JP2003030054A - Recorder and program recording medium - Google Patents

Abstract

PROBLEM TO BE SOLVED: To transfer contents data from a certain recorder to a specific recorder as a claim of copyright when a plurality of pieces of equipment are connected on the same bus and when contents data the copyright of which is claimed is transferred from a certain recording medium to another recording medium. SOLUTION: This recorder is provided with a key generating means 65 to generate an encryption key to encrypt data and an encryption release key to release encryption of the encrypted data encrypted by the encryption key, a transmitting means 66 to transmit the encryption key to another recorder connected on the same bus and in which the data the copyright of which is claimed is recorded, and an encryption releasing means 61 in which the data the copyright of which is claimed by the other recorder is encrypted by the transmitted encryption key, to receive the encrypted data to be transmitted by the other recorder and to release the encryption of the received encrypted data by the encryption releasing key and a recording means to record the data the encryption of which is released.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a recording apparatus capable of moving copyrighted data from one recording apparatus to another recording apparatus when a plurality of devices are connected to the same bus. Regarding

[0002]

2. Description of the Related Art Needs for home networks and digitalization are rapidly increasing. Under such circumstances, attention is beginning to be given to IEEE 1394-1995 and IEEE 1394a-2000 (hereinafter referred to as IEEE 139).
4 buses). This is the IEEE
Is a high-speed serial bus standard that was standardized in 2000 and part of the standard was changed in 2000. The IEEE 1394 bus has a characteristic function of multimedia data transfer, and enables isochronous (synchronous) data transfer (Isochronou) that enables real-time transfer of audio data, video data, processing procedure data, and combination data thereof.
s) and asynchronous (asynchronous) data transfer (Asynchronous) having a function of compensating the data content. Examples of data using the isochronous data transfer method include a transport stream, a DV stream, and an audio stream based on IEC958. The asynchronous data transfer method is used, for example, for exchanging a command of a device, and asynchronously responds to the request of one device by the other device to compensate the content of the command.

There are cases where copyright is claimed as content data when AV data and the like are exchanged using the IEEE 1394 bus. The copyright assertion information of the content data is CGMS (Copy Generat).
Ion Management System), Di
digital copy control descri
pter, DTCP descriptor (Digi
tal Transmission Content
The EMI information (Encrib) is used as a copyright protection when the protection descriptor is written inside the content data and when the content data is transferred to the IEEE 1394 bus by referring to the copyright claim information of the content data.
In some cases, a Pition Mode Indicator) is added to the header of an isochronous data packet.

Basically, the copyright assertion information is prohibited once (Copy Never), allowed only once (Copy One Generation), and not prohibited (Copy Free). Only the copy is allowed, which means that the data has been copied and no further copying is allowed (No More Copy).
Will be represented by four types of information in total. In addition, the EMI information is generally an IEEE standard in which a plurality of copyrighted content data are contained in the same packet.
When transferring to the 1394 bus, the strictest limitation of the copyright assertion information written inside the content data is added to the packet header (for example, Copy Ne).
When the data of the “ver” and the data of the “Copy Free” are transferred as the same packet, the EMI information is “Copy”.
Never).

Further, in the IEEE 1394 bus, by exchanging commands between devices, it is possible to perform device authentication for determining whether or not the connection partner is a reliable device. Specifically, a TV monitor or STB (Set
A device that does not record AV data, such as a top box (satellite broadcast receiver), has a full authentication method (Full Auto).
device authentication based on the
For devices that record AV data such as R, a restricted authentication method (Restricted Authenticati
on) or extended restricted authentication method (Enhance)
d Restricted Authenticati
on) to perform device authentication. If this authentication is successful, the mutual devices will send the authentication key (Authenticat).
ionKey), the exchange key (ExchangeKey) is encrypted using this authentication key and exchanged with each other, and then the decryption key is generated using this exchange key and seed key to perform authentication. A method of transmitting a seed key is used for the equipment used.

Further, the seed key is updated regularly or irregularly to enhance the reliability of the decryption key generated from the exchange key. There are two types of seed keys called ODD seed key and EVEN seed key, which are regularly updated by the IEEE 1384 bus. After these two seed keys are transmitted after device authentication, for example, one If the seed key of is using the ODD seed key, by transmitting the ODD key,
Switch to using the EVEN key and update the old ODD key with the new ODD key. This facilitates key synchronization between devices. Further, the information regarding these ODD / EVEN seed keys is added to the asynchronous packet header as encryption key information (O / E) and transferred.

Conventionally, in the IEEE 1394 bus, the above-mentioned function is used, and the copyright assertion information is used for viewing data from a content transmission source such as a broadcasting station or content data as a package medium or for recording on another recording medium. It has been used when recording.

[0008]

However, the copyright claim information is data in which the content of Copy One Generation is recorded once (the copyright claim information is N
o Contents that are in More Copy)
For some reason (for example, when an area needs to be emptied on the recording medium due to capacity), there is no other way but to delete the content itself.

Further, when a plurality of various devices are connected to the IEEE 1394 bus and data is exchanged with each other, there is a problem that the recording device cannot move the data according to the copyright claim with other recording devices.

Further, the copyright claim information is Copy One.
In the case of Generation or Copy Never, the copyright claim information is copied to the Copy One Gene by providing a means for visualizing the data only once.
position and copy never, which makes it possible to move data to another recording medium.
Although 149417 is disclosed, when a plurality of the same devices having this means exist on the same IEEE 1394 bus, there is a problem that the data is recorded in the plurality of devices and the data cannot be moved according to the copyright information. .

The present invention has been made in view of such a situation, and in a case where a plurality of devices are connected to the same bus, content data for which copyright is claimed is written from a certain recording medium. If you want to move to another recording medium, you can move without changing the copyright claim information written inside the content data, and even when data is exchanged between each device, from one recording device The purpose is to enable content data to be moved to a specific recording device as claimed by copyright.

[0012]

In order to solve the above-mentioned problems, the recording device and the program recording medium according to the present invention employ the following means.

The first gist of the present invention is the same as an encryption key for encrypting data and a key generation means for generating an encryption key for decrypting the encrypted data encrypted with this encryption key. The transmission means that transmits the encryption key to another recording device that is connected to the bus and records the copyright-claimed data, and the transmitted encryption key encrypts the copyright-claimed data in the other recording device. Receiving means for receiving the encrypted data transmitted by another recording device, decryption means for decrypting the received encrypted data with the decryption key, and recording the decrypted data The present invention relates to a recording device including a recording unit.

A second aspect of the present invention is that an encryption key for encrypting data claimed by another recording device connected to the same bus is generated and transmitted by another recording device. The receiving means for receiving the encryption key, the encryption means for encrypting the recorded copyright-claimed data with the received encryption key, and the copyright-claimed data for the encrypted data The present invention relates to a recording device comprising: a recording device for recording at a recorded recording position; and a transmitting device for transmitting encrypted encrypted data to another recording device in which an encryption key is generated.

The third gist of the present invention is that the decryption key is
The recording apparatus according to the first aspect is characterized in that it is generated from the exchange key and the seed key generated by the key generation means.

A fourth gist of the present invention relates to the recording device of the second gist, wherein the encryption key is generated from an exchange key and a seed key received from another recording device.

A fifth aspect of the present invention relates to the recording device according to any one of the first to fourth aspects, wherein the encryption key and the decryption key are generated after device authentication.

The sixth gist of the present invention is that the exchange key received from another recording device is encrypted by the authentication key generated by the device authentication in the other recording device, and the exchange key is encrypted from the other recording device. The recording apparatus according to the fourth aspect is characterized in that the encrypted exchange key to be transmitted is received, and the encrypted exchange key is decrypted with an authentication key generated by device authentication to generate the encrypted exchange key.

A seventh aspect of the present invention relates to the recording device according to any one of the first to sixth aspects, wherein the encryption key or seed key can be updated.

An eighth aspect of the present invention is characterized in that the recording means overwrites the recording position information of the recorded copyright claimed data with the recording position information of the encrypted data. The present invention relates to a recording device according to any one of 5, 6, and 7.

A ninth aspect of the present invention is that the recording means erases the recording position information of the recorded data for which copyright is claimed, and the recording position information of the encrypted data is at the erased position on the recording medium. The second, fourth, characterized in that
The present invention relates to a recording device according to any one of 5, 6, and 7.

The tenth gist of the present invention is the gist of any of the second, fourth, fifth, sixth, seventh, eighth, and ninth aspects characterized in that the transmitting means adds EMI information to the encrypted data. Recording device

The eleventh aspect of the present invention is that the bus is IEEE
The present invention relates to a recording device according to any one of the first to tenth aspects, which is an E1394 bus.

A twelfth aspect of the present invention relates to a program recording medium, which stores a program for causing a computer to execute all or part of the functions of each component of the recording device.

[0025]

BEST MODE FOR CARRYING OUT THE INVENTION Embodiments of a recording apparatus and a program recording medium according to the present invention will be described below with reference to the drawings.

1 to 6 illustrate an embodiment (1) of a recording apparatus according to the present invention. First, a recording device, an STB, a recording device capable of recording and encryption recording (hereinafter referred to as an encryption recording device), a recording device capable of generating and recording an encryption key and transmitting this encryption key (hereinafter referred to as “recording device”). , Referred to as a key generation / recording device).
A description will be given based on FIG.

FIG. 1 is a block diagram showing a serial bus and conventional equipment connected to the serial bus. The digital bus 11 is, for example, IEEE1394a-200.
0 serial bus (hereinafter referred to as IEEE13
94 bus), which is a bus capable of exchanging commands and data between devices. This digital bus 11
An STB 12, a digital TV monitor A 13, a recording device 14, a recording device built-in STB 15, a digital TV monitor B 16 and the like are connected to the.

Here, the STB 12 receives the AV data sent from the broadcasting station and sends the AV data onto the digital bus 11. Digital TV monitor A13
Visualizes the AV data received from the digital bus 11 based on the copyright claim information. The recording device 14 records the AV data received from the digital bus 11 based on the copyright claim information and transmits the AV data to the digital bus 11 based on the copyright claim information. STB15 with built-in recording device
Like the STB 12, the AV data sent from the broadcasting station is received and the AV data is transmitted onto the digital bus 11. Also, like the recording device 14, the digital bus 11 is transmitted.
The AV data received from the digital bus 11 is recorded based on the copyright claim information and the digital bus 11 is recorded based on the copyright claim information.
Send to.

Next, the operation of visualizing and recording AV data based on the copyright claim information in the above configuration will be described (provided that the copyright claim information is Copy Free).
In the case of, the explanation is omitted).

When the digital TV monitor A13 visualizes AV data based on the copyright claim information, STB12
When the AV data received by the device is transmitted as encrypted data to the digital bus 11 with EMI information added to the packet header, the value of the EMI information is Copy Never.
r, Copy One Generation, No
In the case of More Copy, in order to receive and decrypt this encrypted data, a command is exchanged with the STB 12, the decryption key is acquired, the encrypted data is decrypted, and the AV data is imaged. Turn into. If there is a digital TV monitor B16 for which the decryption key cannot be acquired or the key acquisition is rejected by the STB 12, even if the device only displays an image, it cannot be imaged.

The recording device 14 sets A based on the copyright claim information.
When recording V data, the AV received by the STB 12
EM is added to the packet header as encrypted data
When I information is added and transmitted on the digital bus 11, the value of the EMI information is CopyOne General
Only in the case of Ion, the deciphered digital AV is obtained by deciphering after obtaining the deciphering key from STB12.
CGMS and Digit written inside the data
al copy control description
It is recorded when the copyright information of r and DTCP descriptor is Copy One Generation.

When the AV data recorded by the recording device 14 is transferred onto the digital bus 11 based on the copyright claim information, the CGMS written inside the AV data,
Digital copy control desc
The copyright assertion information of ripter and DTCPdescriptor is copied in Copy One Generation.
n to No More Copy (or Copy N
The value of the EMI information in the isochronous packet header is set to No More Copy, and the AV data is encrypted and transferred to the digital bus 11.

When the STB 15 with a built-in recording device records based on the copyright claim information, the AV sent from the broadcasting station
When receiving and recording data, CGMS and Digital cop written inside AV data are recorded.
y control descriptor and DT
Cop the copyright assertion information of CP descriptor
Record if y One Generation. In addition, the value of the EMI information is Copy One Ge.
Only in the case of negotiation, the decryption key is obtained from STB12 and then decrypted.
CGMS and Digi written inside V data
tal copy control description
er and DTCP descriptor copyright information is Copy One Generation.

When the STB 15 with a built-in recording device can transmit on the digital bus 11 based on the copyright information, when it does not record, it transmits on the digital bus 11 like the STB 12, and when recording, it records on the recording device 14. After performing the same operation as above, the data is transmitted to the digital bus 11.

Here, even if the STB 15 with a built-in recording device wants to move the content to the recording device 14 for the reason that the area on the recording medium is to be released to another content in terms of capacity, a method based on the above copyright information. Then, digital AV data cannot be moved.

FIG. 2 is a block diagram showing a serial bus and the recording apparatus of the present invention connected to this serial bus. The digital bus 11 has an STB with a built-in encryption recording device.
21, a key generation recording device 22, and an encryption recording device 23 are connected. The STB 21 with built-in encryption recording device and the key generation / recording device 22 have the same functions as the STB 15 with built-in recording device and the recording device 14, and are capable of recording and data transmission based on copyright claim information.

If the STB 21 with the built-in encryption recording device wants to move the content for reasons such as allocating the area on the recording medium to another content, the STB 21 with the built-in encryption recording device and the key generation recording device Two
A command relating to movement is exchanged with the device 2, and the encryption key is sent from the key generation recording device 22 to the STB 21 with a built-in encryption recording device. 11 and transmits the encrypted data to the key generation / recording device 22. The key generation / recording device 22 decrypts the encrypted data with the decryption key and records it as AV data.

Further, only the key generation recording device 22 having the decryption key can decrypt the encrypted data into AV data, and the STB 21 with a built-in encryption recording device which records the encrypted data is encrypted. However, the AV data cannot be obtained because the decryption key is not recorded although the encrypted recording is performed.

Even if the digital TV monitor A13 wants to visualize the AV data, the ST with a built-in encryption recording device is used.
Since the decryption key cannot be obtained with B21, it cannot be visualized.

The movement of the AV data between the encryption recording device 23 and the key generation recording device 22 based on the copyright claim information is the same as that of the STB 21 with built-in encryption recording device.

Next, a method of moving data based on the copyright claim information in the above configuration will be described. It is assumed that the encrypted recording device 23 records copyright-claimed AV data in the same format as an ordinary recording device, and the copyright-claimed AV data may be recorded from STB or the like. Alternatively, it may be recorded on a tape medium as a package medium. However, the package media must be rewritable, erasable, and recordable. Here, the copyright assertion information CGMS, Digital copy control written inside the digital AV data recorded from the STB and the AV data as the package medium.
descriptor and DTCP descriptor
pter is NoMore Copy or Copy
Never (or C for packaged media
It has become "opy One Generation".

From the encryption recording device 23 to the key generation recording device 2
When it is desired to move the AV data whose copyright is claimed to 2, the key generation recording device 22 or the encryption recording device 23 first transmits a command relating to the movement of the AV data to the digital bus 11 as an asynchronous packet. The transmission of the command regarding the movement may be transmitted by the key generation recording device 22 or the encryption recording device 23. Based on this command, the key generation / recording device 22 generates an encryption key and a decryption key and records them in the recording means. next,
The key generation / recording device 22 transmits the encryption key to the digital bus 11 as an asynchronous packet. The encryption recording device 23 receives the encryption key from the digital bus 11, and encrypts the copyright-claimed data which is desired to be moved and which is recorded in the recording means with the encryption key. As for the encrypted data, the recording means of the encryption recording device 23 updates the data before overwriting or encrypting the AV data to an unusable state and records the encrypted data. The encryption recording device 23
Specifies the value of EMI information in the encrypted data by Copy Ne
It is added to the isochronous packet header after being set to "ver" or "No More Copy", requests the isochronous channel, and transmits it as an isochronous packet together with the channel ID. The key generation / recording device 22 receives the isochronous packet of the encrypted data that is acquired by checking the channel ID. The key generation / recording device 22 confirms the EMI information of the received encrypted data and then records the AV data obtained by decryption using the recorded decryption key in the recording means.

Next, the operation when a plurality of devices are connected on the same IEEE 1394 bus as the key generation recording device 22 and the encryption recording device 23 and data is exchanged with each other will be described.

Normally, when transmitting copyrighted digital AV data on the IEEE 1394 bus, the digital AV data is encrypted data, and it is necessary to authenticate with the transmission source to obtain a decryption key. Then, the encrypted data is decrypted and recorded or visualized as digital AV data.

Here, the recording device 14 and the digital TV monitor A13 are the encrypted recording device 23 from which the encrypted data is transmitted.
When attempting to decrypt the encrypted data from the encrypted data, the recording device 14 records the AV data because the EMI value added to the isochronous packet header of the encrypted data is Copy Never or No More Copy. Can not. Further, the digital TV monitor A13 cannot exchange the commands and cannot visualize the decryption key from the encryption recording device 23. Also, digital TV monitor A
Recording device with authentication function equivalent to 13 is IEEE139
Even if a plurality of them exist on the four buses, the decryption key cannot be obtained and the AV data cannot be recorded, like the digital TV monitor A13. Therefore, it is possible to only move the claimed AV data based on the copyright.

Next, the exchange of commands performed when obtaining the decryption key will be described. In the conventional authentication method, as shown in FIG. 3, after the mutual devices acquire the authentication key and exchange the exchange keys, the seed key is generated by the device that transmits the encrypted data (for example, the STB 15 with built-in recording device). Then
A device for decrypting encrypted data (for example, the recording device 1
4) receives.

In the present invention, as shown in FIG. 4, a device (for example, the key generation / recording device 22) that acquires and decrypts encrypted data transmits a seed key and transmits the encrypted data (for example, the device). The STB 21) with the built-in encryption recording device receives the seed key.

Further, depending on the level of reliability of the bus for device authentication, the encryption key may be acquired or the exchange key and seed key may be acquired without authentication.

Further, depending on the level of reliability of the bus, after the device authentication is performed, the encryption key is directly decrypted and obtained instead of the exchange key. Alternatively, after the device authentication is performed, the exchange key is obtained, the encryption key encrypted with the exchange key is obtained, and the encryption with the exchange key is released to obtain. Alternatively, after performing device authentication, obtain the exchange key, obtain the seed key encrypted with the exchange key, decipher the exchange key to obtain the seed key, and then encrypt by generating the encryption key. Get the key. Alternatively, after performing only the device authentication, the encryption key is directly obtained instead of the exchange key without using the authentication key. Or, after performing only device authentication,
The encryption key may be acquired without encryption and decryption of the exchange key, and the encryption key may be acquired from the seed key.

Further, in order to improve the reliability of the bus, the encryption key may be updated regularly or irregularly or the seed key may be updated as in the conventional method.

Further, regardless of the conventional authentication method, even if the encryption key is recorded in advance in the corresponding device of the encryption recording device 23 and the key generation recording device 22, the encryption recording of the corresponding device is performed. good.

Conventionally, the encrypted recording device 23 and the key generation recording device 21, which are recording devices, use the restricted authentication method or the extended restricted authentication method, but the device authentication is performed by the complete authentication method. However, it does not affect the conventional recording and visualization methods based on copyright claims.

If the authentication method is a method that is sufficiently reliable, the same key may be used as the encryption key and the decryption key.

Next, as an example of the recording device (key generation / recording device 22) of the present invention, a case where the recording medium is realized by a hard disk device will be described with reference to FIGS. FIG. 5 shows a recording device of the present invention (key generation recording device 2
It is the block diagram which showed 2). Key generation recording device 22
Is composed of a digital interface 51, packet control means 52, hard disk access means 53, hard disk control means 54, and disk medium control means 58.

The digital interface 51 is means for transmitting control commands for AV equipment and transmitting AV data, and is, for example, IEEE 1394a-2.
000. The packet control unit 52 includes a unit for controlling AV stream data and a unit for performing an authentication process necessary for transmitting / receiving a command. The hard disk access means 53 is an interface means for operating the physical hard disk control means 54 according to a specific access method. The hard disk control means 54 is means for physically controlling the disk medium 55 and the disk head 56 by the disk head control means 57 and the disk medium control means 58.

FIG. 6 is a block diagram showing the packet control means 52 in the key generation / recording device 22. The packet control means 52 includes a decryption means 61,
The stream forming unit 62, the EMI detection determining unit 63, the key managing unit 64, the device authentication and key generating unit 65, and the command control unit 66 are included.

The decryption means 61 (reception means) is means for receiving the encrypted data from the digital interface 51 and releasing the encrypted data. Streaming means 62 AVs the decrypted IEEE 1394 packet.
It is a means for streaming data and transferring it to the hard disk access means 53. EMI detection determination means 63
Is a means for detecting the EMI information part from the isochronous packet header transferred from the digital interface 51, detecting the ODD / EVEN flag of the packet header, and determining the decryption key to be used. The key management unit 64 is a unit that manages the descrambling key, the seed key, and the encryption key in association with each other. The device authentication / key generation means 65 is a means for performing device authentication and generating an authentication key required for authentication, an exchange key for exchanging with a counterpart device, an encryption key, a decryption key, and a seed key. The command control means 66 (transmission means) is means for controlling the hard disk access means 53 according to the exchange of commands with the partner device and the contents of the commands.

Next, the operation of the key generation / recording device 22 having the above configuration will be described. In the case of moving the copyrighted AV data, a case will be described in which all the contents to be moved are encrypted and recorded by the encryption recording device 23 and then transmitted as encrypted data. First, the command control unit 66 is used to exchange commands relating to the movement of AV data, and at the same time, the device authentication and key generation unit 65 generates an encryption key and a decryption key from an authentication key, an exchange key, and a seed key. The exchange key is encrypted by the authentication key and transmitted to the digital interface 51 as an asynchronous packet according to the command, and the seed key is also transmitted. The device authentication and key generation means 65 updates the seed key regularly or irregularly and passes it to the command control means. The command control means 66 transmits the received seed key to the digital interface 51 as an asynchronous packet. The device authentication and key generation means 65 generates a seed key, an encryption key and a decryption key from the exchange key and the seed key, and the seed key, the encryption key,
The decryption key is passed to the key management means 64. Key management means 64
Associates the received seed key, encryption key, and decryption key with the order in which they are received and passes them to the hard disk access means 53 as recording data. The above operation is repeated until a command regarding the completion of encrypted recording of AV data is received.

Next, the command control means 66
A command relating to completion of encrypted recording of all AV data is exchanged, a command relating to transmission of encrypted data is exchanged, and then the key management means 64 is notified of reading of the decryption key. In response to the notification from the command control means 66, the key management means 64 sequentially reads out the various keys and related data recorded first from the hard disk access means 53 and registers them in the descrambling means 61. EMI
The detection determination means 63 determines that the EMI information part in the packet header of the encrypted data received as an asynchronous packet and the encryption key of the encrypted data sent from the ODD / EVEN flag have been updated, and decryption is performed. A signal for switching the descrambling key registered in the means 61 is notified. Similarly, the EMI detection determination means 63 notifies the key management means 64 that the encryption key has been updated. The key management means 64 reads out various relevant keys and related data from the hard disk access means 53 in the following order, deletes the used decryption key from the decryption means 61, and registers it at the same position of the decryption means 61. . The descrambling means 61 uses E
By the notification of the key switching signal from the MI detection determination means 63, the encrypted data transmitted from the digital interface 51 is decrypted and updated to the stream forming means 62 while updating the decryption key regularly or irregularly. Send the decrypted packet data. Streaming means 62
Stream the transmitted packet data and pass it as AV data to be recorded in the hard disk access means 53. The above operation is repeated until the reception of encrypted data is completed.

In the above description, the case where the content to be moved is encrypted and recorded by the encryption recording device 23 and then transmitted as encrypted data has been described. Next, a case in which the content to be moved is encrypted and recorded by the encryption recording device 23 and is transmitted as encrypted data will be described. The key management means 64 is an EMI detection determination means 63.
After registering the deciphering key in the descrambling means 61 according to the speed of notification of updating of the cipher key from, various keys and related data may or may not be passed to the hard disk access means 53. Further, the command control unit 66 does not have to exchange a command regarding the completion of encrypted recording of all AV data.

Next, the embodiment (2) of the recording apparatus according to the present invention will be described. 7 to 8 show an embodiment (2) of a recording device (encryption recording device 23) according to the present invention. Note that the same description as that of the embodiment (1) will be omitted by giving the same reference numerals. The embodiment (2) of the recording device according to the present invention is realized by a hard disk device as a recording medium, using the recording device (encryption recording device 23) as an example.

FIG. 7 is a block diagram showing the configuration of the recording device (encryption recording device 23) according to the present invention. The encrypted recording device 23 is the same as the recording device of FIG. 5 except that the encrypted packet control means 72 is different. The encrypted packet control means 72 includes means for controlling a stream recorded as AV data, means for encrypting AV data and transmitting encrypted data, and means for performing an authentication process necessary for transmitting and receiving commands.

FIG. 8 is a block diagram showing the encrypted packet control means 72 in the encrypted recording device 23. The packet control means 72 comprises a data switching means 81, an encryption and EMI addition means 82, a packetization means 83, a recording data conversion means 84, a device authentication and key generation means 85, a command control means 86 and a recording position management means 87. To be done.

The data switching means 81 (transmitting means)
This is a unit for switching the isochronous packet transferred to the digital interface 51 to the encrypted data encrypted by the encryption and EMI adding unit 82, the encrypted data from the packetizing unit 83 recorded on the hard disk, or not selected. The encryption and EMI adding unit 82 encrypts the AV data from the packetizing unit 83 with the encryption key, and in the EMI information in the isochronous packet header of the encrypted data that has been encrypted, the value of the EMI information is Copy Never or No Mor.
This is means for adding e-copy, adding information about the encryption key to be used to ODD / EVEN, and transferring it to the data switching means 81 and the recording data converting means 84. The packetizing means 83 is means for packetizing the AV stream transferred from the hard disk access means 53 through the recording position management means 87. Recording data conversion means 84
Encrypts the encrypted data from the EMI adding means 82 and converts it into the data necessary for recording, and the recording position managing means 87
Is a means for transferring encrypted data to. The device authentication and key generation means 85 is a means for performing device authentication and generating an encryption key from an authentication key required for authentication, an exchange key exchanged with a counterpart device, and a seed key acquired from the counterpart. The command control means 86 (reception means) is means for controlling the hard disk access means 53 according to the exchange of commands with the partner device and the contents of the commands. The recording position management means 87 manages the recording position of the stream read as AV data to be passed to the packetizing means 83,
It is means for transferring the encrypted data obtained from the data converting means 84 to the hard disk access means 53 so that the encrypted data can be written in the recording device.

Next, the operation of the encryption recording device 23 having the above configuration will be described. First, when moving the AV data for which copyright is claimed, after all the content to be moved is encrypted and recorded by the encryption recording device 23,
The case of transmitting as encrypted data will be described.

A using the command control means 86
Commands for moving V data are exchanged, and at the same time, an authentication key is generated from the device authentication and key generation means 85. Further, the command control means 86 receives the seed key, which is regularly or irregularly updated, as an asynchronous packet from the digital interface 51 and passes it to the device authentication and key generation means 85. The same applies to the exchange key. The device authentication / key generation means 85 generates an encryption key from the received seed key and exchange key, and passes the encryption key and seed key to the encryption / EMI addition means 82. Packetizing means 83
Reads the AV stream data from the hard disk access means 53 through the recording position management means 87, packetizes it, and passes it to the encryption and EMI addition means 82.
The encryption and EMI adding unit 82 can register a key and stores which of the registered encryption keys is currently used for encryption as a flag related to the encryption key of the seed key forming a pair. Also, encryption and EMI addition means 8
An encryption key 2 is passed from the device authentication and key generation means 85 regularly or irregularly, and the seed key has whether the encryption key is the same type as the encryption key currently used. After judging from the flag related to the encryption key, the encryption key registered next to the encryption key currently used is used for encryption, the encryption key used up to now is discarded, and the encryption key passed at the end is passed. Register the encrypted key. The encryption / EMI addition unit 82 encrypts the AV data using the encryption key acquired from the authentication / key generation unit 85, and sets the value of the EMI information to CopyNever or No as the EMI information of the isochronous packet header in the encrypted data.
More Copy is added, a flag related to the encryption key is added to ODD / EVEN, and the data switching means 8
1 and the data conversion means. At this time, the data switching unit 81 does not transfer the encrypted data to the digital interface 51. The data conversion unit 84 converts the encrypted data from the encryption and EMI addition unit 82 into data for recording on the hard disk, and transfers the data to the recording position management unit 87. The recording position managing means 87 manages the recording position on the hard disk of the stream read as AV data to be passed to the packetizing means 83, and the encrypted data obtained by the recording data converting means 84 can be written at the recording position. It is a means for transferring to the hard disk access means 53. The above operation is repeated until the encrypted recording of AV data is completed.

Next, the command control means 86 exchanges a command regarding the completion of encrypted recording of all AV data, exchanges a command regarding the transmission of encrypted data, and then reads out the encrypted data to the hard disk access means 53. Notice. Packetizing means 83
Converts the encrypted data transferred from the hard disk access means 53 into a packet by conforming to the digital bus. The data switching means 81 selects the encrypted data from the packetizing means 83 and sends it to the digital interface 51 as an isochronous packet. The above operation is repeated until the transmission of encrypted data is completed.

Here, the recording position management means 87 may perform a process of overwriting the encrypted data at the same position as the read AV data. At this time, in the area where the encrypted data is not written, of the AV data from which the encrypted data to be recorded is read, a process such that the data cannot be read as the AV data, for example, a process of erasing the data is performed. If the encrypted data becomes larger than the read AV data, the remaining encrypted data is recorded in a new free area.

Further, the recording position management means 87 may erase the read AV data and then write the encrypted data at the same position. At this time, if the encrypted data becomes larger than the read AV data, the remaining encrypted data is recorded in a new free area.

Further, the recording position management means 87 may perform a process of overwriting the recording position information of the read AV data on the hard disk with the recording position information of the encrypted data. At this time, if the number of pieces of recording position information of the encrypted data to be recorded is smaller than the number of pieces of recording position information of the read AV data, the recording position information of the read AV data is updated. If the number of pieces of recording position information of the encrypted data exceeds the number of pieces of recording position information of the read AV data, the remaining pieces of recording position information of the encrypted data are recorded in the empty recording position information area.

Further, the recording position managing means 87 may erase the recording position information of the read AV data and then write the recording position information of the encrypted data. At this time, the number of the recording position information of the encrypted data is read A
When the number is larger than the number of recording position information of V data, the recording position information of the remaining encrypted data is recorded in the vacant recording position information area.

Next, a case will be described in which the content to be moved is encrypted and recorded by the encryption recording device 23 and is transmitted as encrypted data. Data switching means 81
When the encryption / EMI adding means 82 is transferring the encrypted data to the recording data converting means 84, the encrypted data may be transmitted to the digital interface 51 as an isochronous packet. Further, the command control means 86 does not have to exchange a command regarding the completion of encrypted recording of all AV data.

Although the key generation recording device 22 and the encryption recording device 23 are described as separate devices, they may be devices having both functions.

Furthermore, if the data movement does not require real-time transfer, an asynchronous transfer method may be used instead of the isochronous transfer described in the embodiment of the present invention.

Further, the digital interface means 51 of the embodiment of the present invention is an example of the output means of the present invention, and may be an IEEE 1394 interface or an interface of other standard.

Further, although the hard disk device is used as the encryption recording device in this embodiment, a recording device such as a VCR, an optical disk device, a DVD-RAM or the like may be used if it is rewritable or erasable and additionally recordable.

Further, in the recording apparatus of the present invention, Copy
Never, Copy OneGeneration
The security can be improved by using different encryption keys / decryption keys for n and No More Copy.

Further, in the recording apparatus of the present invention, Copy
Never, Copy OneGeneration
Different authentication methods may be used for each of the n and No More Copy authentication methods. The safety can be further enhanced.

Further, the function of each component of the recording apparatus of the present invention may be realized by dedicated hardware, or may be realized by software by a computer program.

Further, a program recording medium storing a program for causing a computer to execute all or some of the functions of each component of the recording apparatus of the present invention belongs to the present invention.

[0081]

As described above, according to the present invention, in the case where a plurality of devices are connected to the same bus, content data for which copyright is claimed is recorded from one recording medium to another recording medium. When you want to move to a medium, you can move without changing the copyright claim information written inside the content data, and even when data is exchanged between each device, a specific recording from a certain recording device There is an effect that the content data can be moved to the device as claimed by the copyright.

[Brief description of drawings]

FIG. 1 is a block diagram showing a conventional device connected to a serial bus.

FIG. 2 is a block diagram showing a recording apparatus of the present invention connected to a serial bus.

FIG. 3 is an explanatory diagram of a device authentication method and delivery of each key in a conventional AV data transceiver.

FIG. 4 is an explanatory diagram of a device authentication method and delivery of each key in the AV data transceiver of the present invention.

FIG. 5 is a block diagram showing an embodiment (1) of a recording apparatus according to the present invention.

FIG. 6 is a block diagram showing the packet control means of FIG.

FIG. 7 is a block diagram showing an embodiment (2) of a recording apparatus according to the present invention.

8 is a block diagram showing the encrypted packet control means of FIG. 7. FIG.

[Explanation of symbols]

11 digital bus 12 STB 13 Digital TV monitor A 14 Recording device 15 Recording device built-in STB 16 Digital TV monitor B 21 STB with built-in encryption recording device 22 Key generation recording device 23 Encrypted recording device 51 digital interface 52 Packet control means 53 Hard Disk Access Means 54 Hard disk control means 55 disk media 56 disk head 57 Disk head control means 58 disk medium control means 61 Decryption means 62 Streaming means 63 EMI detection determination means 64 Key management means 65 Device authentication and key generation means 66 Command control means 72 Encrypted packet control means 81 Data switching means 82 Encryption and EMI addition means 83 Packetization means 84 Recorded data conversion means 85 Device authentication and key generation means 86 Command control means 87 recording position management means

Claims (12)

[Claims] 1. A copyright connected to the same bus as an encryption key for encrypting data and a key generation means for generating an encryption key for decrypting the encrypted data encrypted by this encryption key. Transmitting means for transmitting the encryption key to the other recording device in which the claimed data is recorded, and the data for which copyright is claimed by the other recording device is encrypted by the transmitted encryption key, and the other recording A receiving means for receiving the encrypted data transmitted by the apparatus, a decrypting means for decrypting the received encrypted data with a decryption key, and a recording means for recording the decrypted data A recording device characterized by. 2. A reception in which an encryption key for encrypting copyright-claimed data is generated by another recording device connected to the same bus, and the encryption key transmitted by another recording device is received. Means, an encryption means for encrypting the recorded copyright-claimed data with the encryption key that has been received, and the encrypted encrypted data at the recording position where the copyright-claimed data was recorded. A recording device comprising: a recording device for recording and a transmitting device for transmitting encrypted encrypted data to another recording device in which an encryption key is generated. 3. The deciphering key is generated from the exchange key and seed key generated by the key generating means.
The recording device according to 1. 4. The encryption key is generated from an exchange key and a seed key received from another recording device.
The recording device according to 1. 5. The recording apparatus according to claim 1, wherein the encryption key and the decryption key are generated after device authentication. 6. The encrypted exchange key received from another recording device is encrypted by an authentication key generated by device authentication in the other recording device, and the exchange key is transmitted from the other recording device. The recording device according to claim 4, wherein the recording device receives a key, and decrypts the encrypted exchange key with an authentication key generated by device authentication to generate the encrypted exchange key. 7. The recording apparatus according to claim 1, wherein the encryption key or the seed key can be updated. 8. The recording means overwrites the recording position information of recorded copyright claimed data with the recording position information of encrypted data.
The recording apparatus according to any one of 6 and 7. 9. The recording means erases the recording position information of the recorded copyright claimed data and writes the recording position information of the encrypted data at the erased recording position. Any one of 4, 5, 6 or 7
The recording device according to the item. 10. The transmitting means adds EMI information to the encrypted data, as claimed in any one of claims 2, 4, 5, and 6.
The recording apparatus according to any one of 7, 8 and 9. 11. The recording apparatus according to claim 1, wherein the bus is an IEEE 1394 bus. 12. A program recording medium, which stores a program for causing a computer to execute all or part of the functions of each component of the recording device.