JP2004112038A5 - - Google Patents

Download PDF

Info

Publication number
JP2004112038A5
JP2004112038A5 JP2002268265A JP2002268265A JP2004112038A5 JP 2004112038 A5 JP2004112038 A5 JP 2004112038A5 JP 2002268265 A JP2002268265 A JP 2002268265A JP 2002268265 A JP2002268265 A JP 2002268265A JP 2004112038 A5 JP2004112038 A5 JP 2004112038A5
Authority
JP
Japan
Prior art keywords
key
management information
data management
media
recording medium
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
JP2002268265A
Other languages
Japanese (ja)
Other versions
JP2004112038A (en
JP4068421B2 (en
Filing date
Publication date
Application filed filed Critical
Priority to JP2002268265A priority Critical patent/JP4068421B2/en
Priority claimed from JP2002268265A external-priority patent/JP4068421B2/en
Publication of JP2004112038A publication Critical patent/JP2004112038A/en
Publication of JP2004112038A5 publication Critical patent/JP2004112038A5/ja
Application granted granted Critical
Publication of JP4068421B2 publication Critical patent/JP4068421B2/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Claims (5)

メディア鍵に基づいて暗号化されたデジタルデータが記録される記録媒体に対し、前記メディア鍵を得るためのデータ管理情報を暗号化により作成して前記記録媒体に記録するデータ管理情報暗号化装置であって、
複数の鍵を生成する鍵生成手段と、
前記鍵生成手段に生成された複数の鍵に基づいて、前記メディア鍵を多重に暗号化し、得られたデータ管理情報を前記記録媒体に記録する多重暗号化手段と、
を備えたことを特徴とするデータ管理情報暗号化装置。A data management information encryption device for creating data management information for obtaining the media key by encryption on a recording medium on which digital data encrypted based on the media key is recorded and recording the data on the recording medium There,
Key generation means for generating a plurality of keys;
Based on a plurality of keys generated by the key generation means, multiple encryption means for encrypting the media key and recording the obtained data management information on the recording medium;
A data management information encryption apparatus comprising: メディア鍵に基づいて暗号化されたデジタルデータが記録される記録媒体に対し、
前記メディア鍵を得るための第1乃至第3のデータ管理情報を暗号化により作成して前記記録媒体に記録するデータ管理情報暗号化装置であって、
第1乃至第3鍵及び第1乃至第3鍵インデックスを生成する鍵生成手段と、
固定鍵を生成する固定鍵生成手段と、
前記固定鍵を前記第1鍵に基づいて暗号化し、得られた第1のデータ管理情報を前記第1鍵インデックスと関連付けて前記記録媒体に記録する第1のデータ管理情報記録手段と、
中間鍵を生成する中間鍵生成手段と、
前記中間鍵を前記第2鍵に基づいて暗号化し、得られた暗号化中間鍵を前記固定鍵及び前記第2鍵インデックスに基づいて暗号化し、得られた第2のデータ管理情報を前記第2鍵インデックスと関連付けて前記記録媒体に記録する第2のデータ管理情報記録手段と、
前記メディア鍵を前記第3鍵に基づいて暗号化し、得られた暗号化メディア鍵を中間鍵に基づいて暗号化し、得られた第3のデータ管理情報を前記第3鍵インデックスと関連付けて前記記録媒体に記録する第3のデータ管理情報記録手段と、
を備えたことを特徴とするデータ管理情報暗号化装置。For recording media on which digital data encrypted based on the media key is recorded,
A data management information encryption device for creating first to third data management information for obtaining the media key by encryption and recording the information on the recording medium,
Key generation means for generating first to third keys and first to third key indexes;
A fixed key generation means for generating a fixed key;
First data management information recording means for encrypting the fixed key based on the first key and recording the obtained first data management information in the recording medium in association with the first key index;
Intermediate key generating means for generating an intermediate key;
The intermediate key is encrypted based on the second key, the obtained encrypted intermediate key is encrypted based on the fixed key and the second key index, and the obtained second data management information is stored in the second key. Second data management information recording means for recording on the recording medium in association with a key index;
The media key is encrypted based on the third key, the obtained encrypted media key is encrypted based on the intermediate key, and the obtained third data management information is associated with the third key index in the recording Third data management information recording means for recording on the medium;
A data management information encryption apparatus comprising: メディア鍵に基づいて暗号化されたデジタルデータ、及び前記メディア鍵が複数の鍵に基づいて多重に暗号化されてなるデータ管理情報が記録された記録媒体に対し、
前記記録媒体から記録内容を読出すためのドライブ部と、前記ドライブ部の読出内容に基づいて前記メディア鍵を得るためのホスト部とを備えた復号装置であって、
前記ドライブ部は、
前記複数の鍵のうち、いずれかの鍵が記憶された鍵記憶手段と、
前記記録媒体から読出したデータ管理情報を前記鍵記憶手段内の鍵に基づいて復号し、復号結果を前記ホスト部に伝送する復号手段と、を備えており、
前記ホスト部は、
前記複数の鍵のうち、前記ドライブ部の鍵記憶手段に無い鍵が記憶された残りの鍵記憶手段と、
前記ドライブ部の復号手段から伝送された復号結果を前記残りの鍵記憶手段内の鍵に基づいて復号し、中間鍵を得る中間鍵復号手段と、
前記記録媒体から前記ドライブ部を通して読出した他のデータ管理情報を中間鍵に基づいて復号し、復号結果を前記残りの鍵記憶手段内の更に他の鍵に基づいて復号し、得られたメディア鍵を出力するメディア鍵復号手段と、
を備えたことを特徴とする復号装置。With respect to a recording medium on which digital data encrypted based on a media key and data management information obtained by multiplexing the media key based on a plurality of keys are recorded.
A decryption device comprising a drive unit for reading recorded content from the recording medium, and a host unit for obtaining the media key based on the read content of the drive unit,
The drive unit is
Key storage means in which any one of the plurality of keys is stored;
Decrypting the data management information read from the recording medium based on the key in the key storage unit, and transmitting the decryption result to the host unit, and
The host unit is
Of the plurality of keys, remaining key storage means in which a key that is not in the key storage means of the drive unit is stored;
Intermediate key decryption means for decrypting the decryption result transmitted from the decryption means of the drive unit based on the key in the remaining key storage means, and obtaining an intermediate key;
The other media management information read from the recording medium through the drive unit is decrypted based on the intermediate key, the decryption result is decrypted based on the other key in the remaining key storage means, and the obtained media key Media key decryption means for outputting
A decoding device comprising: メディア鍵に基づいて暗号化されたデジタルデータと、
前記メディア鍵を得るための第1のデータ管理情報(固定鍵が第1鍵に基づいて暗号化された情報)と、
第2のデータ管理情報(中間鍵が第2鍵に基づいて暗号化され、得られた暗号化中間鍵が前記固定鍵及び第2鍵インデックスに基づいて暗号化された情報)と、
第3のデータ管理情報(前記メディア鍵が第3鍵に基づいて暗号化され、得られた暗号化メディア鍵が前記中間鍵に基づいて暗号化された情報)とが記録される記録媒体に対し、
前記記録媒体から記録内容を読出すためのドライブ部と、前記ドライブ部の読出内容に基づいて前記メディア鍵を得るためのホスト部とを備え、前記第1乃至第3鍵及び第1乃至第3鍵インデックスを保持する復号装置であって、
前記ドライブ部は、
予め前記第1鍵及び前記第1鍵インデックスが記憶された第1鍵記憶手段と、
前記記録媒体から読出された第1のデータ管理情報を前記第1鍵記憶手段内の第1鍵に基づいて復号し、前記固定鍵を得る固定鍵復号手段と、
前記ホスト部から伝送された暗号化第2鍵インデックスを復号し、前記第2鍵インデックスを得るインデックス復号手段と、
前記記録媒体から読出された第2のデータ管理情報を前記固定鍵及び前記第2鍵インデックスに基づいて復号し、得られた暗号化中間鍵を前記ホスト部に伝送する中間鍵第1復号手段と、を備えており、
前記ホスト部は、
予め前記第2鍵及び前記第2鍵インデックスと予め前記第3鍵及び前記第3鍵インデックスとが記憶された第2第3鍵記憶手段と、
前記第2第3鍵記憶手段内の第2鍵インデックスを暗号化し、得られた暗号化第2鍵インデックスを前記インデックス復号手段に伝送するインデックス暗号化手段と、
前記中間鍵第1復号手段から伝送された暗号化中間鍵を前記第2第3鍵記憶手段内の第2鍵に基づいて復号し、前記中間鍵を得る中間鍵第2復号手段と、
前記記録媒体から前記ドライブ部を介して読出された第3のデータ管理情報を中間鍵に基づいて復号し、得られた暗号化メディア鍵を前記第2第3鍵記憶手段内の第3鍵に基づいて復号し、得られたメディア鍵を出力するメディア鍵復号手段と、
を備えたことを特徴とする復号装置。Digital data encrypted based on the media key,
First data management information (information obtained by encrypting a fixed key based on the first key) for obtaining the media key;
Second data management information (information obtained by encrypting the intermediate key based on the second key and encrypting the obtained encrypted intermediate key based on the fixed key and the second key index);
For a recording medium on which third data management information (information obtained by encrypting the media key based on the third key and encrypting the obtained encrypted media key based on the intermediate key) is recorded ,
A drive unit for reading recorded content from the recording medium; and a host unit for obtaining the media key based on the read content of the drive unit, the first to third keys and the first to third keys A decryption device that holds a key index,
The drive unit is
First key storage means in which the first key and the first key index are stored in advance;
Fixed key decryption means for decrypting the first data management information read from the recording medium based on the first key in the first key storage means to obtain the fixed key;
Index decrypting means for decrypting the encrypted second key index transmitted from the host unit and obtaining the second key index;
Intermediate key first decryption means for decrypting second data management information read from the recording medium based on the fixed key and the second key index, and transmitting the obtained encrypted intermediate key to the host unit; , And
The host unit is
Second and third key storage means in which the second key and the second key index and the third key and the third key index are stored in advance;
Index encryption means for encrypting the second key index in the second third key storage means and transmitting the obtained encrypted second key index to the index decryption means;
Intermediate key second decryption means for decrypting the encrypted intermediate key transmitted from the intermediate key first decryption means based on the second key in the second third key storage means, and obtaining the intermediate key;
The third data management information read from the recording medium via the drive unit is decrypted based on the intermediate key, and the obtained encrypted media key is used as the third key in the second third key storage means. A media key decrypting means for decrypting based on the result and outputting the obtained media key;
A decoding device comprising: メディア鍵に基づいて暗号化されたデジタルデータ、及び前記メディア鍵が複数の鍵に基づいて多重に暗号化されてなるデータ管理情報が記録された記録媒体に対し、前記データ管理情報に基づいて復号装置による復号を管理するための復号管理方法であって、
前記復号装置の種類毎に、互いに異なる値のデータ管理情報を前記記録媒体に記録する工程と、
前記復号装置毎に、対応するデータ管理情報を復号するための鍵情報を準備する工程と、
排除したい復号装置が生じたとき、前記記録媒体の販売を中止し、当該復号装置に対応するデータ管理情報を別の情報に書換えた新たな記録媒体を製造する工程と、
を備えたことを特徴とする復号管理方法。Decrypt based on the data management information on a recording medium on which the digital data encrypted based on the media key and the data management information obtained by multiplexing the media key based on a plurality of keys are recorded. A decoding management method for managing decoding by a device, comprising:
Recording data management information of different values on the recording medium for each type of the decoding device;
Preparing key information for decrypting corresponding data management information for each decryption device;
When a decoding device to be excluded occurs, the sale of the recording medium is stopped, and a new recording medium in which the data management information corresponding to the decoding device is rewritten with another information,
A decryption management method comprising:
JP2002268265A 2002-09-13 2002-09-13 Data management information encryption device Expired - Fee Related JP4068421B2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2002268265A JP4068421B2 (en) 2002-09-13 2002-09-13 Data management information encryption device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP2002268265A JP4068421B2 (en) 2002-09-13 2002-09-13 Data management information encryption device

Related Child Applications (2)

Application Number Title Priority Date Filing Date
JP2007318869A Division JP2008079349A (en) 2007-12-10 2007-12-10 Method for managing decryption
JP2007318868A Division JP2008079348A (en) 2007-12-10 2007-12-10 Decryption apparatus

Publications (3)

Publication Number Publication Date
JP2004112038A JP2004112038A (en) 2004-04-08
JP2004112038A5 true JP2004112038A5 (en) 2005-09-02
JP4068421B2 JP4068421B2 (en) 2008-03-26

Family

ID=32266528

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2002268265A Expired - Fee Related JP4068421B2 (en) 2002-09-13 2002-09-13 Data management information encryption device

Country Status (1)

Country Link
JP (1) JP4068421B2 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4602702B2 (en) * 2003-06-18 2010-12-22 パナソニック株式会社 Content reproduction apparatus, content reproduction method, and program

Similar Documents

Publication Publication Date Title
JP6040234B2 (en) Storage device, host device and method for protecting content
EP1505594A3 (en) Access control for digital content
BR0202591A (en) Digital artwork protection system, recording / playback device, recording medium device, and model change device
WO2004114303B1 (en) Playback apparatus, playback method, and program for reproducing an encrypted virtual package
JP2003158514A5 (en)
RU2004136319A (en) DRIVE RECORDING MEDIA
JP2005529422A5 (en)
JP2010541299A5 (en)
JP2012044577A5 (en)
JP2003218850A (en) Contents-recording/reproduction apparatus
JP2004320719A5 (en)
TWI352976B (en) Record carrier comprising encryption indication in
JP2002305512A5 (en)
JP2005505853A5 (en)
JP4615444B2 (en) Copyright protection system
JP2001176189A5 (en)
JP2004318927A5 (en) Digital data storage method, storage device, reproduction device and recording medium
JP2002368732A (en) Encrypted information recording system and encrypted information reproduction system
JP2004112038A5 (en)
JP2000231760A5 (en)
JP2003204320A5 (en)
JP2006526244A5 (en)
JP4489044B2 (en) INFORMATION RECORDING DEVICE, INFORMATION RECORDING METHOD, AND COMPUTER-READABLE RECORDING MEDIUM CONTAINING PROGRAM FOR CAUSING COMPUTER TO EXECUTE THE METHOD
JP2002208216A (en) Contents recording and reproducing device
JP2008252543A5 (en)