JP2003348067A - Apparatus and method for information processing, and computer program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an apparatus and a method for strictly executing decision of use right of contents by a plurality of EKB (effective key block) processings. <P>SOLUTION: An acquisition processing of a contents key Kc to be applied to contents decryption is executed by acquiring a key for a second EKB (effective key block) decryption processing on the basis of an acquisition key by a first EKB decryption processing and executing the second EKB decryption processing to which the key for the second EKB decryption processing is applied. By this structure, the use right of the contents is decided on the basis of different categories by possibilities of the respective EKB decryption processings. Use of the contents on the basis of decision of propriety of the use right of hardware and service is enabled by executing acquisition of the contents key Kc by processings of EKB corresponding to the hardware and EKB corresponding to the service. <P>COPYRIGHT: (C)2004,JPO

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

The present invention relates to an information processing apparatus, an information processing method, and a computer program. In particular, an information processing apparatus capable of realizing efficient processing in consideration of usage restrictions in decryption / reproduction processing and encryption recording processing in a device for contents to which usage restrictions are preferably added due to copyright protection, and information The present invention relates to a processing method and a computer program.

[0002]

2. Description of the Related Art Recently, music data, game programs,
A network such as the Internet, a memory card, an HD,
Distribution via a circulating storage medium such as a DVD and a CD has become popular. These distribution contents are stored in a PC (Personal Computer) owned by the user, a recording / reproducing device, a reproducing-only device, or a storage means in a game device, for example, H
D, card type storage device having flash memory, C
D, DVD, etc., and the reproduction process is executed.

[0003] Information devices such as recording / reproducing devices, game devices, and PCs include interfaces for receiving contents from a network, or memory cards, HDs, and DVs.
D, which has an interface for accessing a CD, etc., and is used as a control means, a program, a RAM used as a memory area for data required for reproduction of contents, and a RO
M or the like.

[0004] Various contents such as music data, image data, programs, etc. are provided by a user's instruction from a recording / reproducing device used as a reproducing device, a game device, an information device main body such as a PC, or via a connected input means. In response to the user's instruction, the information is called out from, for example, a built-in or detachable storage medium, and is reproduced through the information device main body or a connected display, speaker, or the like.

[0005] Many software contents such as game programs, music data, image data and the like generally have distribution rights and the like owned by their creators and sellers. Therefore, when distributing these contents, certain usage restrictions, that is, only authorized users are permitted to use the software, and unauthorized duplication is not performed, that is, security is considered. It is common to take a configuration.

[0006] In particular, in recent years, recording devices and storage media for digitally recording information have become widespread. According to such a digital recording device and storage medium, recording and reproduction can be repeated without deteriorating, for example, images and sounds. As described above, digital data can be repeatedly copied many times while maintaining image quality and sound quality. Therefore, when a storage medium on which copying has been illegally performed is distributed to the market, various contents such as music, movies, etc. The interests of the copyright holder or legitimate sales right holder will be harmed. In recent years, in order to prevent such illegal copying of digital data, various processing configurations for preventing illegal copying in digital recording devices and storage media have been realized or proposed.

[0007] For example, SDMI (Secure Digital music Initiation) which proposes various specifications in music distribution technology.
ative) proposes a standard for a copyright protection function in a portable player. There are various implementations of the copyright protection function, such as a limitation on the number of copies of the content and a limitation on the use period of the content.

[0008]

In a system for recording and reproducing contents such as audio data and video data by applying a small storage medium such as a flash memory, a card-type HD, and a memory card, a storage medium such as a DVD or a CD is used. There is a usage form in which content such as music is copied to a small-sized storage medium, and the copied content is reproduced on a portable device equipped with the small-sized storage medium. In addition, contents distributed from a network can be stored in a hard disk,
Once stored in a large-capacity storage medium such as VD or CD,
A mode in which content is transferred from a personal computer to a memory card or a portable small hard disk (HD) and the content is reproduced on a portable device to which the memory card or HD can be attached, that is, a mode in which a PC is used as a content personal server. Much is being done.

[0009] Contents from a storage medium such as a CD or contents obtained through communication such as the Internet are temporarily stored in a large-capacity storage medium such as a hard disk, a DVD, or a CD, and the contents are transferred from the storage medium to a memory card. Copy or move. The random use of content such as content reproduction on the memory card side has a problem in terms of the copyright of the content. The move, that is, the movement of the content means, for example, that the content is copied from a large-capacity storage medium to a memory card, and then copied from the storage medium (HD, DVD, CD).
, Etc.) is performed by erasing the content.

From the viewpoint of copyright protection, it is necessary to restrict copying and moving to some extent. On the other hand, completely prohibiting copy / move would impede use of the content, such as moving the content from the PC to portable media and enjoying playing the content outside, which is not appropriate. . Therefore, there is a demand for realizing appropriate copy / move management so as to maintain copyright protection and maintain a user's right of private copy.

In the process of transferring and using the content from the PC to the portable device, it is preferable that the content is used within a range permitted by the usage conditions set corresponding to the content. For example, the usage period and the number of times of use should be set, the status according to the usage of the content should be recorded, and the usage of the content should be performed within the usage conditions in each device such as a portable device and a PC.

In a system for separately distributing content and usage right information corresponding to the content, a terminal device such as a portable device or a content storage device verifies the validity of the correspondence between the two data, and based on the respective data, Therefore, it is requested to use the content in accordance with the usage condition of the content.

[0013] In a system for separately distributing content and usage right information corresponding to the content, it is determined whether the device is a device having a valid content usage right, and whether or not the device has a valid service receiving right. It is preferable that the content use authority is determined to enable the use of the content.

The present invention has been made in view of such circumstances, and determines whether or not a device has a legitimate content use right, and further determines whether or not it has a legitimate service reception right. It is an object of the present invention to provide an information processing apparatus, an information processing method, and a computer program which enable content usage in accordance with content usage conditions set corresponding to content only in a device having a valid usage right. Things.

[0015]

SUMMARY OF THE INVENTION A first aspect of the present invention is as follows.
An information processing device that executes a process of decrypting encrypted content, and a content key Kc as a content encryption processing key by an enabling key block (EKB) process provided by applying an enabling key block (EKB) distribution tree configuration. Control means for performing acquisition, wherein the control means comprises:
It has a configuration for executing a decryption process for a plurality of different activation key blocks (EKB),
KB) Second EKB based on key obtained by decryption process
A configuration in which a key for decryption processing is obtained and a process of obtaining a content key Kc to be applied to content decryption is performed by a multi-stage EKB process in which the second EKB decryption process is performed by applying the second EKB decryption key. An information processing apparatus characterized by having:

Further, in one embodiment of the information processing apparatus of the present invention, the control means applies a first device node key to decrypt a first activation key block (EKB1) corresponding to a first category. To get the first
The second key applied to the decryption processing of the second activation key block (EKB2) corresponding to the second category by applying the acquisition key
Acquiring a device node key and applying the second device node key to apply the second activation key block (EKB2)
Is characterized in that the content key Kc is acquired based on the second acquisition key acquired by the decryption process.

Further, in one embodiment of the information processing apparatus of the present invention, the first activation key block (EKB)
Is an activation key block (EKB) distributed corresponding to a hardware-compatible category tree, and
The activation key block (EKB) is characterized in that it is an activation key block (EKB) distributed corresponding to the category tree corresponding to the service.

Further, in one embodiment of the information processing apparatus of the present invention, the control means applies a key Kroot obtained by the second EKB decryption processing and encrypts a content key Kc with the key Kroot. The data E (Kroot, Kc) is decrypted, and the content key Kc is acquired.

Further, in one embodiment of the information processing apparatus of the present invention, the control means uses the key Kroot obtained by the second EKB decryption processing to change the main key Kcm set in advance corresponding to the content to the main key Kcm. Data E (Kroot, Kc) encrypted with the Kth key
m) to obtain a main key Kcm, and a sub-key Ksub set in advance corresponding to the content;
The content key Kc is obtained by performing an exclusive OR operation with the main key Kcm.

Further, in one embodiment of the information processing apparatus of the present invention, the control means performs a decoding process of a hardware-compatible enabling key block (EKB (H)) corresponding to a hardware-compatible category by an EKB (HKB). H) The first root key Kloo corresponding to the category corresponding to the hardware by executing by applying the corresponding device node key HDNK
t ′ is obtained, and an EKB (S) -compatible device node key SD to be applied to the decryption processing of the service-compatible activation key block (EKB (S)) corresponding to the service-compatible category
The encrypted data E (Kroot ', SDNK) obtained by encrypting the NK with the first root key KRoot' is stored in the first root key KRoot '.
EKB (S) decrypted by root key Kroot '
Obtain the corresponding device node key SDNK and obtain the EKB
(S) Applying the corresponding device node key SDNK to perform a decryption process of the service support enable key block (EKB (S)) corresponding to the service support category, and perform a second route corresponding to the service support category Key Kro
ot, and obtains the content key K based on the second root key Kroot corresponding to the category corresponding to the service.
c is a configuration for executing the acquisition process.

Further, in one embodiment of the information processing apparatus of the present invention, the control means includes the second root key Kr.
data E (KRoot) obtained by encrypting the content key Kc with the second root key Kroot by applying the
(t, Kc) is decrypted, and the content key Kc is obtained.

Further, in one embodiment of the information processing apparatus according to the present invention, the control means includes the second root key Kr.
The main key Kcm obtained by encrypting the main key Kcm set in advance corresponding to the content with the second root key Kroot is applied to the main key Kcm by applying the root. The sub-key Ksub set in correspondence with the content and the main key Kcm are subjected to an exclusive OR operation to obtain a content key Kc.

Further, a second aspect of the present invention is an information processing apparatus for executing a recording process of an encrypted content, and an enabling key block provided by applying an enabling key block (EKB) distribution tree configuration. (EKB) processing, the control means having a configuration for executing decoding processing of a plurality of different enabling key blocks (EKB), and decoding the first enabling key block (EKB). A second EKB decryption key is acquired based on the acquisition key obtained by the processing, and the content encryption process is performed by the final acquisition key acquired by the second EKB decryption process to which the second EKB decryption key is applied. Content key K applied to
An information processing apparatus having a configuration for executing encryption of a content key generation key required for obtaining c.

Further, in one embodiment of the information processing apparatus of the present invention, the control means applies a first device node key to decrypt a first activation key block (EKB1) corresponding to a first category. To get the first
The second key applied to the decryption processing of the second activation key block (EKB2) corresponding to the second category by applying the acquisition key
Acquiring a device node key and applying the second device node key to apply the second activation key block (EKB2)
The second acquisition key acquired by the decryption process is used as the final acquisition key, and the content acquisition key used to acquire the content key Kc to be applied to the content encryption process is encrypted with the final acquisition key. It is characterized by having.

Further, in one embodiment of the information processing apparatus of the present invention, the first activation key block (EKB)
Is an activation key block (EKB) distributed corresponding to a hardware-compatible category tree, and
The activation key block (EKB) is characterized in that it is an activation key block (EKB) distributed corresponding to the category tree corresponding to the service.

Further, in one embodiment of the information processing apparatus of the present invention, the control means includes a main key corresponding to the content as two content key generation keys capable of generating a content key Kc by an exclusive OR operation. Kcm and each key of the sub-key Ksub are generated, and the final acquired key K acquired by the second EKB decryption process
The main key Kcm is encrypted by a root to generate encrypted data E (Kroot, Kcm).

Further, in one embodiment of the information processing apparatus according to the present invention, the control means performs a decoding process of a hardware-compatible enabling key block (EKB (H)) corresponding to a hardware-compatible category by an EKB (HKB). H) The first root key Kloo corresponding to the category corresponding to the hardware by executing by applying the corresponding device node key HDNK
t ′ is obtained, and an EKB (S) -compatible device node key SD to be applied to the decryption processing of the service-compatible activation key block (EKB (S)) corresponding to the service-compatible category
The encrypted data E (Kroot ', SDNK) obtained by encrypting the NK with the first root key KRoot' is stored in the first root key KRoot '.
EKB (S) decrypted by root key Kroot '
Obtain the corresponding device node key SDNK and obtain the EKB
(S) Applying the corresponding device node key SDNK to perform a decryption process of the service support enable key block (EKB (S)) corresponding to the service support category, and perform a second route corresponding to the service support category Key Kro
ot, and obtains the content key K based on the second root key Kroot corresponding to the category corresponding to the service.
It is characterized by having a configuration for executing encryption of a content key generation key required for obtaining c.

Further, in one embodiment of the information processing apparatus of the present invention, the control means includes a main key corresponding to the content as two content key generation keys capable of generating a content key Kc by an exclusive OR operation. Kcm and each key of the sub-key Ksub are generated, and the final acquired key K acquired by the second EKB decryption process
The main key Kcm is encrypted by a root to generate encrypted data E (Kroot, Kcm).

Further, a third aspect of the present invention is an information processing method for executing a process of decrypting encrypted content, and the enabling key block provided by applying an enabling key block (EKB) distribution tree configuration. (EKB) processing to obtain a content key Kc as a content encryption processing key, the data processing step comprising a plurality of different activation key blocks (EK
B) decryption processing is performed, and the second E key is obtained based on the key obtained by the first activation key block (EKB) decryption processing.
A key for KB decryption processing is acquired, and a process of acquiring a content key Kc to be applied to content decryption is performed by a multi-stage EKB process of executing the second EKB decryption process using the second EKB decryption key. An information processing method characterized by including a step.

Further, in one embodiment of the information processing method according to the present invention, the data processing step applies a first device node key to decrypt a first enabling key block (EKB1) corresponding to a first category. A second device node key to be applied to the decryption process of the second activation key block (EKB2) corresponding to the second category by applying the first acquisition key acquired by executing the process, and acquiring the second device node key; Executing a process of acquiring a content key Kc based on a second acquisition key acquired by decrypting the second activation key block (EKB2) by applying a node key.

Further, in one embodiment of the information processing method of the present invention, the first activation key block (EKB)
Is an activation key block (EKB) distributed corresponding to a hardware-compatible category tree, and
The activation key block (EKB) is characterized in that it is an activation key block (EKB) distributed corresponding to the category tree corresponding to the service.

Further, in one embodiment of the information processing method according to the present invention, the data processing step includes the second E processing.
Applying the key Kroot acquired by the KB decryption process, executing the process of decrypting the data E (Kroot, Kc) obtained by encrypting the content key Kc with the key Kroot, and executing the process of acquiring the content key Kc. It is characterized by the following.

Further, in one embodiment of the information processing method of the present invention, the information processing method further includes a key Kroot obtained by the second EKB decryption processing.
Main key Kcm set in advance corresponding to the content
Is encrypted with the data K (Kro
ot, Kcm) to obtain a main key Kcm, and a process of obtaining a content key Kc by an exclusive OR operation of the subkey Ksub set in advance for the content and the main key Kcm. And performing the following.

Further, in one embodiment of the information processing method according to the present invention, the data processing step includes a step of decoding a hardware-enabled key block (EKB (H)) corresponding to a category corresponding to the hardware by an EKB. (H)
First root key K corresponding to a category corresponding to hardware executed by applying the corresponding device node key HDNK
obtaining the root ', and a service support activation key block (EK) corresponding to the service support category.
B (S)), the EKB (S) -compatible device node key SDNK to be applied to the decryption of the first root key KRoot.
t 'encrypted data E (Kroot', SD
NK) with the first root key Kroot 'to obtain an EKB (S) -compatible device node key SDNK; and applying the EKB (S) -compatible device node key SDNK to obtain a service-compatible category. Service corresponding activation key block (EKB
(S)) performing a decryption process to obtain a second root key Kroot corresponding to the category corresponding to the service; and obtaining the second root key Kroot corresponding to the category corresponding to the service, based on the second root key Kroot corresponding to the category corresponding to the service. Executing an acquisition process.

Further, in one embodiment of the information processing method of the present invention, the information processing method further includes applying the second root key Kroot to the second root key Kroot.
The method is characterized by including a step of executing a process of executing a process of executing decryption of the data E (Kroot, Kc) obtained by encrypting the content key Kc with the root to obtain the content key Kc.

Further, in one embodiment of the information processing method of the present invention, the information processing method further includes applying the second root key Kroot to the main key Kcm set in advance corresponding to the content. Data E (Kroot, Kc) encrypted with the second root key Kroot
m) to obtain a main key Kcm by performing decryption, and a step of obtaining a content key Kc by performing an exclusive OR operation with the sub key Ksub set in advance for the content and the main key Kcm. It is characterized by the following.

Further, a fourth aspect of the present invention is an information processing method for executing a recording process of an encrypted content, wherein the enabling key block provided by applying an enabling key block (EKB) distribution tree configuration. (EKB) processing, wherein the data processing step executes a decoding process of a plurality of different enabling key blocks (EKB) and performs a first enabling key block (EKB) decoding process. A second EKB decryption key is acquired based on the acquisition key, and the content encryption process is applied by the final acquisition key acquired by the second EKB decryption process using the second EKB decryption key. Performing an encryption of a content key generation key necessary for obtaining a content key Kc to be processed. .

Further, in one embodiment of the information processing method according to the present invention, the data processing step applies a first device node key to decrypt a first enabling key block (EKB1) corresponding to a first category. A second device node key to be applied to the decryption process of the second activation key block (EKB2) corresponding to the second category by applying the first acquisition key acquired by executing the process, and acquiring the second device node key; A second acquisition key acquired by decrypting the second activation key block (EKB2) by applying a node key is used as a final acquisition key, and the final acquisition key is used to acquire a content key Kc to be applied to content encryption processing. And encrypting the content key generation key required for the method.

Further, in one embodiment of the information processing method of the present invention, the first activation key block (EKB)
Is an activation key block (EKB) distributed corresponding to a hardware-compatible category tree, and
The activation key block (EKB) is characterized in that it is an activation key block (EKB) distributed corresponding to the category tree corresponding to the service.

Further, in one embodiment of the information processing method according to the present invention, the information processing method further includes two content key generation keys capable of generating a content key Kc by an exclusive OR operation corresponding to the content. Generating the main key Kcm and the sub-key Ksub to be encrypted, and encrypting the main key Kcm with the finally obtained key Kroot obtained by the second EKB decryption processing to generate the encrypted data E (KRoot
(t, Kcm).

Further, in one embodiment of the information processing method according to the present invention, the data processing step includes a step of decoding a hardware-enabled key block (EKB (H)) corresponding to a category corresponding to the hardware by an EKB. (H)
First root key K corresponding to a category corresponding to hardware executed by applying the corresponding device node key HDNK
obtaining the root ', and a service support activation key block (EK) corresponding to the service support category.
B (S)), the EKB (S) -compatible device node key SDNK to be applied to the decryption of the first root key KRoot.
t 'encrypted data E (Kroot', SD
NK) with the first root key Kroot 'to obtain an EKB (S) -compatible device node key SDNK; and applying the EKB (S) -compatible device node key SDNK to obtain a service-compatible category. Service corresponding activation key block (EKB
(S)) performing a decryption process to obtain a second root key Kroot corresponding to the category corresponding to the service; and obtaining the second root key Kroot corresponding to the category corresponding to the service, based on the second root key Kroot corresponding to the category corresponding to the service. Executing the encryption of the content key generation key required for acquisition.

Further, in one embodiment of the information processing method according to the present invention, the information processing method further includes two content key generation keys capable of generating a content key Kc by an exclusive OR operation. Generating the main key Kcm and the sub-key Ksub to be encrypted, and encrypting the main key Kcm with the finally obtained key Kroot obtained by the second EKB decryption processing to generate the encrypted data E (KRoot
(t, Kcm).

Further, a fifth aspect of the present invention is a computer program for executing a decryption process of an encrypted content, wherein the activation key is provided by applying an activation key block (EKB) distribution tree configuration. Block (E
(KB) processing to obtain a content key Kc as a content encryption processing key, the data processing step performing a decryption process of a plurality of different enabling key blocks (EKB), A plurality of keys for acquiring a second EKB decryption key based on an acquisition key obtained by an activation key block (EKB) decryption process and executing the second EKB decryption process using the second EKB decryption key; A computer program characterized by including a step of executing a process of acquiring a content key Kc to be applied to content decryption by a stage EKB process.

Further, a sixth aspect of the present invention is a computer program for executing a recording process of an encrypted content, wherein the activation key is provided by applying an activation key block (EKB) distribution tree configuration. Block (E
A data processing step of performing a KB) process, wherein the data processing step executes a decoding process of a plurality of different enabling key blocks (EKB) and obtains the first enabling key block (EKB) by a decoding process. A second EKB decryption key is obtained based on the key, and the second EKB decryption key is applied to the content encryption process using the final obtained key obtained by the second EKB decryption process using the second EKB decryption key. A computer program characterized by including a step of encrypting a content key generation key required for obtaining a content key Kc.

[0045]

According to the present invention, a decoding process of a plurality of different enabling key blocks (EKB) provided by applying an enabling key block (EKB) distribution tree structure is performed, and the first enabling key block (EKB) is decrypted. A) obtaining a second EKB decryption key based on the key obtained by the decryption process, and obtaining a content key Kc to be applied to content decryption by the second EKB decryption process using the second EKB decryption key; With this configuration, the authority to use the content based on different categories can be determined based on the possibility of each EKB decryption process.

Further, the present invention provides an enabling key block (EKB) distributed corresponding to a hardware-compatible category tree and an enabling key block (EKB) distributed corresponding to a service-compatible category tree. In this configuration, the content key Kc to be applied to the content decryption is obtained by the multi-stage EKB process, so that the content can be used based on the determination of the validity of the hardware and service use authority.

Further, the present invention is configured to execute a process of acquiring the content key Kc by performing an exclusive OR operation of the sub key Ksub set corresponding to the content and the main key Kcm. Even when the content is moved or copied, a configuration is realized in which the validity of the device and the service receiving authority is reliably determined before using the content.

Further, according to the present invention, the second key is obtained based on the key obtained by the first enabling key block (EKB) decoding process.
The EKB decryption processing key is obtained, and the content key Kc to be applied to the content encryption processing is acquired by the final acquisition key acquired by the second EKB decryption processing using the second EKB decryption processing key. Since the necessary content key generation key is encrypted, it is possible to determine the content use authority based on different categories for the self-recorded content based on the respective EKB decryption processing possibilities. .

The computer program of the present invention is provided, for example, in a computer-readable format for a general-purpose computer system capable of executing various program codes in a storage medium or communication medium such as a CD or FD. , A computer program that can be provided by a storage medium such as an MO, or a communication medium such as a network. By providing such a program in a computer-readable format, processing according to the program is realized on a computer system.

[0050] Still other objects, features and advantages of the present invention are:
It will become apparent from the following more detailed description based on the embodiments of the present invention and the accompanying drawings. In this specification, a system is a logical set configuration of a plurality of devices, and is not limited to a configuration in which devices of each configuration are in the same housing.

[0051]

DESCRIPTION OF THE PREFERRED EMBODIMENTS [System Overview] FIG. 1 is a diagram for explaining an overview of a content management system to which the present invention can be applied. The user devices that use the content include information processing devices such as the PC 31 and various portable devices 32. The content is provided to the user device 30 from the service provider 12 as the encrypted content 51. Furthermore, the service provider 12 provides the user device 30 with content usage right information 52 corresponding to the content, and the user devices 30 such as the PC 31 and the portable device 32 transmit the encrypted content distributed according to the usage right information 52. Is decrypted and used.

The original content is sent from the content provider 11 together with the content use condition information.
Provided to the service provider 12. The key management center 13 has an enabling key block (EKB).
Block), device node key (DNK: Device N)
ode Key). The enabling key block (EKB: enabling key block) and the device node key (DNK: device node key) can be used by decrypting the encrypted content only by the user device having the right to use the content. This is key data for obtaining an encryption key required for use of the content to be executed. EKB and DNK will be described later.

The key management center 13 performs a key issuance process (KDC: Key Distribute Center) for executing a key issuance process to the user device 30 to which an enabling key block (EKB: Enabling Key Block) is applied, and manages a key distribution tree. Level Entities (TLCE: Top Level Category Ent)
ity).

The service provider 12 encrypts the content provided from the content provider 11 and
By generating the encrypted content 51, the user device 30
To provide. Further, the usage right information 52 based on the content usage condition information provided by the content provider.
Is generated and provided to the user device 30. Further, the device node key (D
NK: Device Node Key), activation key block (EK)
B: Service data 5 based on the Enabling Key Block
3 is generated and provided to the user device 30. The service data includes an activation key block (EKB) having a service device node key (SDNK) required for decryption processing of the encrypted content.

The encrypted content 51, the usage right information 52,
The detailed configuration of the service data 53 and the details of the use process of these data will be described later.

The usage conditions of the contents include a limitation condition of a usage period, a limitation of the number of times of copying, and a portable medium (P) that can simultaneously use the contents.
M: Portable Media (corresponding to the so-called Check-out number).

For example, a portable medium (P) that can simultaneously use the contents corresponding to each of the contents stored on the hard disk of the PC 31 is provided.
The maximum number of checkouts can be set as the number of M: Portable Media. Portable media (PM: Portab
le Media) is, for example, a flash memory or a small H
D, optical disk, magneto-optical disk, MD (Mini Disk)
The storage medium can be used in the portable device 32.

The personal computer (PC) 31
The content is transferred (checked out) from the hard disk of the PC 31 to the portable medium storing the content, and the content can be used (reproduced) on the portable device 32 storing the portable medium. At this time, a configuration is required in which the usage condition information corresponding to the content can be applied to the portable device 32.

The portable device 32 equipped with a flash memory or a small HD, an optical disk, a magneto-optical disk, etc., stores contents supplied from the personal computer 31 together with accompanying data including use condition information.
The data is stored in a flash memory or a storage medium such as a small HD, an optical disk, or a magneto-optical disk. The portable device 32 reproduces the content stored in the storage medium according to the usage conditions as the additional data of the content, and outputs the content via an output unit such as a headphone or a speaker.

A personal computer 31 and a flash memory capable of storing contents or a small HD,
Regarding a configuration example of a portable device 32 in which portable media such as an optical disc and a magneto-optical disc can be mounted,
This will be described with reference to FIGS.

First, the configuration of the personal computer 31 will be described with reference to FIG. CPU (Central Proc
The essing unit (101) actually executes various application programs and an OS (Operating System). Further, as content encryption / decryption processing, for example, D
An information recording processing device (portable device) connected by executing encryption processing, MAC generation, verification processing, etc. applying the encryption algorithm of ES (Data Encryption Standard)
It functions as a control unit that performs authentication and session key sharing processing at the time of content input / output executed between the server and the content, and controls content input / output processing.

A ROM (Read Only Memory) 102 stores C
Stores programs used by the PU 101, fixed data among calculation parameters, and the like. A data processing program and the like at the time of content input / output executed with the portable device described above are stored. RAM (Random Acc
The ess memory 103 stores programs used in the execution of the CPU 101, parameters that change as appropriate in the execution, and the like. These are mutually connected by a host bus 104 composed of a CPU bus and the like.

The host bus 104 is connected via a bridge 105 to a PCI (Peripheral Component Interconnect / Int).
(Erface) bus and the like.

The keyboard 108 is operated by the user when inputting various commands to the CPU 101. The pointing device 109 is operated by the user when pointing or selecting a point on the screen of the display 110. The display 110 is composed of a liquid crystal display device or a CRT (Cathode Ray Tube), and displays various information as text or images. HDD (Hard Disk
Drive) 111 drives the hard disk, and the CPU 1
01 records or reproduces a program or information to be executed.

The drive 112 reads data or a program recorded on a removable recording medium 121 such as a magnetic disk, an optical disk, a magneto-optical disk, or a semiconductor memory, and reads the data or the program into the interface 107. External bus 10
6, the bridge 105, and the RAM 103 connected via the host bus 104.

PD (portable device) connection port 1
14 is a port for connecting a portable device,
A portable device is connected through a connection such as USB, IEEE1394, or the like. A PD (portable device) connection port 114 is connected to the HDD 111, the CPU 101, or the RAM 103 via the interface 107, the external bus 106, the bridge 105, the host bus 104, and the like.
, For example, contents or commands of the portable device 122 are output to the portable device 122.

The audio input / output interface 115 is, for example, an IEC (International Electrotechnical Communications).
n) Executes digital audio input / output or analog audio input / output interface processing having a 60958 terminal, and is connected to an output means such as a speaker.
Based on the audio signal supplied from 15, a predetermined audio corresponding to the content is output.

The keyboard 108 to the voice input / output interface 115 are connected to the interface 107. The interface 107 is connected to the external bus 10
6, the bridge 105, and the host bus 104 are connected to the CPU 101.

The communication unit 116 is connected to a network, stores data (for example, a registration request or a content transmission request) supplied from the CPU 101 or the HDD 111 in a packet of a predetermined format, and CPU 2 transmits data (eg, an authentication key or content) stored in a packet received via network 2 to CPU 2
101, the RAM 103, or the HDD 111.

Next, an example of a portable device configuration using a portable medium will be described with reference to FIG. The medium as the storage medium for the content is a flash memory, a small HD, an optical disk, a magneto-optical disk, or the like.

The power supply circuit 152 converts the supplied power supply voltage to internal power of a predetermined voltage and supplies the internal power to the CPU 153 to the display unit 167, thereby driving the entire apparatus. The input / output I / F 157 is an interface for connecting to a personal computer (PC) 172 serving as a content provider, and performs connection according to a connection mode such as USB or IEEE1394.

The data transferred from the personal computer 172 is composed of, for example, 64 bytes of data per packet, and is transferred from the personal computer to the portable device at a transfer rate of 12 Mbit / sec. The data transferred to the portable device is made up of content and incidental information such as usage conditions of the content.

When the portable device receives an instruction to write the content together with the content from the personal computer, the portable device executes the main program read from the ROM 155 to the RAM 154 as a control means for executing the main program.
The PU 153 receives the write instruction, and
1. Execute content writing to, for example, a flash memory, HD, DVD, or CD. In the example shown in the figure, a flash memory, HD, DVD, C
D is shown, but these storage media are examples, and it is sufficient that at least one type of storage media can be used.

The process of writing data to the storage medium 161 is executed via the storage medium controller or the drive 160 corresponding to the storage medium 161. For example, if the storage medium 161 is a flash memory, writing is performed via a flash memory controller, and if the storage medium 161 is a hard disk (HD), writing is performed via an HDD. Note that the storage medium 161,
For example, a flash memory, an HD, a DVD, and a CD can be configured to be removable from a portable device.

When a content reproduction command from the user is supplied to the CPU 153 via the operation key controller 162, the CPU 153 as a control unit causes the storage medium controller or the drive 160 to execute a process of reading the content from the storage medium 161 and the DSP 159. To transfer.

DSP (Digital Signal Processor) 159
Executes a reproduction process of the content transferred from the storage medium 161. The DSP 159 has an encryption / decryption processing function, an equalizer adjustment (adjustment of a gain corresponding to a frequency band of an audio signal) function, and a compression / decompression (encode / decode).
It has a processing function. For example, high-efficiency encoding is performed to write a digital audio signal to the storage medium 161, and data read from the memory card 161 is decoded. As a high-efficiency encoding method, for example, ATRAC (Adaptive Transform Acou
ATRAC3 with improved stic coding) is used.

In ATRAC3, the sampling frequency =
Highly efficient encoding processing is performed on audio data whose quantization bits sampled at 44.1 kHz are 16 bits. AT
The smallest data unit when processing audio data in RAC3 is the sound unit SU. 1SU is 10
It is obtained by compressing 24 samples (1024 × 16 bits × 2 channels) into several hundred bytes, which is about 23 ms in time. Approximately 1 /
10 compresses the audio data.

The digital / analog conversion circuit 163 converts the reproduced content into an analog audio signal, and supplies the analog audio signal to the amplifier circuit 164. The amplifier circuit 164 amplifies the audio signal and supplies the audio signal to a headphone or a speaker via the output unit 165.

A digital signal or an analog signal is input from an external source from the input I / F 171. When an analog signal is input, A / D conversion is performed. In the A / D conversion, an input signal to be input is, for example, sampling frequency = 44.1.
The digital audio signal is converted to a digital audio signal of kHz, quantization bits = 16 bits. Digital signals from external sources are converted by SRC (Sampling Rate Converter)
Similarly, the digital audio signal is converted into a digital audio signal having a sampling frequency of 44.1 kHz and quantization bits of 16 bits.

The CPU 153 controls the LCD controller 166 to display a reproduction mode state (for example, repeat reproduction, intro reproduction, etc.), an equalizer adjustment (gain adjustment corresponding to the frequency band of the audio signal) on the display unit 167. ), Music number, playing time, playback, stop, fast forward, fast reverse, etc., and information such as volume and remaining battery level.

The content encryption / decryption processing executed by the DSP 159 is performed, for example, by DES (Data Encryption).
Standard) encryption algorithm is applied. The content encryption is a process for protecting the copyright of the content, and the content encryption process is executed in the content transfer process between the PC and the portable device and in the content transfer process between the portable device and the storage medium. .

EEPR composed of, for example, a flash memory
The OM 168 stores keys applied to encryption and decryption processing, and performs content transfer processing between the PC and the portable device, authentication processing and session key sharing processing in the content transfer processing between the portable device and the storage medium, and transfer. It is applied to the encryption or decryption processing of data or stored data. [Tree Structure as Key Distribution Configuration] Next, Broadcast Encryption (Broadcast Encryption) for making the content available only to user devices having a legitimate content usage right
A device and key management configuration based on a tree configuration, which is one mode of the system, will be described.

[0107] Numbers 0 to 15 shown at the bottom of FIG. 4 are user devices that use the content. That is, each leaf of the hierarchical tree structure shown in FIG. 4 corresponds to each device.

Each of the devices 0 to 15 has a key (node key) assigned to a node from its own leaf to the root in the hierarchical tree structure shown in FIG. A key set (device node key (DNK: Device Node Key)) consisting of leaf keys for each leaf is stored in the memory. 4 are leaf keys assigned to the respective devices 0 to 15, respectively. From the uppermost KR (root key), two keys from the lowermost row are displayed.
Key described in the third section (node): KR to K111
Is a node key.

In the tree structure shown in FIG. 4, for example, device 0 has a leaf key K0000 and a node key: K0
00, K00, K0, KR. Device 5 is K
0101, K010, K01, K0, KR.
The devices 15 are K1111, K111, K11, K
1. Own KR. In the tree of FIG. 4, only 16 devices 0 to 15 are described, and the tree structure is also shown as a four-stage balanced and symmetrical configuration. However, more devices are configured in the tree. Also, each section of the tree can have a different number of stages.

Each device included in the tree structure of FIG. 4 includes various recording media, for example, a DVD, a C which is embedded in a device or detachably attached to the device.
Various types of devices using D, MD, flash memory, etc. are included. Further, various application services can coexist. FIG. 4 illustrates the coexistence of such different devices and different applications.
A hierarchical tree structure, which is a content or key distribution configuration shown in FIG.

In a system in which these various devices and applications coexist, for example, a portion surrounded by a dotted line in FIG. 4, that is, devices 0, 1, 2, and 3 are set as one group using the same recording medium. For example, for devices included in the group surrounded by the dotted line, common contents are collectively encrypted and sent from the provider, a content key used commonly for each device is sent, or each device is sent. , The content payment data is also encrypted and output to a provider or a settlement institution. An organization that transmits and receives data to and from each device, such as a content provider or a payment processing organization, is shown in FIG.
, Ie, devices 0, 1, 2, 3
Is executed as a group and data is sent collectively. There are a plurality of such groups in the tree of FIG. An organization that transmits and receives data to and from each device, such as a content provider or a payment processing organization, functions as message data distribution means.

The node key and leaf key have a certain 1
It may be managed by one key management center, or may be managed on a group basis by message data distribution means such as a provider or a settlement institution that transmits and receives various data to and from each group. These node keys and leaf keys are updated when the key is leaked, for example, and the key management center, provider, settlement institution, or the like executes this update processing.

In this tree structure, as apparent from FIG. 4, three devices 0, 1, 2, and 3 included in one group are assigned device node keys (DNK: Device).
A device node key (DNK: Device Node Key) including common keys K00, K0, and KR as NodeKeys. By using this node key sharing configuration, for example, a common key can be provided only to the devices 0, 1, 2, and 3. For example, the commonly owned node key K00 is a shared key common to the devices 0, 1, 2, and 3. A value Enc (K00, Knew) obtained by encrypting the new key Knew with the node key K00
Is distributed to the devices 0, 1, 2, and 3 via a network or stored in a recording medium.
Only 1, 2, and 3 use the shared node key K00 held by each device to encrypt Enc (K00,
Knew) to obtain a new key Knew. Enc (Ka, Kb) indicates that the data is obtained by encrypting Kb with Ka.

At a certain time t, if it is found that the key: K0011, K001, K00, K0, KR possessed by the device 3 has been analyzed and revealed by an attacker (hacker), then the system (device) 0,1,
In order to protect data transmitted / received in the group (2, 3), it is necessary to disconnect the device 3 from the system. For that purpose, node keys: K001, K00, K0, KR
With new keys K (t) 001, K (t) 00, K
It is necessary to update to (t) 0, K (t) R and to inform the devices 0,1,2 of the updated key. Here, K (t) a
“aa” indicates that the key is an update key of the generation of the key Kaaaa: t.

The update key distribution process will be described. The key is updated, for example, by storing a table composed of block data called an enabling key block (EKB) shown in FIG. 2
To be performed. Note that the activation key block (EKB) is composed of an encryption key for distributing a newly updated key to devices corresponding to each leaf configuring the tree structure as shown in FIG. The activation key block (EKB) is sometimes called a key renewal block (KRB).

The activation key block (E) shown in FIG.
KB) is configured as block data having a data structure that can be updated only by a device that requires updating of the node key. The example of FIG. 5 is block data formed for the purpose of distributing an updated node key of generation t in devices 0, 1, and 2 in the tree structure shown in FIG. As is clear from FIG.
Are K (t) 00, K (t) 0,
K (t) R is required, and the device 2 uses K (t) 001, K (t) 00, K (t) 0,
K (t) R is required.

As shown in the EKB of FIG.
B includes a plurality of encryption keys. The encryption key at the bottom is Enc (K0010, K (t) 001).
This is the updated node key K (t) 001 encrypted by the leaf key K0010 of the device 2, and the device 2 can decrypt this encrypted key by its own leaf key to obtain K (t) 001. . 5 using K (t) 001 obtained by decoding.
(A) The second-stage encryption key Enc (K (t) 0 from the bottom)
01, K (t) 00) can be decrypted, and an updated node key K (t) 00 can be obtained. FIG. 5
(A) The encryption key Enc (K (t) 0 in the second stage from the top)
0, K (t) 0) and the updated node key K (t)
0, the encryption key Enc (K
(T) 0, K (t) R) is decoded to obtain K (t) R. On the other hand, device K0000. K0001 is the node key K
000 is not included in the object to be updated, and K (t) 00, K (t) 0, K
(T) R. Device K0000. K0001 is
The encryption key Enc (K00
0, K (t) 00) to obtain K (t) 00,
Hereinafter, the encryption key Enc in the second stage from the top in FIG.
(K (t) 00, K (t) 0) is decrypted, and the updated node key K (t) 0, the first-stage encryption key Enc (K (t) 0, K ( t) R) and K (t) R
Get. Thus, the devices 0, 1, and 2 can obtain the updated key K (t) R. Note that FIG.
Indicates the absolute addresses of the node key and leaf key used as the decryption key.

In the case where it is not necessary to update the node keys K (t) 0 and K (t) R in the upper stage of the tree structure shown in FIG. 4 and only the node key K00 needs to be updated, FIG. By using the activation key block (EKB) of B), the updated node key K (t) 00 is assigned to the devices 0, 1, 2, and 3.
Can be distributed to

The EKB shown in FIG. 5B can be used, for example, when distributing a new content key shared by a specific group. As a specific example, a device 0, 1, 2, 3 in a group indicated by a dotted line in FIG. 4 uses a certain recording medium, and a new common content key K is used.
(T) Assume that con is required. At this time, K, which updates the common node key K00 of the devices 0, 1, 2, 3
(T) New common updated content key using 00:
Data Enc (K (t), which is obtained by encrypting K (t) con)
K (t) con) is distributed together with the EKB shown in FIG. This distribution makes it possible to distribute data that cannot be decrypted to devices in other groups such as the device 4.

That is, if the devices 0, 1, and 2 decrypt the ciphertext using the K (t) 00 obtained by processing the EKB, the devices 0, 1, and 2 can be applied to encryption / decryption of keys at time t, for example, contents. Content key K (t) con to be obtained.

[Distribution of Key Using EKB] FIG.
As an example of processing for obtaining a key at time t, for example, a content key K (t) con applied to encryption / decryption of content, a new common content key K (t) con is encrypted using K (t) 00. Data Enc (K (t) 0
0, K (t) con) and the EKB shown in FIG. 5B via a recording medium, showing a processing example of the device 0. That is, this is an example in which the EKB-encrypted message data is used as the content key K (t) con.

As shown in FIG. 6, the device 0 uses the EKB at the time t stored in the recording medium and the node key K000 stored in advance by the same EKB process as described above to execute the node key. K (t) 00
Generate Further, the decrypted updated node key K (t)
The decrypted content key K (t) con is decrypted by using 00, and the decrypted updated content key K (t) con is encrypted and stored with the leaf key K0000 of its own for use later.

[Format of EKB] FIG. 7 shows a format example of the enabling key block (EKB). The version 201 is an identifier indicating the version of the activation key block (EKB). The version is the latest E
It has a function of identifying a KB and a function of indicating a correspondence relationship between contents. The depth indicates the number of layers in the hierarchical tree for the device to which the activation key block (EKB) is distributed.
The data pointer 203 stores an activation key block (EK
B) is a pointer indicating the position of the data section, the tag pointer 204 is a pointer indicating the position of the tag section, and the signature pointer 205 is a pointer indicating the position of the signature.

The data section 206 stores, for example, data obtained by encrypting a node key to be updated. For example, each encryption key related to the updated node key as shown in FIG. 6 is stored.

The tag section 207 is a tag indicating the positional relationship between the encrypted node key and leaf key stored in the data section. The tag assignment rule will be described with reference to FIG. FIG. 8 shows an example in which the enabling key block (EKB) described above with reference to FIG. 5A is transmitted as data. The data at this time is as shown in Table (b) of FIG. The address of the top node included in the encryption key at this time is set as the top node address. In this case, since the update key K (t) R of the root key is included, the top node address is KR. At this time, for example, the data Enc (K (t) 0, K (t) R) at the top is at the position shown in the hierarchical tree shown in FIG. Here, the next data is Enc (K (t) 00, K (t)
0) at the lower left position of the previous data on the tree. If there is data, the tag is set to 0, and if not, 1 is set. The tag is set as {left (L) tag, right (R) tag}. Data Enc (K (t) 0, K
Since there is data on the left of (t) R), the L tag = 0, and on the right there is no data, so the R tag = 1. Hereinafter, tags are set for all data, and a data sequence and a tag sequence shown in FIG. 8C are configured.

The tag has data Enc (Kxxx, Kyy).
y) is set to indicate where it is located in the tree structure. Key data Enc (Kxxx, Kyyy) stored in the data section. . . Is simply a series of data of the encrypted key, so that the position of the encryption key stored as data on the tree can be determined by the above-described tag. Instead of using the tag described above, using the node index corresponding to the encrypted data as in the configuration described in FIG. 5, for example, 0: Enc (K (t) 0, K (t) root ) 00: Enc (K (t) 00, K (t) 0) 000: Enc (K ((t) 000, K (T) 00) ... ,
Such a configuration using an index results in redundant data and an increased data amount, which is not preferable for distribution over a network. On the other hand, by using the above-described tag as index data indicating the key position, the key position can be determined with a small data amount.

Returning to FIG. 7, the EKB format will be further described. The signature (Signature) 208 is an electronic signature executed by, for example, a key management center, a content provider, a service provider, or a payment institution that has issued an activation key block (EKB). The device that has received the EKB confirms that the device is a valid activation key block (EKB) issued by a valid activation key block (EKB) issuer by signature verification.

[Category classification of tree] A configuration for classifying a hierarchical tree structure defining node keys and the like for each device category and executing efficient key update processing, encryption key distribution, and data distribution will be described below. explain.

FIG. 9 shows an example of category classification in a hierarchical tree structure. In FIG. 9, a root key Kroot 301 is set at the top of the hierarchical tree structure, a node key 302 is set at the following middle, and a leaf key 303 is set at the bottom. Each device has an individual leaf key and a series of node keys from the leaf key to the root key, the root key.

Here, as an example, a node at the M-th stage from the top is set as a category node 304. That is, each of the nodes in the Mth stage is a device setting node of a specific category. Hereinafter, one node at the M-th stage is defined as a vertex, and the nodes and leaves at the (M + 1) -th stage and below are nodes and leaves relating to devices included in the category.

For example, one node 30 at the M-th stage in FIG.
5, a category [memory stick (trademark)] is set, and nodes and leaves following this node are set as nodes or leaves dedicated to the category including various devices using the memory stick. That is, the nodes 305 and below are defined as a set of related nodes and leaves of the device defined in the memory stick category.

Furthermore, a stage several stages lower than the M stage can be set as the sub-category node 306. For example, as shown in the figure, the node of [reproduction-only device] is set as a subcategory node included in the category of the device using the memory stick at the node two levels below the category [memory stick] node 305. Further, a node 307 of a telephone with a music playback function included in the category of the playback-only device is set below the node 306 of the playback-only device, which is a subcategory node. [PHS] node 308 and [mobile phone] node 309 can be set.

Further, the category and the sub-category are not only the type of the device but also a node which is independently managed by, for example, a certain maker, a content provider, a settlement institution, etc. (These will be collectively referred to as entities hereinafter). For example, if one category node is set as a vertex node dedicated to a game device XYZ sold by a game device maker, the lower node key and leaf key below the vertex node can be stored and sold in the game device XYZ sold by the maker. After that, the distribution of the encrypted content or the distribution and update of various keys is performed by generating and distributing an enabling key block (EKB) composed of a node key and a leaf key below the vertex node key, and distributing the key. Data that can be used only for those devices can be distributed.

As described above, with one node as a vertex,
The following nodes are the categories defined for that vertex node,
Alternatively, by configuring as a related node of a subcategory, a maker, a content provider, or the like that manages one vertex node of a category stage or a subcategory stage independently generates an enabling key block (EKB) having the node as a vertex. A key can be generated and distributed to devices belonging to the vertex node and below, and the key can be updated without affecting devices belonging to other categories of nodes that do not belong to the vertex node.

In the system of the present invention, as shown in FIG. 10, in a tree-structured system, device keys and content keys are managed. In the example of FIG. 10, nodes of 8 + 24 + 32 levels have a tree structure, and categories correspond to each node from the root node to the lower 8 levels. Here, the category means a category such as a category of a device using a semiconductor memory such as a memory stick and a category of a device receiving a digital broadcast. The present system (referred to as T system) corresponds to one of the category nodes as a system for managing a license.

That is, the key corresponding to the node in the lower 24 levels of the node of the T system
A service provider or a service provided by the service provider is supported. In this example, this would allow for 2 ²⁴ (approximately 16 mega) service providers or services to be defined. Further, 2 ³² (about 4 giga) users (or user devices) can be defined by the lowest 32 levels. The key corresponding to each node on the path from the bottom 32 nodes to the node of the T system is DNK (Device Node Ke).
y), and the ID corresponding to the leaf at the bottom is the leaf ID.

For example, the content key obtained by encrypting the content is encrypted by the updated root key KR ', the updated node key of the upper layer is encrypted by using the updated node key of the immediately lower layer, and the EKB is updated. Is placed within. The updated node key one level above the end of the EKB is encrypted by the node key or leaf key at the end of the EKB, and is placed in the EKB.

The user device uses one of the keys of the DNK described in the service data to decrypt the updated node key of the immediately higher hierarchy described in the EKB distributed together with the content data, and decrypts it. Using the key obtained in this way, the updated node key described in the EKB and further higher in the hierarchy is decrypted. By sequentially performing the above processing, the user device can update the root key K
R ′ can be obtained.

[Content processing using a plurality of EKBs] As described above, 1
One node can be a vertex, and the following nodes can be configured as related nodes of the category or subcategory defined in the vertex node.
Alternatively, a maker, service provider, or the like that manages one vertex node in the subcategory stage independently generates an activation key block (EKB) having that node as a vertex,
A configuration for distributing to devices belonging to the vertex node and below is realized.

A description will now be given of a content distribution and usage mode in which the EKB distribution system based on a plurality of categories is adopted by applying the above-described tree-structured device management EKB distribution system.

The two categories will be described with reference to FIG. As shown in FIG. 11, a T system node 351 is set below the root node 350, and a T
The service node 352 and the T hard node 353 are set. A tree having the T hard node 353 as a vertex sets a user device device itself as a leaf 355 and issues a hardware-compatible EKB [EK
B (H)]. On the other hand, T
The tree having the service node 352 at the top is a category tree for distributing a service-compatible EKB [EKB (S)] issued in response to a service provided to the user device.

In both the hardware-compatible EKB [EKB (H)] and the service-compatible EKB [EKB (S)], a DNK (Device
Node Key), that is, by having a key corresponding to each node on the path from the leaf to the node of the T system, each EKB can be decrypted.

Referring to FIG. 12, hardware-compatible EKB [E
KB (H)] and a content use processing sequence based on content decryption processing to which service-compatible EKB [EKB (S)] is applied.

Service data 401, encrypted content file 402, and usage right information 403 shown in FIG.
Corresponds to the service data 53, the encrypted content 51, and the usage right information 52 shown in FIG. 1, and is data that the user device receives via the service provider. The service data 401 includes a leaf ID as a leaf identifier,
EKB version to be applied and service compatible E
Data E (Kroot ', SDNK) obtained by encrypting a service-compatible device node key (SDNK) necessary for decrypting KB [EKB (S)] with a root key Kroot' set in correspondence with a hardware-compatible category tree. Stored.

The encrypted content file 402 is a service-compatible EKB [EKB] storing a root key Kroot set corresponding to a service-compatible category tree.
(S)], the content ID (C
ID) and a content E (Kc) obtained by encrypting a content key (Kc) applied to content encryption and decryption.
root, CID + Kc) and content (Co
(Cent.) is encrypted by the content key Kc.

The usage right information 403 includes a leaf ID.
And data storing content usage condition information. The usage condition information of the content includes various usage conditions such as a usage period, the number of times of use, and copy restrictions set corresponding to the content. The user device receiving the usage right information 403 stores the usage right information as security information corresponding to the content, or stores the usage right information in an AV index file as index data of the content.

For example, in a user device having a large-capacity storage means such as a PC and having a high processing capability such as a processor, the usage right information can be stored as security information corresponding to the content. It is preferable to store the usage condition information and perform a process referring to all the usage condition information when using the content. On the other hand, in a user device such as a portable device (PD) that does not have a large-capacity storage device and has a low processing capability such as a processor, the usage right information 403 including the selected information is stored in the AV index as content index data. Stored in a file and used for AV
Processing such as performing processing with reference to use condition information in the index file is possible.

FIG. 1 shows a configuration example of the AV index file.
3 is shown. The AV index file configuration shown in FIG. 13 has a configuration in which usage condition information is added to an AV index file of Mobile Quick Time.

The AV index file 421 is composed of header information 422 and index file information 423. The index file information 423 includes properties,
The content includes a title, a thumbnail, an intro (for music content), and the like, and further includes usage condition information 425 corresponding to the content. The AV file 424 as actual content is stored in association with each index information.

FIG. 14 shows a configuration example of the use condition information. The usage condition information is set for each user who uses the content and for each content, and includes a leaf ID 451 and a content ID 452 that can identify each of them, content usage period information, usage (reproduction) frequency information, copy restriction information, and other devices. Usage condition field 453 storing various usage conditions related to the transfer to the device, input from other devices, and the like, a usage status field 454 as a field for recording a usage status according to the content usage, and a description of each of these information. Message authentication code (MAC: Message authentication C) as a verification value to prevent tampering
ode) 455.

Message authentication code (MAC: Message au)
Thentication code 455 is generated as data for falsification verification of data based on data including content use condition information. FIG. 15 shows an example of MAC value generation using the DES encryption processing configuration. As shown in the configuration of FIG. 15, the target message is divided into 8-byte units (hereinafter, the divided messages are referred to as M1, M2,...).
, MN) First, the initial value (Initial Value (hereinafter, referred to as IV)) and M1 are exclusively ORed (the result is I1). Next, I1 is entered into the DES encryption unit, and is encrypted using a key (hereinafter, referred to as K1) (output is referred to as E1). Subsequently, E1 and M2 are XORed, the output I2 is input to the DES encryption unit, and is encrypted using the key K1 (output E2). Hereinafter, this is repeated, and encryption processing is performed on all messages. The last EN that appears is the message authentication code (MAC (Messag
e Authentication Code)).

When the source data is changed, the MAC value becomes different, and the MAC generated based on the data (message) to be verified and the recorded MA
A comparison with C is performed, and if they match, it is proved that the data (message) to be verified has not been changed or altered.

Returning to FIG. 12, the hardware-compatible EKB [EKB
(H)], a description will be given of a content use processing sequence based on content decryption processing to which the service-compatible EKB [EKB (S)] is applied.

The user device stores the service data 40
1. Encrypted content file 402, usage right information 40
3 have been received. As described above, the usage right information 403 is held as security information corresponding to the content in, for example, a PC, and is used as a portable device (P
In D), it is stored in the AV index file 421 set corresponding to the stored content. When a content transfer / copy process is performed from a PC to a PD, the usage right information stored in the security information corresponding to the content held in the PC or the like is P
AV index file 421 set in D
Converted to adapt to For example, the conversion mode is changed according to the storage medium, such as storing only usage conditions limited to content playback time, number of playbacks, move conditions, copy conditions, and the like.

The user device further has a hardware-compatible EKB (H) 411 and a hardware-compatible device node key (HDNK) 412 applied to processing (decoding) of the hardware-compatible EKB (H). The hardware-compatible EKB (H) 411 decrypts the root key KRoot which is set corresponding to the hardware-compatible category tree.
It is possible to extract t '.

In step S11 shown in FIG. 12, the hardware-compatible device node key (HDNK) 412 is applied to execute the decryption processing of the hardware-compatible EKB (H) 411. The root key Kroot 'set corresponding to the category tree is acquired. The processing of the EKB to which the DNK is applied is described first with reference to FIG.
Is performed in accordance with the method described with reference to FIG.

Next, in step S12, the EKB
Using the root key KRoot 'extracted from (H), the encrypted data E (Kro
ot ′, SDNK), and obtains a device node key (SDNK) to be applied to the process (decryption) of the service-compatible EKB [EKB (S)].

Next, in step S13, the device node key (SDNK) extracted from the service data
To execute (decrypt) the service corresponding EKB [EKB (S)] stored in the encrypted content file 402 using the service corresponding category tree stored in the service corresponding EKB [EKB (S)]. To obtain the root key Kroot set corresponding to.

Next, in step S14, the encrypted content file 402 is created using the root key Kroot extracted from the service-compatible EKB [EKB (S)].
Data E (Kroot, CID +
Kc), and decrypts the content ID (CID)
And a content key (Kc).

Next, in step S15, the content ID extracted from the encrypted content file 402
A matching process is performed between the (CID) and the content ID stored in the usage condition information in the AV index file 421. When it is confirmed by the matching process that the content can be used, in step S16, the content key (Kc) extracted from the encrypted content file 402 is applied to encrypt the content stored in the encrypted content file 402. The encrypted content E (Kc, Content) is decrypted to reproduce the content.

As described above, the hardware-compatible EKB [EKB] as the EKB corresponding to the category tree set corresponding to the hardware as the content using device.
(H)] and a service-compatible EKB [EKB (S)] as an EKB corresponding to a category tree set in correspondence with the content use service is individually provided to the user, and a valid EKB for each EKB is provided. DNK
Only the user having the above can use the service.

The DNK for decoding the service-compatible EKB [EKB (S)], that is, the SDNK, can be provided as service data 401 corresponding to the content.
That is, a root key K set corresponding to a hardware-compatible category tree that can be obtained only by a device having HDNK
Since the configuration is such that root 'is applied and encrypted, only a user device having a legitimate HDNK can acquire the SDNK and use the service.

[0139] Further, in the content use, a matching process is performed between the content identifier (CID) obtained from the encrypted content file 402 and the CID obtained from the use condition information of the AV index file 421. Obtaining the usage right information 403 and storing the usage condition information in the AV index file can be set as an essential requirement of the content reproduction process, and the content usage according to the usage conditions is realized.

[Use with Content Copy between PD and PC] Next, the encrypted content file stored in the PC or the like is moved or copied to a medium (for example, a disk or a memory) in the portable device, and the generated subkey Ksub Is generated according to the content,
A configuration in which the content is applied to the portable device by decrypting the content to which the subkey Ksub is applied will be described.

(Checkout Process) Referring to FIG. 16, an outline of data stored in the portable device 502 in the process of outputting content from the PC 501 to the portable device 502 will be described.

The encrypted content file 511 is a service-compatible EKB [EKB] storing a root key Kroot set corresponding to a service-compatible category tree.
(S)], the content ID (C
ID) and a main key Kcm as a key for generating a content key (Kc) to be applied to the content encryption and decryption processes, the data E (Kroot, CI
D + Kcm) and content (Content)
E (Kc, C) obtained by encrypting
file).

The AV index file 512 has the configuration described above with reference to FIGS. 13 and 14, and is used for mobile quick time (Mobile Quick Ti).
me) has a configuration in which usage condition information is added to the AV index file.

The usage condition information stored in the portable device (PD) may be converted into the minimum data and stored in consideration of the data capacity of the medium used by the PD. For example, content playback time, playback count,
The mode is changed according to the storage medium, such as storing only use conditions limited to move conditions, copy conditions, and the like.

As described above with reference to FIG. 12, the service data 513 is necessary for decoding the leaf ID as the leaf identifier, the version of the EKB to be applied, and the service-compatible EKB [EKB (S)]. Key corresponding to the hardware-compatible category tree is set to the root node KRoot.
Data E (Kroot ', SD) encrypted by t'
NK).

The sequence page 514 includes a message authentication code (MAC: Message) as a falsification verification value of the usage rule information corresponding to the content described above with reference to FIG.
This is table data in which a MAC #n as an authentication code) and a subkey Ksubn applied to the generation of the content key Kc are stored for each of the contents 0-n.

It should be noted that the content key Kc applied to the content encryption / decryption processing and the encrypted content file 5
The relationship between the main key Kcm stored in 11 and the subkey Ksub stored in the sequence page 514 is Kc = Kcm XOR Ksub. That is, the main key Kcm and the sub key Ks
The content key Kc is calculated by exclusive logical wheel operation with u.

The encrypted content file 511, AV index file 512, and service data 513 are
The sequence page 514 is written in the normal data storage area of the medium of the portable device 502, and the sequence page 514 is a lead-in area 5 in which data can be read and written on condition that it is confirmed that the user has a specific access right.
21 is written.

Referring to FIG. 17, a description will be given of a content output from a PC to a medium of a portable device (PD), that is, a checkout processing sequence.

Each step will be described. Step S
In 101, it is checked whether or not there is a slot for storing the content in the medium of the PD. When it is confirmed that there is an empty slot, it is determined in step S102 whether or not the usage condition information corresponding to the encrypted content file to be checked out is stored in the PD. If there is no use condition information, the content cannot be used, and the processing ends with an error. If there is usage condition information, it is determined in step S103 whether or not service data corresponding to the encrypted content file is stored in the PD. Copy the data.

Next, in step S105, the encrypted content file 511 (see FIG. 15) is copied to the PD medium. Next, in step S106, a process for sharing Kroot between the PC and the PD is performed using the EKB corresponding to the service, that is, the EKB (S). Here, Kro of the latest version of EKB (S)
ot is shared between PC and PD.

Next, on the PC side, the MAC based on the usage condition information corresponding to the content to be checked out is used.
Perform the calculation. The MAC calculation follows the calculation process described above with reference to FIG.

In step S108, a write area (track) for the AV index file (see FIG. 13) of the PD medium is created, and in step S109, the AV index including use condition information (see FIG. 14) for the PD medium is created. Write the file (see FIG. 13).

Next, in step S110, P
The process of sharing the session key is performed by applying the KRoot shared between C and PD. The session key sharing process can be executed, for example, by a process using a MAC represented by ISO / IEC 9798-4. The processing sequence will be described with reference to FIG.

In FIG. 18, P corresponding to each of a personal computer (PC) and a portable device (PD), which are content transmitting and receiving devices, respectively.
C and B have a common key Kroot. Note that the symbol “||” in FIG. 18 represents concatenation.

Next, the PC generates random numbers Ra and Sa,
a, Sa and MAC (Kroot, Ra || Rb || S
a) to PD. MAC (Kroot, Ra || Rb || S
a) represents Kroot as a key and Ra || R as data.
b || Sa is input.

The PD uses the received data to perform MAC
Calculate (Kroot, Ra || Rb || Sa) and check if this matches the one received. If they match, the communication partner PC is recognized as valid and the process is continued, but if they do not match, it is determined to be invalid and the process is stopped.

Next, the PD generates a random number Sb,
Send C (Kroot, Rb || Ra || Sb) to the PC. PC
MAC (Kroot,
Rb || Ra || Sb) is calculated, and it is confirmed whether or not it matches the received one. If they match, the communication partner PD is recognized as valid and the process is continued, but if they do not match, it is determined to be invalid and the process is stopped. Finally, both sides are MAC
Calculate (Kroot, Sa || Sb) and use this as the session key in the session.

By doing as described above, the personal computer and the portable device as the content transmitting device and the receiving device can check each other's validity and can safely share the session key.

Returning to the flow of FIG. 17, the description will be continued. In step S110, when the generation of the session key Kses based on Kroot is completed, step S11
1, from the PC, the MAC of the usage condition information corresponding to the content, the subkey Ksub, and the slot No. Is encrypted with the session key Kses and transmitted to the PD.

In step S112, the PD sets the PC
Then, it is determined whether or not the MAC received from the server and the MAC of the usage condition information calculated in step S107 match. If they do not match, it means that the usage condition information has been tampered with, and proper use of the content cannot be guaranteed, and the process ends with an error.

The MAC received from the PC and step S1
If the MAC of the usage condition information calculated in step 07 matches the MAC of the PD medium (in step S113, the table data in which the MAC is associated with the sub-key Ksub in the lead-in area of the disk) is sequence page (see FIG. 12). ).

(Content Reproduction Process) Next, in the portable device (PD), a content key: Kc is generated by applying the subkey Ksub, and the encrypted content is decrypted to use (reproduce) the content. Will be described with reference to FIGS. 19 and 20.

The portable device (PD) includes service data 601, encrypted content file 602, AV
Index file 621, sequence page 622
have. In addition, portable devices (PD)
Owns EKB (H) 611 for hardware,
A hardware-compatible device node key (HDNK) 612 to be applied to the processing (decryption) of the EKB (H) for hardware is provided. EKB (H) 611 for hardware
Can extract the root key Kroot 'set corresponding to the hardware-compatible category tree by decryption.

The service data 601 includes a leaf ID as a leaf identifier, a version of the EKB to be applied, and a service-compatible device node key (SDNK) required for decoding the service-compatible EKB [EKB (S)].
Data E (Kro) encrypted with the root key Kroot 'set corresponding to the hardware-compatible category tree
ot ′, SDNK).

The encrypted content file 602 is a service-compatible EKB [EKB] that stores a root key Kroot set corresponding to a service-compatible category tree.
(S)], the content ID (C
ID) and a main key Kcm applied to the generation of a content key (Kc) applied to the content encryption and decryption processing, by encrypting data E (Kroot, CID +
Kcm) and data E (Kc, Con) obtained by encrypting the content (Content) with the content key Kc.
tet).

As described above with reference to FIG. 13, the AV index file 621 has a configuration in which usage condition information is added to an AV index file of Mobile Quick Time.

The sequence page 622 includes a message authentication code (MAC: Message) as a falsification verification value of the usage rule information corresponding to the content described above with reference to FIG.
This is table data in which a MAC #n as an authentication code) and a subkey Ksubn applied to the generation of the content key Kc are stored for each of the contents 0-n.

It should be noted that the content key Kc applied to the content encryption / decryption processing and the encrypted content file 6
The relationship between the main key Kcm stored in 02 and the subkey Ksub stored in the sequence page 621 is Kc = Kcm XOR Ksub. That is, the main key Kcm and the sub key Ks
The content key Kc is calculated by exclusive logical wheel operation with u.

In step S21 shown in FIG. 19, the portable device (PD) applies the hardware-compatible device node key (HDNK) 612 to execute the decryption processing of the hardware-compatible EKB (H) 611, and H)
From 611, a root key Kroot 'set corresponding to the hardware-compatible category tree is obtained. The processing of EKB to which DNK is applied is in accordance with the method described above with reference to FIG.

Next, in step S22, the EKB
Using the root key KRoot 'extracted from (H), the encrypted data E (Kro
ot ′, SDNK), and obtains a device node key (SDNK) to be applied to the process (decryption) of the service-compatible EKB [EKB (S)].

Next, in step S23, the device node key (SDNK) extracted from the service data
To execute (decrypt) the service-compatible EKB [EKB (S)] stored in the encrypted content file 602, and use the service-compatible category tree stored in the service-compatible EKB [EKB (S)]. To obtain the root key Kroot set corresponding to.

Next, in step S24, the encrypted content file 602 is used using the root key Kroot extracted from the service-compatible EKB [EKB (S)].
Data E (Kroot, CID +
Kcm) and decrypts the content ID (CI
D) and a main key (Kcm).

Next, in step S25, the content ID extracted from the encrypted content file 602
(CID) matching (collation) processing of the content ID stored in the use condition information in the AV index file 621, that is, the use condition information corresponding to the content exists and the use is permitted in the use condition information. A determination process is performed as to whether or not the operation is performed. When it is confirmed by the matching process that the content can be used, in step S26, the main key (Kcm) extracted from the encrypted content file 602 and
Sequence page 622 recorded in lead-in area
The content key Kc is generated by performing an exclusive OR operation with the subkey Ksub acquired from the subkey Ksub.

Next, in step S27, the content key Kc is applied to the AV index file 62
1 is calculated, and the MA recorded in the sequence page 622 recorded in the lead-in area is calculated.
MAC verification is performed by collation processing with C. If the collation is unsuccessful, the processing of the next step is stopped as an error.

In step S28, the encrypted content E (Kc, Content) stored in the encrypted content file 602 is decrypted by applying the content key Kc on condition that the MAC collation is established. Perform playback.

[0177] As described above, in the use of content in a portable device, the sub key Ksub corresponding to the content is set, and the MAC based on the usage condition information is set.
And a sequence page is configured and stored, and the content key Kc is obtained by an operation using the subkey Ksub and the main key Kcm. The subkey Ksub and the main key K
The content is decrypted by the content key Kc generated by the calculation using cm.

Next, the content use (reproduction) process in the portable device will be described with reference to the flow shown in FIG. In step S201, the portable device (PD) applies a hardware-compatible device node key (HDNK) to execute decoding processing of the hardware-compatible EKB (H), and converts the EKB (H) into a hardware-compatible category tree. Root key Kloo correspondingly set
Obtain t '.

Next, in step S202, it is determined whether or not service data corresponding to the content to be reproduced is stored in the PD.
203). The service data is as shown in FIG.
A service-compatible device node key (SDNK) required for decrypting the service-compatible EKB [EKB (S)] is set to a root key K set in correspondence with the hardware-compatible category tree.
data E (Kroot
t ′, SDNK).

In step S204, EKB (H)
The encrypted data E (Kroot ', SDN) in the service data using the root key KRoot'
K), and executes the service-compatible EKB [EKB
(S)], a device node key (SDNK) to be applied to the process (decryption) is obtained.

Next, in step S205, the device node key (SDN) extracted from the service data
Using K), process (decrypt) the service-compatible EKB [EKB (S)] stored in the encrypted content file
And obtains a root key Kroot set corresponding to the service category tree stored in the service corresponding EKB [EKB (S)].

Next, in step S206, using the root key Kroot extracted from the service-compatible EKB [EKB (S)], the encrypted data E (Kroot, CID + Kc) stored in the encrypted content file is used.
m) decryption processing, and the content ID (CID)
Then, the main key (Kcm) is obtained.

Next, in step S207, the content ID (C
ID) and a content ID stored in the usage rule information in the AV index file. That is, a determination process is performed to determine whether use condition information corresponding to the content exists and whether use is permitted in the use condition information. If the matching is not established, the next step is not executed and an error is terminated.

If the matching is established, step S20
In step 8, the sub key Ksub corresponding to the content to be used is extracted from the lead-in area of the medium,
In step S209, the content key Kc is generated by performing an exclusive OR operation on the main key (Kcm) extracted from the encrypted content file and the subkey Ksub obtained from the sequence page recorded in the lead-in area.

Next, in step S209, the MAC of the usage condition information of the AV index file is calculated by applying the content key Kc, and the MAC is compared with the MAC recorded in the sequence page recorded in the lead-in area. Perform MAC verification. If the collation is unsuccessful, the processing of the next step is stopped as an error.

If the MAC verification is successful, step S21
2, the content key Kc is applied, and the encrypted content E (K
c, Content) to reproduce the content.

As described above, in the portable device, the use condition information stored in the AV index file is applied, and it is confirmed by MAC verification that the contents use condition is not falsified. Since the content is decrypted by applying the content key that can be generated by the main key of the content file, the content can be properly used only by a valid device based on the valid use condition information.

(Self-Recording Processing) Next, processing for recording contents in a portable device or the like will be described with reference to FIGS. 21 and 22.

FIG. 21 is a view for explaining a sequence when the portable device 701 records contents on a medium 702 such as a disk by itself.

The portable device 701 is a hardware-compatible EKB provided via a hardware-compatible category tree.
(EKB (H)) 703 and hardware-compatible EKB (EKB
(H)) A device node key (HDNK) 702 applied to the process 703 (decryption process) is provided.

Further, it has self-recording service data 704 provided by a service provider that manages a service that allows self-recording. Self-recording service data 7
Reference numeral 04 denotes a leaf ID as a leaf identifier, a version of an EKB to be applied, and a service-compatible device node key (SDNK) necessary for decrypting the service-compatible EKB [EKBc (S)], similarly to the above-described service data.
Data E (Kro) encrypted with the root key Kroot 'set corresponding to the hardware-compatible category tree
ot ′, SDNK). Here,
The EKB corresponding to the self-recording service is EKBc (S).

The portable device 701 further includes a self-recording use condition 705, a self-recording EKB [EKBc
(S)] 706. The self-recording usage condition 705 is
Conditions for self-recording of content, for example, allowed period,
Conditions such as the number of recordings are set, and are the same as the use conditions described above with reference to FIG.

EKB for self-recording [EKBc (S)] 706
Is an EKB that stores a root key Kroot corresponding to a service category tree having a service provider that provides a content self-recording service as a top node.

The sequence of the content self-recording process in the portable device will be described. First,
First, in step S31, the portable device (PD) 701 stores the self-recording EK in the header area of the encrypted content file 711 corresponding to the self-recorded content.
B [EKBc (S)] 706 is copied and stored. Further, the use condition for self-recording is copied to the AV index file 712 as index data corresponding to the content (S32), and the leaf ID of the self-recording service data 704 is further copied (S33). Further, the self-recording service data is stored in a medium
Is stored (S34). Note that the encrypted content file 711 and the AV index file 712 are also stored in the medium 702 that records the content.

Next, in step S35, the portable device 701 applies the hardware compatible device node key (HDNK) 702 to the hardware compatible EKB.
The decoding process of (H) 703 is executed, and EKB (H) 703 is executed.
, A root key Kroot 'set corresponding to the hardware-compatible category tree is obtained. The processing of EKB to which DNK is applied is in accordance with the method described above with reference to FIG.

Next, in step S36, the EKB
Using the root key Kroot 'extracted from (H), the encrypted data E in the self-recording service data 704 is used.
(KRoot ', SDNK) decryption processing to acquire a device node key (SDNK) to be applied to the processing (decryption) of the self-recording service-compatible EKB [EKBc (S)].

Next, in step S37, the encrypted content file 7 is created using the device node key (SDNK) extracted from the self-recording service data 704.
EKB for self-recording service copied and stored in 11
Executes the process (decryption) of [EKBc (S)] and obtains a root key Kroot set corresponding to the self-recording service-compatible category tree stored in the self-recording service-compatible EKB [EKBc (S)]. I do.

Next, in step S38, using the root key Kroot extracted from the self-recording service compatible EKB [EKBc (S)], the content identifier as the content identifier corresponding to the content to be stored in the encrypted content file 711 is determined. The content ID (CID) and the main key Kcm are encrypted to generate encrypted data E (Klood).
(t, CUID, Kcm) is generated and stored in the encrypted content file 711. Note that this main key K
cm is obtained by an exclusive OR operation with the subkey Ksub.
A key applied when generating the content key Kc,
Generate based on random numbers.

Next, the main key Kc generated from the random number
The content key Kc is generated (S39) by performing an exclusive OR operation of m and the subkey Ksub, and the content is encrypted by applying the generated content key Kc (S39).
40) and store it in the encrypted content file 711.

Further, the sub-key Ksub generated for the content and the MAC based on the usage condition information are associated with each other, and the sequence page 713 is written into the lead-in area of the medium 702 (S41).

As described above, in the content self-recording on the portable device, the sub key Ksub corresponding to the content is generated and the
A sequence page is constructed and stored together with the AC. In content reproduction, it is necessary to generate a content key Kc by calculation using the sub key Ksub and the main key Kcm. Therefore, reproduction can be performed only on a device having a valid subkey Ksub in the sequence page.

FIG. 22 shows a processing flow of a content self-recording processing procedure in the portable device. The core steps of the processing flow will be described.

In step S301, the self-recording EKB [EKBc (S)] is copied and stored in the header area of the encrypted content file corresponding to the self-recording content. In step S302, the self-recording use condition information is stored in the AV index file. Is copied and stored in step S303.
Copy and store D.

Next, in step S304, a hardware-compatible EKB (H) is decrypted by applying a hardware-compatible device node key (HDNK), and the EKB is decoded.
From (H), a root key Kroot 'set corresponding to the hardware-compatible category tree is obtained. Further, in step S305, the self-recording service data is copied and stored in a medium for recording contents.

Next, in step S306, the root key Kr extracted from the hardware-compatible EKB (H) by applying the hardware-compatible device node key (HDNK).
The decryption process of the encrypted data E (Kroot ', SDNK) in the self-recording service data is performed by using "oot'", and the decryption process is applied to the process (decryption) of the self-recording service-compatible EKB [EKBc (S)]. Device node key (SDN
K).

Next, in step S307, using the device node key (SDNK) extracted from the self-recording service data, the self-recording service-compatible EKB [EKBc] copied and stored in the encrypted content file.
(S)] to obtain a root key Kroot set corresponding to the self-recording service-compatible category tree stored in the self-recording service-compatible EKB [EKBc (S)].

Next, in step S308, a main key Kcm and a sub key Ksub are generated based on the random numbers, and in step S309, a content key Kc is generated by performing an exclusive OR operation with the main key Kcm and the sub key Ksub.

Next, in step S310, the main key Kcm and the content identifier (CID) are encrypted with the root key Kroot and stored in the encrypted content file. Further, in step S311, the content is encrypted by applying the generated content key Kc and stored in the encrypted content file.

[0209] Further, in step S312, the sub-key Ksub generated for the content and the MAC based on the usage condition information are associated with each other to execute a process of writing the sequence page in the lead-in area of the medium, thereby recording the content in self-recording. To end.

As described above, in the content self-recording on the portable device, the encrypted content file and the AV index file for the medium, and the MAC based on the usage condition data of the AV index file and the like for the lead-in area are used. , Subkey Ks
ub is executed, and the validity of the use conditions is verified by the MAC in the use of the self-recorded content, and the content key K using the sub key Ksub is used.
The generation process of c is indispensable, and the use of the content according to the use condition is realized in a device having a valid use right.

(Content Import Processing) Next, the copy processing of the self-recorded contents from the portable device (PD) to the PC, that is, the import processing will be described.

FIG. 23 is a diagram for explaining an outline of the content import processing and data to be moved (copied) from the portable device (PD) to the PC.

In the import processing, the encrypted content data E (Kc, Content) 811 encrypted with the content key Kc is copied from the portable device (PD) 810 to the PC 820, and further, as the secure information 812. , KRoot, and the key information E (Kroot, Kc) 814 obtained by encrypting the content key Kc with Kroot, and furthermore, use condition information in the AV index file generated in the self-recording process described above. 815
Is copied.

As shown in the figure, the data storage configuration in the PC 820 is a configuration having a content 821 and secure information 822 for the content. In the import processing, conversion according to the data storage configuration or necessary information is performed. Needs to be performed.

[0215] The PC 820 transmits the encrypted content data E (Kc, Conte) encrypted with the content key Kc.
nt) 821, and EKB 8 storing Kroot as secure information 822 corresponding to the stored content.
23, key information E (Kroot, Kc) 824 obtained by encrypting the content key Kc with Kroot, attribute information 825 corresponding to use condition information, and a public key certificate 82
6. It has a configuration having a signature 827.

In the copying process of the self-recorded content from the portable device (PD) to the PC, that is, the import process, the processes (1) to (5) shown in FIG. 23 are executed.

(1) The encrypted content data E (K
c, Content). (2)
EKB storing Kroot and key information E (Kroot, Kc) obtained by encrypting content key Kc with Kroot
Is a copy process.

(3) MAC verification processing executed as falsification verification processing of the usage condition information in the AV index file in the PD. (4) is M in (3)
This is a conversion and copy process of the usage condition information in the AV index file, which is executed on condition that the result of the AC verification is no alteration. In the PC, the usage condition of the content is held as content attribute information.
After converting the usage condition information of the AV index file into the format of the attribute information in the PC, it is copied to the PC. (5) is a process for generating and adding a public key certificate 826 and a digital signature 827 as data to be stored as secure information corresponding to the content of the PC.

As shown in FIG. 23, when contents are transferred between a portable device (PD) having a different data storage configuration and a PC, processes such as conversion and data addition are executed in accordance with the respective data storage configurations. The usage condition information is copied after confirming that there is no data tampering.

FIG. 24 is a flowchart illustrating the procedure of the import process. The processing of each step shown in the flowchart will be described.

First, in step S401, the encrypted content data E (Kc, Content) is copied from the portable device (PD) to the PC. Next, in step S402, the EKB storing the Kroot
And the key information E (Kroot, Kc) obtained by encrypting the content key Kc with Kroot and the portable device (P
Copy from D) to PC.

Next, in step S403, the MAC is calculated based on the use condition information in the AV index file in the PD, and is compared with the stored MAC of the sequence page stored in the lead-in area sequence page. Then, falsification verification of the usage condition information is performed. M
If the ACs match, it is determined that there is no tampering, and step S405
Proceed to. If the MACs do not match, it is determined that there is tampering, and the processing ends with an error.

In step S405, it is determined whether or not the import processing permission flag in the usage condition information indicates that processing is permitted. As shown in FIG. 14, import (impo) is used in the usage condition information in the AV index file.
rt), the import process is executed only when there is bit information indicating that import is possible, and when there is information indicating that import is not possible, the import process is not executed and the process ends with an error.

[0224] In step S406, conversion and copy processing of the usage condition information in the AV index file are executed. In the PC, the usage rule of the content is held as content attribute information. The usage rule information of the AV index file is converted into the format of the attribute information in the PC, and then copied to the PC. Step S
Reference numeral 407 denotes processing for storing a public key certificate as data to be stored as secure information corresponding to the content of the PC. Step S408 is processing for generating and adding an electronic signature to the information stored in the secure information.

As described above, in the content import processing, processing such as conversion and data addition are executed in accordance with each data storage configuration, and the usage condition information is copied after confirming that there is no data tampering. I do.

The present invention has been described in detail with reference to the specific embodiments. However, it is obvious that those skilled in the art can modify or substitute the embodiment without departing from the spirit of the present invention. That is, the present invention has been disclosed by way of example, and should not be construed as limiting. In order to determine the gist of the present invention, the claims described at the beginning should be considered.

The series of processes described in the specification can be executed by hardware, software, or a combination of both. When processing by software is performed, the program recording the processing sequence is installed in a memory in a computer built in dedicated hardware and executed, or the program is stored in a general-purpose computer capable of executing various processing. It can be installed and run.

For example, the program can be recorded in a hard disk or a ROM (Read Only Memory) as a storage medium in advance. Alternatively, the program is a flexible disk, CD-ROM (Compact Disc Read Only)
Memory), MO (Magneto optical) disk, DVD (Dig
It can be temporarily or permanently stored (recorded) in a removable recording medium such as an ital Versatile Disc, a magnetic disk, or a semiconductor memory. Such a removable recording medium can be provided as so-called package software.

The program can be installed in the computer from the above-described removable recording medium, or can be wirelessly transferred from a download site to the computer, or connected to the computer via a network such as a LAN (Local Area Network) or the Internet. The computer can receive the transferred program and install it on a storage medium such as a built-in hard disk.

[0230] The various processes described in the specification are as follows.
It may be executed not only in chronological order according to the description, but also in parallel or individually according to the processing capability of the device that executes the process or as necessary.

[0231]

As described above, according to the configuration of the present invention, the decoding process of a plurality of different enabling key blocks (EKB) provided by applying the enabling key block (EKB) distribution tree structure. And a second activation key block (EKB) based on the key obtained by the decryption process.
Is obtained, and the content key Kc to be applied to the content decryption is obtained by the second EKB decryption process using the second EKB decryption key. Can be determined based on the possibility of each EKB decryption process.

Further, according to the configuration of the present invention, the activation key block (EKB) distributed corresponding to the hardware-compatible category tree and the activation key block distributed corresponding to the service-compatible category tree Block (EK
Since the process of obtaining the content key Kc applied to the content decryption is executed by the multi-stage EKB process with B), the content can be used based on the determination of the validity of the hardware and the service use authority.

Further, according to the structure of the present invention, the content key Kc is obtained by performing an exclusive OR operation of the sub key Ksub set corresponding to the content and the main key Kcm.
, The content is used after reliably determining the validity of the device and the service receiving authority even when the content is moved or copied to a portable device or the like. .

Further, according to the structure of the present invention, the second EKB decryption processing key is acquired based on the acquisition key obtained by the first activation key block (EKB) decryption processing, and the second EKB decryption key is acquired.
With the final acquisition key acquired by the second EKB decryption process to which the EKB decryption key is applied, the content key generation key required to acquire the content key Kc to be applied to the content encryption process is encrypted. Configuration, so that self-recorded content
It is possible to determine the content use authority based on different categories based on the possibility of each EKB decryption process.

[Brief description of the drawings]

FIG. 1 is a diagram showing an outline of a content providing system to which the present invention is applied.

FIG. 2 is a diagram illustrating a configuration example of a personal computer (PC) capable of using content to which the present invention is applied.

FIG. 3 is a diagram illustrating a configuration example of a portable device (PD) capable of using content to which the present invention is applied.

FIG. 4 is a tree configuration diagram illustrating various keys and data encryption processing and distribution processing.

FIG. 5 is a diagram showing an example of an enabling key block (EKB) used for distribution of various keys and data.

FIG. 6 shows a content key activation key block (EK
It is a figure which shows the distribution example using B), and the example of a decoding process.

FIG. 7 is a diagram showing a format example of an enabling key block (EKB).

FIG. 8 is a diagram illustrating a configuration of a tag of an enabling key block (EKB).

FIG. 9 is a diagram illustrating category division in a tree configuration.

FIG. 10 is a diagram illustrating category division in a tree configuration.

FIG. 11 is a diagram illustrating a specific example of category division in a tree configuration.

FIG. 12 is a diagram illustrating an example of content decryption and use processing using a plurality of activation key blocks (EKB).

FIG. 13 is a diagram illustrating a configuration example of an AV index file.

FIG. 14 is a diagram illustrating a configuration example of use condition information.

FIG. 15 is a diagram illustrating a configuration of a MAC generation process.

FIG. 16 is a diagram illustrating a content copy process from a PC to a portable device (PD).

FIG. 17 is a flowchart illustrating a content copy process from a PC to a portable device (PD).

FIG. 18 is a sequence diagram illustrating a session key sharing process.

FIG. 19 is a diagram illustrating an example of content decryption and use processing using a subkey and a plurality of activation key blocks (EKB) in a portable device.

FIG. 20 is a flowchart illustrating an example of content decryption and use processing using a sub key and a plurality of activation key blocks (EKB) in a portable device.

FIG. 21 is a diagram illustrating an example of a content self-recording process using a subkey in a portable device.

FIG. 22 is a flowchart illustrating an example of content self-recording processing using a subkey in a portable device.

FIG. 23 is a diagram illustrating a content import process from a portable device to a PC.

FIG. 24 is a flowchart illustrating a content import process from a portable device to a PC.

[Explanation of symbols]

11 Content Provider 12 Service Provider 13 Key Management Center 30 User device 31 PC 32 Portable device (PD) 51 Encrypted content 52 Usage right information 53 Service Data 101 CPU (Central processing Unit) 102 ROM (Read-Only-Memory) 103 RAM (Random Access Memory) 104 Host bus 104 105 bridge 106 External bus 107 Interface 108 keyboard 109 pointing device 110 display 111 HDD (Hard Disk Drive) 112 drive 114 PD (Portable Device) Connection Port 115 Voice input / output interface 116 communication unit 121 Removable recording medium 122 Portable Device 152 power supply circuit 153 CPU 154 RAM 155 ROM 157 I / O I / F 159 DSP 160 Storage media controller or drive 161 Storage media 162 Operation key controller 163 D / A converter 164 amplifier circuit 165 output section 166 LCD controller 167 Display 171 Input I / F 172 PC 201 version 202 depth 203 Data pointer 204 tag pointer 205 Signature Pointer 206 Data Division 207 Tag section 208 Signature 301 root key 302 node key 303 leaf key 304 Category Node 350 root node 351 T system node 352 T service node 353 T Hardnode 354 service provider node 355 leaf 401 Service data 402 Encrypted content file 403 Usage right information 411 EKB (H) 412 HDNK 421 AV index file 422 header information 423 Index file information 424 AV file 425 Usage condition information 451 leaf ID 452 Content ID 453 Usage condition information 454 Usage status information 455 MAC 501 PC 502 Portable Device (PD) 511 Encrypted content file 512 AV index file 513 Service data 514 sequence page 601 Service data 602 Encrypted content file 611 EKB (H) 612 HDNK 621 AV index file 622 sequence page 701 Portable Device 702 DNK (HDNK) 703 EKB (H) 704 Self-recording service data 705 Terms and conditions for self-recording 706 EKB for self-recording 711 Encrypted content file 712 AV index file 713 sequence page 810 Portable device (PD) 811 Encrypted content 812 Secure information 813 EKB 814 Key information 815 AV index file 820 PC 821 Encrypted content 822 Secure information 823 EKB 824 key information 825 Attribute information 826 Public Key Certificate 827 Signature

   ────────────────────────────────────────────────── ─── Continuation of front page    (72) Inventor Toshiya Ishizaka             6-7-35 Kita Shinagawa, Shinagawa-ku, Tokyo Soni             ー Inc. (72) Inventor Mitsuhiro Hirabayashi             6-7-35 Kita Shinagawa, Shinagawa-ku, Tokyo Soni             ー Inc. F term (reference) 5B017 AA06 BA07 BB10 CA15                 5J104 AA12 AA16 EA01 EA04 EA18                       JA03 JA13 MA05 NA02 NA03                       NA27

Claims (30)

[Claims] 1. An information processing apparatus for performing a decryption process of an encrypted content, wherein the content encryption processing key is provided by an activation key block (EKB) process provided by applying an activation key block (EKB) distribution tree configuration. And a control unit for executing a content key Kc acquisition as a first key block (EKB). The control unit has a configuration for executing a decoding process of a plurality of different activation key blocks (EKB). A) obtaining a second EKB decryption key based on the key obtained by the decryption process, and applying the second EKB decryption key to the second EKB decryption key;
An information processing apparatus having a configuration for executing a process of acquiring a content key Kc to be applied to content decryption by a multi-stage EKB process that executes the EKB decryption process. 2. The method according to claim 1, wherein the control unit applies a first acquisition key acquired by executing a decryption process of a first activation key block (EKB1) corresponding to a first category by applying a first device node key. To obtain a second device node key to be applied to the decryption processing of the second activation key block (EKB2) corresponding to the second category,
The content key Kc is acquired based on a second acquisition key acquired by decrypting the second validation key block (EKB2) by applying the second device node key. The information processing device according to claim 1. 3. The first activation key block (EKB).
Is an activation key block (EKB) distributed corresponding to a hardware-compatible category tree, and the second activation key block (EKB) is distributed corresponding to a service-compatible category tree. The information processing apparatus according to claim 1, wherein the information processing apparatus is an activation key block (EKB). 4. The method according to claim 1, wherein the control unit obtains a key Kloo obtained by the second EKB decryption processing.
10. A configuration for executing a process of applying t to execute decryption of data E (Kroot, Kc) obtained by encrypting the content key Kc with the key Kroot to obtain the content key Kc. 2. The information processing device according to 1. 5. The method according to claim 1, wherein the control unit obtains a key Kloo obtained by the second EKB decryption processing.
In accordance with t, the main key Kcm previously set in accordance with the content is decrypted with the data E (Kroot, Kcm) obtained by encrypting the main key Kcm with the first key Kroot, and the main key Kcm is obtained. The set sub key Ksub
2. The information processing apparatus according to claim 1, wherein the content key Kc is obtained by performing an exclusive OR operation with the main key Kcm. 6. The control means according to claim 1, wherein said control means performs a decoding process of a hardware-enabled key block (EKB (H)) corresponding to a category corresponding to hardware.
EKB (H) compatible device node key HDNK is applied to execute the first corresponding to the hardware compatible category
The root key Kroot 'is obtained, and is applied to the decryption processing of the service support enabling key block (EKB (S)) corresponding to the service support category.
The first device node key SDNK corresponding to the KB (S)
Encrypted data E encrypted with root key KRoot '
(Kroot ', SDNK) to the first root key K
Root 'decrypts to obtain an EKB (S) -compatible device node key SDNK, and applies the EKB (S) -compatible device node key SDNK to apply a service-compatible activation key block (EKB) corresponding to a service-compatible category. (S)) to obtain the second root key Kroot corresponding to the category corresponding to the service, and to obtain the content key Kc based on the second root key Kroot corresponding to the category corresponding to the service. The information processing apparatus according to claim 1, wherein the information processing apparatus is configured to execute: 7. The control unit executes the decryption of data E (Kroot, Kc) obtained by encrypting the content key Kc with the second root key Kroot by applying the second root key Kroot. The information processing apparatus according to claim 6, wherein the information processing apparatus is configured to execute a process of acquiring Kc. 8. The control means applies the second root key Kroot, and sets a main key Kcm set in advance in accordance with the content to the second root key Kroot.
Data E (KRoot) encrypted with the root key KRoot
t, Kcm) to obtain a main key Kcm, and a sub-key Ksub set in advance corresponding to the content.
7. The information processing apparatus according to claim 6, wherein the content key Kc is obtained by performing an exclusive OR operation with the main key Kcm. 9. An information processing apparatus for executing a recording process of an encrypted content, wherein the control unit executes an enabling key block (EKB) process provided by applying an enabling key block (EKB) distribution tree configuration. The control means has a configuration for executing a decoding process of a plurality of different activation key blocks (EKB), and a second unit based on an acquisition key obtained by the first activation key block (EKB) decoding process. Of the second EKB decryption key obtained by applying the second EKB decryption key.
By the final acquisition key acquired by the EKB decryption processing of
An information processing apparatus having a configuration for executing encryption of a content key generation key necessary for obtaining a content key Kc applied to content encryption processing. 10. The control unit applies a first acquisition key acquired by executing a decryption process of a first activation key block (EKB1) corresponding to a first category by applying a first device node key. To obtain a second device node key to be applied to the decryption processing of the second activation key block (EKB2) corresponding to the second category,
A second acquisition key acquired by decrypting the second activation key block (EKB2) by applying the second device node key is set as a final acquisition key, and the content to be applied to the content encryption process is determined by the final acquisition key. Key K
The information processing apparatus according to claim 9, wherein the information processing apparatus has a configuration for encrypting a content key generation key required for obtaining c. 11. The first activation key block (EK)
B) is an activation key block (EKB) distributed corresponding to a hardware-compatible category tree, and the second activation key block (EKB) is distributed corresponding to a service-compatible category tree. The information processing apparatus according to claim 9, wherein the activation key block (EKB) is used. 12. The control means includes: a main key Kcm corresponding to a content; and a sub-key Ksu, as two content key generation keys capable of generating a content key Kc by an exclusive OR operation.
b to generate the encrypted data E (Kroot, Kcm) by executing the encryption of the main key Kcm with the finally obtained key Kroot obtained by the second EKB decryption process. The information processing apparatus according to claim 9, wherein: 13. The control means according to claim 1, further comprising: decoding a hardware-enabled key block (EKB (H)) corresponding to a hardware-enabled category.
EKB (H) compatible device node key HDNK is applied to execute the first corresponding to the hardware compatible category
The root key Kroot 'is obtained, and is applied to the decryption processing of the service support enabling key block (EKB (S)) corresponding to the service support category.
The first device node key SDNK corresponding to the KB (S)
Encrypted data E encrypted with root key KRoot '
(Kroot ', SDNK) to the first root key K
Root 'decrypts to obtain an EKB (S) -compatible device node key SDNK, and applies the EKB (S) -compatible device node key SDNK to apply a service-compatible activation key block (EKB) corresponding to a service-compatible category. (S)) to obtain the second root key Kroot corresponding to the category corresponding to the service, and to obtain the content key Kc based on the second root key Kroot corresponding to the category corresponding to the service. The information processing apparatus according to claim 9, wherein the information processing apparatus has a configuration for encrypting a necessary content key generation key. 14. The control means includes: a main key Kcm corresponding to a content; and a sub-key Ksu, as two content key generation keys capable of generating a content key Kc by an exclusive OR operation.
b to generate the encrypted data E (Kroot, Kcm) by executing the encryption of the main key Kcm with the finally obtained key Kroot obtained by the second EKB decryption process. The information processing apparatus according to claim 13, wherein: 15. An information processing method for executing a decryption process of an encrypted content, wherein the content encryption key is obtained by an activation key block (EKB) process provided by applying an activation key block (EKB) distribution tree configuration. A data processing step of executing a content key Kc acquisition as a first step, wherein the data processing step executes a decoding process of a plurality of different enabling key blocks (EKB), and decodes a first enabling key block (EKB). A second EKB decryption processing key is acquired based on the acquisition key obtained by the processing, and the second EKB decryption processing key is applied to the second EKB decryption key.
An information processing method including a step of executing a process of acquiring a content key Kc to be applied to content decryption by a multi-stage EKB process of executing the EKB decryption process. 16. The data processing step comprises: applying a first device node key to execute a decryption process of a first activation key block (EKB1) corresponding to a first category to acquire a first acquisition key. Acquiring a second device node key to be applied to a decryption process of a second activation key block (EKB2) corresponding to the second category;
Applying the second device node key and executing a content key Kc acquisition process based on a second acquisition key acquired by decrypting the second activation key block (EKB2). The information processing method according to claim 15. 17. The first activation key block (EK)
B) is an activation key block (EKB) distributed corresponding to a hardware-compatible category tree, and the second activation key block (EKB) is distributed corresponding to a service-compatible category tree. 16. An activation key block (EKB) to be used.
An information processing method according to claim 1. 18. The method according to claim 18, wherein the data processing step includes: obtaining a key Kloo obtained by the second EKB decryption processing.
The method according to claim 1, further comprising the step of: executing a process of obtaining the content key Kc by applying t to decrypt the data E (Kroot, Kc) obtained by encrypting the content key Kc with the key Kroot. 16. The information processing method according to item 15. 19. The information processing method further comprises: a key Kloo obtained by the second EKB decryption processing.
t, decrypting data E (Kroot, Kcm) obtained by encrypting the main key Kcm set in advance for the content with the first key Kroot to obtain the main key Kcm; Subkey Ksub set
The information processing method according to claim 15, further comprising: executing a process of obtaining a content key Kc by an exclusive OR operation with the main key Kcm. 20. The data processing step comprises the steps of: decoding a hardware-enabled key block (EKB (H)) corresponding to a hardware-enabled category;
EKB (H) compatible device node key HDNK is applied to execute the first corresponding to the hardware compatible category
A step of obtaining a root key Kroot ', and a step of applying E to the decryption processing of the service support enabling key block (EKB (S)) corresponding to the service support category.
The first device node key SDNK corresponding to the KB (S)
Encrypted data E encrypted with root key KRoot '
(Kroot ', SDNK) to the first root key K
a step of obtaining an EKB (S) -compatible device node key SDNK by decrypting with the root ', and applying the EKB (S) -compatible device node key SDNK to a service-compatible activation key block corresponding to a service-compatible category (EKB (S)) decryption processing to obtain a second root key Kroot corresponding to the service corresponding category; and a content key based on the second root key Kroot corresponding to the service corresponding category. The method according to claim 15, further comprising: performing a process of acquiring Kc. 21. The information processing method further includes applying the second root key Kroot to decrypt data E (Kroot, Kc) obtained by encrypting the content key Kc with the second root key Kroot. 21. The information processing method according to claim 20, further comprising the step of: executing a process of acquiring a content key Kc by performing the process. 22. The information processing method, further comprising applying the second root key Kroot to a main key Kcm set in advance in accordance with the content.
Data E (KRoot) encrypted with the root key KRoot
(t, Kcm) decryption to obtain a main key Kcm; and a sub-key Ksub set in advance corresponding to the content.
21. The information processing method according to claim 20, further comprising a step of obtaining a content key Kc by performing an exclusive OR operation with the main key Kcm. 23. An information processing method for executing a recording process of an encrypted content, wherein the data process executes an enabling key block (EKB) process provided by applying an enabling key block (EKB) distribution tree configuration. The data processing step includes performing a decoding process for a plurality of different enabling key blocks (EKB), and performing a second EKB based on a key obtained by the first enabling key block (EKB) decoding process. Obtaining the decryption processing key and applying the second EKB decryption processing key to the second
By the final acquisition key acquired by the EKB decryption processing of
An information processing method, comprising the step of: encrypting a content key generation key required for obtaining a content key Kc to be applied to content encryption processing. 24. The data processing step, comprising: applying a first device node key to execute a decryption process of a first activation key block (EKB1) corresponding to a first category to acquire a first acquisition key. Acquiring a second device node key to be applied to a decryption process of a second activation key block (EKB2) corresponding to the second category;
A second acquisition key acquired by decrypting the second activation key block (EKB2) by applying the second device node key is set as a final acquisition key, and the content to be applied to the content encryption process is determined by the final acquisition key. Key K
3. The method according to claim 2, further comprising the step of: encrypting a key for generating a content key required for obtaining c.
3. The information processing method according to 3. 25. The first activation key block (EK)
B) is an activation key block (EKB) distributed corresponding to a hardware-compatible category tree, and the second activation key block (EKB) is distributed corresponding to a service-compatible category tree. 24. The activation key block (EKB) to be used.
An information processing method according to claim 1. 26. The information processing method further comprises a main key Kcm and a sub-key Ksu corresponding to the content as two content key generation keys that enable the content key Kc to be generated by an exclusive OR operation.
b) generating the respective keys b), and performing encryption of the main key Kcm with the finally obtained key Kroot obtained by the second EKB decryption processing to generate encrypted data E (Kroot, Kcm). The information processing method according to claim 23, comprising: 27. The data processing step comprises the steps of: decoding a hardware-enabled key block (EKB (H)) corresponding to a hardware-enabled category;
EKB (H) compatible device node key HDNK is applied to execute the first corresponding to the hardware compatible category
A step of obtaining a root key Kroot ', and a step of applying E to the decryption processing of the service support enabling key block (EKB (S)) corresponding to the service support category.
The first device node key SDNK corresponding to the KB (S)
Encrypted data E encrypted with root key KRoot '
(Kroot ', SDNK) to the first root key K
a step of obtaining an EKB (S) -compatible device node key SDNK by decrypting with the root ', and applying the EKB (S) -compatible device node key SDNK to a service-compatible activation key block corresponding to a service-compatible category (EKB (S)) decryption processing to obtain a second root key Kroot corresponding to the service corresponding category; and a content key based on the second root key Kroot corresponding to the service corresponding category. 24. The information processing method according to claim 23, further comprising: encrypting a content key generation key required for obtaining Kc. 28. The information processing method further comprises a main key Kcm and a sub key Ksu corresponding to the content as two content key generation keys that enable the content key Kc to be generated by an exclusive OR operation.
b) generating the respective keys b), and performing encryption of the main key Kcm with the finally obtained key Kroot obtained by the second EKB decryption processing to generate encrypted data E (Kroot, Kcm). 28. The information processing method according to claim 27, comprising: 29. A computer program for executing a process of decrypting encrypted content, wherein the content is encrypted by an enabling key block (EKB) process provided by applying an enabling key block (EKB) distribution tree configuration. A data processing step of acquiring a content key Kc as a key, wherein the data processing step executes a decryption process of a plurality of different activation key blocks (EKB), and a first activation key block (EKB) A second EKB decryption key is obtained based on the key obtained by the decryption process, and the second EKB decryption key is applied to the second EKB decryption key.
A step of executing a process of obtaining a content key Kc to be applied to content decryption by a multi-stage EKB process of executing the EKB decryption process. 30. A computer program for executing a recording process of an encrypted content, the data being for executing an enabling key block (EKB) process provided by applying an enabling key block (EKB) distribution tree configuration. Processing step, wherein the data processing step executes a decoding process of a plurality of different enabling key blocks (EKB), and performs a second Acquiring the EKB decryption key and applying the second EKB decryption key to the second
By the final acquisition key acquired by the EKB decryption processing of
A computer program including a step of executing encryption of a content key generation key required for obtaining a content key Kc applied to content encryption processing.