JP2003101524A - Data reproducing device and data recording device - Google Patents

Data reproducing device and data recording device

Info

Publication number
JP2003101524A
JP2003101524A JP2001288998A JP2001288998A JP2003101524A JP 2003101524 A JP2003101524 A JP 2003101524A JP 2001288998 A JP2001288998 A JP 2001288998A JP 2001288998 A JP2001288998 A JP 2001288998A JP 2003101524 A JP2003101524 A JP 2003101524A
Authority
JP
Japan
Prior art keywords
data
key
license
encrypted
processing unit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
JP2001288998A
Other languages
Japanese (ja)
Other versions
JP3631186B2 (en
Inventor
Yoshihiro Hori
吉宏 堀
Original Assignee
Sanyo Electric Co Ltd
三洋電機株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sanyo Electric Co Ltd, 三洋電機株式会社 filed Critical Sanyo Electric Co Ltd
Priority to JP2001288998A priority Critical patent/JP3631186B2/en
Publication of JP2003101524A publication Critical patent/JP2003101524A/en
Application granted granted Critical
Publication of JP3631186B2 publication Critical patent/JP3631186B2/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Abstract

(57) [Problem] To provide a data reproducing apparatus capable of protecting content data distributed via a digital communication network. SOLUTION: A mobile phone 100 has a content reproduction circuit 155 for decrypting and reproducing encrypted content data.
0 is provided. The content reproduction circuit 1550 has a KPpc holding unit 1507 that holds its own individual public encryption key KPpc2, and a Kpc holding unit 1512 that holds an individual secret decryption key Kpc2 that decrypts data encrypted with the individual public encryption key KPpc2. And a session key generation unit 1508 that generates a session key Ks3 for specifying communication with the memory card 110. Controller 11
06 receives the license key which is sequentially encrypted by the individual public encryption key KPpc2 and the session key Ks3 at the time of reproduction and gives it to the content reproduction circuit 1550.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a data recording device for recording encrypted content data obtained by using a data distribution system capable of copyright protection for copied information, and to a data recording device. The present invention relates to a data reproducing device for reproducing encrypted content data.

[0002]

2. Description of the Related Art In recent years, with the advancement of digital information communication networks such as the Internet, it has become possible for each user to easily access network information using personal terminals such as mobile phones.

In such a digital information communication network, information is transmitted by digital signals. Therefore, for example, even when each individual user copies music or video data transmitted in the digital information communication network as described above, the data can be copied with almost no deterioration in sound quality or image quality due to such copying. It is possible to do.

Therefore, when content data such as music data, image data, etc. in which the copyright of the author exists is transmitted on such a digital information communication network, no appropriate measures are taken to protect the copyright. Then, there is a possibility that the rights of the copyright holder will be seriously infringed.

On the other hand, giving the highest priority to the purpose of copyright protection,
If it is not possible to distribute content data via the rapidly expanding digital information communication network, basically, even for a copyright holder who can collect a certain copyright fee when copying content data, On the contrary, it becomes a disadvantage.

Considering a recording medium recording digital data as an example, instead of the distribution through the digital information communication network as described above, a CD (compact disc) on which music data which is usually sold is recorded. With regard to (4), in principle, music data can be freely copied from a CD to a magneto-optical disk (MD, etc.) as long as the copied music is not used for personal use. However, an individual user who performs digital recording or the like indirectly pays a certain amount of the price of the digital recording device itself or a medium such as an MD as a deposit to the copyright holder.

In addition, when music data, which is a digital signal, is copied from a CD to an MD, the music information is transferred from the recordable MD to another MD in view of the fact that the information is digital data with almost no copy deterioration. Due to copyright protection, copying as digital data is not possible due to the configuration of the device.

Under these circumstances, the distribution of music data and image data to the public through the digital information communication network is an act itself restricted by the public transmission right of the copyright holder. Sufficient measures need to be taken.

[0009]

However, even if a measure is taken to protect the copyright against the act of distributing content data such as music data, the content data once received is further arbitrarily copied. The problem arises.

Therefore, the present invention has been made to solve such a problem, and an object thereof is to provide a data reproducing apparatus capable of protecting content data distributed via a digital communication network. That is.

Another object of the present invention is to provide a data recording device capable of protecting content data distributed via a digital communication network.

[0012]

According to the present invention, a data reproducing apparatus includes an encrypted content data and a license for decrypting and reproducing the encrypted content data from a data recording apparatus. Which is a data reproducing apparatus for reproducing encrypted content data by acquiring an interface, an interface for controlling data exchange with a data recording apparatus, an operation unit for inputting an instruction, and a license for encrypted content data. A content reproduction circuit that decrypts the content data by decrypting it with the license key included in, a public key holding unit that holds an individual public encryption key set for each content reproduction circuit, and data encrypted by the individual public encryption key. Private key holding unit that holds the individual private decryption key for decrypting A first decoding unit for decoding the data encrypted by the public encryption key with an individual private decryption key,
The control unit includes a session key generation unit that generates a session key for specifying communication with the data recording device, a second decryption processing unit that decrypts data encrypted with the session key, and a control unit. , In response to the reproduction request of the encrypted content data input through the operation unit, the encryption license sequentially encrypted by the individual public encryption key and the session key is received through the interface, and the received encryption license is received. To the second decryption processing unit, the second decryption processing unit provides the data decrypted with the session key to the first decryption processing unit, and the first decryption processing unit decrypts with the individual secret decryption key. The license key included in the license is given to the content reproduction circuit.

Preferably, the encrypted license is composed of encrypted data in which reproduction control information for restricting reproduction in the content reproduction circuit and a license key are sequentially encrypted with an individual public encryption key and a session key.
When reproduction of the encrypted content data in the content reproduction circuit is permitted by the reproduction control information decrypted in the first decryption processing unit, the encrypted content data is acquired from the data recording device via the interface to obtain the content reproduction circuit. Give to.

More preferably, the data reproducing device further comprises an encryption processing unit for encrypting the data with the session key, and the control unit receives another session key generated in the data recording device via the interface, The received another session key is given to the encryption processing unit, and the session key encrypted by the other session key in the encryption processing unit and the individual public encryption key are transmitted to the data recording device via the interface, and the encryption is performed. The processing unit encrypts the individual public encryption key from the public key holding unit and the session key from the session key generating unit with another session key, and outputs the encrypted public encryption key to the control unit.

More preferably, the data reproducing device is encrypted by a class public encryption key included in the authentication data and an authentication data holding unit for holding the authentication data for the data recording device and unique to the content reproducing circuit. A class secret decryption key holding unit that holds a class secret decryption key for decrypting data, and a third secret decryption key that decrypts data encrypted by the class public decryption key
And a decryption processing unit, and the control unit transmits the authentication data to the data recording device via the interface,
When the authentication data is authenticated in the data recording device, the other session key encrypted by the class public encryption key is received from the data recording device via the interface, and the received another session key is received. To the third decryption processing unit, and the third decryption processing unit decrypts the other session key encrypted by the class public encryption key with the class private decryption key and performs the encryption process on the other session key. Give to the department.

More preferably, the content reproduction circuit is
It includes a fourth decryption processing unit that decrypts the encrypted content data with the license key, and a reproduction unit that reproduces the content data decrypted by the fourth decryption processing unit.

Further, according to the present invention, the data recording device is a data recording device for recording a license for decrypting and reproducing encrypted content data, and a data reproducing device for reproducing the encrypted content data. An interface for controlling data exchange with a storage unit, a storage unit for storing encrypted content data and the license, a session key generation unit for generating a session key for specifying communication with the data reproduction device, and each data reproduction device A first encryption processing unit that encrypts data with the individual public encryption key set in step 1, a second encryption processing unit that encrypts data with the session key, and a control unit, and the control unit includes an interface. In response to a license output request input via the license, the license is output based on the access control information included in the license. It is determined whether or not the license key included in the license can be output to the data reproducing apparatus. When the license key can be output, the license is read from the storage unit and given to the first encryption processing unit. The encrypted license sequentially encrypted with the generated first session key is transmitted to the data reproducing device via the interface, and the first encryption processing unit encrypts the license with the individual public encryption key to generate the second license. And the second encryption processing unit further encrypts the license encrypted by the individual public encryption key with the first session key and provides the license to the control unit.

Preferably, the encrypted license is encrypted data in which the reproduction control information for restricting the reproduction of the encrypted content data in the data reproducing device and the license key are sequentially encrypted by the individual public encryption key and the first session key. Consists of.

More preferably, the data recording device further comprises a decryption processing unit for decrypting the data with the second session key generated by the session key generation unit, and the control unit is encrypted with the second session key. The first session key and the individual public encryption key are received from the data reproducing device through the interface, and the received first session key and the individual public encryption key are given to the decryption processing unit, and the decryption processing unit , The encrypted first session key and individual public encryption key are decrypted by the second session key, the decrypted individual public encryption key is given to the first encryption processing unit, and the decrypted first session key is It is given to the second encryption processing unit.

More preferably, the data recording device further comprises another decryption processing unit for decrypting the data with the public authentication key, and a third encryption for encrypting the data with the class public encryption key unique to the type of the data reproducing device. The control unit further includes a processing unit, and the control unit receives authentication data, which is obtained by encrypting a class public encryption key and a class certificate unique to the type of the data reproduction device, with the public authentication key from the data reproduction device via the interface. Another one of the received authentication data
It is given to one decryption processing unit, and in the other decryption processing unit, it is determined whether or not the data reproduction device is authentic based on the class public encryption key and the class certificate decrypted by the public authentication key. Control the session key generation unit to generate the second session key at a certain time,
The second session key encrypted by the class public encryption key in the third encryption processing unit is transmitted to the data reproducing device via the interface, and the other decryption processing unit is
The authentication data is decrypted with the public authentication key, the decrypted class public encryption key is given to the third encryption processing unit, the decrypted class certificate is given to the control unit, and the third encryption processing unit receives the class public encryption key. The second session key is encrypted by and is given to the control unit.

More preferably, the control unit receives the class public encryption key in the other decryption processing unit, and
When it is confirmed that the class public encryption key is not leaked based on the class certificate, the data reproducing device is determined to be legitimate.

More preferably, the control section stores the encrypted content data in the storage section together with the license and reproduces the encrypted content data based on another reproduction control information for controlling the output of the license from the storage section. When the output of the license is permitted, the license is read from the storage unit and the encrypted license is transmitted to the data reproducing device via the interface.

More preferably, the storage unit includes a first storage unit for storing the encrypted content data and a second storage unit for storing the license, and the second storage unit has a high confidentiality resistance. It is composed of a tamper structure.

[0024]

BEST MODE FOR CARRYING OUT THE INVENTION Embodiments of the present invention will be described in detail with reference to the drawings. In the drawings, the same or corresponding parts will be denoted by the same reference characters and description thereof will not be repeated.

[First Embodiment] FIG. 1 is a conceptual diagram for explaining the overall configuration of a data distribution system according to a first embodiment in which a data recording device (memory card) according to the present invention acquires encrypted content data. It is a schematic diagram.

In the following, a configuration of a data distribution system for distributing digital music data to a memory card 110 mounted on a user's mobile phone 100 via a mobile phone network will be described as an example, which will be apparent from the following description. As described above, the present invention is not limited to such a case, and can be applied to the case of distributing content data as another copyrighted work, such as image data and moving image data. .

Referring to FIG. 1, distribution carrier 20 relays a distribution request (distribution request) from the user, which is obtained through its mobile phone network, to distribution server 10. The distribution server 10 that manages copyrighted music data is
Authentication processing is performed to determine whether or not the memory card 110 attached to the mobile phone 100 of the mobile phone user who has accessed for data distribution has valid authentication data, that is, whether or not the memory card 110 is a normal memory card. After encrypting music data (hereinafter also referred to as content data) to a valid memory card by a predetermined encryption method, the mobile phone company, which is a distribution carrier 20 for distributing the data, encrypts the music with such a code. A license including a license key for decrypting the encrypted content data is provided as information necessary for reproducing the encrypted content data and the encrypted content data.

The distribution carrier 20 sends encrypted content data and a license via the mobile phone network and the mobile phone 100 to the memory card 110 mounted on the mobile phone 100 that has transmitted the distribution request through its own mobile phone network. To deliver.

In FIG. 1, for example, a removable memory card 11 is attached to a mobile phone 100 of a mobile phone user.
0 is attached. Memory card 110
Receives the encrypted content data received by the mobile phone 100, decrypts the encryption performed in the distribution, and gives the decrypted encryption to a content reproduction circuit (not shown) in the mobile phone 100.

Further, for example, a mobile phone user can “play” and listen to such content data via the headphones 130 connected to the mobile phone 100.

With such a structure, first, unless the memory card 110 is used, it becomes difficult to receive the content data from the distribution server 10 and reproduce the music.

Moreover, in the distribution carrier 20, for example, by counting the number of times each time the content data for one song is distributed, a copyright fee is generated each time the mobile phone user receives (downloads) the content data. If the distribution carrier 20 collects the fee together with the call charge of the mobile phone, the copyright holder can easily secure the copyright fee.

In the configuration as shown in FIG. 1, in order for the user side of the portable telephone to be able to reproduce the content data that is encrypted and distributed, the system firstly requires communication. Is a method for distributing the encryption key, and second is the method itself for encrypting the content data to be distributed. Third, it is possible to prevent unauthorized copying of the license thus distributed. This is a configuration that realizes license protection for the purpose.

In the embodiment of the present invention, in particular, at the time of occurrence of each session of distribution and reproduction, the function of authenticating and checking the moving destination of these content data is enhanced so that the non-authentication or the decryption key is broken. The content data is protected by preventing the content data from being output to a recording device and a content reproduction circuit (a circuit for decrypting and reproducing the encrypted content data built in the mobile phone 100 in FIG. 1). A configuration for strengthening the right protection will be described.

In the following description, the process of transmitting content data from the distribution server 10 to each mobile phone will be referred to as "distribution".

FIG. 2 is a diagram for explaining characteristics of data, information, etc. used in the data distribution system shown in FIG.

First, the data distributed by the distribution server 10 will be described. Dc is content data such as music data. The content data Dc is encrypted so that it can be decrypted with the license key Kc. License key K
The encrypted content data {Dc} Kc that has been encrypted by c can be distributed from the distribution server 10 to the user in this format.

In the following, the notation {Y} X indicates that the data Y has been encrypted so that it can be decrypted with the decryption key X.

Further, the additional information Dc-inf as the plaintext information such as the copyright of the content data or the access to the server is the encrypted content data {D.
c} Kc is distributed. The license is a management code for specifying distribution of the license key Kc, the license key, and the like, and is a code for identifying the transaction ID and the content data Dc, which are management codes for specifying the license. There are content IDs, access control information ACm that is information regarding restrictions on license access in the recording device (memory card), and reproduction control information ACp that is control information regarding reproduction in the content reproduction circuit. Specifically, the access control information ACm is control information for outputting the license or license key from the memory card to the outside, and includes the number of reproducible times (the number of license keys output for reproduction) and the transfer of the license.・
Restriction information about duplication and security level of license are included. The reproduction control information ACp is information that restricts the reproduction after the content reproduction circuit receives the license key for reproducing the encrypted content data, such as reproduction time limit, reproduction speed change restriction, reproduction range designation (partial license), and the like. There is.

Hereinafter, the transaction ID and the content ID are collectively referred to as a license ID, and the license key Kc, the license ID, the access control information ACm, and the reproduction control information ACp are collectively referred to as a license.

Further, hereinafter, for simplification, the access control information ACm is control information for limiting the number of times of reproduction.
255: no restriction), and a transfer / copy flag that restricts license transfer and copy (0: move copy prohibited, 1: move only, 2: move copy possible), and the reproduction control information ACp is reproducible. Only the reproduction time limit (UTCtime code) which is the control information defining the time limit is limited.

In the embodiment of the present invention, the certificate is revoked so that distribution and reproduction of the content data can be prohibited for each class of the recording device (memory card) and the content reproduction circuit for reproducing the content data. List CRL (Certificate Revoc)
operation list). In the following, the data in the certificate revocation list may be represented by the symbol CRL as necessary.

The certificate revocation list related information includes the certificate revocation list data CRL that lists the classes of the content reproduction circuit and the memory card for which distribution and reproduction of the license are prohibited. All devices that manage, store, and reproduce licenses related to content data protection are subject to list.

The certificate revocation list data CRL is managed in the distribution server 10 and also recorded and held in the memory card. Such a certificate revocation list needs to be upgraded from time to time to update the data, but when the data is changed, the distribution server 10 basically sends the encrypted content data and / or the license key or the like. When distributing the license, the update date and time of the certificate revocation list held in the memory card 110 received from the mobile phone is determined, and the certificate revocation list CR to be held
When it is determined that the latest certificate revocation list has not been updated as compared with the update date and time of L, the latest certificate revocation list is displayed on the mobile phone 10.
Deliver to 0. In addition, regarding the change of the certificate revocation list, a CRL, which is difference data reflecting only the change, is generated from the distribution server 10 side, and is added to the certificate revocation list CRL in the memory card 110 accordingly. It is also possible to It is also assumed that the update date and time CRLdate of the certificate revocation list is recorded at the time of update so that the old and new certificate revocation list CRL managed in the memo card 110 can be determined.

In this way, the certificate revocation list CRL is
By storing and operating not only the distribution server but also the recording device (memory card) that records and manages licenses, when playing back, moving or copying licenses, etc.
Class-specific, that is, the license key or license is supplied to the content reproduction circuit (mobile phone) or recording device (memory card) whose decryption key unique to the type of content reproduction circuit (mobile phone) or recording device (memory card) has leaked. Is prohibited. Therefore, the content reproduction circuit cannot reproduce the content data, and the recording device cannot acquire the license.

As described above, the certificate revocation list CRL in the recording device is constructed so that the data is sequentially updated at the time of distribution.
In addition, the management of the certificate revocation list CRL in the recording device is independent of the upper level, and in the recording device, a high level tamper resistant module (Tamper Resistant Module) that guarantees confidentiality in terms of hardware.
This is done by recording in. As a result, the copyright protection regarding the data can be further strengthened.

FIG. 3 is a diagram for explaining the characteristics of data, information, etc. for encryption processing used in the data distribution system shown in FIG.

The content reproduction circuit and the memory card are provided with unique public encryption keys KPpy and KPmw, respectively. The public encryption key KPpy can be decrypted by the private decryption key Kpy unique to the content reproduction circuit.
The public encryption key KPmw can be decrypted by the secret decryption key Kmw unique to the memory card. The public encryption key and the secret decryption key have different values depending on the content reproduction circuit and the type of memory card. These public encryption keys and secret decryption keys are collectively referred to as class keys, these public encryption keys are referred to as class public encryption keys, secret decryption keys are referred to as class secret decryption keys, and units shared by class keys are referred to as classes. Classes vary depending on the manufacturer, the type of product, the lot at the time of manufacturing, and so on.

Also, Cpy is provided as a class certificate of the content reproduction circuit, and Cmw is provided as a class certificate of the memory card. These class certificates are
It has different information for each class of the content reproduction circuit and the recording device. If the tamper resistant module is broken,
Classes for which the encryption by the class key is broken, that is, the secret decryption key is leaked, are listed in the certificate revocation list CRL and are subject to license acquisition prohibition.

The class public encryption key and class certificate of the content reproduction circuit are the authentication data {KPpy // Cp
y} KPa is recorded in the content reproduction circuit at the time of shipment. The class public encryption key and class certificate of the memory card are recorded in the recording device at the time of shipment in the form of authentication data {KPmw // Cmw} KPa. As will be described in detail later, KPa is a public authentication key common to the entire distribution system.

In the recording device, the public encryption key KPmcx and the public encryption key KPmcx set for each recording device are set.
There is a secret decryption key Kmcx unique to the memory card capable of decrypting the data encrypted by. further,
A public encryption key KPpcz set for each content reproduction circuit as a key for managing data processing in the content reproduction circuit, and a content reproduction circuit capable of decrypting data encrypted with the public encryption key KPpcz. There is a unique secret decryption key Kpcz.

The individual public encryption key and secret decryption key for each memory card or content reproduction circuit are collectively referred to as an individual key. The public encryption key KPmcx is the individual public encryption key and the secret decryption key Kmcx is the individual secret decryption key. To call.

The distribution server 1 is used every time content data is distributed and reproduced as an encryption key for maintaining confidentiality in data exchange between the recording device and the recording device.
0, the content reproduction circuit, and the common keys Ks1 to Ks3 generated in the recording device are used.

Here, the common keys Ks1 to Ks3 are "sessions" which are communication units or access units between the distribution server 10, the content reproduction circuit or the recording device.
Each of these common keys Ks1 to Ks3 is also called a "session key" in the following.

These session keys Ks1 to Ks3
By having a unique value for each session,
It is managed by the distribution server 10, the content reproduction circuit, and the recording device. Specifically, the session key Ks
1 is generated by the distribution server 10 for each distribution session. The session key Ks2 is generated by the recording device for each distribution session and reproduction session,
The session key Ks3 is generated in the content reproduction circuit for each reproduction session. In each session, these session keys are exchanged, the session key generated by another device is received, encryption is performed using this session key, and then the license key etc. is transmitted, so that the security level in the session is increased. Can be improved.

FIG. 4 is a schematic block diagram showing the configuration of distribution server 10 shown in FIG. The distribution server 10 has an information database 304 for holding distribution information such as data obtained by encrypting content data according to a predetermined method and a content ID, and charging according to the start of access to the content data for each user of the mobile phone. A billing database 302 for holding information, a CRL database 306 for managing a certificate revocation list CRL, a menu database 307 for holding a menu of content data held in the information database 304, and content data for each license distribution. And a distribution record database 308 that holds a log relating to distribution of transaction IDs that specify distribution of license keys and the like,
Information database 304, billing database 302, C
RL database 306, menu database 30
7 and data from the distribution record database 308 via the bus BS1 to perform a predetermined process, and between the distribution carrier 20 and the data processing unit 310 via the communication network. And a communication device 350 for giving and receiving.

The data processing unit 310 is controlled by the distribution control unit 315 for controlling the operation of the data processing unit 310 and the distribution control unit 315 according to the data on the bus BS1, and the session key Ks1 is used during the distribution session. And the authentication data {KP for authentication sent from the memory card 110.
Public authentication key K for decrypting mw // Cmw} KPa
The authentication key holding unit 313 holding Pa and the memory card 1
Authentication data sent from 10 for authentication {KPm
w // Cmw} KPa to communication device 350 and bus BS
Decryption processing unit 312 which receives via 1 and performs a decryption process using the public authentication key KPa from the authentication key holding unit 313.
And the session key Ks1 generated by the session key generation unit 316 is encrypted using the class public encryption key KPmw obtained by the decryption processing unit 312, and the bus BS
1 and the decryption processing unit 3 for receiving the data encrypted by the session key Ks1 and transmitted from the bus BS1 and performing the decryption process.
20 and.

The data processing unit 310 further uses the license key Kc and the access control information ACm provided from the distribution control unit 315, and the individual public encryption key KPmc for each memory card 110 obtained by the decryption processing unit 320.
An encryption processing unit 326 for encrypting with x, and an encryption processing unit 328 for further encrypting the output of the encryption processing unit 326 with the session key Ks2 provided from the decryption processing unit 320 and outputting to the bus BS1. .

The operation of the distribution server 10 in the distribution session will be described later in detail using a flowchart.

FIG. 5 is a schematic block diagram for explaining the configuration of mobile phone 100 shown in FIG.

The mobile phone 100 has an antenna 1102 for receiving a signal wirelessly transmitted by the mobile phone network.
And a transmission / reception unit 1 for receiving a signal from the antenna 1102 and converting it into a baseband signal, or modulating data from the mobile phone 100 and giving the modulated data to the antenna 1102.
And 104.

The mobile phone 100 further has a bus BS2 for exchanging data with each unit of the mobile phone 100.
A controller 1106 for controlling the operation of the mobile phone 100 via the bus BS2, and a key operation unit 1108 for giving an external instruction to the mobile phone 100.
And a display 1110 for giving information output from the controller 1106 or the like to the user as visual information.
Including and

The mobile phone 100 further stores content data (music data) from the distribution server 10,
Further, it includes a removable memory card 110 for performing a decoding process, and a memory card interface 1200 for controlling data transfer between the memory card 110 and the bus BS2.

The mobile phone 100 further decodes the audio data received from another mobile phone and reproduces the audio data, and the audio signal from the audio reproduction unit 1112 is converted from a digital signal to an analog signal. DA
It includes a converter 1113 and a speaker 1114 for outputting the audio data from the DA converter 1113 to the outside.

The mobile phone 100 further includes a microphone 1 for inputting voice data of the user of the mobile phone 100.
115 and an AD converter 1116 for converting voice data from the microphone 1115 from an analog signal to a digital signal
And a voice encoding unit 1117 that encodes the voice signal from the AD converter 1116 in a predetermined system.

The mobile phone 100 further decrypts the class public encryption key KPp1 and the class certificate Cp1 with the public authentication key KPa to encrypt the authentication data {KPp1 // Cp1} KPa. An authentication data holding unit 1500 that holds Here, it is assumed that the class y of the mobile phone 100 is y = 1.

The mobile phone 100 further has a Kp holding unit 1502 which holds a decryption key Kp1 unique to the class.
And a decryption processing unit 1504 for decrypting the data received from the bus BS2 with the decryption key Kp1 to obtain the session key Ks2 generated by the memory card 110.

The mobile phone 100 further has a session key Ks3 for encrypting data on the bus BS2 exchanged with the memory card 110 in a reproduction session for reproducing the content data stored in the memory card 110. And a session key Ks3 generated by the session key generation unit 1508 when receiving the license key Kc and the reproduction control information ACp from the memory card 110 in the reproduction session of the encrypted content data. And the individual public encryption key KPpc2 from the KPpc holding unit 1507 are encrypted by the session key Ks2 obtained by the decryption processing unit 1504, and the bus BS2
And a cryptographic processing unit 1506 for outputting to.

The mobile phone 100 further holds a KPpc holding unit 1507 which holds a public encryption key KPpc2 different for each mobile phone 100 (contents reproducing circuit 1550).
including. In the mobile phone 100 (content reproducing circuit 1550), the natural number z is z = 2.

The mobile phone 100 further includes a bus BS2.
Decrypt the above data with the session key Ks3,
A decryption processing unit 1510 that outputs encrypted data {Kc // ACp} Kpc2, and a Kpc holding unit 1 that holds a private decryption key Kpc2 paired with a public encryption key KPpc2 different for each mobile phone 100 (contents reproduction circuit 1550).
And 512.

The mobile phone 100 further receives the encrypted data {Kc // ACp} Kpc from the decryption processing unit 1510.
2 is the secret decryption key Kpc2 from the Kpc holding unit 1512.
A decryption processing unit 1514 that decrypts and outputs the license key Kc and the reproduction control information ACp, and encrypted content data {Dc} Kc from the bus BS2, and decrypts with the license key Kc obtained from the decryption processing unit 1514. Decryption processing unit 151 for outputting content data
6, a music reproducing unit 1518 for reproducing the content data by receiving the output of the decoding processing unit 1516, a DA converter 1520 for converting the output of the music reproducing unit 1518 from a digital signal to an analog signal, and a DA converter 1113. Alternatively, a selector 1525 that selects one of the outputs of the output 1520 according to the operation mode and outputs the output to the terminal 1530, and a terminal 1530 that outputs the output of the selector 1525 to an external output device (not shown) such as headphones. Including and

In FIG. 5, the area surrounded by the dotted line constitutes a content reproduction circuit 1550 for decoding the encrypted content data and reproducing the music data.

The operation of each component of the mobile phone 100 in each session will be described later in detail using a flowchart.

FIG. 6 is a schematic block diagram for explaining the configuration of memory card 110 shown in FIG.

As described above, KPmw is used as the class public encryption key and the class secret decryption key of the memory card.
And Kmw are provided, and the class certificate Cmw of the memory card is provided. In the memory card 110, it is assumed that the natural number w = 3. A natural number x for identifying the memory card is represented by x = 4.

Therefore, the memory card 110 holds the authentication data holding unit 1400 holding the authentication data {KPm3 // Cm3} KPa and the individual secret decryption key Kmc4 which is a unique decryption key set for each memory card. Kmc holding unit 1402, Km holding unit 1421 holding the class secret decryption key Km3, and individual secret decryption key Kmc4
K that holds the public encryption key KPmc4 that can be decrypted by
And a Pmc holding unit 1416.

As described above, by providing the encryption key of the recording device called the memory card, management of the distributed content data and the encrypted license key is executed for each memory card, as will be apparent from the following description. It becomes possible to do.

The memory card 110 further sends signals to and from the memory card interface 1200 via the terminal 142.
A bus BS for exchanging signals between the interface 1424 and the interface 1424 that transmits and receives via the communication interface 6.
3 and the data given from the interface 1424 to the bus BS3, the class secret decryption key Km3 to the Km holding unit 1
The session key Ks1 generated by the distribution server 10 in the distribution session is received at the contact Pa
And the KPa holding unit 141
No. 4 receives the public authentication key KPa from the data given to the bus BS3, the decryption result obtained by executing the decryption process with the public authentication key KPa, and the obtained class certificate are output to the controller 1420, and obtained. A decryption processing unit 1408 that outputs the class public key to the encryption processing unit 1410 and an encryption process that encrypts the data selectively provided by the changeover switch 1446 with the key that is selectively given by the changeover switch 1442 and outputs the encrypted data to the bus BS3. And a portion 1406.

The memory card 110 further uses the session key Ks2 in each session of distribution and reproduction.
And a session key Ks2 output by the session key generation unit 1418.
Is encrypted with the class public encryption key KPpy or KPmw obtained by the decryption processing unit 1408, and the bus B is encrypted.
The encryption processing unit 1410 for sending to S3, the decryption processing unit 1412 for receiving the data encrypted by the session key Ks2 from the bus BS3, and decrypting the data by the session key Ks2 obtained from the session key generation unit 1418, and the encrypted content data. An encryption processing unit 1417 that encrypts the license key Kc and the reproduction control information ACp read from the memory 1415 in the reproduction session with the individual public encryption key KPpc2 of the mobile phone 100 decrypted by the decryption processing unit 1412 is included.

The memory card 110 further includes a bus BS.
3 is sequentially updated by the decryption processing unit 1404 for decrypting the data on the No. 3 by the individual private decryption key Kmc4 of the memory card 110 paired with the individual public encryption key KPmc4, and the data CRLdate for updating the version of the certificate revocation list. Certificate revocation list data CRL, encrypted content data {Dc} Kc, and license (K for reproducing encrypted content data {Dc} Kc
c, ACp, ACm, license ID) and additional information D
A memory 14 for receiving and storing c-inf, a reproduction list of encrypted content data, and a license management file for managing a license from the bus BS3.
15 and. The memory 1415 is composed of, for example, a semiconductor memory. Further, the memory 1415 is a CRL.
It comprises an area 1415A, a license area 1415B, and a data area 1415C. CRL area 1415A
Is an area for recording the certificate revocation list CRL. The license area 1415B is an area for recording a license. The data area 1415C includes encrypted content data {Dc} Kc, related information Dc-inf of encrypted content data, a license management file that records information necessary for managing a license for each encrypted content data, and a memory card. This is an area for recording a reproduction list file that records basic information for accessing the encrypted content data recorded in 110 and the license. The data area 1415C can be directly accessed from the outside.

The license area 1415B stores licenses in a license-specific recording unit called an entry for recording licenses (license key Kc, reproduction control information ACp, access restriction information ACm, license ID). When the license is accessed, the license is stored or the entry for which the license is to be recorded is designated by the entry number.

The memory card 110 further includes a bus BS.
Data is exchanged with the outside via the bus BS.
3 includes a controller 1420 for receiving reproduction information and the like and controlling the operation of the memory card 110.

All the structures except the data area 1415C are formed in the tamper resistant module area.

The operation of each session in the data distribution system shown in FIG. 1 will be described below.

[Distribution] First, the operation of distributing the encrypted content data and the license from the distribution server 10 to the memory card 110 mounted on the mobile phone 100 in the data distribution system shown in FIG. 1 will be described.
This operation is called "delivery".

FIGS. 7 to 10 show a memory card 110 mounted on the mobile phone 100, which occurs when the encrypted content data is purchased in the data distribution system shown in FIG.
5 is a first to a fourth flowchart for explaining a delivery operation (hereinafter, also referred to as a delivery session) to the.

Before the processing in FIG. 7, the mobile telephone 10
It is premised that the user of 0 has connected to the distribution server 10 via the mobile phone network and has acquired the content ID for the content desired to be purchased.

Referring to FIG. 7, the user of mobile phone 100 issues a distribution request by designating the content ID via key operation unit 1108 (step S10).
0). Then, the purchase condition A for purchasing the license of the encrypted content data via the key operation unit 1108.
C is input (step S102). That is, the license key Kc for decrypting the selected encrypted content data
In order to purchase, the access control information ACm of the encrypted content data and the reproduction control information ACp are set, and the purchase condition AC is input.

When the purchase condition AC for the encrypted content data is input, the controller 1106 inputs an instruction to output the authentication data to the memory card 110 via the bus BS2 and the memory card interface 1200 (step S104). The controller 1420 of the memory card 110 receives the output instruction of the authentication data via the terminal 1426, the interface 1424 and the bus BS3. Then, the controller 1420 receives the authentication data {KPm from the authentication data holding unit 1400 via the bus BS3.
3 // Cm3} KPa is read, and the read authentication data {KPm3 // Cm3} KPa is output via the bus BS3, the interface 1424 and the terminal 1426 (step S106).

Controller 1106 of mobile phone 100
Authentication data from the memory card 110 {KPm3 /
In addition to / Cm3} KPa, the content ID, the license purchase condition data AC, and the distribution request are transmitted to the distribution server 10 (step S108).

The distribution server 10 receives the distribution request, the content ID, the authentication data {KPm from the mobile phone 100.
3 // Cm3} KPa and the data AC of the license purchase condition are received (step S110), and the decryption processing unit 3 is received.
12 decrypts the authentication data {KPm3 // Cm3} KPa output from the memory card 110 with the public authentication key KPa (step S112).

The delivery control unit 315 performs an authentication process for determining whether or not the authentication data encrypted by the legitimate institution to prove its validity is received from the decryption process result in the decryption process unit 312. Perform (step S114).
When it is determined that the authentication data is valid, the distribution control unit 315 approves and accepts the class public encryption key KPm3 and the class certificate Cm3. Then, the process proceeds to the next process (step S116). If the authentication data is not valid, the distribution session is ended without accepting the class public encryption key KPm3 and the class certificate Cm3 (step S198).

When the class public encryption key KPm3 and the class certificate Cm3 are accepted as a result of the authentication, the distribution control unit 31
5 is the class certificate Cm3 of the memory card 110
Queries the CRL database 306 to see if they are listed in the certificate revocation list CRL and, if these class certificates are subject to the certificate revocation list CRL, terminate the delivery session here ( Step S198).

On the other hand, if the class certificate of the memory card 110 is not included in the certificate revocation list CRL, the process proceeds to the next process (step S116).

As a result of the authentication, if it is confirmed that the access is made from the mobile phone 100 having the memory card 110 having valid authentication data, and the class is not the target of the certificate revocation list CRL, the distribution server 10 The distribution control unit 315 generates a transaction ID that is a management code for specifying distribution (step S11).
8). The session key generation unit 316 also generates a session key Ks1 for distribution (step S12).
0). The session key Ks1 is encrypted by the encryption processing unit 318 with the class public encryption key KPm3 corresponding to the memory card 110 obtained by the decryption processing unit 312 (step S122).

The transaction ID and the encrypted session key Ks1 are the transaction ID //
As {Ks1} Km3, the bus BS1 and the communication device 3
It is output to the outside via 50 (step S124).

Referring to FIG. 8, when mobile phone 100 receives transaction ID // {Ks1} Km3 (step S126), controller 1106 sends transaction ID // {via bus BS2 and memory card interface 1200. Ks1} Km3 is input to the memory card 110 (step S128). Then, in the memory card 110, the terminal 1426
Then, the decoding processing unit 1422 decodes the received data given to the bus BS3 via the interface 1424 by Km.
The session key Ks1 is decrypted by decrypting with the class secret decryption key Km3 unique to the memory card 110 held in the holding unit 1421, and the session key Ks1 is accepted (step S130).

The controller 1420 is the distribution server 10
Upon confirming acceptance of the session key Ks1 generated in step 1, the session key generation unit 1418 is instructed to generate the session key Ks2 generated in the memory card 110 during the distribution operation. Then, the session key generation unit 1418 generates the session key Ks2 (step S132).

In the distribution session, the controller 1420 uses the memory 14 in the memory card 110.
The update date and time CRLdate is extracted from the certificate revocation list CRL recorded in 15 and output to the changeover switch 1446 (step S134).

The cryptographic processing unit 1406 includes a changeover switch 14
With the session key Ks1 provided from the decryption processing unit 1422 via the contact Pa of 42, the changeover switch 14
The session key Ks2, the individual public encryption key KPmc4, and the update date and time CRLdate of the certificate revocation list CRL, which are given by sequentially switching the contacts of 46, are encrypted as one data string, and the encrypted data {Ks2 /
/ KPmc4 // CRLdate} Ks1 to bus BS3
Is output (step S136).

Encrypted data output to the bus BS3 {K
s2 // KPmc4 // CRLdate} Ks1 is from the bus BS3 to the interface 1424 and the terminal 142.
It is output to the mobile phone 100 via 6. Then, the controller 1106 of the mobile phone 100 transmits the encrypted data {Ks2 // KPmc4 // CRLdat via the memory card interface 1200 and the bus BS2.
e} Ks1 is received, and the received encrypted data {Ks
2 // KPmc4 // CRLdate} Ks1 with transaction ID added, transaction ID //
{Ks2 // KPmc4 // CRLdate} Ks1 is transmitted to the distribution server 10 (step S138).

The distribution server 10 uses the transaction ID.
// {Ks2 // KPmc4 // CRLdate} Ks
1 is received, the decryption processing unit 320 performs decryption processing using the session key Ks1, and the memory card 110
Session key Ks2 generated in, memory card 11
0 public encryption key KPmc4 and memory card 1
Update date and time CRL of certificate revocation list CRL in 10
The date is accepted (step S142).

The distribution control unit 315 generates the access control information ACm and the reproduction control information ACp according to the content ID and the license purchase condition data AC acquired in step S110 (step S144). Further, the distribution control unit 315 obtains the license key Kc for decrypting the encrypted content data from the information database 30.
4 (step S146).

The delivery control unit 315 uses the generated license, that is, the transaction ID and the content I.
The D, the license key Kc, the reproduction control information ACp, and the access control information ACm are given to the encryption processing unit 326. The encryption processing unit 326 encrypts the license by using the public encryption key KPmc4 unique to the memory card 110 obtained by the decryption processing unit 320 to generate encrypted data {transaction ID // content ID // Kc // ACm //
ACp} Kmc4 is generated (step S148).

Referring to FIG. 9, in distribution server 10, the update date and time CRLdate of certificate revocation list CRL sent from memory card 110 is the same as the certificate revocation list CRL of distribution server 10 held in CRL database 306. By comparing with the update date and time, it is determined whether or not the certificate revocation list CRL held by the memory card 110 is the latest. When it is determined that the certificate revocation list CRL held by the memory card 110 is the latest, the process proceeds to step S152. If the certificate revocation list CRL stored in the memory card 110 is not the latest, the process proceeds to step S160 (step S15).
0).

When it is judged that it is the latest, the encryption processing unit 328
Is the encrypted data output from the encryption processing unit 326 {transaction ID // content ID // Kc // A
Cm // ACp} Kmc4 is encrypted by the session key Ks2 generated in the memory card 110, and encrypted data {{transaction ID // content ID // Kc // ACm // ACp} Kmc4} K
s2 is output to the bus BS1. Then, the delivery control unit 31
5 is the encrypted data on the bus BS1 {{transaction ID // content ID // Kc // ACm // AC
p} Kmc4} Ks2 is transmitted to the mobile phone 100 via the communication device 350 (step S152).

Then, the controller 1106 of the mobile phone 100 transmits the encrypted data {{transaction ID /
/ Content ID // Kc // ACm // ACp} Km
c4} Ks2 is received (step S154), and the bus BS
2 and the encrypted data via the memory card interface 1200 {{transaction ID // content ID // Kc // ACm // ACp} Kmc4} Ks2
Is input to the memory card 110. Memory card 110
Of the encrypted data {{transaction ID // content ID // Kc // ACm //
ACp} Kmc4} Ks2 is received via the terminal 1426 and the interface 1424, decrypted by the session key Ks2 generated by the session key generation unit 1418, and encrypted data {transaction ID / transaction ID /
/ Content ID // Kc // ACm // ACp} Km
Accept c4 (step S158). Then, it transfers to step S172.

On the other hand, when the distribution server 10 determines that the certificate revocation list CRL held by the memory card 110 is not the latest, the distribution control unit 315 determines that the bus BS1
The latest certificate revocation list CRL is acquired from the CRL database 306 via (step S160).

The cryptographic processing unit 328 receives the output of the cryptographic processing unit 326 and the CRL of the certificate revocation list supplied by the distribution control unit 315 via the bus BS1, and the session key Ks2 generated in the memory card 110. Encrypt by. Encrypted data output from the encryption processing unit 328 {CRL // {transaction ID // content ID // Kc // ACm // ACp} Kmc4} K
s2 is transmitted to the personal computer 50 via the bus BS1 and the communication device 350 (step S16).
2).

The mobile phone 100 uses the encrypted data {CR
L // {Transaction ID // Content ID //
Kc // ACm // ACp} Kmc4} Ks2 is received (step S164), and the encrypted data {CRL is transmitted via the bus BS2 and the memory card interface 1200.
// {Transaction ID // Content ID // K
c // ACm // ACp} Kmc4} Ks2 is input to the memory card 110 (step S166). In the memory card 110, the decryption processing unit 1412 uses the terminal 14
26 and the bus BS via the interface 1424
The received data given to No. 3 is decoded. Decryption processing unit 14
12 decrypts the received data on the bus BS3 using the session key Ks2 provided from the session key generation unit 1418 and outputs the decrypted data to the bus BS3 (step S16).
8).

At this stage, the encrypted license {transaction ID // content ID // Kc // ACm // ACp} Kmc4 which can be decrypted by the private decryption key Kmc4 held in the Kmc holding unit 1402 is stored in the bus BS3. ,
And CRL are output (step S168). According to the instruction from the controller 1420, the CRL in the CRL area 1415A in the memory 1415 is rewritten with the received CRL and updated to the latest CRL (step S170).

Steps S152, S154, S156,
S158 is the certificate revocation list C of the memory card 110.
This is a distribution operation of the license to the memory card 110 when the RL is the latest, and steps S160, S162, S1.
64, S166, S168, and S170 are distribution operations of the license to the memory card 110 when the certificate revocation list CRL of the memory card 110 is not the latest. In this way, the certificate revocation list CR of the memory card 110 that has been requested to be delivered, based on the update date and time CRLdate of the certificate revocation list sent from the memory card 110.
Whether or not L is the latest is checked one by one, and when it is not the latest, the latest certificate revocation list CRL is updated to the CRL database 30.
6 and distribute the CRL to the memory card 110, it is possible to prevent the memory card 110 from outputting a license to another memory card or content reproduction circuit whose security has been broken.

Step S158 or step S170
Then, according to an instruction from the controller 1420, the encrypted license {transaction ID // content ID /
/ Kc // ACm // ACp} Kmc4 is decrypted in the decryption processing unit 1404 with the individual secret decryption key Kmc4, and the license (license key Kc, transaction ID, content ID, access control information ACm and reproduction control information ACp) is obtained. Accepted (step S1)
72).

Referring to FIG. 10, controller 1106 of mobile phone 100 inputs an entry number for instructing an entry for storing the license accepted by memory card 110, to memory card 110 (step S1).
74). Then, the controller 1420 of the memory card 110 causes the terminal 1426 and the interface 14 to operate.
24, the license number (license key Kc, transaction I) acquired in step S172 is received in the license area 1415B of the memory 1415 designated by the received entry number.
D, content ID, access control information ACm, and reproduction control information ACp) are stored (step S176).

Controller 1106 of mobile phone 100
Is the transaction ID sent from the distribution server 10.
And a delivery request for delivery of encrypted content data to the delivery server 1.
It is transmitted to 0 (step S178).

The distribution server 10 uses the transaction ID.
And the distribution request for the encrypted content data is received (step S180), and the encrypted content data {Dc} Kc and the additional information Dc− are read from the information database 304.
Inf is acquired and these data are output via the bus BS1 and the communication device 350 (step S18).
2).

The mobile phone 100 has {Dc} Kc // D
When the c-inf is received, the encrypted content data {D
c} Kc and additional information Dc-inf are accepted (step S184). Then, the controller 1106
Inputs encrypted content data {Dc} Kc and additional information Dc-inf to memory card 110 via bus BS2 and memory card interface 1200 (step S186). The controller 1420 of the memory card 110 includes a terminal 1426 and an interface 14
24 and the bus BS3 through {Dc} Kc // Dc-
Inf is accepted (step S188), and encrypted content data {Dc} Kc and additional information Dc-in are stored in the data area 1415C of the memory 1415 via the bus BS3.
f is recorded (step S190).

Then, the controller 1106 of the mobile phone 100 transmits the transaction ID and the acceptance of delivery to the delivery server 10 (step S192).

The distribution server 10 uses the transaction ID.
// When the delivery acceptance is received (step S194), the billing data is stored in the billing database 302, the transaction ID is recorded in the delivery record database 308, and the delivery end process is executed (step S1).
96). Then, the whole process ends (step S1).
98).

In this way, the memory card 110 mounted on the mobile phone 100 is a device that holds the proper authentication data, and at the same time, the public encryption key KPm3 encrypted and transmitted together with the class certificate Cm3 is valid. After confirming that the class certificate Cm3 is a certificate revocation list, that is, a distribution request from a memory card not listed in the class certificate list whose encryption by the public encryption key KPm3 has been broken. Only content data can be distributed, and distribution to an unauthorized memory card and distribution using a decrypted class key can be prohibited.

Furthermore, by exchanging the encryption keys generated by the distribution server 10 and the memory card 110, executing encryption using the encryption keys received by each other, and transmitting the encrypted data to the other party. , The mutual authentication can be virtually performed even in the transmission / reception of each encrypted data, and the security of the data distribution system can be improved.

FIG. 11 shows the memory 1 of the memory card 110.
4 shows a license area 1415B and a data area 1415C in 415. Data area 1415
In C, a playlist file 160, entry management information 165, and content files 1611 to 161n are included.
And license management files 1621 to 162n are recorded. Content files 1611 to 161n
Records the received encrypted content data {Dc} Kc and additional information Dc-inf as one file. Also, the license management files 1621-162n
Are content files 1611 to 161n, respectively.
It is recorded corresponding to.

The memory card 110, when receiving the encrypted content data and the license from the distribution server 10, records the encrypted content data and the license in the memory 1415.

Therefore, the license of the encrypted content data transmitted to the memory card 110 by the distribution session is the license area 141 of the memory 1415.
If the license management file of the playlist file 160 recorded in the data area 1415C of the memory 1415 that is recorded in the area designated by the entry number of 5B is read, the entry number can be acquired, and the acquired entry number corresponds. The license can be read from the license area 1415B.

Also, the license management file 1622
Indicates that it is not actually recorded although it is shown by a dotted line. Although the content file 1612 exists but is not licensed and cannot be reproduced, this corresponds to, for example, the case where the mobile phone 100 receives only the encrypted content data from another mobile phone.

Further, the content file 1613 is shown by a dotted line, which means that, for example, the mobile phone 1
00 receives the encrypted content data and the license from the distribution server 10 and transmits only the received encrypted content data to another mobile phone,
The license exists in the memory 1415, but means that the encrypted content data does not exist.

[Playback] Next, the playback operation of the portable telephone 100 of the encrypted content data {Dc} Kc received from the distribution server 10 and recorded in the memory card 110 will be described.

12 and 13 show a mobile phone 100.
6 is first and second flowcharts for explaining an operation in a reproduction session in which encrypted content data is read from the memory card 110 attached to and the read encrypted content data is reproduced.

Before the processing in FIG. 12, the user of the mobile phone 100 specifies the content (song) to be reproduced and the content file according to the reproduction list recorded in the data area 1415C of the memory card 110. The explanation will be given assuming that the license management file is acquired.

Referring to FIG. 12, when the reproducing operation is started (step S200), the user of cellular phone 100 inputs a reproducing request to cellular phone 100 through key operation unit 1108 (step S202).
Then, the controller 1106 issues an output request for the authentication data via the bus BS2 to the content reproduction circuit 155.
0, the authentication data holding unit 1500 of the content reproduction circuit 1550 sets the authentication data {KPp1 // Cp1}.
KPa is output (step S204), and the controller 1
106, authentication data {KPp1 // Cp to the memory card 110 via the memory card interface 1200.
1} KPa is input (step S206).

Then, the memory card 110 accepts the authentication data {KPp1 // Cp1} KPa, and the decryption processing unit 1408 receives the accepted authentication data {KPp1 // C.
p1} KPa is decrypted by the public authentication key KPa held in the KPa holding unit 1414 (step S208),
The controller 1420 performs authentication processing based on the decryption processing result in the decryption processing unit 1408. That is, an authentication process is performed to determine whether the authentication data {KPp1 // Cp1} KPa is authentic authentication data (step S).
210). If it cannot be decrypted, the process proceeds to step S250, and the reproduction operation ends.

When the authentication data can be decrypted, the controller 1420 determines that the acquired certificate Cp1 is in the memory 1415.
It is determined whether or not it is included in the prohibited class list CRL read from (step S212). In this case, certificate C
An ID is assigned to p1 and the controller 1420
Shows that the ID of the received certificate Cp1 is the prohibited class list C
It is determined whether it exists in the RL. When it is determined that the certificate Cp1 is included in the prohibited class list CRL, the process proceeds to step S250 and the reproducing operation ends.

In step S212, the certificate Cp1
If it is determined that is not included in the prohibited class list data, the controller 1420 controls the session key generation unit 1418, and the session key generation unit 1418
A session key Ks2 for a reproduction session is generated (step S214). Then, the cryptographic processing unit 1410
Encrypts the session key Ks2 from the session key generation unit 1418 with the public encryption key KPp1 decrypted by the decryption processing unit 1408 to obtain encrypted data {Ks2}.
Kp1 is output to the bus BS3. Then, the controller 1420 causes the interface 1424 and the terminal 1 to operate.
The encrypted data {Ks2} Kp1 is output to the memory card interface 1200 via 426 (step S
218). Controller 1106 of mobile phone 100
Acquires the encrypted data {Ks2} Kp1 via the memory card interface 1200. Then, the controller 1106 provides the encrypted data {Ks2} Kp1 to the decryption processing unit 1504 of the content reproduction circuit 1550 via the bus BS2, and the decryption processing unit 1504 outputs the public encryption key KPp1 output from the Kp holding unit 1502. With the private decryption key Kp1 paired with
s2} Kp1 is decrypted and the session key Ks2 is accepted (step S220).

Then, the content reproduction circuit 1550
The session key generation unit 1508 of the
s3 is generated (step S222). Cryptographic processing unit 15
06 encrypts the session key Ks3 from the session key generation unit 1508 and the public encryption key KPpc2 from the KPpc holding unit 1507 with the session key Ks2 from the decryption processing unit 1504 to generate encrypted data {Ks3 /
/ KPpc2} Ks2 is output (step S224),
The controller 1106 of the mobile phone 100 is a bus BS
2 and the encrypted data {Ks3 // KPpc2} Ks2 via the memory card interface 1200 into the memory card 110 (step S226).

Referring to FIG. 13, the decryption processing unit 1412 of the memory card 110 receives the encrypted data {K via the terminal 1426, the interface 1424 and the bus BS3.
s3 // KPpc2} Ks2. Then, the decryption processing unit 1412 decrypts the encrypted data {Ks3 // KPpc2} Ks2 with the session key Ks2 generated by the session key generation unit 1418, and the session key Ks3 generated by the mobile phone 100 and the mobile phone 100. The public encryption key KPpc2 set for each is accepted (step S228).

Controller 1106 of mobile phone 100
Obtains the entry number in which the license is stored from the license management file of the reproduction request song obtained in advance from the memory card 110, and stores the obtained entry number and license output request via the memory card interface 1200. Input to the card 110.

Controller 142 of memory card 110
0 accepts the entry number and the license output request, and acquires the license stored in the area designated by the entry number.

Then, the controller 1420 confirms the access restriction information ACm (step S230).

In step S230, the memory 14
By confirming the access restriction information ACm, which is the information related to the restriction on access of No. 15, specifically,
By checking the number of times of reproduction, if the reproduction is already impossible, the reproduction operation is terminated and the access restriction information AC
If the number of times m has been played is limited, access restriction information A
After changing the number of times of reproduction of Cm (step S232), the process proceeds to the next step (step S234). On the other hand, when the reproduction is not limited by the number of times of reproduction of the access restriction information ACm, step S232 is skipped and the process proceeds to the next step (step S234) without changing the number of times of reproduction of the access restriction information ACm. To be done.

When it is determined in step S230 that the reproduction is possible in the reproduction operation, the license key Kc and the reproduction control information ACp of the reproduction request music recorded in the license area 1415B of the memory 1415 are stored on the bus BS3. Is output to.

The obtained license key Kc and reproduction control information ACp are sent to the encryption processing unit 1417 via the bus BS3. The encryption processing unit 1417 uses the license key Kc and the reproduction control information ACp input via the bus BS3.
With the public encryption key KPpc2 received by the decryption processing unit 1412, and the encrypted data {Kc //
ACp} KPpc2 to the contact Pb of the changeover switch 1442
(Step S234). Then, the cryptographic processing unit 1406 uses the session key Ks3 received from the decryption processing unit 1412 via the contact Pb of the changeover switch 1442 to generate the encrypted data {Kc // ACp} KPpc2 received via the contact Pb of the changeover switch 1442. Encrypted data {{Kc // ACp} KPpc2} K
s3 is output to the bus BS3. Encrypted data output to the bus BS3 {{Kc // ACp} KPpc2} Ks3
Is sent to the mobile phone 100 via the interface 1424, the terminal 1426, and the memory card interface 1200 (step S236).

In mobile phone 100, encrypted data {{Kc // ACp} KPpc2} K transmitted to bus BS2 via memory card interface 1200.
s3 is decrypted by the decryption processing unit 1510,
The encrypted data {Kc // ACp} KPpc2 is accepted (step S238). Then, the decryption processing unit 1514
Represents the encrypted data {Kc // ACp} KPpc2 obtained by the decryption processing unit 1510, into the Kpc holding unit 151.
It decrypts with the secret decryption key Kpc2 from 2 and accepts the license key Kc and the reproduction control information ACp (step S240). The decryption processing unit 1514 uses the license key K
c is transmitted to the decoding processing unit 1516, and the reproduction control information ACp is transmitted.
Is output to the bus BS2.

Controller 1106 receives reproduction control information ACp via bus BS2 and confirms whether reproduction is possible (step S242).

In step S242, if the reproduction control information ACp determines that reproduction is not possible, the controller 1106 performs error processing, and then the reproduction operation ends (step S250).

When it is determined in step S242 that reproduction is possible, the controller 1106 requests the memory card 110 via the memory card interface 1200 for the encrypted content data {Dc} Kc. Then, the controller 1420 of the memory card 110
Encrypted content data {Dc} K from memory 1415
c is acquired and output to the memory card interface 1200 via the bus BS3, the interface 1424, and the terminal 1426 (step S244).

Controller 1106 of mobile phone 100
Acquires the encrypted content data {Dc} Kc via the memory card interface 1200, and uses the bus BS2
The encrypted content data {Dc} Kc is supplied to the content reproduction circuit 1550 via the.

Then, the decryption processing section 1516 of the content reproduction circuit 1550 makes the encrypted content data {Dc}.
The content data Dc is obtained by decrypting Kc with the license key Kc output from the decryption processing unit 1510 (step S246).

Then, the decrypted content data Dc
Is output to the music reproduction unit 1518, and the music reproduction unit 1518
Reproduces the content data (step S248),
The DA converter 1520 converts the digital signal into an analog signal and outputs the analog signal to the selector 1525.
The data from the DA converter 1520 is selected and the terminal 153 is selected.
Output to 0. Then, the music data is output from the terminal 1530 to the headphones 130 via the external output device and reproduced. This ends the reproducing operation (step S250).

Thus, the encrypted content data {D
c} Kc playback session, the mobile phone 10
The public encryption key KPpc2 set for each 0 (contents reproduction circuit 1550) and the session key K generated in the mobile phone 100 (contents reproduction circuit 1550).
s3 and s3 are encrypted by the session key Ks2 generated in the memory card 110, and the memory card 11
0 (see step S224 in FIG. 12), the license key Kc and the reproduction control information ACp for decrypting and reproducing the encrypted content data {Dc} Kc are sequentially encrypted by the public encryption key KPpc2 and the session key Ks3. The mobile phone 10 is converted into the data and received (see steps S236 and S238 in FIG. 13).
0 (contents reproducing circuit 1550) can obtain the license key Kc and the reproduction control information ACp from the memory card 110 with high confidentiality.

As a result, the encrypted content data {D
It is possible to prevent leakage of the license key Kc and the reproduction control information ACp necessary for reproducing c} Kc, protect the copyright of the content data, and reproduce the encrypted content data.

[Second Embodiment] FIG. 14 shows a second embodiment.
2 is a schematic block diagram showing the configuration of a data distribution system according to FIG. In FIG. 14, distribution server 10 receives a distribution request from a user of personal computer 50 obtained through a modem (not shown) and Internet network 30. Then, the distribution server 10 determines whether or not the personal computer 50, which has accessed for data distribution, is using software having a content protection module having valid authentication data, that is, whether the personal computer 50 is authorized content. Authenticating whether or not it is a protection module, encrypts music data with a predetermined encryption method to a personal computer equipped with a valid content protection module, and then encrypts such encrypted content data and license. It is transmitted via the Internet 30 and a modem. The content protection module of the personal computer 50 records the received encrypted content data and license in the hard disk (HDD) or the like as they are.

Further, in FIG. 14, the personal computer 50 uses a content protection module to record a music CD (Compact Disc).
k) Generates encrypted content data limited to local use and a license for reproducing the encrypted content data from the music data acquired from 60. This process is called ripping and corresponds to the act of acquiring the encrypted content data and the license from the music CD 60. Details of the ripping will be described later.

Further, the personal computer 50 is
Music CD7 with encrypted content data and license
Get from 0.

The music CD 70 does not need to record both the encrypted content data and the license, and may record only the encrypted content data. In this case, the personal computer 50 acquires the encrypted content data from the music CD 70, and licenses for decrypting and reproducing the acquired encrypted content data with a modem (not shown) and the Internet network 30.
You may receive from the delivery server 10 via.

Furthermore, the personal computer 50 is
USB (Universal Serial Bus)
The encrypted content data and the license are connected to the mobile phone 105 by connecting to the mobile phone 105 via the cable 430.
It is possible to send and receive to and from the memory cards 110 and 115 mounted on 05.

Therefore, in the data distribution system shown in FIG. 14, the personal computer 50 operates the distribution server 10 via the modem and the Internet network 30.
The encrypted content data and the license are received, and the encrypted content data and the license are acquired from the music CDs 60 and 70. In addition, the mobile phone 10
The memory cards 110 and 115 mounted on the personal computer 50 are connected to the distribution server 10 or the music CD by the personal computer 50.
The encrypted content data and license obtained from 60 and 70 are received. The user of the mobile phone 105 is
The encrypted content data and the license can be acquired from the music CDs 60 and 70 through the personal computer 50.

As described above, the mobile telephone 105 has the distribution server 10 and the music CD 60, even if it has no communication function.
The encrypted content data and license can be acquired from 70. Then, the user of the mobile phone 105 reproduces the encrypted content data recorded in the memory cards 110 and 115 by the mobile phone 105,
It can be heard via the headphones 135.

FIG. 15 is a schematic block diagram for explaining the configuration of personal computer 50 shown in FIG. The personal computer 50 is a bus B for exchanging data with each unit of the personal computer 50.
While controlling S4 and the inside of the personal computer,
Controller for executing various programs (CP
U) 510, a hard disk (HDD) 530 which is a large-capacity recording device connected to the bus BS4 for recording and accumulating programs and data, a CD-ROM drive 540, and inputs instructions from the user A keyboard 560 for operating and a display 570 for visually giving various kinds of information to the user are included.

The personal computer 50 further includes
When communicating the encrypted content data and the license to the mobile phone 105 or the like, the controller 510 and the terminal 58
When communicating via the USB interface 550 for controlling the exchange of data with 0, the terminal 580 for connecting the USB cable 430, the distribution server 10, the Internet network 30, and a modem (not shown). It also includes a serial interface 555 for controlling data exchange between the controller 510 and the terminal 585, and a terminal 585 for connecting to a modem with a cable.

The controller 510 controls the transfer of data to and from the distribution server 10 in order to receive the encrypted content data and the like from the distribution server 10 to the content protection module 511 via the Internet network 30, and at the same time, the CD- Music CD via ROM drive 540
Control is performed when the encrypted content data and the license are acquired from 60 by ripping. The controller 510 also controls the acquisition of the encrypted content data and the license from the music CD 70 via the CD-ROM drive 540. Further, the personal computer 50 includes a content protection module 511 that is a program executed by the controller 510 and receives distribution of encrypted content data and a license from the distribution server 10.

The content protection module 511 distributes the encrypted content data and license to the distribution server 10.
The data transmitted and received when received from the device is transmitted by software using a program executed by the controller 510, and the encrypted content data for local use and the license are generated by ripping from the music CD 60, and the obtained license is added. On the other hand, encryption processing is applied to protect the data, and the data is stored in the HDD 530 for management.

Also, the content protection module 511
Uses the encrypted content data and license acquired from the distribution server 10 and the music CDs 60 and 70 via the USB.
It is transmitted to the memory cards 110 and 115 mounted on the mobile phone 105 via the cable 430.

In this way, the personal computer 50
Is a content protection module 511 for receiving encrypted content data and a license from the distribution server 10 via the Internet 30, and a music CD 60.
And a CD-ROM drive 540 for acquiring the encrypted content data and the license by ripping, or directly acquiring the encrypted content data and the license from the music CD 70.

FIG. 16 shows the mobile phone 105 shown in FIG.
3 is a schematic block diagram of FIG. The mobile phone 105 is different from the mobile phone 100 according to the first embodiment in that the antenna 110 is used.
2, transmission / reception unit 1104, audio reproduction unit 1112, DA converter 1113, speaker 1114, microphone 1115, AD
Converter 1116, speech coding unit 1117 and selector 1
525 is deleted and a serial interface 1540 and a terminal 1541 are added. Others are the same as those of the mobile phone 100. In the second embodiment, memory card interface 1200 controls data exchange between memory cards 110 and 115 and bus BS5.

The serial interface 1540 receives the encrypted content data and the license from the personal computer 50, the bus BS5 and the terminal 154.
Controls data exchange with 1. Also, the terminal 1541
Is a terminal for connecting the USB cable 430.

The content reproducing circuit 1550 of the mobile phone 105 holds the authentication data {KPp6 // Cp1} KPa obtained by encrypting the public encryption key KPp6 and the certificate Cp1 unique to the mobile phone 105 with the public authentication key KPa. However, the public encryption key KPpc7 set for each mobile phone 105, the public encryption key KPpc7, and the asymmetric secret decryption key Kpc7 are held.

The operation of the personal computer 50 for acquiring the encrypted content data and the license from the distribution server 10 is performed according to the flowcharts shown in FIGS. In this case, the mobile phone (controller) shown in FIGS. 7 to 10 may be replaced with the controller 510 of the personal computer 50, and the memory card may be replaced with the content protection module 511. Then, the content protection module 511 holds the authentication data {KPm5 // Cm5} KPa, and the authentication data {KPm5 /
/ Cm5} KPa is transmitted to the distribution server 10. Also,
The content protection module 511 includes an internet network 30, a modem, a terminal 585, and a serial interface 5.
55 and the encrypted content data and license received from the distribution server 10 via the bus BS4 are recorded in the hard disk 530 via the bus BS4.

Further, the controller 510 is a CD-R.
The OM drive 540 records the encrypted content data and license acquired from the music CD 70 in the hard disk 530 via the bus BS4.

[Ripped] Personal computer 5
0 users obtain encrypted content data and licenses by distribution, and also from their own music CD 60,
It is possible to acquire and use music data. From the standpoint of protecting the rights of the copyright holder, digital copying of the music CD60 is not free, but an individual uses a tool having a copyright protection function to copy the music for his own purpose. Is allowed to enjoy. Therefore, the content protection module 511 uses the music CD 60.
It also includes a program that acquires music data from the device and realizes a ripping function that generates encrypted content data and a license that can be managed by the content protection module 511.

Further, some recent music CDs have a digital watermark called a watermark inserted in music data. In this watermark, the scope of use by the user is written as a use rule by the copyright holder. When ripping from music data in which a usage rule is written, it is necessary to follow this usage rule from the viewpoint of copyright protection. After that, as usage rules, copy conditions (copy prohibition, copyable generation, copy allowed), copy valid period, maximum checkout number, edit, playback speed, playable area code, playback count limit for copy, available Suppose the time is listed. In addition, there is a conventional music CD in which the watermark is not detected, that is, the usage rule is not written.

For ripping, in addition to directly acquiring music data from a music CD, there are cases where a music signal input as an analog signal is digitized and acquired as music data. Furthermore, in ripping, it is possible to input compression-coded music data in order to reduce the amount of data. Further, it is also possible to take in content data distributed by a distribution system other than the data distribution system according to the second embodiment as an input.

Acquisition of encrypted content data and a license by ripping from a music CD 60 on which music data is recorded will be described with reference to FIGS. 17 and 18.

FIG. 17 is a functional block diagram showing the function of software for ripping the music data read from the music CD 60 by the CD-ROM drive 540 included in the personal computer 50 shown in FIG. The software for ripping music data is watermark detection means 5400 and watermark determination means 5401.
, Remark means 5402, and license generation means 54
03, music encoder 5404, and encryption means 5405.
With.

The watermark detecting means 5400 detects the watermark from the music data acquired from the music CD 60 and extracts the described usage rule. The watermark determination means 5401 is the watermark detection means 5
The detection result of 400, that is, whether or not the watermark can be detected, and if further detected, the possibility of ripping is determined based on the usage rule described in the watermark. If the ripping is possible, it means that there is no watermark usage rule, or that the usage rule permitted to copy and move the music data recorded on the music CD 60 is recorded by the watermark, and the ripping is impossible. In this case, it means that the usage rule that the music data recorded on the music CD 60 should not be duplicated or moved is recorded by the watermark.

The remarking means 5402 detects the watermark contained in the music data when the judgment result of the watermark judging means 5401 is riptable and there is an instruction of the copy generation, that is, when the music data can be copied / moved. Replace the watermark with the changed music data duplication condition. However, if ripping is possible when inputting analog signals for ripping, when inputting encoded music data, and when inputting music data distributed by other distribution systems Be sure to change the watermark regardless of the content of the rule. In this case, if there is a copy generation instruction, the content of the usage rule is changed, and in other cases, the acquired usage rule is used as it is.

The license generation means 5403 generates a license based on the judgment result of the watermark judgment means 5401. The music encoder 5404 encodes the music data having the watermark remarked by the remarking unit 5402 in a predetermined system. Encryption means 540
5 encrypts the music data from the music encoder 5404 with the license key Kc included in the license generated by the license generation means 5403.

With reference to FIG. 18, the ripping operation in the controller 510 of the personal computer 50 will be described. When the ripping operation is started, the watermark detection unit 5400 detects the watermark usage rule based on the data detected from the music CD 60 (step S800). Then, the watermark determination means 5401 determines whether or not duplication is possible based on the detection result of the watermark detection means 5400 and the usage rule recorded as the watermark (step S).
802). When the watermark is detected, copying is permitted by the usage rule, and the contents of the usage rule can be handled by the access control information ACm and the reproduction control information ACp in the license, it is determined that the ripping is possible, and the process proceeds to step S804. . If the watermark is detected and the usage rule prohibits copying, or the access control information ACm or the reproduction control information ACp in the license describes an unusable usage rule, it is determined that ripping is prohibited, and step S828 is performed. And the ripping operation ends. If the mounted music CD 60 does not include the watermark, the process proceeds to step S810.

If it is determined in step S802 that the ripping is possible, the music data is taken from the music CD 60, and the remarking unit 5402 replaces the watermark included in the music data with the watermark whose duplication condition is changed (step S804). ). That is, if the watermark usage rule permits copying of up to three generations, the watermark is replaced with a watermark having two copy generations. Then, the license generation means 5403 generates a license that reflects the usage rule. That is, the license generation unit 5403 generates a license whose number of copies is two generations (step S806). After that, the license generation unit 5403 generates checkout information including the number of checkout possible reflecting the usage rule (step S808). For the number of check-out possible,
If there is no description, it shall be "3".

On the other hand, in step S802, when the watermark is not detected, the license generating means 54
03 generates a license in which copying and movement of the license are prohibited (step S810). After that, the license generation unit 5403 generates checkout information including the number of checkout possibles whose initial value is 3 (step S812).

After step S808 or S812, the music encoder 5404 encodes the music data whose watermark has been remarked into a predetermined method to generate content data {Dc} (step S814). Then, the encryption means 5405 encrypts the music data from the music encoder 5404 with the license key Kc included in the license generated by the license generation means 5403, and the encrypted content data {Dc} Kc.
Is generated (step S816). After that, music CD6
The additional information Dc-inf of the content data {Dc} is generated by the information included in 0 or the user input input from the keyboard 560 of the personal computer 50 (step S818).

Then, the personal computer 50
Controller 510 of encrypted content data {Dc} Kc and additional information Dc-in via bus BS2.
f is acquired and recorded in the HDD 530 (step S82).
0). Then, the controller 510 generates an encrypted extended license in which the generated license (transaction ID, content ID, license key Kc, access restriction information ACm, reproduction control information ACp) and checkout information is uniquely encrypted. Yes (step S82)
2). After that, the controller 510 generates the license management file for the encrypted content data {Dc} Kc and the additional information Dc-inf, which includes the encrypted extended license, the plaintext transaction ID, and the content ID, and is recorded in the HDD. Then, the data is recorded in the HDD 530 (step S824). Finally, the controller 51
For 0, the file name of the received content is added to the content list file recorded in the HDD 530 (step S826), and the ripping operation ends (step S828).

As described above, the encrypted content data and the license can be acquired from the music CD by ripping, and the acquired license is protected and managed together with the content distributed from the distribution server 10.

As described above, the personal computer 50
Is distributed by various methods and the distribution server 10 and the music CD.
The encrypted content data and license are acquired from 60 and 70, and the acquired encrypted content data and license are recorded in the hard disk 530.

Then, the personal computer 50
The encrypted content data and the license recorded on the hard disk 530 are transferred to the content protection module 51.
1, the USB interface 550, the terminal 580,
And the mobile phone 105 via the USB cable 430.
It can be transmitted to the memory cards 110 and 115 mounted on the. In this case, the content protection module 511
It has the same function as the data processing unit 310 shown in FIG.

Therefore, the personal computer 50
From the memory card 11 attached to the mobile phone 105
The operation of transmitting the encrypted content data and the license to 0, 115 is performed according to the flowcharts shown in FIGS. In this case, the distribution server may be replaced with the content protection module in FIGS.

The mobile phone 105 has a USB cable 43.
The encrypted content data and the license are received from the personal computer 50 via 0 and recorded in the memory cards 110 and 115. Then, the mobile phone 105
Reproduces the encrypted content data recorded in the memory cards 110 and 115 according to the flowcharts shown in FIGS. 12 and 13.

The data distribution system according to the second embodiment may be the data distribution system shown in FIG. In the data distribution system shown in FIG. 19, the personal computer 50 has a distribution server 10 and a music CD 60,
The encrypted content data and the license acquired from 70 are written in the memory card 110 by the memory card writer 440. Then, the mobile phone 10
The user of No. 5 removes the memory card 110 in which the encrypted content data and the license are written from the memory card writer 440 and inserts the memory card 110 into the mobile phone 105, so that the memory card 110 is recorded according to the flowcharts shown in FIGS. 12 and 13. The encrypted content data can be reproduced and listened to through the headphones 135.

According to the embodiment of the present invention, the public encryption key set for each mobile phone and the license key and reproduction control information sequentially encrypted by the session key generated in the mobile phone are carried from the memory card. Since the encrypted content data is transmitted to the telephone and reproduced in the mobile telephone, it is possible to protect the encrypted content data obtained from the distribution server or the like by prohibiting copying of the license for decrypting and reproducing the encrypted content data.

The embodiments disclosed this time are to be considered as illustrative in all points and not restrictive. The scope of the present invention is shown not by the above description of the embodiments but by the claims, and is intended to include meanings equivalent to the claims and all modifications within the scope.

[Brief description of drawings]

FIG. 1 is a schematic diagram conceptually explaining a data distribution system according to a first embodiment.

FIG. 2 is a diagram showing characteristics of data, information, etc. for communication in the data distribution system shown in FIG.

3 is a diagram showing characteristics of data, information, etc. for communication in the data distribution system shown in FIG.

4 is a schematic block diagram showing a configuration of a distribution server in the data distribution system shown in FIG.

5 is a schematic block diagram showing a configuration of a mobile phone in the data distribution system shown in FIG.

6 is a schematic block diagram showing a configuration of a memory card in the data distribution system shown in FIG.

7 is a first flowchart for explaining a distribution operation of encrypted content data in the data distribution system shown in FIG.

8 is a second flowchart for explaining a distribution operation of encrypted content data in the data distribution system shown in FIG.

9 is a third flowchart for explaining a distribution operation of encrypted content data in the data distribution system shown in FIG.

FIG. 10 is a fourth diagram for explaining the distribution operation of encrypted content data in the data distribution system shown in FIG.
It is a flowchart of.

FIG. 11 is a diagram showing a structure of a play list file in a memory card.

FIG. 12 is a first flowchart for explaining a reproducing operation in the mobile phone.

FIG. 13 is a second flowchart for explaining a reproduction operation in the mobile phone.

FIG. 14 is a schematic diagram conceptually explaining the data distribution system according to the second embodiment.

15 is a schematic block diagram showing the configuration of the personal computer shown in FIG.

16 is a schematic block diagram showing the configuration of the mobile phone shown in FIG.

FIG. 17 is a functional block diagram for explaining a function of software that executes ripping.

FIG. 18 is a flowchart for explaining a ripping operation in the data distribution system shown in FIG. 1.

FIG. 19 is a schematic diagram conceptually explaining another data distribution system according to the second embodiment.

[Explanation of symbols]

10 distribution server, 20 distribution carrier, 30 internet network, 50 personal computer, 60, 7
0 Music CD, 100, 105 Mobile phone, 110,
115 memory card, 130, 135 headphone, 160 playlist file, 165 entry management information, 302 billing database, 304 information database, 306 CRL database, 307 menu database, 308 distribution record database, 3
10 data processing units, 312, 320, 1404, 14
08,1412,1422,1504,1510,15
14, 1516 Decryption processing unit, 313, 1414 Authentication key holding unit, 315 Distribution control unit, 316, 1418, 1
508 Session key generation unit, 318, 326, 32
8, 1406, 1410, 1417, 1506, 540
5 encryption processing unit, 350 communication device, 430 USB cable, 440 memory card writer, 510, 110
6,1420 Controller, 511 Content Protection Module, 530 Hard Disk, 540 CD-
ROM drive, 550 USB interface, 55
5,1540 Serial interface, 580,58
5, 1426, 1530, 1541 terminals, 560 keyboard, 570 display, 1102 antenna, 1104 transmitting / receiving unit, 1108 key operating unit, 11
10 displays, 1112 audio reproduction section, 1113
1520 DA converter, 1114 speaker, 1115
Microphone, 1116 AD converter, 1117 audio encoding unit, 1200 memory card interface, 140
0,1500 authentication data holding unit, 1402 Kmc holding unit, 1415 memory, 1415A CRL storage unit,
1415B license area, 1415C data area, 1416KPmc holding unit, 1421Km holding unit,
1424 interface, 1442, 1446 changeover switch, 1502 Kp holding unit, 1507 KPpc
Holding unit, 1512 Kpc holding unit, 1518 music reproducing unit, 1525 selector, 1550 content reproducing circuit, 1611 to 161n content file, 162
1 to 162n license management file, 5400 watermark detection unit, 5401 watermark determination unit, 5402 remark unit, 5403 license generation unit, 5404 music encoder.

Claims (12)

[Claims]
1. The encrypted content data and the license for decrypting and reproducing the encrypted content data are acquired from a data recording device that records the encrypted content data and the license, and the encrypted content data is reproduced. A data reproducing device, an interface for controlling data exchange with the data recording device, an operation unit for inputting an instruction, and decrypting the encrypted content data with a license key included in the license. Content reproduction circuit for reproducing the content data by means of the content reproduction circuit, a public key holding unit for holding an individual public encryption key set for each content reproduction circuit, and an individual unit for decrypting data encrypted by the individual public encryption key. A private key holding unit that holds a private decryption key; A first decryption processing unit that decrypts the data encrypted by a private key with the individual secret decryption key; a session key generation unit that generates a session key for specifying communication with the data recording device; The second to decrypt the data encrypted with the key
A decryption processing unit and a control unit, wherein the control unit sequentially encrypts with the individual public encryption key and the session key in response to a reproduction request for the encrypted content data input via the operation unit. The encrypted encryption license is received via the interface, the received encryption license is given to the second decryption processing unit, and the second decryption processing unit receives the data decrypted by the session key. A data reproducing apparatus which gives to the first decryption processing unit, and the first decryption processing unit provides the content reproduction circuit with the license key included in the license decrypted by the individual secret decryption key.
2. The encrypted license is composed of encrypted data in which reproduction control information for restricting reproduction in the content reproduction circuit and the license key are sequentially encrypted with the individual public encryption key and the session key, When the reproduction control information decrypted by the first decryption processing unit permits reproduction of the encrypted content data in the content reproduction circuit, the control unit transmits the encrypted content data from the data recording device via the interface. The data reproducing apparatus according to claim 1, wherein the encoded content data is acquired and given to the content reproducing circuit.
3. A cryptographic processing unit that encrypts data with the session key, wherein the control unit receives another session key generated in the data recording device via the interface, and receives the other session key. One session key is given to the encryption processing unit, and the session key encrypted by the other session key in the encryption processing unit and the individual public encryption key are transmitted to the data recording device via the interface. The encryption processing unit encrypts the individual public encryption key from the public key holding unit and the session key from the session key generation unit with the other session key, and outputs the encrypted session key to the control unit. The data reproducing apparatus according to claim 1 or 2.
4. An authentication data holding unit that holds authentication data for the data recording device, and decrypts data included in the authentication data and encrypted by a class public encryption key unique to the content reproduction circuit. Further comprising a class private decryption key holding unit that holds a class private decryption key for storing the data, and a third decryption processing unit that decrypts the data encrypted by the class public encryption key with the class private decryption key. The unit transmits the authentication data to the data recording device via the interface, and when the authentication data is authenticated in the data recording device, the another session key encrypted by the class public encryption key. Is received from the data recording device via the interface, and the received another encrypted Is given to the third decryption processing unit, and the third decryption processing unit decrypts the other session key encrypted by the class public encryption key with the class secret decryption key and The data reproducing apparatus according to claim 3, wherein another session key is given to the encryption processing unit.
5. The content reproduction circuit includes a fourth decryption processing unit that decrypts the encrypted content data with the license key, and a reproduction unit that reproduces the content data decrypted by the fourth decryption processing unit. Claims 1 to 4 including
The data reproducing apparatus according to any one of 1.
6. A data recording device for recording a license for decrypting and reproducing encrypted content data, an interface for controlling data exchange with a data reproducing device for reproducing the encrypted content data, A storage unit that stores the encrypted content data and the license, a session key generation unit that generates a session key for specifying communication with the data reproduction device, and an individual public encryption set for each data reproduction device. A first encryption processing unit that encrypts data with a key, a second encryption processing unit that encrypts data with the session key, and a control unit, and the control unit is input via the interface. In response to the output request of the license, based on the access control information included in the license, It is determined whether or not the license key included in the license can be output to the data reproducing apparatus. When the license key can be output, the license is read from the storage unit and given to the first encryption processing unit, and the individual public encryption key And an encrypted license sequentially encrypted by the first session key generated in the data reproducing device, to the data reproducing device via the interface, and the first cryptographic processing unit stores the license. The individual public encryption key is encrypted and given to the second encryption processing unit, and the second encryption processing unit further encrypts the license encrypted by the individual public encryption key with the first session key. A data recording device, which is converted into a data and provided to the control unit.
7. The encrypted license sequentially encrypts reproduction control information for restricting reproduction of the encrypted content data in the data reproduction device and the license key with the individual public encryption key and the first session key. The data recording device according to claim 6, wherein the data recording device comprises encrypted data.
8. A decryption processing unit that decrypts data with a second session key generated by the session key generation unit, wherein the control unit includes the first session encrypted with the second session key. Receiving the session key and the individual public encryption key from the data reproducing device via the interface, and giving the encrypted first session key and the individual public encryption key received to the decryption processing unit, The decryption processing unit decrypts the encrypted first session key and the individual public encryption key with the second session key, and the decrypted individual public encryption key is the first encryption processing unit. And the decrypted first
The data recording device according to claim 6 or 7, wherein the session key is given to the second encryption processing unit.
9. A decryption processing unit for decrypting data with a public authentication key, and a third encryption processing unit for encrypting data with a class public encryption key unique to the type of the data reproducing device. The controller receives authentication data obtained by encrypting the class public encryption key and a class certificate specific to the type of the data reproducing device with the public authentication key from the data reproducing device via the interface, The received authentication data is given to the other decryption processing unit, and the data reproducing device is operated based on the class public encryption key and the class certificate decrypted by the public authentication key in the other decryption processing unit. Determine whether it is legitimate,
The session key generation unit is controlled so as to generate the second session key when the data reproduction device is legitimate, and the second encryption key is encrypted by the class public encryption key in the third encryption processing unit. Of the session key is transmitted to the data reproducing device via the interface, the another decryption processing unit decrypts the authentication data with the public authentication key, and the decrypted class public encryption key An encryption processing unit and the decrypted class certificate to the control unit; and the third encryption processing unit encrypts the second session key with the class public encryption key and provides the control unit with the second session key. The data recording device according to any one of claims 6 to 8.
10. The control unit receives the class public encryption key in the other decryption processing unit, and
The data recording device according to claim 9, wherein the data reproducing device is determined to be authentic when it is confirmed that the class public encryption key is not leaked based on the class certificate.
11. The encrypted content data is stored in the storage unit together with the license and based on another reproduction control information for controlling the output of the license from the storage unit. 11. When the output of the license is permitted for reproduction, the license is read from the storage unit and the encrypted license is transmitted to the data reproducing device via the interface. The data recording device according to any one of items.
12. The storage unit includes a first storage unit for storing the encrypted content data, and a second storage unit for storing the license, wherein the second storage unit has a confidentiality. The data recording device according to any one of claims 6 to 11, which is configured by a high tamper resistant structure.
JP2001288998A 2001-09-21 2001-09-21 Data reproducing apparatus and data recording apparatus Expired - Fee Related JP3631186B2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2001288998A JP3631186B2 (en) 2001-09-21 2001-09-21 Data reproducing apparatus and data recording apparatus

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP2001288998A JP3631186B2 (en) 2001-09-21 2001-09-21 Data reproducing apparatus and data recording apparatus

Publications (2)

Publication Number Publication Date
JP2003101524A true JP2003101524A (en) 2003-04-04
JP3631186B2 JP3631186B2 (en) 2005-03-23

Family

ID=19111557

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2001288998A Expired - Fee Related JP3631186B2 (en) 2001-09-21 2001-09-21 Data reproducing apparatus and data recording apparatus

Country Status (1)

Country Link
JP (1) JP3631186B2 (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006157887A (en) * 2004-10-28 2006-06-15 Sanyo Electric Co Ltd Content usage information providing device and content usage information transmitting method
JP2007318584A (en) * 2006-05-29 2007-12-06 Sony Ericsson Mobilecommunications Japan Inc Content reproducing apparatus
JP2009175809A (en) * 2008-01-21 2009-08-06 Toshiba Corp Content reproduction device and content distribution method
EP2158716A2 (en) * 2007-05-24 2010-03-03 Microsoft Corporation Binding content licenses to portable storage devices
US8429081B1 (en) * 2004-02-12 2013-04-23 Novell, Inc. Techniques for securely delivering media data

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8429081B1 (en) * 2004-02-12 2013-04-23 Novell, Inc. Techniques for securely delivering media data
JP2006157887A (en) * 2004-10-28 2006-06-15 Sanyo Electric Co Ltd Content usage information providing device and content usage information transmitting method
JP4624235B2 (en) * 2004-10-28 2011-02-02 三洋電機株式会社 Content usage information providing apparatus and content usage information transmission method
JP2007318584A (en) * 2006-05-29 2007-12-06 Sony Ericsson Mobilecommunications Japan Inc Content reproducing apparatus
EP2158716A2 (en) * 2007-05-24 2010-03-03 Microsoft Corporation Binding content licenses to portable storage devices
EP2158716A4 (en) * 2007-05-24 2014-11-26 Microsoft Corp Binding content licenses to portable storage devices
JP2009175809A (en) * 2008-01-21 2009-08-06 Toshiba Corp Content reproduction device and content distribution method

Also Published As

Publication number Publication date
JP3631186B2 (en) 2005-03-23

Similar Documents

Publication Publication Date Title
US8731202B2 (en) Storage-medium processing method, a storage-medium processing apparatus, and a storage-medium processing program
US7639810B2 (en) Digital content encrypting apparatus and operating method thereof
KR100852305B1 (en) Information processing system and method
JP4674933B2 (en) Method and apparatus for preventing unauthorized use of multimedia content
CN100417064C (en) Information processing system and its method, information recording medium and ,program providing medium
KR100939861B1 (en) Digital work protection system, record/playback device, and recording medium device
RU2295202C2 (en) Device, configured for data exchange and authentication method
US6581160B1 (en) Revocation information updating method, revocation information updating apparatus and storage medium
US7224804B2 (en) Information processing device, information processing method, and program storage medium
JP4610872B2 (en) Group formation management system, group management equipment and member equipment
EP1035543B1 (en) Information recording device and information reproducing device with license management
US7224805B2 (en) Consumption of content
TW493334B (en) Data distribution system and recording device used in such system
KR101109995B1 (en) Content protection system
KR100947152B1 (en) System and method for controlling the use and duplication of digital content distributed on removable media
EP1278330B1 (en) Information processing apparatus
CN100409205C (en) Information recording medium, information processing device, information processing method, and computer program
US6911974B2 (en) Information processing system and method
DE60132962T2 (en) Data processing device and data processing method
US7650328B2 (en) Data storage device capable of storing multiple sets of history information on input/output processing of security data without duplication
JP4305593B2 (en) Data recording / reproducing method and device, data recording device and method
US7487549B2 (en) Information processing apparatus, information processing method, recording medium, and program
DE60133359T2 (en) Information processing apparatus and information processing method
JP4581246B2 (en) Information processing system, information processing method, and program recording medium
CN101053030B (en) Data processing method, information recording medium manufacturing management system, recording data generation apparatus and method, and computer program

Legal Events

Date Code Title Description
A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20040907

A521 Written amendment

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20041104

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20041130

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20041215

FPAY Renewal fee payment (event date is renewal date of database)

Free format text: PAYMENT UNTIL: 20081224

Year of fee payment: 4

FPAY Renewal fee payment (event date is renewal date of database)

Free format text: PAYMENT UNTIL: 20081224

Year of fee payment: 4

FPAY Renewal fee payment (event date is renewal date of database)

Free format text: PAYMENT UNTIL: 20091224

Year of fee payment: 5

FPAY Renewal fee payment (event date is renewal date of database)

Free format text: PAYMENT UNTIL: 20101224

Year of fee payment: 6

FPAY Renewal fee payment (event date is renewal date of database)

Free format text: PAYMENT UNTIL: 20101224

Year of fee payment: 6

FPAY Renewal fee payment (event date is renewal date of database)

Free format text: PAYMENT UNTIL: 20111224

Year of fee payment: 7

FPAY Renewal fee payment (event date is renewal date of database)

Free format text: PAYMENT UNTIL: 20121224

Year of fee payment: 8

FPAY Renewal fee payment (event date is renewal date of database)

Free format text: PAYMENT UNTIL: 20131224

Year of fee payment: 9

S111 Request for change of ownership or part of ownership

Free format text: JAPANESE INTERMEDIATE CODE: R313113

R350 Written notification of registration of transfer

Free format text: JAPANESE INTERMEDIATE CODE: R350

LAPS Cancellation because of no payment of annual fees