputting to the unit.
The data terminal device according to claim 7. 10. The apparatus according to claim 1, further comprising: a receiving unit that receives an instruction, wherein, when the encrypted content data is moved, the control unit responds to a request for moving the encrypted content data from the receiving unit. The first management file corresponding to the name of the content data is specified, and the specified first management file is read out from the device unit to obtain the first management number. The second management file corresponding to the name of the encrypted content data requested to be moved is specified in response to the transfer request of the encrypted content data from the section, and the specified second management file is read out. The data terminal device according to claim 8, wherein the data terminal device acquires a second management number. 11. When the encrypted content data is moved, the device unit authenticates the license or the license based on authentication data from another device unit incorporated in the another data terminal device. The data terminal device according to any one of claims 8 to 10, which outputs a binding license. 12. When the encrypted content data is moved, the device unit receives a public encryption key held in the another device unit, and encrypts the license or the binding license with the received public encryption key. 12. The data terminal device according to claim 11, wherein the data terminal device outputs the data. 13. The device according to claim 11, wherein, when the encrypted content data is moved, the control unit transmits a license or a binding license stored in the device unit to the another device unit. Data terminal equipment. 14. The device according to claim 8, wherein at the time of moving the encrypted content data, the device unit deletes the moved license when copying of the license is prohibited. The data terminal device according to claim 1. 15. When the encrypted content data is moved, the module unit transmits the encrypted license and the second license file from a second management file storing the moved license when copying of the license is prohibited. Outputting a deletion request to delete the management number 2 to the device unit;
The data terminal device according to any one of claims 8 to 13. 16. The data terminal device according to claim 8, wherein said binding key is a license key required for decrypting said encrypted content data. 17. A device used for a data terminal device for obtaining encrypted content data obtained by encrypting content data and a license for decrypting the encrypted content data to obtain an original plaintext, the data terminal device comprising: An input / output terminal for exchanging data with other parts of the device, an interface for exchanging data with the input / output terminal, a recording unit for recording data, and a control unit, wherein the encrypted content is provided. At the time of data acquisition, the control unit writes a license acquired by exchanging itself with the outside via the interface and the input / output terminal into the recording unit, and inputs the license via the input / output terminal and the interface. The binding license is written to the recording unit, and the binding license is Sense is a license including a binding key for encrypting the license acquired by the software, the device. 18. The control unit, wherein a first management number for managing the license or a second management number for managing the binding license is input via the input / output terminal and the interface. When,
18. The method according to claim 17, further comprising: providing the first or second management number to the recording unit, wherein the recording unit manages the license and the binding license in association with the first and second management numbers, respectively. A device as described in. 19. The control unit, comprising: a first management file including the first management number or a second management file including the second management number and an encryption license encrypted with the binding key. Is input through the input / output terminal and the interface,
19. The device according to claim 18, wherein the first or second management file is provided to the recording unit. 20. A recording unit, comprising: a first recording unit that records the license and the binding license in association with the first and second management numbers, respectively; 20. The device according to claim 19, further comprising: a second recording unit configured to record the information. 21. An authentication data holding unit for holding authentication data, wherein the control unit outputs the authentication data via the interface and the input / output terminal, and the authentication data is authenticated. The device according to any one of claims 17 to 20, wherein the license or the binding license is received via the input / output terminal and the interface. 22. The device according to claim 17, wherein the binding license includes a license key required to decrypt the encrypted content data.