JP2003157202A - Copyright protection system, recording device and decryption device - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a copyright protection system capable of reproducing only original recording media by checking whether the recording media are original recording media or copy recording media. SOLUTION: A number unique to a medium is recorded on a recording medium 20 in an unrewritable state. A recording device 10 writes an encrypted content, an encrypted content key used to decrypt the encrypted content, and license information generated by reflecting both the encrypted content key and the unique media number on the recording medium 20. A reproduction device 30 acquires the unique media number, the encrypted content key and the license information recorded on the recording medium 20, judges whether the license information reflects both the unique media number and the encrypted content key. Only if the license information reflects both the unique media number and the encrypted content key, the reproduction device 30 decrypts the encrypted content key recorded on the recording medium 20, and decrypts the encrypted content by using the decrypted content key.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a technique for protecting the copyright of content recorded on a recordable medium by using a writable recordable medium having a medium unique number recorded therein.

[0002]

2. Description of the Related Art In recent years, a content usage mode using a device for receiving a content such as a movie broadcast by digital broadcasting, recording the content on a recording medium such as an optical disc, and reproducing the content has become widespread. On the other hand, there is an increasing number of cases where content recorded on a recording medium by such a device is illegally copied to another recording medium using a personal computer or the like.

As a technique for rendering this illegally copied content unreproducible, a copyright protection system shown in FIG. 10 is conventionally known. In the figure, the copyright protection system encrypts the content and records on the recordable medium 2000.
Recording device 1000 for recording on a recording medium, and recordable medium 200
The playback device 3000 decrypts and plays back the encrypted content recorded in 0.

The recordable medium 2000 is a recording medium such as an optical disk and has a medium unique number area 2001 in which a medium unique number is recorded. The media unique number is an identifier unique to each recordable medium and is recorded when the recordable medium is manufactured. Media unique number area 20
01 is protected so that the media unique number cannot be rewritten after recording at the time of manufacture.

The recording device 1000 acquires content from the outside and stores it in the content storage unit 1004. When the recording medium 2000 is connected to the recording device 1000, the content encryption unit 1005 causes the content storage unit 1 to operate.
The content stored in 004 is read, encrypted with the content key, and recorded in the encrypted content area 2003 of the recordable medium 2000. The content key is a random number generated by the content key generation unit 1002. The content key encryption unit 1003 encrypts the content key with the content key encryption key and records it in the encrypted content key area 2002 of the recordable medium 2000. The content key encryption key is a key calculated by the key encryption key calculation unit 1001. The key encryption key calculation unit 1001 calculates a content key encryption key by a hash function using the media unique number recorded in the media unique number area 2001 and the master key. Here, the master key is a key that the recording device 1000 and the reproducing device 3000 secretly possess in advance to a third party.

FIG. 11 shows an internal operation mechanism of the key encryption key calculator 1001. The media unique number is input from the point A, and the master key storage unit 4 in the DES encryption unit 4000 is input.
The DES (Dat
a Encryption Standard). The encrypted media unique number is subjected to exclusive OR with the media unique number in the exclusive OR circuit 4002, and the result is output from B. The output of this B is the content key encryption key.

The recording device 200 is used as a reproducing device 3000.
When 0 is connected, the key decryption key calculation unit 3001 obtains the medium unique number from the medium unique number area 2001 of the recording medium 2000, and the content is calculated by the same calculation as the key encryption key calculation unit 1001 of the recording device 1000. Calculate the key decryption key. If each of the key encryption key calculation unit 1001 and the key decryption key calculation unit 3001 uses the same master key and medium unique number, the content key encryption key and the content key decryption key have the same value.

The content key decryption unit 3002 reads the encrypted content key from the encrypted content key area 2002 and decrypts it with the content key decryption key to obtain the content key. This content key is temporarily stored in the content key temporary storage unit 3003. Content decryption unit 3
004 reads the encrypted content from the encrypted content area 2003, decrypts it with the content key, and obtains the content.

The digital AV processing section 3005 converts the decrypted contents into analog audio image data and outputs the analog audio image data to an external speaker or display. With the above configuration, the playback device 3000 can correctly decrypt the content key only when using the same media unique number as the media unique number used for encryption.

In other words, even if a media unique number different from the media unique number used for encryption is used, the content key cannot be correctly decrypted. More specifically, when the encrypted content key and the encrypted content recorded on the recordable medium 2000 are copied to another recordable medium and the reproducer 3000 attempts to reproduce the other recordable medium, the record is performed. Type media 20
00 and the other recordable media have different media unique numbers, the reproducing apparatus 3000 cannot decrypt the correct content key from the encrypted content key recorded in the other recordable media.

In this way, the conventional copyright protection system enables the reproducing apparatus 3000 to correctly decrypt the content key only for the original content recorded by the recording apparatus 1000, and for the copied content, the reproducing apparatus. The illegal copy is invalidated by preventing the 3000 from decoding correctly.

[0012]

However, the playback device 3000 cannot distinguish whether the content is original or copy, and decrypts the copied content. When the copied content is reproduced, the content is not correctly decoded, and therefore a completely random video or audio different from the original content is output.

As a result, a user who tries to use the content without knowing it is the copied content does not know that the cause of the abnormal reproduction is due to the copy, and misunderstands that the device is out of order. It may happen. In addition, the device may be damaged due to abnormal reproduction. In view of the above, the present invention provides a mechanism for checking whether the content of the recordable medium is the original content or the copy content, and using the check result, only the original content is reproduced, and the copy content is not reproduced. The purpose is to provide a protection system.

[0014]

In order to solve the above problems, the copyright protection system of the present invention relates to a writable recording medium having a non-rewritable area in which a medium unique number which is different for each recording medium is recorded. A copyright protection system comprising a recording device for recording encrypted content, which is encrypted content, and a decryption device for reading and decrypting the encrypted content from the recording medium on which the encrypted content is recorded. The recording device performs a specific calculation using both the medium unique number recorded on the recording medium and the decryption information necessary for decrypting the encrypted content, to thereby obtain the medium unique number and the decryption information. Generating means for generating license information reflecting both of the above, and recording means for recording the license information, the decryption information, and the encrypted content in the recording medium. The decryption device uses all of the medium unique number recorded on the recording medium, the decryption information, and the license information so that the license information uses both the medium unique number and the decryption information. A judgment means for judging whether or not it is derived by a specific operation, and only when a positive judgment is made by the judgment means, the encrypted content recorded on the recording medium is used by using the decryption information. Decoding means for decoding.

Further, the decryption information can obtain a decryption key for decrypting the encrypted content by performing a predetermined operation by using the decryption information, and the decryption means is the above-mentioned. Decryption key operation means for obtaining the decryption key by performing the predetermined operation on the decryption information is provided, and in decrypting the encrypted content, the decryption key is used to decrypt the content from the encrypted content. Good.

The recording device further possesses a recording device side owning means possessing the private key by acquiring the private key from the outside or storing it in advance, and the private key encryption of the decryption key using the private key. And a decryption key encryption unit that generates the decryption information by encrypting with a method, and the decryption device further obtains the same private key as the private key owned by the recording device from the outside or in advance. A decryption device-side possessing unit that is possessed by being stored, and the decryption key computing unit obtains a decryption key by decrypting the decryption information using the secret key by a secret key encryption method. You may comprise.

The generating means of the recording device further comprises:
In the specific calculation, the secret key is used in addition to the medium unique number and the decryption information, and the determining unit of the decryption device further includes the medium unique number and the decryption information, and the decryption device. A private key possessed by the side possession means may be used to determine whether or not the license information is derived by the specific operation.

Further, in the recordable medium, secret key information capable of correctly decrypting the secret key only when a specific device key is used is recorded in the non-rewritable area. The recording device side possessing means and the decryption device side possessing means use a device key storage means for storing a device key unique to the device in advance, and a secret key of the recording medium by using the device key stored in the device key storage means. The recording device comprises: a private key decrypting means for decrypting information; and a private key storing means for storing the private key by storing the private key only when the private key is successfully decrypted by the private key decrypting means. Further, the decryption device further comprises a stopping means for stopping the processing of each of the following means when the secret key cannot be correctly decrypted by the secret key decrypting means. It may be.

Further, in the decoding device, the determination means performs the same operation as the specific operation in the generation means by using the medium unique number recorded on the recording medium and the decryption information to obtain the operation result. And a comparison determination unit that compares the reference permission information with the medium unique number, makes an affirmative determination when the two match, and makes a negative determination when the two do not match. You may prepare.

Further, in the recording device, the generating means generates license information for each encrypted content recorded on the recordable medium, using the medium unique number and the decryption information for the encrypted content. The recording means records each set of the encrypted content, the decryption information, and the permission information in association with each other on the recording medium, and in the decryption device, the determining means and the decrypting means are the recording medium. It may be configured such that each processing is performed for each of the groups recorded in Section 1.

In the recording device, the generating means may generate one license information by using all the decryption information corresponding to each encrypted content recorded on the recording medium and the medium unique number. You may comprise.
The recording device of the present invention is a recording device for recording encrypted content, which is encrypted content, on a writable recording medium having a non-rewritable area in which a medium unique number unique to the recording medium is recorded. By performing a specific operation using both the medium unique number recorded on the recording medium and the decryption information necessary to decrypt the encrypted content, both the medium unique number and the decryption information are reflected. And a recording unit configured to record the license information, the decryption information, and the encrypted content on the recording medium.

The decryption device of the present invention has a non-rewritable area in which a medium unique number peculiar to a recording medium is recorded, and encrypted content, decryption information to be used for decrypting the encrypted content, and the relevant encryption. A decryption device for reading and decrypting encrypted content from a recording medium on which permission information used to determine whether or not to permit decryption of encrypted content is recorded, and is unique to the medium recorded on the recording medium. By using all of the number, decryption information and license information,
Only when the license information is a determination means for determining whether or not the license information is derived by a specific calculation using both the medium unique number and the decryption information, and when the determination means makes an affirmative determination, Decryption means for decrypting the encrypted content recorded on the recording medium using the decryption information.

[0023]

BEST MODE FOR CARRYING OUT THE INVENTION <First Embodiment> A first embodiment of the present invention will be described below with reference to the drawings. <Structure> FIG. 1 shows the copyright protection system 1 of the first embodiment.
It is a block diagram which shows the structure of 00.

In the figure, the copyright protection system 100
Is composed of a recording device 10 for recording the encrypted content on the recording medium 20 and a reproducing device 30 for decoding and reproducing the encrypted content recorded on the recording medium 20. Below, the recording medium 20 will be described first, and then the configuration of the recording device 10 and the configuration of the reproducing device 30 will be described. <Recordable Medium 20> The recordable medium 20 is an optical disc and has a non-rewritable medium unique number area 21 in which a medium unique number is recorded and a recordable recording area.

The media unique number is a 64-bit identifier unique to each recording medium and is written in the medium unique number area 21 when the recording medium is manufactured.
The medium unique number area 21 is protected so that the medium unique number cannot be rewritten after writing at the time of manufacture. In the recording area, the recording device 10 secures the license information area 22, the encrypted content key area 23, and the encrypted content area 24, and the recording device 10 records various data.

In the encrypted content area 24, the encrypted content is recorded by the recording device 10. In the encrypted content key area 23, the encrypted content key is recorded by the recording device 10. The encrypted content key is information that the playback device 30 needs to decrypt the encrypted content, and is an encrypted content key. The content key is a secret key of a secret key cryptosystem that is commonly used for content encryption and decryption.

In the license information area 22, the license information is recorded by the recording device 10. The license information is information for certifying that the data recorded on the recording medium 20 is the original data recorded by the recording device 10. The original recording means that the recording medium is the original recording medium and is not copied from another recording medium or the like. The playback device 30 can determine whether the recording medium is the original one or the copy one by confirming the permission information. The license information will be described later in detail. <Structure of Recording Device 10> Next, the structure of the recording device 10 will be described.

The recording device 10 includes a master key storage unit 11,
A content key generation unit 12, a content key encryption unit 13, a content storage unit 14, a content encryption unit 15, and a license information calculation unit 16 are provided. The master key storage unit 11 has 56
This is a memory in which a bit master key is stored in advance. The master key is common to the recording device 10 and the reproduction device 30,
It is a key that is kept secret outside.

The content key generator 12 is a random number generator that generates a random number as a content key. The content key generation unit 12 is a control circuit (not shown) of the recording device 10.
When it receives the activation signal output by, it generates one 56-bit random data and outputs it as the content key. The content key encryption unit 13 encrypts the content key with the master key and records it on the recordable medium 20. For example, DES is used as the encryption algorithm. The content key encryption unit 13 acquires the content key generated by the content key generation unit 12 and the master key stored in the master key storage unit 11,
The content key is encrypted with the master key to obtain a 64-bit encrypted content key. Then, the encrypted content key area 23 is secured in the recording area of the recordable medium 20, and the encrypted content key is recorded in that area.

The content storage unit 14 is a storage device such as a hard disk, and records and holds contents input from the outside. The situation where the satellite broadcast receiving apparatus receives the digital movie content broadcast by digital satellite broadcasting and accumulates the content in the content storage unit 14 is an example of the situation where the content is input from the outside.

The content encryption unit 15 encrypts the content with the content key and records it on the recordable medium 20. As the encryption algorithm, for example, DE
S is used. The content encryption unit 15 acquires the content key generated by the content key generation unit 12 and the content recorded in the content storage unit 14,
The content is divided into blocks of 64 bits, and each block is encrypted with a content key. Then, the encrypted content area 24 is secured in the recording area of the recordable medium 20, and the encrypted content, which is a set of encrypted blocks, is recorded in the area.

The license information calculation unit 16 is an arithmetic mechanism for generating license information. The license information calculation unit 16 first stores the media unique number recorded in the media unique number area 21, the encrypted content key that is the result of encryption by the content key encryption unit 13, and the master key storage unit 11. Get the master key and. Next, the media unique number, the master key and the encrypted content key are concatenated into one bit string, and SHA-1 is input with this bit string as input.
A calculation is performed using a hash function such as (Secure Hash Algorithm 1). As a result, a 160-bit hash value is obtained, and this hash value is used as permission information. Finally, the license information area 22 is secured in the recording area of the recordable medium 20, and the license information is recorded in the area.

Here, the hash function SHA-1 will be described. The hash function SHA-1 is one of the hash functions used for authentication, digital signature, and the like. This function generates a 160-bit hash value from data of 2 64 or less. Since the hash function SHA-1 includes an irreversible one-way function, the original data cannot be reproduced from the hash value. Further, it is extremely difficult to generate another data that generates the same hash value. Utilizing this property, the sending side sends the data and the hash value generated from the data to the receiving side, the receiving side generates the hash value from the received data, and the generated hash value and the received hash value. By comparing, it can be detected whether the data has been tampered with during the communication.

Due to the nature of the hash function SHA-1, it can be said that it is difficult to generate the license information from values other than the media unique number, the encrypted content key and the master key used to generate the license information. . That is, the license information reflects all of the media unique number, the encrypted content key, and the master key used to generate the license information.

Therefore, in the license information, the media unique number, encrypted content key and master key reflected in the license information are recorded in the media unique number and encrypted content key area 23 recorded in the media unique number area 21. Since the encrypted content key and the master key owned by the recording device 10 are the same, the media unique number, the encrypted content key and the master key are certified. <Configuration of Playback Device 30> Next, the configuration of the playback device 30 will be described.

The playback device 30 includes a master key storage unit 31,
The content key decryption unit 32, the content decryption unit 33, the digital AV processing unit 34, the reference permission information calculation unit 35, the comparison unit 36, the first switch 37, the second switch 38, and the alarm 39. The master key storage unit 31 is a memory in which a 56-bit master key is stored in advance. This master key has the same value as that stored in the master key storage unit 11 of the recording device 10.

The content key decryption unit 32 decrypts the encrypted content key recorded on the recordable medium 20 with the master key. The content key decryption unit 32 acquires the encrypted content key recorded in the encrypted content key area 23 and the master key stored in the master key storage unit 31, and decrypts the encrypted content key with the master key. , Get the content key.

The content decryption section 33 decrypts the encrypted content recorded on the recordable medium 20 with the content key and outputs the decrypted content to the digital AV processing section 34.
The content decryption unit 33 includes the content key decrypted by the content key decryption unit 32 and the encrypted content area 24.
And the encrypted content recorded in (4) are divided, the encrypted content is divided into blocks of 64 bits, and each block is decrypted with the content key. Then, the content, which is a set of decrypted blocks, is output to the digital AV processing unit 34.

The digital AV processing section 34 acquires the content from the content decoding section 33, converts the content into analog audio image data, and outputs the analog audio image data to an external speaker or display. The first switch 37 includes a comparison unit 36.
When the first switch 37 is closed, the encrypted content key is read from the encrypted content key area 23 to the content key decryption unit 32, and when the first switch 37 is open, the encryption is performed. The reading of the encrypted content key is stopped.

The second switch 38 is opened / closed under the control of the comparison section 36. When the second switch 38 is closed, power is supplied to the alarm 39, and when it is open, it is not supplied. The alarm 39 is a circuit which operates when power is supplied and generates a warning sound.

The reference permission information calculation unit 35 is a calculation mechanism that performs the same calculation as the permission information calculation unit 16 to generate reference permission information. The reference permission information calculation unit 35 uses the media unique number recorded in the media unique number area 21, the encrypted content key recorded in the encrypted content key area 23, and the master key stored in the master key storage unit 31. And get. Next, the reference permission information calculation unit 35 concatenates the media unique number, the master key and the encrypted content key into one bit string. Here, the order of connecting the respective data is the same as the order of connecting in the permission information calculation unit 16. Then, the reference permission information calculation unit 35 receives the bit string as an input and performs a calculation by a hash function such as SHA-1. As a result, a 160-bit hash value is obtained, and this hash value is used as reference permission information.

The comparison unit 36 acquires the permission information recorded in the permission information area 22 and the reference permission information generated by the reference permission information calculation unit 35, and compares the two values,
Only when they match, the encrypted content is controlled to be decrypted, and when they do not match, the decryption of the encrypted content is stopped and a warning sound is generated in the alarm 39. More specifically, as a result of the comparison, when the license information and the reference license information match, the first switch 37 is closed and the encrypted content key of the encrypted content key area 23 is read by the content key decryption unit 32. As a result, the content key is decrypted, and the content is decrypted and reproduced.

As a result of the comparison, when the license information and the reference license information do not match, the first switch 37 is opened and the second switch 38 is closed. By opening the first switch 37, the encrypted content key in the encrypted content key area 23 is not read by the content key decryption unit 32, so the content key is not decrypted, and the content is neither decrypted nor reproduced. By closing the second switch 38, power is supplied to the alarm 39 and the alarm 39 operates.

Reference permission information calculation unit 35 and comparison unit 36
Is the license information including the media unique number recorded in the media unique number area 21, the encrypted content key recorded in the encrypted content key area 23, and the master key stored in the master key storage unit 31. Determine whether it is reflected in the license information recorded in the area 22,
Each unit is controlled so that the encrypted content is decrypted only when it is reflected, and when it is not reflected, the decryption of the encrypted content is stopped and a warning sound is generated.

Each of the media unique number, encrypted content key, and master key used to generate the reference license information and the media unique number, encrypted content key, and master key used to generate the license information are The license information and the reference license information have the same value only when is also the same value. Conversely speaking, the media unique number, encrypted content key, and master key used to generate the reference permission information, and the media unique number, encrypted content key, and master key used to generate the permission information, respectively. If any one of them is different, the license information and the reference license information have different values. <Operation> The operation of each of the recording device 10 and the reproducing device 30 configured as described above will be described.

FIG. 2 is a flowchart showing the processing procedure of the recording device 10. First, the content key generation unit 12
Generates a content key (step S201). Next, the content key encryption unit 13 uses the master key storage unit 11
The master key is read from (step S202).

Subsequently, the content key encryption unit 13 encrypts the generated content key with the master key, and as a result, obtains the encrypted content key (step S203).
The content key encryption unit 13 secures the encrypted content key area 23 in the recording area of the recordable medium 20 and records the encrypted content key in the area (step S20).
4).

The content encryption unit 15 reads out the content stored in the content storage unit 14, divides the content into 64-bit blocks, and encrypts each block with a content key to generate encrypted content (step S205). . Then, the content encryption unit 15
Secures the encrypted content area 24 in the recordable medium 20 and records the generated encrypted content in the area (step S206).

The license information calculation unit 16 is used for the recording medium 2
The media unique number is read from the media unique number area 21 of 0 (step S207). Then, the permission information calculation unit 16 uses the read media unique number, the master key of the master key storage unit 11, and the encrypted content key output from the content key encryption unit 13 to obtain the permission information by a hash function. Is generated (step S208).

Finally, the license information calculating unit 16 secures the license information area 22 in the recording area of the recordable medium 20 and records the generated license information in the area (step S20).
9). FIG. 3 is a flowchart showing the processing procedure of the playback device 30. The reference permission information calculation unit 35 reads the medium unique number from the medium unique number area 21 of the recordable medium 20 and reads the encrypted content key from the encrypted content key area 23. Further, the comparison unit 36 reads the license information from the license information area 22 (step S30).
1).

Next, the reference permission information calculation unit 35 reads the master key from the master key storage unit 31 (step S
302). Subsequently, the reference permission information calculation unit 35 generates reference permission information by a hash function using the medium unique number, the encrypted content key, and the master key. The calculation procedure of this generation is the same as step S208 (step S303).

The comparison unit 36 compares the permission information read from the recording medium 20 with the reference permission information generated by the reference permission information calculation unit 35 (step S30).
4). As a result of the comparison, the comparison unit 36 determines steps S306 and S307 when the permission information and the reference permission information match.
And S308, and if the license information and the reference license information do not match, the process of step S309 is performed.

As a result of the comparison in step S305, if the license information and the reference license information match, the comparison unit 36
The switch 37 is closed. As a result, the content key decryption unit 32 reads the encrypted content key from the encrypted content key area 23, decrypts the encrypted content key with the master key stored in the master key storage unit 31, and obtains the content key (step S306).

Subsequently, the content decryption unit 33 reads the encrypted content from the encrypted content area 24,
The encrypted content is decrypted with the content key decrypted by the content key decryption unit 32 to obtain the content (step S307). The digital AV processing unit 34 reproduces the decrypted contents as audio and video signals and outputs them to a speaker, a display, etc. (step S308).

As a result of the comparison in step S305, if the license information and the reference license information do not match, the comparing unit 36 determines that the first
The switch 37 is opened and the second switch 38 is closed. As a result, the content key decryption unit 32 does not decrypt the encrypted content key. Therefore, the encrypted content cannot be decrypted or reproduced. On the other hand, power is supplied to the alarm 39, and the alarm 39 sounds a warning sound and outputs it to a speaker or the like (step S309). <Effect> By configuring the copyright protection system 100 as described above, the reproducing device 30 does not reproduce the recordable medium in the following cases. (1) The media unique number used to generate the license information recorded on the recordable medium is different from the media unique number used to generate the reference license information.

For example, the permission information, the encrypted content key and the encrypted content of the recording medium 20 recorded by the recording device 10 are copied to another recording medium, and the other recording medium is reproduced by the reproducing device. It happens when 30 tries to play. This is because the media unique numbers of other recordable media are different from the media unique numbers of the recordable media 20. (2) The encrypted content key used to generate the license information recorded on the recordable medium and the encrypted content key used to generate the reference license information are different.

For example, the encrypted content key and the encrypted content of another recording medium are overwritten on the encrypted content key area 23 and the encrypted content area 24 of the recording medium 20, respectively, and the recording medium is recorded. This occurs when the reproducing device 30 tries to reproduce 20. It is extremely rare that the encrypted content key recorded on another recording medium has the same value as the encrypted content key initially recorded on the recording medium 20,
This is because most of them are different. (3) The master key used to generate the permission information recorded on the recordable medium is different from the master key used to generate the reference permission information.

This is, for example, a case where a recording medium recorded by another recording device which does not own the master key owned by the recording device 10 and the reproducing device 30 is reproduced by the reproducing device 3.
It happens when 0 tries to play. The master key is kept secret except for the device of the copyright protection system 100. Therefore, unless the master key is stolen, another device other than the device of the copyright protection system 100 causes the playback device 30 to play back. Recordable media cannot be created.

As described above, the reproduction device 30 does not reproduce the recordable medium recorded by illegal copying or the like, but reproduces only the original recordable medium recorded by the recording device 10, and therefore the copyright protection system 100. Can prevent distribution of contents by illegal copying or the like. <Second Embodiment> Next, a second embodiment of the present invention will be described.

In the first embodiment, the recording device 10 and the reproducing device 30 have a structure in which the master key required for content encryption and decryption is held in advance in the device. When there are a plurality of recording devices 10 and playback devices 30, each device holds the same master key. However, in this configuration, if one device is physically attacked, that is, if the inside of one device is analyzed and the master key is exposed, the master key cannot be used, and only that device can be used. None, all devices with the same master key will be disabled.

Therefore, the copyright protection system of the second embodiment is modified from the copyright protection system 100 of the first embodiment even if one recording device or reproducing device is physically attacked. , So that other devices are not disabled. The main improvements are as follows. That is, (1) device keys having different values are assigned to the recording device and the reproducing device, respectively, and held in the respective devices. (2) A key called a media key is processed and recorded on the recordable medium at the time of its manufacture. The media key is a content key and a key required for content encryption and decryption. Processing is explained in detail later, but the media key can be extracted from the processed media key only when a specific device key is used, and it is processed when other device keys are used. The processing is such that the media key cannot be extracted from the existing media key. A specific device key is a device key held by a device that has not been reported to have been physically attacked during the manufacture of recordable media, and any other device key is a physical device key. This is the device key held by the device that was reported to have been attacked. (3) The recording device uses the device key it holds to
Attempts to get the media key recorded on the recordable media. The recording device encrypts the content key and the content by using the media key only when the media key can be acquired, and does not encrypt when the media key cannot be acquired. (4) Similar to the recording device, the reproducing device attempts to acquire the media key recorded on the recording medium using the device key held therein. The playback device decrypts the encrypted content key and the encrypted content recorded on the recordable medium using the media key only when the media key can be acquired, and does not decrypt when the media key cannot be acquired.

The structure and operation of the copyright protection system thus improved will be described below. <Structure> FIG. 4 shows the copyright protection system 2 of the second embodiment.
It is a block diagram which shows the structure of 00. In the figure, a copyright protection system 200 includes a recording device 60 for recording encrypted content on a recording medium 70 and a recording medium 7.
The playback device 80 decrypts and plays back the encrypted content recorded in 0.

In the figure, the components having the same reference numerals as in FIG. 1 are the same. Below, it demonstrates centering on a different part from FIG. <Recordable Media 70> The recordable medium 70 is an optical disk similar to the recordable medium 20, and in addition to the same configuration as the recordable medium 20, the media key data area 25
Have.

The media key data area 25 is an area that can be read only and cannot be written, and the media key data is recorded when the recording medium 70 is manufactured.
The media key data is obtained by processing the media key described in the improvement point (2). FIG. 5 shows an example of the media key data recorded in the media key data area 25. In the example of the figure, the media key data is
It consists of 128 records, each size of 8 bytes.
The content of each record is E (Kdi, Km) or E (Kd
i, 0) [i is an integer from 1 to 128] and is encrypted data.

Km represents a media key. The media key is uniquely assigned to each group by grouping a plurality of recording media 70 into one or a plurality of groups.
It is a 6-bit random value. The media key takes a value other than 0 in order to distinguish it from 0 in E (Kdi, 0). Kdi [i is an integer from 1 to 128] represents a 56-bit device key. Device keys are Kd1 and Kd
.., Kd128, which are held in the recording device 60 or the reproducing device 80 having the device numbers 1, 2 ,. The device number is a number from 1 to 128 which is assigned in advance to each of the 128 recording devices 60 and the reproducing devices 80. Each of the first record to the 128th record is
It corresponds to the device keys Kd1 to Kd128 and corresponds to the recording device 60 and the reproducing device 80 having the device numbers 1 to 128.

E () means an encryption algorithm, for example, DES. That is, E (Kdi, Km) is DE
S represents the result of encrypting the media key Km with the device key Kdi using the media key Km as the plain text, the 56-bit device key Kdi as the encryption key. For example, E (Kd2, Km) of the second record is the media key Km
Represents the result of encryption with the device key Kd2. On the other hand, E
(Kdi, 0) represents the result of encrypting the value of 0 with the device key Kdi. For example, E (Kd of the third record
3, 0) represents the result of encrypting 0 with the device key Kd3.

On the contrary, if E (Kdi, Km) is decrypted by the device key Kdi, the decryption result becomes the media key Km. For example, if E (Kd2, Km) of the second record is decrypted with the device key Kd2, the decryption result is the media key K.
m. On the other hand, E (Kdi, 0) is the device key Kd
If it is decoded by i, the decoding result becomes 0. For example, if E (Kd3,0) in the third record is decrypted with the device key Kd3, the decryption result will be zero.

Thus, depending on whether the contents of each record corresponding to 128 types of device keys are E (Kdi, Km) or E (Kdi, 0), the device key type and the media key are acquired. It is possible to classify the device key that can be used as a device key and the device key that cannot be obtained as a media key. The manufacturer of the recordable medium 70 acquires information on a device that has been physically attacked at the time of its manufacture, and according to the information, determines the type of each device key, the device key that can acquire the media key, and the media key. The key is sorted into a device key that cannot be obtained,
The content of the record corresponding to the device key that can obtain the media key is E (Kdi, Km), and the content of the record corresponding to the device key that cannot obtain the media key is E (Kdi, 0) Media key data is generated and recorded in the media key data area 25. This makes it possible to prevent the media key from being extracted only when a specific media key is used and not when using a device key other than that. <Structure of Recording Device 60> The recording device 60 is the recording device 10
The configuration is different from the above configuration in that a device key storage unit 17, a media key calculation unit 18, and a media key temporary storage unit 19 are provided instead of the master key storage unit 11.

The device key storage unit 17 is a memory in which the device key assigned to the recording device 60 is stored in advance. The recording device 60 keeps the device key secret from the outside. The media key calculation unit 18 reads the device key from the device key storage unit 17, and also reads the encrypted data from the record corresponding to the device number of the recording device 60 in the media key data area 25. Then, the media key calculation unit 18 decrypts the encrypted data with the device key. The encrypted data is E (Kdi, Km) or E (Kd
i, 0), decryption with the device key Kdi yields
The media key Km or 0 is obtained. Media key calculator 1
8 determines whether or not the obtained value is 0, and when it is 0, the subsequent processing of the recording device 60 is stopped. That is, processing such as content key and content encryption is stopped.

On the other hand, when the obtained value is the media key Km, the media key calculation unit 18 temporarily stores the media key Km in the media key temporary storage unit 19. To store temporarily means when the media key Km is stored,
The media key Km is held in the media key temporary storage unit 19 until it is no longer needed after the media key Km is used for encryption of the content key, and after that period, the media key temporary storage unit 19 is initialized. Means erasing the value of the media key Km. This is erased except when necessary to minimize damage to the recording device 60 due to a physical attack.

The media key temporary storage unit 19 is a memory for temporarily holding the media key Km decrypted by the media key calculation unit 18. Each of the license information calculation unit 16 and the content key encryption unit 13 has the same mechanism as that of the first embodiment, but uses the media key Km held in the media key temporary storage unit 19 instead of the master key. The difference is that it is different from the first embodiment. <Structure of Playback Device 80> The playback device 80 is the playback device 30.
The configuration is different from the above configuration in that a device key storage unit 40, a media key calculation unit 41, and a media key temporary storage unit 42 are provided instead of the master key storage unit 31.

The device key storage section 40 is a memory in which a device key assigned to the playback device 80 is stored in advance. The playback device 80 keeps the device key secret from outside. The media key calculation unit 41 reads the device key from the device key storage unit 40, and also reads the encrypted data from the record corresponding to the device number of the playback device 80 in the media key data area 25. Then, the media key calculation unit 41 decrypts the encrypted data with the device key. The encrypted data is E (Kdi, Km) or E (Kd
i, 0), decryption with the device key Kdi yields
The media key Km or 0 is obtained. Media key calculator 4
The value 1 determines whether or not the obtained value is 0, and when the value is 0, the subsequent processing of the playback device 80 is stopped. That is, processing such as decryption of the content key and content is stopped.

On the other hand, when the obtained value is the media key Km, the media key calculation unit 41 temporarily stores the media key Km in the media key temporary storage unit 42. To store temporarily means when the media key Km is stored,
The media key Km is held in the media key temporary storage unit 42 until it becomes unnecessary after the media key Km is used for decryption of the encrypted content key, and after that period, the media key temporary storage unit 42 is initialized. Means erasing the value of the media key Km. This is erased except when necessary to minimize the damage due to the physical attack on the playback device 80.

The media key temporary storage unit 42 is a memory for temporarily holding the media key Km decrypted by the media key calculation unit 41. Each of the reference permission information calculation unit 35 and the content key decryption unit 32 has the same mechanism as that of the first embodiment, but uses the media key Km held in the media key temporary storage unit 42 instead of the master key. This is different from the first embodiment. <Operation> The operation of each of the recording device 60 and the reproducing device 80 configured as described above will be described.

First, the operation of the recording device 60 will be described. (1) In the recording device 60, the media key calculation unit 18
The device key is acquired from the device key storage unit 17, and the encrypted data of the record corresponding to the recording device 60 is acquired from the media key data area 25. (2) Next, the media key calculation unit 18 decrypts the encrypted data with the device key, and determines whether the result is 0 or not.

(3) If the decryption result is 0, the recording device 60 stops the subsequent encryption process. (4) If the decryption result is not 0, the media key calculation unit 18 stores the media key as the decryption result in the media key temporary storage unit 19. (5) Subsequently, the recording device 60 performs the same processing as the flowchart of FIG. However, in FIG. 2 and the description thereof, the master key storage unit 11 is replaced with the media key temporary storage unit 19, and the master key is replaced with the media key.

(6) Finally, the recording device 60 initializes the media key temporary storage unit 19 to erase the value of the media key. Next, the operation of the playback device 80 will be described. (1) In the playback device 80, the media key calculation unit 41
The device key is acquired from the device key storage unit 40, and the encrypted data of the record corresponding to the playback device 80 is acquired from the media key data area 25.

(2) Next, the media key calculation section 41 decrypts the encrypted data with the device key, and determines whether the result is 0 or not. (3) If the decoding result is 0, the reproducing device 80 stops the subsequent decoding process. (4) When the decryption result is not 0, the media key calculation unit 41 stores the decryption result media key in the media key temporary storage unit 42.

(5) Subsequently, the reproducing device 80 performs the same processing as the flowchart of FIG. However, in FIG. 3 and the description thereof, the master key storage unit 31 is replaced with the media key temporary storage unit 42, and the master key is replaced with the media key. (6) Finally, the playback device 80 has the media key temporary storage unit 4
Initialize 2 to erase the value of the media key. <Effect> With the above configuration, the copyright protection system 200
, The media key can be decrypted only by using a specific device key depending on whether the encrypted data of each record of the media key data is E (Kdi, Km) or E (Kdi, 0), and other than that. The device key can be used to prevent the media key from being decrypted.

Thus, for example, when one device is physically attacked by a third party and the device key is exposed,
The manufacturer of the recordable medium 70 may create media key data in which the encrypted data of the record corresponding to the device is E (Kdi, 0) and record it in the recordable medium 70. Then, even if the third party tries to illegally acquire the media key by using the exposed device key, the third party cannot acquire the media key. And since the third party cannot obtain the media key, it becomes impossible to decrypt the encrypted content key and the encrypted content encrypted by the media key, preventing the third party from illegally using the content. can do.

Further, the copyright protection system 200 sets the encrypted data of each record of the media key data to E (Kdi,
Km) or E (Kdi, 0) controls whether or not each device performs encryption or decryption.
Thereby, for example, when the device key of one device is exposed, the device can be made unusable by setting the encrypted data of the record corresponding to that device to E (Kdi, 0).

Further, in the copyright protection system 200, as long as the encrypted data is not E (Kdi, 0), it is possible to use a common recording medium between recording devices and reproducing devices having different device keys. Therefore, there is an effect that the portability of the recording medium is not impaired.
Note that the recording device 60 and the reproducing device 80 are configured to suspend the process of encrypting or decrypting the content when the decryption result obtained by decrypting the encrypted data with the device key is 0. May be used as a key to perform encryption or decryption. The encrypted content key and encrypted content encrypted using 0 as a key cannot be decrypted using the media key Km. On the contrary, the encrypted content key and the encrypted content encrypted with the media key Km cannot be decrypted using 0 as a key. As a result, it is possible to prevent the unauthorized use of the content using the device that has been physically attacked.

Although the device key is unique to each device, it may be unique to each group of a plurality of devices. In this case, when one device is subjected to a physical attack, the encrypted data corresponding to that device becomes E (Kdi, 0), so that all the devices in the group to which the device belongs cannot be used. Group equipment is
Can be used. <Third Embodiment> Next, a third embodiment of the present invention will be described.

In the first and second embodiments, the recording device has the content key encryption unit, and the reproducing device has the content key decrypting unit. Thus, the recording device and the reproducing device have different components. . On the other hand, in the third embodiment, the recording device and the reproducing device are provided with the same content key generation unit to reduce the cost. FIG. 6 is a block diagram showing the configuration of the copyright protection system 300 of the third embodiment.

In the figure, the copyright protection system comprises a recording device 110 for recording the encrypted content on the recording medium 120 and a reproducing device 130 for decrypting and reproducing the encrypted content recorded on the recording medium 120. To be done. In the figure, the components having the same reference numerals as those in FIG. 1 are the same. Below, it demonstrates centering around a different part.

The recording medium 120 is different from the recording medium 20 in that it has a random number area 121 instead of the encrypted content key area 23, and is otherwise the same as the recording medium 20. The random number area 121 is secured in the recording area of the recording medium 120 by the recording device 110 and the random number is recorded. This random number is the source of the content key.

The recording device 110 is different from the recording device 10 in that the content key generation unit 12 and the content key encryption unit 1
3 is different in that a random number generator 111 and a content key generator 112 are provided. The other components are the same as those of the recording device 10. The random number generation unit 111 generates a random number and outputs it to the license information calculation unit 16 and the content key generation unit 112.
A random number area 121 is secured in the recording area of 20, and the random number is recorded.

The content key generation unit 112 uses, for example, the hash function S using the random number given by the random number generation unit 111 and the master key stored in the master key storage unit 11.
HA-1 or the like is calculated to generate a content key. The content encryption unit 15 encrypts the content using the content key generated by the content key generation unit 112 and records it in the encrypted content area 24.

The permission information calculation unit 16 acquires the media unique number, the master key, and the random number of the random number generation unit 111, concatenates them into one bit string, and inputs the bit string as input to the hash function SHA-1 or the like. Calculate. Then, the hash value of the calculation result is recorded in the license information area 22 as license information. The playback device 130 is different from the playback device 30 in that a content key generation unit 131 is provided instead of the content key decryption unit 32. The other components are the same as those of the playback device 30.

The content key generation unit 131 is the same as the content key generation unit 112, and uses the random number recorded in the random number area 121 and the master key stored in the master key storage unit 31. The same operation as 112 is performed to generate a content key. The content decryption unit 33 decrypts the content using the content key generated by the content key generation unit 131.

The reference permission information calculation unit 35 acquires the media unique number, the master key, and the random number in the random number area 121,
The same calculation as that performed by the permission information calculation unit 16 of the recording device 110 is performed to generate reference permission information. With the above configuration, in manufacturing the copyright protection system 100,
While the content key encryption unit and the content key decryption unit are manufactured, in the manufacture of the copyright protection system 300, two content key generation units are manufactured instead of them, and the copyright protection system 300 The manufacturing cost can be reduced as compared with the right protection system 100. <Fourth Embodiment> Next, a fourth embodiment of the present invention will be described.

The copyright protection system of this embodiment has a configuration in which the respective characteristic parts of the copyright protection system 300 and the copyright protection system 200 are combined. Figure 7
[Fig. 7] is a block diagram showing a configuration of a copyright protection system 400 of a fourth embodiment. In the figure, the copyright protection system 400 is composed of a recording device 160 for recording encrypted content on a recordable medium 170 and a reproducing device 180 for decrypting and reproducing the encrypted content recorded on the recordable medium 170. .

In the figure, the components having the same reference numerals as those in FIGS. 4 and 6 are the same. The recording medium 170 is
This is a configuration in which the media key data area 25 of the recording medium 70 is added to the recording medium 120. Recording device 16
0 is the master key storage unit 11 of the recording device 110, the device key storage unit 17 of the recording device 60, the media key calculation unit 1
8 and the media key temporary storage unit 19 are replaced.

The playback device 180 has a configuration in which the master key storage unit 31 of the playback device 130 is replaced with the device key storage unit 40, the media key calculation unit 41, and the media key temporary storage unit 42 of the playback device 80. With the above configuration, the copyright protection system 400 has the advantages of both the copyright protection system 200 and the copyright protection system 300. <Other Embodiments> The first to fourth embodiments have been described above, but it goes without saying that the present invention is not limited to these embodiments. That is, (1) In the first embodiment, the recording device 10 is configured to record one each of the license information, the encrypted content key, and the encrypted content on the recordable medium 20. However, it is not necessary to limit to recording one by one. For example, the recording device may be configured to record a plurality of permission information, an encrypted content key, and an encrypted content, like the recording medium 800 shown in FIG.

More specifically, the recording device encrypts each of the plurality of contents A, B, and C with the content keys A, B, and C, and records the encrypted contents A, B, and C in the encrypted content area 840. To do. Also, content key A,
Each of B and C is encrypted with the master key, and the encrypted content keys A, B and C are encrypted with the encrypted content key area 830.
To record. Further, the license information A is generated by using all the media unique number, the master key and the encrypted content key A,
It records in the permission information area 820. The license information B and C are also generated in the same procedure as the license information A and recorded in the license information area 820.

The playback device uses the media unique number, the master key and the encrypted content key A in the encrypted content key area 830 to generate the reference license information A, and compares it with the license information A in the license information area 820. , Only when they match, the encrypted content key A of the encrypted content key area 830 is decrypted with the master key, and the encrypted content A of the encrypted content area 840 is decrypted using the decrypted content key A, Play the decrypted content A.
The encrypted contents B and C are also encrypted contents A
Decryption and reproduction are performed by the same procedure as in the case of. (2) Further, the recording device is a recording medium 90 shown in FIG.
It may be recorded as 0.

More specifically, the recording device generates the encrypted contents A, B, C and the encrypted contents keys A, B, C by the same method as in (1) above, and stores them as the encrypted contents area 940. It is recorded in the encrypted content key area 930. Then, the license information is generated using all of the media unique number, the master key, and the encrypted content keys A, B, and C, and recorded in the license information area 920.

The playback device generates reference permission information using all of the media unique number, master key, and encrypted content keys A, B, and C, compares it with the permission information in the permission information area 920, and Only in such a case, the encrypted content keys A, B and C are decrypted with the master key, and the encrypted content A, B and C are decrypted and reproduced with the content keys A, B and C. (3) The recording medium 20 is not limited to an optical disc, and may be a recording medium such as a magnetic disc, a magneto-optical disc, or a memory card to which a medium unique number is added in a non-rewritable state. (4) The medium unique number may be recorded in a place other than the non-rewritable area as long as the medium cannot be rewritten and can be read by the reading mechanism. (5) In each embodiment, the hash function S is used for various operations.
Although HA-1, DES, etc. are used, it is not necessary to limit to these. Other types of hash functions and other types of operations may be used. Further, it is not necessary to limit the number of bits of each value to 56 bits or 64 bits. (6) The permission information and the reference permission information may be generated without reflecting the master key by reflecting two of the medium unique number and the information regarding the decryption. (7) The comparison unit 36 is configured to control each component by opening / closing the first switch 37 and the second switch 38, but the configuration is not limited to this. In short, the digital AV is used only when the license information and the reference license information match.
It suffices that the processing unit 34 reproduces the encrypted content and does not reproduce the encrypted content if they do not match. (9) The alarm 39, instead of generating a warning sound,
The data indicating the warning message may be output to the display. (10) The operation procedure of each copyright protection system corresponding to the recording media of Embodiments 1 to 4 and FIGS. 8 and 9 may be used as a method. (11) The operating procedure of each component of each copyright protection system of the above-described first to fourth embodiments may be set as a program, and the computer may be caused to execute the program. Further, the program may be recorded in a recording medium or distributed by using various communication paths or the like. Such recording media include IC cards, optical disks, flexible disks, ROMs and the like. (12) The playback device detects, when playing back the encrypted content of a certain recordable medium, that the alarm has actuated a predetermined number of times or more, and in the case of detection, indicates to the corresponding encrypted content of the recordable medium. A mechanism for recording the mark and a mechanism for inspecting the presence or absence of the mark and not decrypting the encrypted content if the mark is present may be provided. In addition, when the playback device determines that the permission information of the recordable medium does not match the reference permission information, the playback device may be configured to process the recorded content of the recordable medium into an unusable state. . As a method of this processing, for example,
(I) The playback device erases the recorded contents of the recording medium, (ii) the media unique number of the recording medium is stored in the memory, and the media unique number of the recording medium connected to the playback device is If the contents of the memory match, the recorded contents are not read. (13) Embodiments 1 to 4 and (1) to (12)
You may implement in combination.

[0099]

According to the copyright protection system of the present invention, a writable recording medium having a non-rewritable area in which a medium unique number different for each recording medium is recorded is an encrypted content. A copyright protection system comprising a recording device for recording content and a decryption device for reading and decrypting the encrypted content from the recording medium on which the encrypted content is recorded, wherein the recording device is recorded on the recording medium. Generate a license information reflecting both the medium unique number and the decryption information by performing a specific operation using both the medium unique number and the decryption information necessary for decrypting the encrypted content. Means and a recording means for recording the permission information, the decryption information, and the encrypted content on the recording medium, and the decryption device stores the information on the recording medium. Whether the license information is derived by the specific operation by using both the medium unique number and the decryption information by using all of the generated medium unique number, the decryption information, and the permission information. And a decryption unit for decrypting the encrypted content recorded on the recording medium by using the decryption information only when the determination unit makes an affirmative determination.

According to this structure, the generation means generates the license information having a value reflecting both of the medium unique number recorded on the recording medium and the decryption information for decrypting the encrypted content. To do. More specifically, the permission information is a hash value generated by a hash function using a value obtained by combining the medium unique number and the decryption information as input data. Since the hash function includes an irreversible one-way function, the medium unique number and the decryption information cannot be obtained from the license information. Moreover, it is difficult to create different input data in which the same license information is generated. Due to the property of this hash function, the license information can be generated only when the medium unique number and the decryption information used for generating the license information are used. Therefore, if the contents of the recording medium are original and not copied, the license information recorded on the recording medium reflects the medium unique number and the decryption information recorded on the recording medium. Should be. From this, the determining means determines whether the recorded content of the recording medium is the original content or the copied content by determining whether or not it is reflected. More specifically, the determining unit uses the medium unique number and the decryption information to generate the reference permission information by the same method as the generation method by the permission information writing unit, and the reference permission information and the reference recorded in the recording medium. Compare with the license information,
Judgment is made depending on whether or not both values match. Then, the decryption unit decrypts the content only on the original recording medium, and does not decrypt the content on the copied recording medium. This prevents the content from being illegally copied and used on another recording medium.

[Brief description of drawings]

FIG. 1 is a block diagram showing a configuration of a copyright protection system 100 according to a first embodiment.

2 is a flowchart showing a processing procedure of the recording device 10. FIG.

FIG. 3 is a flowchart showing a processing procedure of the playback device 30.

FIG. 4 is a block diagram showing a configuration of a copyright protection system 200 according to a second embodiment.

5 shows an example of media key data recorded in a media key data area 25. FIG.

FIG. 6 is a block diagram showing a configuration of a copyright protection system 300 according to a third embodiment.

FIG. 7 is a block diagram showing a configuration of a copyright protection system 400 according to a fourth embodiment.

FIG. 8 shows a configuration example of a recording medium.

FIG. 9 shows a configuration example of a recording medium.

FIG. 10 is a block diagram showing a configuration of a conventional copyright protection system.

FIG. 11 shows a calculation mechanism inside a key encryption key calculation unit 1001.

[Explanation of symbols]

10 Recording equipment 11 Master key storage 12 Content key generator 13 Content key encryption section 14 Content storage 15 Content encryption part 16 License information calculator 20 recordable media 21 Media unique number area 22 License Information Area 23 Encrypted content key area 24 Encrypted content area 30 playback equipment 31 master key storage 32 Content Key Decryption Unit 33 Content Decoding Unit 34 Digital AV Processor 35 Reference Permission Information Calculation Unit 36 Comparison Department 37 switch 38 switch 39 alarm 100 copyright protection system

─────────────────────────────────────────────────── ───

[Procedure amendment]

[Submission date] February 24, 2003 (2003.2.2)
4)

[Procedure Amendment 1]

[Document name to be amended] Statement

[Name of item to be amended] Claims

[Correction method] Change

[Correction content]

[Claims]

─────────────────────────────────────────────────── ─── Continuation of the front page (51) Int.Cl. ⁷ Identification code FI theme code (reference) H04L 9/32 H04L 9/00 601B 601E (72) Inventor Matsuzaki Natsume 1006 Kadoma, Kadoma, Osaka Prefecture Matsushita Electric Sangyo Co., Ltd. (72) Inventor Makoto Tatebayashi 1006 Kadoma, Kadoma City, Osaka Prefecture Matsushita Electric Industrial Co., Ltd. F term (reference) 5B017 AA03 AA06 BA07 BB09 BB10 CA09 CA16 5D044 BC01 BC04 CC04 DE17 DE50 EF05 FG18 GK17 HL08 5J104 AA07 AA12 AA15 AA16 EA04 EA15 EA18 JA03 KA04 KA14 NA02 NA27 NA37 NA38 NA42

Claims (18)

[Claims] 1. A recording device for recording encrypted content, which is encrypted content, on a writable recording medium having a non-rewritable area in which a different medium unique number is recorded for each recording medium, and an encryption. A copyright protection system comprising a decryption device for reading and decrypting encrypted content from the recording medium in which encrypted content is recorded, wherein the recording device is a medium unique number recorded in the recording medium and the encrypted content. Generating means for generating license information that reflects both the medium unique number and the decryption information by performing a specific operation using both the decryption information necessary for decrypting the license information and the decryption information. The decryption device is provided with a recording unit for recording the information and the encrypted content in the recording medium, and the decryption device includes a medium unique number and decryption information recorded in the recording medium. By using all of the license information and the license information, a determining unit that determines whether the license information is derived by the specific calculation using both the medium unique number and the decryption information, A copyright protection system comprising: a decryption unit that decrypts the encrypted content recorded on the recording medium using the decryption information only when the determination unit makes an affirmative determination. 2. The decryption information is for obtaining a decryption key for decrypting the encrypted content by performing a predetermined operation using the decryption information, and the decryption means includes: A decryption key operation unit that obtains a decryption key by performing the predetermined operation on decryption information, wherein in decrypting the encrypted content, the decryption key is used to decrypt the content from the encrypted content. The copyright protection system according to claim 1. 3. The recording device side possessing means for possessing the recording device further by acquiring the private key from the outside or storing it in advance, and the private key using the private key for the decryption key. And a decryption key encryption unit for generating the decryption information by encrypting with an encryption method, wherein the decryption device further obtains the same private key as the private key owned by the recording device from the outside. Alternatively, the decryption device-side possessing unit that is possessed by being stored in advance is provided, and the decryption key computing unit decrypts the decryption information by the secret key encryption method using the secret key, and obtains the decryption key. 3. Obtaining
Copyright protection system described in. 4. The generation means of the recording device further uses the secret key in addition to the medium unique number and the decryption information in the specific calculation, and the determination means of the decryption device further comprises: , The medium unique number, the decryption information, and a secret key possessed by the decryption device-side possession means are used to determine whether or not the license information is derived by the specific operation. The copyright protection system according to claim 3, wherein: 5. The recordable medium further has private key information recorded in the non-rewritable area, which can correctly decrypt the private key only when a specific device key is used, The recording device side owning means and the decryption device side owning means use a device key storage means for storing a device key unique to the device in advance, and a secret key of the recording medium using the device key stored in the device key storage means. The recording device includes: a private key decryption unit for decrypting information; Also, the decryption device further includes suspending means for suspending the processing of each subsequent means when the secret key cannot be correctly decrypted by the secret key decrypting means. Copyright protection system according to claim 3, wherein the door. 6. In the decryption device, the determination means performs the same operation as the specific operation in the generation means by using the medium unique number recorded on a recording medium and the decryption information to obtain an operation result. And a comparison determination unit that compares the reference permission information with the medium unique number, makes an affirmative determination when the two match, and makes a negative determination when the two do not match. The copyright protection system according to claim 1, wherein the copyright protection system is provided. 7. In the recording device, the generating unit generates, for each encrypted content recorded on the recording medium, license information using a medium unique number and decryption information about the encrypted content. The recording means records each set of encrypted content, decryption information, and permission information in association with each other on the recording medium, and in the decryption device, the determining means and the decrypting means are the recording medium. 2. The copyright protection system according to claim 1, wherein each processing is performed for each of the groups recorded in. 8. In the recording device, the generating means generates one piece of permission information by using all pieces of decryption information corresponding to each encrypted content recorded on the recording medium and the medium unique number. The copyright protection system according to claim 1, wherein: 9. A recording device for recording encrypted content, which is encrypted content, on a writable recording medium having a non-rewritable area in which a medium unique number unique to the recording medium is recorded, A license that reflects both the medium unique number and the decryption information by performing a specific operation using both the medium unique number recorded on the recording medium and the decryption information necessary to decrypt the encrypted content. A recording device comprising: a generation unit configured to generate information; and a recording unit configured to record the permission information, the decryption information, and the encrypted content on the recording medium. 10. An encrypted content, decryption information to be used for decrypting the encrypted content, and decryption of the encrypted content, which have a non-rewritable area in which a medium unique number unique to the recording medium is recorded. A decryption device for reading and decrypting encrypted content from a recording medium on which license information used for determining whether to permit or not is recorded, the medium unique number and the decryption information recorded on the recording medium. Determining means for determining whether or not the license information is derived by a specific calculation using both the medium unique number and the decryption information by using all of the license information; Decryption means for decrypting the encrypted content recorded on the recording medium using the decryption information only when the determination is positive. 11. A recording device for recording encrypted content, which is encrypted content, on a writable recording medium having a non-rewritable area in which a medium unique number unique to the recording medium is recorded, and encryption. A copyright protection method used in a copyright protection system comprising a decryption device for reading and decrypting encrypted content from the recording medium on which the content is recorded, the medium unique number being recorded on the recording medium by the recording device. And a decryption information necessary for decrypting the encrypted content to perform a specific operation to generate license information that reflects both the medium unique number and the decryption information, A recording step in which a recording device records the permission information, the decryption information, and the encrypted content in the recording medium, and the decryption device is a recording medium. By using all of the medium unique number, the decryption information, and the permission information recorded in, the permission information is derived by the specific calculation using both the medium unique number and the decryption information. And a decryption step in which the decryption device decrypts the encrypted content recorded in the recording medium using the decryption information, only when a positive determination is made in the determination step. Copyright protection method characterized by including. 12. A recording method for recording encrypted content, which is encrypted content, on a writable recording medium having a non-rewritable area in which a medium unique number unique to the recording medium is recorded. A license that reflects both the medium unique number and the decryption information by performing a specific operation using both the medium unique number recorded on the recording medium and the decryption information necessary to decrypt the encrypted content. A recording method comprising: a generation step of generating information; and a recording step of recording the permission information, the decryption information, and the encrypted content in the recording medium. 13. An encrypted content, decryption information to be used for decryption of the encrypted content, and decryption of the encrypted content, having a non-rewritable area in which a medium unique number unique to the recording medium is recorded. A decryption method for reading and decrypting encrypted content from a recording medium on which license information used to determine whether to permit or not is recorded, the medium unique number and the decryption information recorded on the recording medium. A determination step of determining whether or not the license information is derived by the specific calculation using both the medium unique number and the decryption information by using all of the license information; Only when an affirmative decision is made in the decision step, there is included a decryption step of decrypting the encrypted content recorded on the recording medium using the decryption information. Decoding method to be. 14. A recording used in a recording device for recording encrypted content, which is encrypted content, on a writable recording medium having a non-rewritable area in which a medium unique number unique to the recording medium is recorded. The recording program is a program that causes a recording device to perform a specific operation using both the medium unique number recorded in the recording medium and the decryption information necessary to decrypt the encrypted content, thereby A generation step of generating permission information that reflects both the unique number and the decryption information, and a recording step of recording the permission information, the decryption information, and the encrypted content in the recording medium. And a recording program. 15. An encrypted content, decryption information to be used for decryption of the encrypted content, and decryption of the encrypted content, having a non-rewritable area in which a medium unique number unique to the recording medium is recorded. A decryption program used in a decryption device for reading and decrypting encrypted content from a recording medium on which license information used for determining whether to permit or not is recorded, and the decryption program is used in the decryption device, By using all of the medium unique number recorded on the recording medium, the decryption information, and the license information, the license information is derived by the specific operation using both the medium unique number and the decryption information. And a determination step for determining whether or not the encrypted content recorded on the recording medium is recorded before the determination step. Decoding program for causing to execute a decoding step of decoding by using the decoded information. 16. A recording used in a recording device for recording encrypted content, which is encrypted content, on a writable recording medium having a non-rewritable area in which a medium unique number unique to the recording medium is recorded. A computer-readable recording medium having a program recorded thereon,
Both the medium unique number and the decryption information are recorded in the recording device by performing a specific operation using both the medium unique number recorded in the recording medium and the decryption information necessary for decrypting the encrypted content. A recording medium recording a recording program for executing a generating step of generating license information reflecting the above, and a recording step of recording the license information, the decryption information, and the encrypted content in the recording medium. 17. An encrypted content, decryption information to be used for decryption of the encrypted content, and decryption of the encrypted content, having a non-rewritable area in which a medium unique number unique to the recording medium is recorded. It is a computer-readable recording medium in which a decryption program used in a decryption device for reading out and decrypting encrypted content from a recording medium in which permission information to be used for determining whether to permit is recorded is recorded. By using all of the medium unique number recorded on the recording medium, the decryption information, and the permission information, the decryption device uses the both the medium unique number and the decryption information so that the specific calculation is performed. A determination step for determining whether or not the recording medium is recorded on the recording medium, and a positive determination is made in the determination step. Recording medium the encrypted content recorded decoding programs to be executed and a decoding step of decoding by using the decoded information. 18. A non-rewritable area and a rewritable area, wherein a medium unique number for each recording medium is recorded in the non-rewritable area. The possible area is derived by a specific operation using both the encrypted content which is the encrypted content, the decryption information necessary to decrypt the encrypted content, the medium unique number and the decryption information. A recording medium, which is license information, in which license information reflecting both the medium unique number and the decryption information is recorded.