JP2004319085A - Recording medium, information reproducing device and information reproducing method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an information recording medium having a data structure to realize firm copyright protection for surely preventing the illegal copying of contents recorded therein, and to provide an information recording device and an information recording method capable of reproducing data from the information recording medium without providing any special data reading means. <P>SOLUTION: The information recording medium has a read-in area in which control information is recorded and a data recording area in which user data is recorded. First key information is recorded in the read-in area. Scrambled data and second key information are recorded in the data recording area. The scrambled data is descrambled based on the second key information. In the read-in area, mutual authentication key information is further recorded to execute mutual authentication between a reader for reading the scrambled data and a decoder including a descrambling circuit for descrambling the scrambled data. Thus, by recording the key information in the read-in area, security is improved. <P>COPYRIGHT: (C)2005,JPO&NCIPI

Description

  The present invention relates to an information recording medium for recording an information signal including program data, audio information, and video information, and an information reproducing apparatus and an information reproducing method for reproducing information recorded on the information recording medium.

As information recording media for program data, audio information, and video information, a floppy (registered trademark) disk, a CD-ROM (Compact Disk-Read Only Memory), and the like are known. In particular, CD-ROMs are widely used for distributing various kinds of software because they have a large capacity of 600 MB or more and production costs have become low.

  On the other hand, the demand for outputting video and audio data (hereinafter, referred to as AV data) on a personal computer has been rapidly increasing due to the recent increase in the speed of personal computers. For example, applications for recording and distributing digital data files, which have been subjected to data compression using a video compression method called MPEG1 (Moving Picture Experts Group), on a CD-ROM or the like are increasing. However, the MPEG1 system generally compresses a large amount of video data using a high compression ratio, and therefore, the video is significantly deteriorated. Therefore, it is not suitable for applications requiring high-quality images such as movies.

  Therefore, in recent years, development of recording high-quality video data on an optical disc having a large capacity close to 5 GB using an advanced video compression scheme called the MPEG2 scheme has been performed. The optical disk called DVD (Digital Video Disk) can record high-quality digital AV data for more than 2 hours by utilizing its large capacity, and is expected to be a next-generation AV data recording medium. I have. On the other hand, a DVD drive, which is connected to a personal computer and plays the DVD, makes it possible to reproduce high-quality AV data on the personal computer, and also uses a CD-ROM as a distribution medium for computer software. It is expected as an information recording medium that can replace.

  However, if a DVD drive as a peripheral device of a personal computer is available on the market, digital data recorded on the DVD is output to the personal computer and easily copied to a rewritable medium such as a hard disk or MO (Magneto Optical Disk). It becomes possible. If the digital AV data can be easily copied as described above, problems such as illegal copying of the AV data recorded on the DVD without permission of the creator or falsification of the data are caused. It is extremely difficult to protect the rights of the author. This not only has disadvantages for the data author, but also requires measures such as setting the price in consideration of the author's being copied and not manufacturing the disc due to fear of data tampering. If taken, there may be a disadvantage to the user. The above-mentioned problem is hereinafter referred to as a first problem.

  On the other hand, various uses of the information recording medium on which the AV data is recorded can be considered. Among these applications, there are also applications where it becomes a problem that the information recording medium can be played back by any playback device, and in such applications, a playback device that can be played back and a playback device that cannot be played back are used. Preferably, it can be divided into For example, a disc, such as a karaoke disc, in which video data including the lyrics are recorded along with the music to be reproduced, includes a disc used personally in a general household (hereinafter, a consumer disc). ) And discs used in facilities where customers pay a fixed fee to enjoy karaoke (hereinafter, referred to as business discs). Commercial discs are supplied at a low price because they are manufactured on the premise that they are delivered in large quantities to a limited number of users, whereas consumer discs are sold at a relatively high price for sale separately. ing.

  However, if the commercial disk and the consumer disk have exactly the same format, the commercial disk may be sold at low cost in the general market for consumer use. Therefore, distribution of consumer discs at an appropriate price in the market is hindered, which is disadvantageous for disc manufacturers and users who purchase regular consumer discs. Therefore, in such an application, it is desirable that a playback device capable of playing back a consumer disc and a commercial disc can be separated. As another example, there is a case where a disc on which contents having ethical problems are recorded is reproduced. Criteria for determining whether there are ethical issues vary from country to country. Thus, a disc to be played in one country may not be desirable to be played in another country. Therefore, there is a need for a system in which a disc having an ethical problem can be played only in a specific country where the sale is permitted. As described above, there is a problem that it is not possible to divide a playback device that can play back and a playback device that cannot play back according to the use of the disc. This problem is hereinafter referred to as a second problem.

  As one means for solving the above two problems, there is a method of scrambling (or encrypting) data to be recorded on an information recording disc and recording the data. That is, for the first problem, the copy operation is prevented by returning the data scrambled based on a certain key and not returning the key for descrambling during the copy operation in the personal computer. Yes (the copy operation is performed, but the descramble cannot be performed, so the copy operation does not make sense).

  With respect to the second problem, by creating a scrambled disk according to the contents of the disk, it is possible to classify the device into a device capable of descrambling and a device capable of non-descrambling. As described above, the scramble (or encryption) of the recorded data is effective for the above two problems, but the problem is how to specify a method or a key for descrambling the data.

  As a first conventional example of encrypting a data area, in the CD-ROM shown in FIG. 3 of JP-A-7-249264, an encryption key is recorded in a main data area of a sector different from an encrypted data sector. A scheme has been proposed. In this conventional example, data encrypted at the time of recording and its encryption key are recorded on a CD-ROM, and at the time of reproduction, a personal computer instructs a reproducing apparatus to read the encryption key and then decrypts the encrypted data. Thus, data reproduction is realized. This method has an advantage that the encryption key can be easily changed.

As a second conventional example, as shown in FIG. 3 of Japanese Patent Application Laid-Open No. 7-85574, there has been proposed a method of recording an encryption key in an area of a disk which is not scanned by an optical head of a reproducing apparatus. In this conventional example, in order to prevent the encryption key from being read from a general personal computer, the encryption key is not copied in the copy operation, and an illegal copy operation does not make sense.
JP-A-7-249264 JP-A-7-85574

  However, since the encryption key according to the first conventional method is recorded in the main data area of the sector, the encryption key used when recording the disk can be easily read from a general personal computer. Therefore, since the user can read the encryption key and the encrypted data, there is a high risk that the encryption will be decrypted.

  In the second conventional method, the encryption key is recorded in an area that is not scanned by the optical head of the reproducing apparatus. Therefore, in order to read the encryption key, in addition to the reading means for reading data from the data recording area, the encryption key is used exclusively for reading the encryption key. There arises a problem that a reading means is required.

  The present invention provides an information recording medium having a data structure for realizing strong copyright protection for reliably preventing the contents recorded on the information recording medium from being illegally copied, and a special data reading means. It is an object of the present invention to provide an information reproducing apparatus and an information reproducing method capable of reproducing data from the information recording medium without solving the above problems 1 and 2.

  The information recording medium of the present invention is an information recording medium having a lead-in area and a data recording area, in which key information is recorded, and in the data recording area, scrambled data is stored. The recorded and scrambled data is descrambled based on the key information.

  Another information recording medium of the present invention is an information recording medium having a lead-in area and a data recording area, wherein the first key information is recorded in the lead-in area, and the data recording area has Second key information and scrambled data are recorded, and the scrambled data is decoded based on information obtained by converting the second key information based on the first key information. Be scrambled.

  In one embodiment, the data recording area is divided into a plurality of sectors, each of the plurality of sectors being a sector header area for recording information for identifying a sector and a main data for recording the scrambled data. Area, and the second key information is recorded in the sector header area.

  In another embodiment, the second key information is encrypted by the first key information, and the information is obtained by decrypting the encrypted second key information.

  In another embodiment, the first key information is encrypted with master key information.

  In another embodiment, a plurality of first key information is recorded in the lead-in area, and the plurality of first key information are respectively encrypted by a plurality of different master key information.

  In another embodiment, a scramble flag indicating whether data recorded in the data recording area is scrambled is further recorded on the information recording medium.

  In another embodiment, the data recording area is divided into a plurality of sectors, and each of the plurality of sectors has a sector header area for recording information for identifying the sector and a main header for recording the scrambled data. And a data area, and the scramble flag is recorded in the sector header area.

  In another embodiment, the data recording area includes an area for recording a plurality of files, and a file management area for recording information for managing the plurality of files, and the scramble flag includes the file management area. It is recorded in.

  In another embodiment, the lead-in area includes a mutual device for performing mutual authentication between a reading device that reads the scrambled data and a decoding device that includes a descrambling circuit that descrambles the scrambled data. Authentication key information is further recorded.

  In another embodiment, the information is an initial value for generating a random number sequence, and the scrambled data is descrambled by performing a logical operation on the random number sequence.

  In another embodiment, the data recording area is divided into a plurality of sectors, and each of the plurality of sectors has a sector header area for recording information for identifying the sector and a main header for recording the scrambled data. And a data area, and information for identifying the use of the information recording medium is recorded in the sector header area.

  An information reproducing apparatus according to the present invention includes a reading circuit that reads scrambled data and key information used to descramble the scrambled data from an information recording medium, and descrambles the scrambled data. An authentication circuit that authenticates transmission of information corresponding to the key information to the decoding device before transmitting the scrambled data to the decoding device including the descrambling circuit.

  In one embodiment, the information recording medium has a lead-in area and a data recording area, and the key information includes first key information recorded in the lead-in area, And second key information to be recorded.

  Another information reproducing apparatus of the present invention receives the scrambled data from a reading apparatus that reads scrambled data from an information recording medium and key information used to descramble the scrambled data. The apparatus further includes an authentication circuit for authenticating reception of information corresponding to the key information from the reading device, and a descrambling circuit for descrambling the scrambled data received from the reading device.

  In one embodiment, the information recording medium has a lead-in area and a data recording area, and the key information includes first key information recorded in the lead-in area, And second key information to be recorded.

  In another embodiment, the descrambling circuit descrambles the scrambled data based on information obtained by converting the second key information based on the first key information.

  Another information reproducing apparatus according to the present invention includes a reading circuit for reading scrambled data and key information used for descrambling the scrambled data from an information recording medium, and decoding the scrambled data. A decoding unit including a descrambling circuit for scrambling, and an authentication circuit for authenticating transmission of information corresponding to the key information to the decoding unit before transmitting the scrambled data to the decoding unit. I have.

  In one embodiment, the information recording medium has a lead-in area and a data recording area, and the key information includes first key information recorded in the lead-in area, And second key information to be recorded.

  In another embodiment, the descrambling circuit descrambles the scrambled data based on information obtained by converting the second key information based on the first key information.

  In another embodiment, the information recording medium further records a scramble flag indicating whether or not data recorded in the data recording area is scrambled. And a control circuit for controlling whether to activate the authentication circuit.

In another embodiment, the authentication by the authentication circuit is performed using a predetermined function.
In another embodiment, the authentication by the authentication circuit is performed using information that changes over time.

In another embodiment, the authentication circuit generates bus key information when authentication processing ends normally, and encrypts the first key information and the second key information using the bus key information. Become
In another embodiment, the authentication circuit decrypts the encrypted first key information and the encrypted second key information using the bus key information.

  An information reproducing method according to the present invention comprises: a reading device that reads scrambled data from an information recording medium and key information used to descramble the scrambled data; and a data reading device that descrambles the scrambled data. An information reproducing method for reproducing the scrambled data using a decoder device including a scramble circuit, the method comprising: performing a mutual authentication process between the reading device and the decoding device; Generating bus key information common to the reading device and the decoding device when the mutual authentication process between the decoding device and the decoding device ends normally, and encrypting the key information according to the bus key information. And transmitting the encrypted key information from the reading device to the decoding device.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings.

(1st Embodiment)
FIG. 1 shows a data structure of an information recording medium according to the present invention. Hereinafter, a disc will be described as an example of the information recording medium. However, the information recording medium according to the present invention is not limited to a disk, but may be any information recording medium.

  Generally, an information recording area in which some information is recorded on a disc is roughly divided into a lead-in area in which control information is mainly recorded and a data recording area in which user data is recorded. Further, the data recording area is generally divided in units called sectors. Here, the disc playback device can directly access the lead-in area, but devices other than the disc playback device (for example, personal computers) cannot directly access the lead-in area.

  In each sector, a header area for recording a sector ID (IDentifier) for identifying the sector, a user data area for recording user data, and a code for correcting a read error during reproduction are recorded. And an ECC (Error Correction Code) area. In the present embodiment, it is assumed that scramble processing has been performed on user data recorded in a user data area in a sector. Therefore, in order for the information reproducing apparatus to correctly reproduce the user data from the disc shown in FIG. 1, it is necessary to know a scrambling method applied to the user data.

  Information (hereinafter, referred to as “scramble information” in the present specification) that determines a scramble processing method applied to user data is recorded at a predetermined position in the lead-in area of the disc in FIG. The information reproducing apparatus reads an area in which the scramble information is recorded, interprets the scramble information, and performs a descrambling process on the user data according to the scramble information. This makes it possible to correctly reproduce the user data.

  Here, an example of a generally known scrambling processing method will be described with reference to FIG.

  FIG. 9A shows that one sector includes a sector ID area, a user data area of 2048 bytes, and an ECC area. Data byte strings D0, D1,..., D2047 are recorded in the user data area. , D2047 are data byte strings D'0, D'1,..., D'2047 to be recorded (before scrambling) and a random number sequence S0, S1,. .., Determined by logical operation with S2047. For example, the logical operation can be an exclusive OR. Here, the random number series S0, S1,..., S2047 are uniquely determined with respect to the given initial value.

  In order to obtain the initial values of the random number sequences S0, S1,..., S2047, based on a predetermined bit string in the sector (for example, 3 bits at a predetermined position in the sector ID area), as shown in FIG. The table is referenced. For example, when the three bits at the predetermined position in the sector ID area are (0, 0, 1), the initial value is obtained as 100Fh from the table, and the random number series B0, B1,..., B2047 (S0, S1 ,..., S2047) are uniquely determined.

  As a method for generating a random number sequence S0, S1,..., S2047 from a given initial value, for example, a method using a shift register as shown in FIG. 9C is known.

  As the scramble processing method, other methods such as exchanging predetermined bits in the byte sequence of the user data can be used. Hereinafter, description will be made using the scramble processing method described in FIG.

  FIG. 2 shows a structure of scramble information recorded at a predetermined position in the lead-in area of the disc shown in FIG.

  As shown in FIG. 2A, in this example, the scramble information is an identifier for specifying a table for obtaining an initial value of a random number sequence used for scramble processing. It is assumed that information for specifying a scramble processing method other than the table is defined in advance.

  For example, the fact that the content of the scramble information is (1, 0) indicates that Table 2 is used for the scrambling process among the four predefined tables shown in FIG. 2B. The information reproducing apparatus has a memory for storing the four tables of FIG. 2B, and switches the table used for the descrambling according to the scramble information. This makes it possible to correctly execute the descrambling process on the user data.

FIG. 3 shows another data structure of the disc according to the present invention. The lead-in area of the disk shown in FIG. 3, the initial value table is recorded directly. In the data recording area of the disc, user data that has been subjected to scrambling by a random number sequence generated using the initial value table is recorded. Here, it is assumed that the other parameters of the scramble processing method shown in FIG. 3 are uniquely determined in advance.

  The information reproducing apparatus reads the initial value table recorded in the lead-in area of the disc and interprets the initial value table. Thereafter, the information reproducing apparatus sets a descrambling procedure according to the initial value table, and descrambles the user data according to the descrambling procedure. Thus, the scrambled user data can be correctly reproduced.

  Reproduction of a disc by an information reproducing apparatus having only a specific descrambling processing procedure is limited to the case where the initial value table of the disc and the initial value table of the information reproducing apparatus match. Will not be able to play correctly.

  In the above-described embodiment, the method of changing the initial value table of the random number sequence in the scramble processing method shown in FIG. 9 has been described. However, the scramble processing method shown in FIG. 9 does not have to be used, and a completely different scramble processing method can be used. In addition, in the scramble processing method shown in FIG. 9, there are various parameters that can be changed in addition to the initial value table (for example, how to take a bit string for referencing the initial value table and the structure of a shift register that generates random numbers). , Etc.), it is also possible to give an identifier to each of the changeable parameters and combinations.

  As described above, according to the information recording medium of the present invention, it is possible to change the scramble processing method according to the use and the permission / non-permission of duplication. As a result, it is possible to prevent illegal reproduction (for example, reproducing a business disk with a consumer disk reproducing device) and illegal copying.

(Second embodiment)
FIG. 4 shows the configuration of the information reproducing apparatus according to the present invention. The information reproducing device includes a host computer 1 and a disk reproducing device 2 for reproducing data recorded on the disk 3.

  The host computer 1 includes an interface unit (I / F unit) 4, an AV decoder 6 for decoding video information into a displayable format, a video board 8 for transmitting video information to a display device 7, a CPU 10, a DRAM ( And an internal memory 11 such as a Dynamic Random Access Memory. The video board 8, the CPU 10, and the internal memory 11 are mutually connected via the bus 9. The output of the video board 8 is connected to a display device (output device) 7. The hard disk drive 12 is connected to the interface unit 4.

  The disk reproducing device 2 includes an interface unit 5, a data reproducing unit 13 including a mechanism for reading data from the disk 3, a signal processing circuit, a control circuit, and the like, and a microprocessor 14 for controlling the disk reproducing device 2. I have.

  The host computer 1 and the disk reproducing device 2 are connected via interface units 4 and 5. For example, the interface units 4 and 5 can be connected by an existing interface such as SCSI (Small Computer System Interface) or ATAPI (AT Attachment Packet Interface) or an interface uniquely defined.

  When the disk reproducing device 2 is reset or when the disk 3 is replaced, the disk reproducing device 2 reads the scramble information recorded in the lead-in area of the disk 3, interprets the scramble information, and performs reverse scrambling according to the scramble information. The scramble processing procedure is set in the data reproducing unit 13.

  The host computer 1 sends a playback-only command (hereinafter, PlayAV command) to the disc playback device 2 via the interface units 4 and 5 to display the user data recorded in the data recording area of the disc 3 on the output device 7. Is issued). In response to the PlayAV command, the disc reproducing device 2 transmits to the host computer 1 the user data subjected to the descrambling process according to the scramble information.

  The interface unit 4 of the host computer 1 sends the user data received from the disc playback device 2 using the PlayAV command to the AV decoder 6 only, without sending it to the data bus 9. Therefore, it is impossible to record user data obtained by using the PlayAV command on a rewritable medium such as the hard disk drive 12 connected to the host computer 1.

  When it is necessary to record the user data recorded in the data recording area of the disk 3 on the hard disk 12 or the internal memory 11, the host computer 1 issues a data read command (hereinafter, referred to as a Read command). In response to the Read command, the disk reproducing device 2 determines whether copying of the disk 3 is permitted or not based on the previously stored scramble information.

  The disc reproducing apparatus 2 operates differently depending on whether or not the scramble method specified by the scramble information is of a type for which copying is permitted.

  If the disc player 2 determines that copying of the disc 3 is permitted, a correct user who has performed descrambling according to the scramble information read from the lead-in area of the disc 3 at the time of the start-up operation of the disc player 2 The data is transmitted to the host computer 1. On the other hand, when the disk reproducing device 2 determines that copying of the disk 3 is prohibited, the disk reproducing device 2 transmits to the host computer 1 erroneous user data subjected to a descrambling process different from the scramble information. Alternatively, by performing error processing or the like, the disc reproducing apparatus 2 may be configured not to return correct data to the host computer 1. In this way, illegal duplication can be prevented.

There are various methods for obtaining information (copy permission information) indicating whether copying of the disc 3 is permitted. For example, when the copy permission information is recorded in a predetermined area of the disk 3, the disk reproducing device 2 may read the copy permission information from the predetermined area of the disk 3. Alternatively, when the scramble processing method is limited according to the copy permission information, the copy permission information can be specified by the read scramble information.
Alternatively, the copy permission information may be represented by a part of the scramble information.

  For example, when the scramble information includes a plurality of bits, one bit of the plurality of bits may represent the copy permission information. As described above, the scramble information can be used to clearly distinguish a scramble method applied to data permitted to be copied from a scramble method applied to data prohibited from being copied. Therefore, by reading the scramble information from the disk 3, it is possible to determine whether or not copying is permitted. Hereinafter, the description will be given on the assumption that the copy permission information is represented by a part of the scramble information.

  FIG. 5 shows another configuration of the information reproducing apparatus according to the present invention. In the information reproducing apparatus shown in FIG. 5, the AV decoder 6 and the interface unit 4, which are independent in the host computer 1 shown in FIG. 4, are integrated. Other configurations are the same as the configuration of the information reproducing apparatus of FIG.

  When the PlayAV command is issued from the host computer 1, the user data subjected to the descrambling process according to the scramble information is transmitted from the disk reproducing device 2 to the host computer 1. The user data is AV-decoded by the AV decoder 6 and then directly input to the video board 8. Other operations are the same as those of the information reproducing apparatus according to the embodiment described with reference to FIG.

  FIG. 6 shows another configuration of the information reproducing apparatus according to the present invention. The information reproducing apparatus of FIG. 6 includes an interface unit 4b integrated with the AV decoder 6, and an interface unit 4a independent of the interface unit 4b. Other configurations are the same as those of the information reproducing apparatus of FIG.

  Only the PlayAV command is issued from the interface unit 4b in the AV decoder 6. On the other hand, the Read command is issued from the interface unit 4a independent of the interface unit 4b. Other operations are the same as those of the information reproducing apparatus according to the embodiment described with reference to FIG.

  FIG. 7 shows another configuration of the information reproducing apparatus according to the present invention. In the information reproducing apparatus shown in FIG. 7, an AV decoder 6 for converting data into a displayable format is built in the disk reproducing apparatus 2. Therefore, it is not necessary to connect the disk reproducing device 2 to the host computer 1.

  Hereinafter, the operation of the information reproducing apparatus having this configuration will be described. In the disc reproducing apparatus 2 of FIG. 7, the microprocessor 14 reads scramble information from the disc shown in FIG. 1, interprets the scramble information, and performs a descrambling process according to the scramble information on the user data. The user data subjected to the descrambling process is sent to the AV decoder. The user data is AV-decoded by the AV decoder 6 and output to the output device 7. In this way, the user data recorded on the disk 3 can be reproduced.

  However, when scramble information that is not preferable to be reproduced by the disk reproducing device 2 is recorded on the disk 3, the disk reproducing device 2 may not perform correct reproduction. For example, it is assumed that the disk 3 is a business disk used for karaoke. In this case, when the disc 3 is mounted on a consumer disc playback device, it is possible to prevent the consumer disc playback device from playing back data recorded on the disc 3. This is because the consumer disk reproducing device can determine from the scramble information recorded on the disk 3 whether or not the scrambling processing method is not used for consumer disks. In this way, by limiting the scramble processing method that can be used according to the use of the disc 3, the disc reproducing apparatus 2 determines whether or not the data recorded on the disc 3 should be reproduced based on the scramble information. It becomes possible.

  Also, by producing a disk on which data scrambled by a scramble processing method that does not correspond to the descrambling process is manufactured, a disk playback device capable of performing only a specific descrambling process is provided. Can be prevented from reproducing data recorded on the disc.

  FIG. 8 shows the configuration of the information reproducing apparatus according to the present invention. The information reproducing device includes a host computer 1 and a disk reproducing device 11. The host computer 1 is not shown in FIG. The configuration of the host computer 1 is the same as the configuration of the host computer 1 in FIGS.

  The disk reproducing device 11 includes an interface unit (I / F unit) 5, a data reproducing unit 13 for reading data recorded on the disk 3, a microprocessor 14 for controlling the disk reproducing device 11, a descrambling circuit unit 15, , A demodulation / error correction unit 16, a ROM (Read Only Memory) 17 for storing programs executed by the microprocessor 14, and a data processing RAM (Random Access Memory) 20. The interface unit 5, the data reproduction unit 13, the microprocessor 14, the descrambling circuit unit 15, the demodulation / error correction unit 16, and the data processing RAM 20 are mutually connected via an internal data bus 19. I have. The descrambling circuit unit 15 includes a memory 18 for storing an initial value table.

  The microprocessor 14 reads scramble information from the disk 3 when the power is turned on or when the disk 3 is replaced, and interprets the scramble information.

  When the disk 3 has the data structure shown in FIG. 2, the microprocessor 14 selects one initial value table from the plurality of initial value tables stored in the ROM 17 in advance according to the contents of the scramble information. The microprocessor 14 stores the selected initial value table in the initial value table storage memory 18 in the descrambling circuit unit 15. The initial value table storage memory 18 may be, for example, a RAM. Alternatively, when the initial value table storage memory 18 is a ROM, a plurality of initial value tables may be stored in the ROM in advance.

  When the host computer 1 issues a PlayAV command, the PlayAV command is input to the microprocessor 14 via the interface unit 5 of the disc reproducing device 2. In response to the PlayAV command, the microprocessor 14 instructs the descrambling circuit unit 15 to perform descrambling processing on the scrambled user data. The descrambling circuit 15 performs a descrambling process according to the initial value table stored in the initial value table storage memory 18. The descrambled data is transmitted to the host computer 1 via the interface unit 5. Thus, the data recorded on the disk 3 can be reproduced.

  On the other hand, when the host computer 1 issues a Read command, the Read command is input to the microprocessor 14 via the interface unit 5 of the disk reproducing device 11. At this time, the microprocessor 14 determines from the scramble information read out from the disk 3 in advance whether or not the scramble method permits copying. If the microprocessor 14 determines that copying is prohibited, the microprocessor 14 sets an initial value table different from the initial value table corresponding to the scramble information in the descramble circuit 15. Alternatively, the microprocessor 14 may return an error to the host computer 1 without setting the initial value table in the descrambling circuit unit 15. In this way, it is possible to prevent the data recorded on the disk 3 from being reproduced.

  Further, when the microprocessor 14 determines that copying is permitted from the scramble information and the disk 3 has the data structure shown in FIG. The table is read, and the initial value table is stored in the initial value table storage memory 18 in the descrambling circuit unit 15. The initial value table storage memory 18 is a writable memory (for example, a RAM). Other processes are exactly the same as those in the case where the disk 3 has the data structure shown in FIG.

  As described above, according to the information reproducing apparatus of the present invention, it is possible to change the descrambling method according to the scramble information recorded on the information recording medium. This makes it possible to correctly reproduce data scrambled by a plurality of different scramble processing methods.

  Further, according to the information reproducing apparatus of the present invention, it is possible to determine whether or not the information reproducing apparatus should reproduce the data recorded on the information recording medium according to the scramble information recorded on the information recording medium. As a result, illegal duplication can be prevented, and the copyright of the data recorded on the information recording medium can be protected.

(Third embodiment)
FIG. 10A shows the data structure of the information recording medium according to the present invention. The information recording area on the information recording medium where some data is recorded includes a lead-in area, a data recording area, and a lead-out area. Information necessary for the information reproducing apparatus to reproduce the information recording medium is recorded in the lead-in area. The data recording area mainly records data such as program data and AV data that are useful for the user.

FIG. 10B shows the data structure of the control data area recorded in the lead-in area. The control data area includes a physical information sector and a scramble information sector. In the physical information sector, disk physical information such as the disk diameter, disk structure, and recording density is recorded. In the scramble information sector, information such as a scramble method applied to data recorded in a data recording area of the information recording medium is recorded. The scramble information sector is referred to when the information reproducing apparatus performs a descrambling process. The details of the scramble information sector will be described later with reference to the drawings.
FIG. 10C shows the data structure of the volume / file management area. In the present embodiment, the data structure of the volume / file management area conforms to the international standard ISO 9660 (International Standard Organization 9660). This international standard ISO9660 is employed in CD-ROMs (Compact Disc-Read Only Memory).

  The volume / file management area includes a volume descriptor, a path table, and a directory record.

  The volume descriptor records information such as the size of the volume space, the recording position information of the path table, the recording position information of the directory record, and the date and time when the disc was created. The path table records a table that associates paths of all directories existing on the information recording medium with recording position information. The directory record records information such as an identifier of each directory or file (generally, a directory name or a file name), data recording position information, file size, attributes, and the like.

  FIG. 10D shows a more detailed data structure of the directory record. In the directory record for the root directory, attributes and identifiers of the root directory, creation date and time, and the like are recorded. The directory record information for the directory is recorded in the directory record (first sector) for the root directory. Similar information is also recorded in the directory record for the root directory (second sector). Further, in the file record for the file A, recording position information of the data of the file A, data length, file identifier information, a copyright management identifier, and the like are recorded. Thus, the plurality of directories have a hierarchical structure.

  The root directory is a directory located at the highest level in the hierarchical structure. More detailed contents will be described later with reference to the drawings.

  In the data recording area, scrambled files and non-scrambled files are recorded. For example, scrambled file A and scrambled file C are scrambled files, and non-scrambled file B is an unscrambled file. It is preferable that the file storing the AV data subject to copyright protection is a scrambled file.

  FIG. 10E shows the data structure of the scramble file A. The file A is divided into a plurality of continuous sectors from the sector n. Data stored in each of the plurality of sectors has been subjected to scramble processing. Hereinafter, in this specification, a sector that stores data subjected to scramble processing is referred to as a “scramble sector”.

  FIG. 10F shows the data structure of the non-scrambled file B. File B is divided into a plurality of continuous sectors from sector m. Data stored in each of the plurality of sectors is not subjected to scramble processing. Hereinafter, in this specification, a sector that stores data that has not been subjected to scramble processing is referred to as a “non-scrambled sector”.

FIGS. 11A to 11C show data structures of directory records in the volume / file management area. The directory record includes a directory record length, file recording position information, a file data length, a file identifier, and copyright management information.
The directory record length is information indicating the size of a directory record of a file (or directory). The file recording position information is information indicating a start position of a sector (hereinafter, referred to as an extent) in which data of the file is recorded.

  The file data length is information indicating the number of sectors constituting a file. The file identifier is identification information (file name) for identifying a file. The copyright management information is information relating to the copyright management of the file.

  The copyright management information includes a scramble flag area and a scramble scheme area. In the scramble flag area, a flag indicating whether or not the data of the file has been scrambled is recorded. If the file data is scrambled, a flag having a value of 1 is recorded in the scramble flag area, and if the file data is not scrambled, a flag having a value of 0 is scrambled. Recorded in the flag area. Therefore, by referring to the scramble flag area, it can be determined whether or not the data of the file has been scrambled. In the scramble method area, an identifier indicating the method of the scramble processing applied to the data of the file is recorded. Therefore, by referring to the scramble method area, the scramble processing method applied to the data can be determined for each file.

  Hereinafter, an example of the scrambling method will be described with reference to FIGS. The scramble method identifier corresponding to this scramble method is set to 1.

  FIG. 11D shows the data structure of the scramble information sector recorded in the control data area of the lead-in area. The scramble information sector includes a sector header area and a main data area.

  The sector header area of the scramble information sector includes an address area in which an identifier for identifying the sector by the information reproducing apparatus is recorded and information for specifying the scrambling scheme applied to the information recording area (as described above, The scramble method area in which the scramble method in this example is set to 1) is recorded, and the information reproducing apparatus determines whether or not the data to be copyright protected can be transmitted to a device that requests the transfer of the reproduced data. And a mutual authentication key area in which a mutual authentication key used in the authentication processing (hereinafter referred to as mutual authentication processing) is recorded. This mutual authentication process will be described later in detail.

  In the main data area of the scramble information sector, a table for determining a random number sequence to be used at the time of the scrambling process from a key for scrambling is recorded. Therefore, the information reproducing apparatus can perform the descrambling process only by using the table recorded in the scramble information sector and the key for scrambling. However, the initial value for determining the random number sequence is hereinafter referred to as preset data.

  FIG. 11E shows a data structure of a scramble sector in the data recording area.

  The sector header area of the scramble sector includes an address area, a scramble flag area in which a flag for identifying whether or not the main data area of the sector has been subjected to scramble processing, and a key (hereinafter, referred to as a seed key) used at the time of scramble. ), And a use identification information area in which information for identifying the use of the file is recorded. In the scramble flag area, 1 indicating that scramble processing has been performed is recorded, and in the seed key area, a key used for descrambling processing in the main data area is recorded. Further, in the use identification information area, information about the use of the recorded data such as business use or consumer use is recorded, and information indicating the reproduction restriction when the use of the information reproducing apparatus is different from the use identification information is recorded. Has been recorded. Further, in the main data area, data that has been subjected to scramble processing determined by the scramble method specified by the scramble information sector in the lead-in area and the seed key in the sector header area of the scramble sector is recorded. That is, the preset data is determined by referring to the table of the scramble information sector based on the value recorded in the seed key area, and the scrambling / descrambling process can be performed using a random number sequence determined by the preset data. In the description below, the seed key is the same for each file.

  On the other hand, the sector header of the non-scrambled sector includes an address area and a scramble flag area. In the scramble flag area, 0 indicating that the main data area of the sector has not been scrambled is recorded. Accordingly, by detecting that the value of the scramble flag area is 0, the information reproducing apparatus can easily recognize that the descrambling process does not need to be performed.

  Next, an example of a scramble method will be described with reference to FIG.

  FIG. 12A shows that an 8-bit data sequence Dj (j is an integer from 0 to 2047) is scrambled by performing a logical operation on an 8-bit random number sequence Sj generated based on a certain initial value. Data SDj is obtained. That is, the scramble information sector recorded in the lead-in area and the 15-bit preset data determined by the seed key of the sector header area of each sector are set in the shift register 301, and the most significant bit r14 is shifted while shifting in the upper bit direction. A random number sequence Sj is generated by putting the exclusive OR of bit r10 into bit 0. Here, the bit at the bit position r0 is input to the logical operation block 302 every time one bit is shifted, and the 8-bit numerical value input to the logical operation block 302 by eight shifts is Sj. By performing a logical operation (for example, exclusive OR) of Sj and the 8-bit recording data Dj obtained as described above, the scrambled data SDj can be obtained. Assuming that the size of the main data of one sector is 2048 bytes, the above operation is repeated 2048 times from SD0 to SD2047, whereby the scrambling of one sector can be performed.

  FIGS. 12B and 12C show conversion from a scramble information sector to a table for determining preset data. In the scramble information sector shown in FIG. 12B, four entries of the table are recorded, and each entry is composed of a set of a seed key and preset data. If these sets are tabulated, a table as shown in FIG. 12C is obtained. For example, if the seed key recorded in the sector header is 01b (b means a binary number), 0077h (h means a hexadecimal number) is set as the preset data in the shift register shown in FIG. By setting the initial value in 301 and performing the above-described shift operation and logical operation, scramble / descramble processing can be performed.

  As described above, the information recording medium of the present embodiment enables scrambling on a file-by-file basis, and has information on whether or not scrambling has been performed as copyright management information in a file management area, By having a scramble flag area in the sector header for each sector, it is possible to recognize the presence or absence of scramble processing in devices that can only recognize main data, such as personal computers, and to recognize main data such as optical disk drives. It is possible to recognize the presence or absence of the scrambling process even for a device that does not have the scramble process. Therefore, even when data is reproduced by an optical disk drive connected to a personal computer, it is possible to determine whether or not both are copyright-protected data.

  Also, since the information recording medium of the present embodiment can perform a different scrambling process for each file by changing the seed key, even if the scrambling method of one scrambled file is decrypted by fraud, It is possible to prevent descrambling of other scrambled files by the scramble method performed, and to improve security in performing copyright protection processing.

  Further, when the information recording medium of the present embodiment is used for the purpose of copyright protection, a scramble information sector in which scramble information indispensable for descrambling is recorded cannot be read from a device such as a personal computer. Since it exists in the lead-in area, the effect of preventing an attempt to illegally read scramble information is high. Further, since the lead-in area can be reproduced by the same reproducing means as the data recording area, it is not necessary to newly provide a special reproducing means.

Also, since information such as a seed key, a scramble flag, and application identification information recorded in sector units is recorded in a sector header area that cannot be read from a device such as a personal computer, the information is recorded in the lead-in area. As in the case of recording the scramble information, there is an effect of preventing an attempt to illegally read the information.
Also, since the application identification information is recorded in the sector header area, it is possible to determine whether the reproduction device should reproduce or prohibit the reproduction in accordance with the content of the recorded data. Therefore, for example, by recording different identifiers in this area between the commercial disk and the consumer disk, it is possible to prevent the commercial disk from being reproduced by the consumer playback device.
Also, by recording the mutual authentication key used for the mutual authentication processing, it becomes possible for the reproducing apparatus to change data transmitted and received in the mutual authentication operation for each mutual authentication key, and to illegally decrypt the processing method of the mutual authentication processing. This has the effect of preventing that. Therefore, it is possible to prevent an act of illegally performing the mutual authentication processing and performing an illegal copy operation on a magnetic disk drive or the like.

  In the present embodiment, the volume file structure is based on the international standard ISO9660. However, it goes without saying that the volume file structure is not limited to this as long as it has the information described in the present invention. .

  In the present embodiment, the scrambling method uses a logical operation of random numbers and data. However, the present invention is not limited to this, as long as the scrambling method has a table and a seed key for referring to the table as in the present embodiment. Needless to say.

  In the present embodiment, a table for determining preset data is recorded in the lead-in area. However, the present invention is not limited to this as long as it is a parameter for determining a table. An identifier for identifying one table may be recorded.

  In the present embodiment, the information recording area for use identification is secured as the use identification information area in the sector header area of the scrambled sector. It is needless to say that may be classified.

  In the present embodiment, the scramble sector has been scrambled for all 2048 bytes of the main data area. However, even if all of the main data area has not been scrambled, a predetermined scramble is performed. The scramble processing may be performed only on the area of the part.

(Fourth embodiment)
Next, another data structure of the information recording medium according to the present invention will be described. The data structure of the information recording medium is the same as the structure of the information recording medium shown in FIG. Here, only the differences from the data structure shown in FIG. 10 will be described.

  FIGS. 13A to 13C show data structures of directory records recorded in the volume / file management area. In the scramble system area in the copyright management information of the directory record, 2 indicating the scramble system described in the present embodiment is recorded.

  FIG. 13E shows a data structure of a scramble sector. The sector header area of the scramble sector includes an address area, a scramble flag area, a media CGMS (Copy Generation Management System) data area, an encrypted original CGMS data area, an encrypted title key area, and an encryption use identification information area. And

  In the scramble flag area, 1 indicating that scramble processing has been performed is recorded.

  In the media CGMS data area, copy permission information of the information recording medium is recorded. In the encrypted original CGMS data area, copy permission information of the most original data is recorded when the data of this sector is copied from another medium. Here, the media CGMS data represents copy permission information of the data on the information recording medium. The media CGMS data is updated during a copy operation. The original CGMS data represents copy permission information at the time of disc creation.

  Since the original CGMS data has been encrypted, it is copied as it is during the copy operation. (Table 1) shows the definitions of the media CGMS data and the original CGMS data.

（表１）から、例えば、メディアＣＧＭＳデータが１１ｂであって、オリジナルＣＧＭＳデータが１０ｂであったとすれば、そのセクタのデータは、もともと１回のみコピー許可状態（メディアＣＧＭＳデータおよびオリジナルＣＧＭＳデータがともに０１ｂ）であって、既に１回のコピー動作が行われたことによってメディアＣＧＭＳデータがコピー禁止を意味する１１ｂに変更されたと判定すべきである。以下では、メディアＣＧＭＳデータと、オリジナルＣＧＭＳデータを合わせてＣＧＭＳ制御情報と称する。

From (Table 1), for example, if the media CGMS data is 11b and the original CGMS data is 10b, the data of the sector is originally allowed to be copied only once (the media CGMS data and the original CGMS data are not copied). Both are 01b), and it should be determined that the media CGMS data has been changed to 11b meaning copy prohibition because one copy operation has already been performed. Hereinafter, the media CGMS data and the original CGMS data are collectively referred to as CGMS control information.

  In the encrypted title key area, a key for descrambling scramble processing performed on the main data area is recorded.

  In the encrypted use identification information area, identification information for designating the use is encrypted and recorded. However, the encrypted original CGMS data area, encrypted title key area, and encrypted use identification information area are all subjected to encryption processing, and information cannot be obtained only by reading the sector header area. These encrypted data are encrypted using an encrypted disk key recorded in a sector header area of a lead-in area of the information recording medium. Therefore, in order to decrypt the encrypted information in the header area of the scramble information sector, the encrypted disk key is required.

  FIG. 13D shows the data structure of the scramble information sector. In the following description, in order to clearly distinguish between encrypted data and decrypted data, encrypted data will be represented by a name with “encrypted”, Is represented by a name with “decryption”. For example, data obtained by encrypting a title key is called “encrypted title key”, and data obtained by decrypting the encrypted title key is called “decrypted title key”.

  The scramble information sector is recorded in the control data area of the lead-in area.

  In the sector header area of the scramble information sector, 2 indicating that the scramble system is the scramble system of the present system is recorded. In the mutual authentication key area, a mutual authentication key used for a mutual authentication process for determining whether or not to send descrambled data is recorded. The mutual authentication key will be described in detail in an embodiment of the information reproducing apparatus described later.

  In the main data area of the scramble information sector, the encrypted original CGMS data of the scramble sector, the encrypted title key, and the encrypted disk key for decrypting the encryption use identification information are recorded. However, the encrypted disk key is further encrypted, and a key for decrypting the encrypted disk key (hereinafter, referred to as a master key) is provided by the information reproducing apparatus.

  In the main data area of the scramble information sector, a plurality of encrypted disk keys such as an encrypted disk key 1, an encrypted disk key 2,... Are recorded. The encrypted disk key 2 is a master key 2 and is encrypted by a corresponding master key such as. Here, the encrypted disk key 1, the encrypted disk key 2,... Are obtained by encrypting the same disk key information with different master keys. Therefore, when one information reproducing apparatus A has a master key 1 inside and another information reproducing apparatus B has a master key 2 inside, the information reproducing apparatus A has an encrypted disk key 1 The information reproducing apparatus B can decrypt the encrypted disk key 2 to obtain a decrypted disk key having the same contents.

  FIG. 13F shows the data structure of a non-scrambled sector. 0 is recorded in the scramble sector flag area. The data recorded in the main data area has not been scrambled. This indicates that data access similar to that of a conventional information recording disk is possible.

  As described above, in the information recording medium of the present embodiment, when reproducing a non-scrambled sector, it is possible to reproduce data with exactly the same access as in the related art. On the other hand, in order to reproduce a scrambled sector, an information reproducing apparatus having a master key reads the scrambled information sector in the lead-in area, decrypts the encrypted disk key with the master key, and further decrypts the decrypted disk key. The encrypted title key of the sector header of the scrambled sector is decrypted using the decrypted title key, and the decrypted title key is used to descramble the scrambled data, whereby the data can be reproduced.

  Hereinafter, a case where the scrambling method described in the third embodiment is used will be described as an example of the scrambling method. In the third embodiment, the preset data is generated using the conversion table. However, in the information recording medium of the present embodiment, if an initial value for generating a random number is encrypted and recorded in the encrypted title key area, Data scrambling can be easily performed using the shift register 301 and the logical operation block 302 shown in FIG. That is, the decrypted title key is used as the initial value of the shift register 302, the shift is repeated, a random number sequence Sj is generated, and a logical operation is performed on the data sequence Dj, thereby enabling scrambling. In addition, descrambling of data can be similarly performed using the shift register 301 in FIG.

As described above, the information recording medium according to the present embodiment enables scrambling on a file-by-file basis, and has information on whether or not scrambling has been performed as copyright management information in the file management area. In addition, the presence of the scramble flag area of the sector header in the sector unit enables the recognition of the presence or absence of the scramble processing in a device such as a personal computer that can only recognize the main data, and the recognition of the main data such as an optical disk drive. It is possible to recognize the presence or absence of the scrambling process even in a device that cannot perform the process. Therefore, even when data is reproduced by an optical disk drive connected to a personal computer, it is possible to determine whether or not both are copyright-protected data.
Further, since the information recording medium of the present embodiment can perform a different scrambling process for each file by changing the title key, even if the scrambling method of one scrambled file is decrypted by fraud, It is possible to prevent another scrambled file from being descrambled by the decrypted scramble method, and it is possible to improve security in performing the copyright protection processing.

  Further, when the information recording medium of the present embodiment is used for the purpose of copyright protection, a scramble information sector in which scramble information indispensable for descrambling is recorded cannot be read from a device such as a personal computer. Since it exists in the lead-in area, the effect of preventing an attempt to illegally read scramble information is high. Further, since the lead-in area can be reproduced by the same reproducing means as the data recording area, it is not necessary to newly provide a special reproducing means.

Also, since the scramble flag, CGMS control information, encrypted title key, and encryption use identification information recorded in sector units are recorded in a sector header area that cannot be read from a device such as a personal computer, As well as recording the scramble information in the lead-in area, there is an effect of preventing an attempt to illegally read information in the sector header.

  Also, since the application identification information is recorded in the sector header area, it is possible to determine whether the reproduction device should reproduce or prohibit the reproduction in accordance with the content of the recorded data. Therefore, for example, by recording different identifiers in this area between the commercial disk and the consumer disk, it is possible to prevent the commercial disk from being reproduced by the consumer playback device.

  Also, by recording the mutual authentication key used for the mutual authentication processing, it becomes possible for the reproducing apparatus to change data transmitted and received in the mutual authentication operation for each mutual authentication key, and to illegally decrypt the processing method of the mutual authentication processing. This has the effect of preventing that. Therefore, it is possible to prevent an act of illegally performing the mutual authentication processing and performing an illegal copy operation on a magnetic disk drive or the like.

  The information recording medium according to the present embodiment has a hierarchical encryption / scramble structure in which main data of a scrambled sector is encrypted with a title key, the title key is encrypted with a disk key, and the disk key is encrypted with a master key. Even if the main data of the scrambled sector is copied illegally because of the processing, the effect of preventing the descrambling is obtained, so that the illegal copy can be made meaningless.

  Further, since the CGMS control information is recorded, even when a file is copied from the information recording medium of the present embodiment to another rewritable medium, it is determined whether the file has been illegally copied or legally copied. Make it possible.

  In the present embodiment, an example is shown in which the scrambling process is performed by a logical operation of a random number and data with a title key as an initial value. However, the scrambling method is not limited to this, and the data is scrambled according to a designated key. Needless to say, any other scrambling method may be used as long as the method is used.

Although the volume file structure according to the present embodiment has been described based on ISO 9660, which is an international standard, a volume file structure capable of recording copyright management information equivalent to the contents described in the present embodiment is used. Needless to say, this is not a limitation.
In the present embodiment, the scramble sector is assumed that all data of the sector is scrambled. However, even if the entire main data area of the sector is not scrambled, only a part of the main data may be scrambled. Needless to say.

  In the present embodiment, it is assumed that scrambling is performed on all the sectors constituting the file in the scrambled file, but it is also possible that only some of the sectors of the scrambled file are subjected to the scrambling. Needless to say.

  In the present embodiment, only three types of CGMS control information are used: one-time copying only, copying prohibition, and copying permission. Needless to say, information such as copy permission can be recorded.

  The method of scrambling the main data described in the present embodiment is an example, and the method is not limited to this, as long as it is a method of scrambling based on certain key information (title key in the present embodiment).

(Fifth embodiment)
Hereinafter, an information reproducing apparatus for reproducing an information recording medium according to the present invention will be described with reference to the drawings. Unless otherwise specified, the information reproducing apparatus is assumed to be an apparatus capable of reproducing information in the third and fourth embodiments of the information recording medium according to the present invention. Therefore, an operation for reproducing the information recording medium according to the fourth embodiment will be described below as an example. The encrypted title key area is a seed key area, and the encrypted disk key of the scramble information sector is stored in a preset data conversion table. The same processing can be performed for the third embodiment of the information recording medium by substituting the above.

FIG. 14 is a block diagram showing a configuration of the information reproducing apparatus 500 according to the present invention.
The information reproducing apparatus 500 includes a main processor 501, a bus interface circuit 503, a main memory 504, a SCSI control card 506 for controlling a protocol defined by a SCSI (Small Computer System Interface), and a decompressed digital AV data. An AV decoder card 507 for converting the data into analog AV data and outputting the data, an optical disk drive 509 for reproducing the information recording medium according to the present invention, and a hard disk drive 510 are included.

The main processor 501, the bus interface circuit 503, and the main memory 504 are mutually connected via a processor bus 502. The bus interface circuit 503, the SCSI control card 506, and the AV decoder card 507 are mutually connected via a system bus 505. The SCSI control card 506, the optical disk drive 509, and the hard disk drive 510 are interconnected via a SCSI bus.
Next, the operation of reproducing the AV file by the information reproducing apparatus 500 will be described.
When an optical disk is mounted on the optical disk drive 509, the main processor 501 reads out the volume / file management area of the optical disk via the SCSI control card 506 and stores it in the main memory 504 (hereinafter, the stored volume / file management area). Is referred to as file management information).

  The main processor 501 performs a process (hereinafter, referred to as a mutual authentication process) between the AV decoder card 507 and the optical disk drive 509 to determine whether each device has a copyright protection function. If an error is detected from any device in the process, the mutual authentication process is deemed to have failed, and the following process is stopped. On the other hand, when the mutual authentication process is completed normally, the optical disk drive 509 transfers the encrypted disk key of the mounted disk to the AV decoder card. At this time, when outputting the encrypted disk key, the optical disk drive 509 transmits an encrypted disk key that has been encrypted based on a key (hereinafter, referred to as a bus key) generated during the mutual authentication process. The AV decoder card 507 decrypts the received encrypted disk key using the bus key and then holds the decrypted disk key internally.

  Thereafter, when reproducing the file recorded on the optical disk, the main processor 501 refers to the scramble flag of the copyright management information in the file management information stored in the main memory 504 in advance, and determines whether the file to be reproduced is a scrambled file. Is determined. If the result of the determination indicates that the file to be played back is an unscrambled file, the optical disk drive 509 receives a playback command from the main processor 501 via the SCSI control card 506 and transfers non-scrambled data. On the other hand, if the main processor 501 determines from the scramble flag of the file management information that the file is a scrambled file, the mutual authentication process between the optical disk drive 509 and the AV decoder card 507 is executed again.

  If the main processor 501 detects an error during the mutual authentication process, the main processor 501 stops the process without performing the reproduction process. On the other hand, if the mutual authentication process is completed normally, the optical disk drive 509 returns the encrypted title key before the data is reproduced, and the encrypted title key is transferred to the AV decoder card 507 by the main processor 501. At this time, the optical disk drive 509 transfers the encrypted title key encrypted by the bus key held in advance. The AV decoder card 507 stores the received encrypted title key internally after decrypting it with the bus key.

Thereafter, the optical disk drive 509 sends out the scrambled data read from the loaded disk, and the microprocessor 501 transfers the scrambled data to the AV decoder card 507. The AV decoder card 507 descrambles the received scrambled data using the title key already stored therein, converts it into analog AV data, and outputs it as an analog signal from the video output and audio output. As described above, the information reproducing apparatus 500 can reproduce the information recording medium of the present invention.
Regarding the operation of copying the scrambled file from the optical disk drive 509 to the hard disk drive 510, the mutual authentication processing ends in an error because the hard disk drive 510 cannot execute the mutual authentication processing. Therefore, the process is stopped before the optical disk drive 509 sends the data to the SCSI bus, and the copy operation is not executed.

  Further, if a program for illegally copying the scrambled file read by the optical disk drive 509 to the hard disk drive 510 is loaded into the main memory 504 and the mutual authentication process is normally terminated in some form, the transferred scrambled data is transferred. Is copied to the hard disk drive 510, the scrambled data is copied to the hard disk drive 510. However, in order to reproduce the data copied to the hard disk drive 510, mutual authentication between the hard disk 510 and the AV decoder card 507 is necessary again. In this case, the hard disk drive 510 has no means for generating a bus key. In addition, it becomes impossible for the AV decoder card 507 to reproduce the scrambled file on the hard disk 510.

  Therefore, even if an illegal copy is made, the copy operation can be made meaningless, and as a result, a copyright protection mechanism can be realized.

  Hereinafter, more detailed configurations and operations of the optical disc drive 509 and the AV decoder card 507, which are components of the information reproducing apparatus 500, will be described with reference to FIGS.

  FIG. 15 is a block diagram showing the configuration of the optical disk drive 509. The configuration will be described below. 600 is a SCSI control circuit, 601 is a decoder authentication circuit for performing mutual authentication processing with an AV decoder, 602 is a microcontroller that controls the entire optical disk drive, 603 is a program ROM that stores an operation program of the microcontroller. , 604 are control buses for transmitting control data, 605 is an ECC (Error Correction Code) processing memory used in error correction processing for correcting a read error when reproducing data, and 606 is a data from the optical disc 607. A data reproducing circuit 607 for reading data, binarizing, demodulating, error correcting processing, and the like, and 607 is an information recording medium according to the present invention, which is described in the third embodiment or the fourth embodiment. Optical disks each having a data structure shown in FIG.

  Next, the operation of the optical disk drive 509 during the mutual authentication processing and the data reproduction will be described.

  The optical disk drive 509 that has received the mutual authentication processing request by the SCSI control circuit 600 controls the decoder authentication circuit 601 to execute a predetermined mutual authentication processing. This protocol will not be described here in detail because it will be described later in detail.

  If the microcontroller 602 detects any error in the protocol of the mutual authentication processing, the SCSI control circuit 600 reports the error and stops the mutual authentication processing and the subsequent key information transfer operation. When the mutual authentication processing is completed normally, the bus key determined at the time of the mutual authentication processing is stored in the decoder authentication circuit 601.

  If the mutual authentication processing is performed at the time of disk exchange or reset, a read request for an encrypted disk key is issued to the optical disk drive 509 following the mutual authentication processing. At this time, the optical disk drive 509 controls the data reproduction circuit 606 to read the encrypted disk key information from the optical disk 607, and further encrypts the data by using the bus key already held in the decoder authentication circuit 601. The encrypted disk key is transmitted from the SCSI control circuit 600. On the other hand, if the mutual authentication process is performed at the time of reproducing the scrambled file, the optical disc drive 509 receives a read command of the encrypted title key subsequent to the normal end of the mutual authentication process. At this time, the optical disk drive 509 controls the data reproducing circuit 606 to read the encrypted title key information from the optical disk 607, and furthermore, encrypts the data encrypted by using the bus key already held in the decoder authentication circuit 601. It is sent from the SCSI control circuit 600.

  The optical disk drive 509 sends the scrambled data read from the optical disk 607 from the SCSI control circuit 600 in response to a file data reproduction request issued thereafter. This concludes the description of the optical disk drive 509.

  Note that the optical disk drive 509 of the present embodiment reproduces the encrypted disk key area of the optical disk 607 after receiving the transfer request of the encrypted disk key. It goes without saying that you can do it.

Next, the configuration and operation of the AV decoder board will be described with reference to FIG.
FIG. 16 is a block diagram showing a configuration of the AV decoder card 507. The components will be described below. 700, a system interface circuit for controlling transmission and reception of information to and from the system bus; 701, a drive authentication circuit for performing mutual authentication with the optical disk drive 509; 702, a microcontroller for controlling the entire AV decoder card 507; 704, a control bus for transmitting control information, 705, a descramble circuit for descrambling scrambled data, and 706, a decompressed digital AV data decompressed analog signal. An audio / video decoder circuit for converting to AV data is shown, and an audio / video decoding memory 707 is a working memory used by the audio / video decoder circuit 706 for data conversion.
Next, the operation of the AV decoder card 507 during the mutual authentication process and the operation during the reproduction of the scrambled file will be described.

  First, at the time of a mutual authentication process at the time of reset or medium exchange, the microcontroller 702 controls the drive authentication circuit 701 to execute a mutual authentication process with the optical disk drive 509 according to a predetermined protocol. If the drive authentication circuit 701 detects any error during the mutual authentication processing, the error is reported via the system interface circuit 700 and the processing is terminated. On the other hand, when the mutual authentication processing ends normally, the drive authentication circuit 701 internally holds the bus key determined in the mutual authentication processing.

  Further, the AV decoder card 507 receives the encrypted disk key from the system interface circuit 700. Here, since the received encrypted disk key is encrypted using the bus key in the optical disk drive 509, the AV decoder card 507 decrypts the encrypted disk key with the bus key already held in the drive authentication circuit 701 and then decrypts the data with the descramble circuit 705. Transfer to The descrambling circuit 705 stores the received encrypted disk key therein.

  On the other hand, when reproducing the scrambled file, the mutual authentication process with the optical disk drive 509 is performed again before the file is reproduced. Here, if an error occurs in the mutual authentication processing, the mutual authentication processing and the subsequent file reproduction operation are stopped. When the mutual authentication process is completed normally without any error, the AV decoder card 507 receives the encrypted title key via the system interface circuit 700. Since the encrypted title key is further encrypted in the optical disk drive 509 using the bus key, it is decrypted by the bus key held in the drive authentication circuit 701 and transferred to the descramble circuit 705. The descrambling circuit 705 internally stores the received encrypted title key.

  Thereafter, the scrambled data of the scrambled file received from the system interface circuit 700 is transferred to the descrambling circuit 705 as it is, descrambled based on the title key already held, and transferred to the audio / video decoding circuit 706. Then, it is converted into an analog AV signal and output.

  As described above, according to the information reproducing apparatus 500 of the present embodiment, since the internal optical disk drive 509 has the decoder authentication circuit 601 and the AV decoder card 507 has the drive authentication circuit 701, the file is illegal. The key information is not sent to the device to be copied to the device. Therefore, even if the data of the scrambled file is illegally copied, the copy data can be rendered meaningless by not sending the key information for executing the descrambling. Therefore, there is an effect of protecting the copyright of the file.

  Further, according to the information reproducing apparatus of the present embodiment, since the AV decoder card 507 has the descrambling circuit 705 for performing the descrambling process according to the key information, the descrambled data is descrambled and reproduced. It is possible.

  In the present embodiment, the bus to which the optical disk drive 509 is connected is a SCSI bus. However, the present invention is not limited to this as long as playback data can be transferred in accordance with a predetermined protocol, and may be an ATAPI (AT Attatchment Packet Interface) or an IEEE 1394 (IEEE 1394). It goes without saying that a bus according to the Institute of Electrical and Electronics Engineers 1394) may be used.

  In the present embodiment, the functions of the decoder authentication circuit 601 and the drive authentication circuit 701 may be realized by software executed by the microcontrollers 602 and 702.

(Sixth embodiment)
Next, an information reproducing apparatus 800 according to the present invention will be described.

FIG. 17 is a block diagram showing a configuration of an information reproducing apparatus 800 according to the present invention.
The configuration of the information reproducing apparatus 800 is the same as the configuration of the information reproducing apparatus 500 shown in FIG. 14 except that the AV decoder card 801 has a built-in SCSI control circuit for performing communication according to the SCSI system. Therefore, the same components are denoted by the same reference numerals, and description thereof will be omitted.

  Next, the operation of the information reproducing apparatus 800 will be described.

  Since the AV decoder card 801 with a built-in SCSI control circuit has a built-in SCSI control circuit, when the main processor 501 issues a scrambled file playback request of the optical disc drive 509, the AV decoder card 801 with a built-in SCSI control circuit and the optical disc drive 509 is directly executed. That is, the AV decoder card 801 with a SCSI control circuit issues a command sequence for mutual authentication to the optical disk drive 509, and the optical disk drive 509 performs a mutual authentication process by responding to the command.

  Similarly, in the data reproducing operation, it is the AV decoder card 801 with a built-in SCSI control circuit that issues a reproduction request to the optical disk drive 509, and not the main processor 501. Therefore, data read by the optical disk drive 509 is directly input to the AV decoder card 801 with a built-in SCSI control circuit, converted into an analog AV signal, and output.

  FIG. 18 is a block diagram showing a configuration of an AV decoder card 801 with a built-in SCSI control circuit. Hereinafter, only points different from the configuration of the AV decoder card 507 shown in FIG. 16 will be described.

  Reference numeral 900 denotes a SCSI control circuit for controlling transmission and reception to and from a SCSI bus, and reference numeral 901 denotes a program ROM storing a program executed by a microcontroller.

  When a request to reproduce a scrambled file is input to the system interface circuit 700, the microcontroller 702 controls the drive authentication circuit 701 and the SCS1 control circuit 900 to execute a mutual authentication process with the optical disk drive 509. At this time, in the mutual authentication protocol, a command is issued directly from the SCSI control circuit 900 to the optical disk drive 509. Further, the microcontroller 702 controls the drive authentication circuit 701 according to a mutual authentication protocol to perform a mutual authentication process. If the above mutual authentication processing ends with an error, the microcontroller 702 controls the system interface circuit 700, reports an error to the main processor 501, and ends the processing. On the other hand, if the mutual authentication process is completed normally, the data of the scrambled file is directly received from the optical disk drive 509 by the SCSI control circuit 900, and the data descrambled by the descrambling circuit 705 is converted by the audio / video decoder circuit 706 to analog AV data. Convert to a signal and output. As described above, similarly to the information reproducing apparatus of the fifth embodiment, it is possible to prevent the copying operation infringing the copyright of the data recorded on the information recording medium of the present invention and reproduce the AV data. Become.

  As described above, in the information reproducing apparatus 800 of the present embodiment, in addition to the features of the information reproducing apparatus of the fifth embodiment, the optical disk drive 509 and the AV decoder card 801 with a built-in SCSI control circuit directly transmit commands and data. In order to perform transmission and reception, security against improper decryption of the mutual authentication method and key information and improper copying operation performed by software are improved.

  Although the information recording medium to be reproduced has been described using the fourth embodiment of the information recording medium according to the present invention, the same processing is performed in the third embodiment of the information recording medium according to the present invention. It is possible to use the encrypted title key in the description as a seed key and replace the encrypted disk key with the conversion table information of the scramble information sector.

  In the present embodiment, the bus to which the optical disk drive 509 is connected is a SCSI bus. However, transfer of reproduction data according to a predetermined protocol is not limited to this, and an interface such as ATAPI or IEEE1394 may be used. .

(Seventh embodiment)
Next, an information reproducing apparatus 1000 according to the present invention will be described.

  FIG. 19 is a block diagram showing a configuration of the information reproducing apparatus 1000 according to the present invention. The information reproducing device 1000 is an optical disk player. The components of the information reproducing apparatus 1000 are the same as those of the information reproducing apparatus of FIG. 14 or the elements of the information reproducing apparatus of FIG. 17 except for the program ROM 1001. Therefore, the same components are denoted by the same reference numerals, and description thereof will be omitted. In addition, here, description will be made based on the fourth embodiment of the information recording medium of the present invention.

  When the optical disc player 1000 is reset or when the disc is inserted, the microcontroller 702 controls the data reproducing circuit 606 to read the scramble information sector in the lead-in area of the optical disc. The encrypted disk key information read from the scramble information sector is transferred to the descrambling circuit 705 and held therein.

  On the other hand, when playing back the scrambled file recorded on the optical disk 607, the microcontroller 702 controls the data playback circuit 606 to read the encrypted title key from the sector header area of the scrambled file to be played back, and send it to the descrambling circuit 705. Forward. The descrambling circuit 705 stores the received title key therein and determines the application identification information. If the descramble circuit 705 determines that the reproduction is prohibited as a result of determining the application identification information, the descramble circuit 705 reports the occurrence of an error to the microcontroller 702. On the other hand, when the descrambling circuit 705 determines that the reproduction is permitted, the data reproducing circuit 606 reads the data of the scrambled file and transfers the read scrambled data to the descrambled circuit 705. The descrambling circuit 705 descrambles the scrambled data using the disc key and the title key stored in advance, and transfers the descrambled data to the audio / video decoder circuit 706. The audio / video decoder circuit 706 converts the received data into an analog AV signal and outputs audio / video.

  As described above, the optical disc player 1000 can descramble and reproduce the scrambled data. However, unlike the fifth and sixth embodiments of the information reproducing apparatus according to the present invention, the optical disc player 1000 reproduces a video without executing a mutual authentication process. This is because, in the present embodiment, since the reproduced data is directly input to the audio / video decoder circuit 706, a copying operation to another rewritable medium such as a hard disk drive cannot be performed on the way, and This is because authentication processing is unnecessary. Therefore, in the configuration of the present embodiment, the copyright can be protected even if there is no component for executing the mutual authentication process. Further, since the optical disc player 1000 determines the use identification information at the time of reproduction, it is possible to prevent the reproduction of the data of the use whose reproduction is prohibited.

  Hereinafter, more detailed configurations and operations of the decoder authentication circuit 601, the drive authentication circuit 701, and the descrambling circuit 705 used in the fifth and sixth embodiments of the information reproducing apparatus according to the present invention. Will be described. However, the configuration described below is common to the fifth, sixth, and seventh embodiments of the information reproducing apparatus of the present invention.

  First, the configuration and operation of the descrambling circuit 705 will be described with reference to the drawings. However, since the descrambling circuit 705 is deeply related to the scramble method, the descrambling circuit 705 has a different configuration between the case of reproducing the third embodiment of the information recording medium of the present invention and the case of reproducing the fourth embodiment. Become. Therefore, hereinafter, a descrambling circuit for reproducing the third embodiment of the information recording medium of the present invention will be described with reference to FIGS. 20 and 21. The descrambling circuits for performing the operations will be described independently with reference to FIGS. 22 and 23.

  FIG. 20 is a block diagram showing a configuration of a descrambling circuit 1106 for reproducing the information recording medium according to the third embodiment of the present invention. Hereinafter, each component will be described. Reference numeral 1100 denotes an I / O control circuit for performing communication with the control bus 704; 1101, a selector for switching an output destination block according to the content of input data; 1102, reference to use identification information of a reproduction file; 1103 is a conversion table storage circuit for storing a conversion table for generating preset data for the random number generation circuit 1104 from the seed key, and 1104 is a conversion table storage circuit for storing a conversion table for generating preset data from the seed key. A random number generation circuit 1105 generates random numbers based on preset data output from the conversion table storage circuit 1103. A random number generation circuit 1105 performs a logical operation on the random number generated by the random number generation circuit 1104 and the scramble data input from the selector 1101. The main data descramble circuit that performs the descrambling process by Shows.

Next, the operation of the descrambling circuit 1106 will be described.
First, when reading the scrambled information sector recorded in the lead-in area after the mutual authentication process ends normally, the scrambled information sector readout setting is made to the selector 1101 via the I / O control circuit 1100, and the selector 1101 sets the output destination. Is set in the conversion table storage circuit 1103. The input read data is input to the conversion table storage circuit 1103 via the selector 1101, and is stored as a conversion table for determining preset data that is an initial value of random number generation.

  On the other hand, at the time of reproducing the scrambled file, the mutual authentication processing is performed prior to the data reproduction, the application identification information in the sector header area received after the normal completion of the mutual authentication processing is stored in the application identification circuit 1102, and the seed key is stored in the conversion table. The signals are input to the circuit 1103. The application identification circuit 1102 internally has information on the application identification information permitted to be reproduced, and compares the input application identification information with the input application identification information to determine whether or not reproduction is permitted. It reports to the O control circuit 1100 and the main data descramble circuit 1105. On the other hand, the conversion table storage circuit 1103 receiving the seed key outputs preset data corresponding to the seed key to the random number generation circuit 1104 based on the received seed key. The random number generation circuit 1104 generates a random number sequence based on the received preset data, and outputs it to the main data descramble circuit 1105. When the main data of the scrambled sector is input following the sector header area, the output destination of the selector 1101 is switched to the main data descramble circuit 1105. Thereafter, the main data descramble circuit 1105 performs a descrambling process by performing a logical operation on the main data input from the selector 1101 and the random number sequence input from the random number generation circuit 1104, and converts the descrambled data. Output to the audio video decoder circuit 706.

  A more detailed description of the above operation will be described below with reference to FIG.

  FIG. 21 is a flowchart for explaining the contents of the descrambling process when the descrambling circuit 1106 reproduces the information recording medium according to the third embodiment of the present invention. Hereinafter, each processing step will be described.

  (S1200) The output destination of the selector 1101 is switched to the conversion table storage circuit 1103, and the conversion table read from the scramble information sector in the lead-in area of the information recording medium is stored in the conversion table storage circuit 1103.

  (S1201) The output destination of the selector 1101 is switched to the I / O control circuit 1100, and the scramble flag in the received sector header is returned to the microcontroller 702 prior to the reproduction of the scramble file. The microcontroller 702 determines whether the scramble flag is 1 and returns a result of the determination to the I / O control circuit 1100. If the scramble flag is determined to be 1 (S1202), if it is determined to be 0, the function of the main data descramble circuit 1105 is stopped and the process branches to (S1206).

  (S1202) The output destination of the selector 1101 is switched to the application identification circuit 1102, and the application identification information in the sector header received prior to the reproduction of the scrambled file is transferred. The application identification circuit 1102 compares the received application identification information with the reproduction permission information stored therein, and determines whether the file is a file permitted to be reproduced. If the reproduction is determined to be prohibited (S1203), the flow branches to (S1204) if the reproduction is determined to be permitted.

  (S1203) If it is determined in the processing step (S1202) that the file is a reproduction prohibition file, an error is reported to the microcontroller 702 via the I / O control circuit 1100 in this step, and the processing ends.

  (S1204) The conversion table storage circuit 1103 receives the seed key read from the sector header of the scrambled file to be reproduced, generates preset data from the seed key and the conversion table, and outputs the preset data to the random number generation circuit 1104.

  (S1205) The output destination of the selector 1101 is switched to the main data descramble circuit 1105, and the main data of the scramble file input to the main data descramble circuit 1105 is transferred. On the other hand, the random number generation circuit 1104 generates a random number sequence based on the preset data input from the conversion table storage circuit 1103, and outputs it to the main data descramble circuit 1105. The main data descramble circuit 1105 performs a descrambling process by performing a logical operation on the input main data and a random number sequence.

  (S1206) The main data descramble circuit 1105 outputs the data after descrambling at the time of descrambling and the data input from the selector 1101 to the audio / video decoder circuit 706 as it is if the descrambling function is stopped.

  As described above, the descrambling circuit 1106 has the use identification circuit, and can selectively reproduce the file having the use identification information whose reproduction is prohibited and the file having the use identification information whose reproduction is permitted. Is possible.

Further, since a selector for separating the scramble identification flag is provided inside, it is possible to separate only the scramble flag and determine whether or not to perform descrambling.
Also, since a conversion table for converting into preset data can be determined for each disk, and a seed key can be determined for each file, an information recording medium having a highly secure scramble method that cannot be reproduced unless the two data are present. Can be reproduced.

  FIG. 22 is a block diagram showing a configuration of a descrambling circuit 1308 for reproducing the information recording medium according to the fourth embodiment of the present invention. Hereinafter, each component will be described. Reference numeral 1300 denotes an I / O control circuit for performing communication with the control bus 704, reference numeral 1301 denotes a selector for switching an output destination block according to the content of input data, and reference numeral 1302 denotes a case where an encrypted disk key is input. A disk key decryption circuit for decrypting an encrypted disk key, a master key storage unit 1303 for storing a master key used for decrypting the encrypted disk key in hardware, and a disk key decryption circuit 1302 1305 is a sector header decryption circuit that receives the disk key decrypted in step 1 and decrypts the encryption unit in the sector header. 1305 is the medium identification information and the original CGMS data decrypted by the sector header decryption circuit 1304, and is input from the selector. 1306 is a CGMS inspection circuit for confirming the consistency of the media CGMS data. The application identification circuit 1307 receives the application identification information decrypted by the header decryption circuit 1304 and determines whether or not reproduction is permitted. Reference numeral 1307 denotes a selector from the selector 1301 based on the title key input from the sector header decryption circuit 1304. A main data descramble circuit that descrambles input main data is shown.

Hereinafter, an operation of the descrambling circuit 1308 will be described.
First, when reading the scramble information sector recorded in the lead-in area after the mutual authentication process has been completed normally, the output destination of the selector 1301 is set to the disk key decryption circuit 1302 via the I / O control circuit 1300, and The read data thus read is input to the disk key decryption circuit 1302 via the selector 1301. The disk key decryption circuit 1302 decrypts the disk key based on the master key input from the master key storage unit 1303, and stores the decrypted disk key inside the disk key decryption circuit 1302.

  On the other hand, when reproducing a scrambled file, mutual authentication processing is performed prior to data reproduction, and if the mutual authentication processing ends normally, the sector header of the scrambled file to be reproduced is input to the selector 1301. The selector 1301 selects an output destination for each content of the sector header, sets the scramble flag to the microcontroller 702 via the I / O control circuit 1300, the media CGMS data to the CGMS check circuit 1306, the encrypted original CGMS data and the encrypted The application identification information and the encrypted title key (hereinafter, collectively referred to as an encrypted sector header) are output to the sector header decryption circuit 1304. The sector header decryption circuit 1304 receives the disk key from the disk key decryption circuit 1302, decrypts the encrypted sector header based on the disk key, sends the original CGMS data to the CGMS inspection circuit 1305, and the application identification information to the application identification circuit 1306. Then, the title key is output to the main data descramble circuit 1307. The CGMS inspection circuit 1305 receives the media CGMS data input from the selector 1301 and the original CGMS input from the sector header decoding circuit 1304, and determines whether or not the reproduction is permitted. At this time, the criterion for determination by the CGMS inspection circuit 1305 is shown in (Table 2). (However, the meanings of the media CGMS data and the original CGMS data are based on the description of the information recording medium according to the fourth embodiment of the present invention.)

（表２）において、ＣＧＭＳ判定情報が１を示す場合には、再生可能であるとしてメインデータデスクランブル回路１３０７とマイクロコントローラ７０２に報告する。一方、ＣＧＭＳ判定情報が０の場合には不正コピー等の行われた可能性があることを意味する妥当でない値であるとして、メインデータデスクランブル回路１３０７およびマイクロコントローラ７０２にエラーを報告する。例えば、（表２）において、媒体識別情報が書換型媒体を示す０であって、メディアＣＧＭＳデータがコピー禁止を示す１１であって、オリジナルＣＧＭＳデータが１回コピーのみ許可を示す１０である場合には、１回のみコピー許可のファイルが書換型媒体に既に１回コピーをされてメディアＣＧＭＳデータのみが１１となってコピー禁止に変更されたと考えられるため、出力は再生許可を意味する１となっている。一方、仮に上記のような１回のみコピー許可であるファイルが不正なコピーをされた場合には、メディアＣＧＭＳデータとオリジナルＣＧＭＳデータが共に１回のみコピー許可を意味する１０となるために、その場合のＣＧＭＳ判定情報は再生禁止を意味する０となっている。一方、用途識別回路１３０６は、再生の許可されている用途識別情報を内部に有しており、その情報とセクタヘッダ復号回路１３０４から入力される用途識別情報を比較して、スクランブルファイルが再生を許可された用途であるか否かを判定する。再生の許可されていない用途識別情報であった場合には、マイクロコントローラ７０２およびメインデータデスクランブル回路１３０７にエラーを報告する。スクランブルファイルのデータを再生する場合には、セレクタ１３０１の出力先はメインデータデスクランブル回路１３０７に切り替えられ、入力される読み出しデータはメインデータデスクランブル回路１３０７に転送される。メインデータデスクランブル回路１３０７は、セクタヘッダ復号回路１３０４からタイトル鍵を受け取り、受け取ったタイトル鍵をもとにスクランブルデータのデスクランブル処理を施してオーディオ／ビデオデコーダ回路７０６に出力する。

In Table 2, when the CGMS determination information indicates 1, it is reported to the main data descramble circuit 1307 and the microcontroller 702 that reproduction is possible. On the other hand, if the CGMS determination information is 0, the error is reported to the main data descramble circuit 1307 and the microcontroller 702 as an invalid value indicating that an illegal copy or the like may have been performed. For example, in (Table 2), when the medium identification information is 0 indicating a rewritable medium, the media CGMS data is 11 indicating copy prohibition, and the original CGMS data is 10 indicating permission to copy only once. It is considered that the file permitted to be copied only once has already been copied once to the rewritable medium, and only the media CGMS data is changed to 11 and changed to copy prohibition. Has become. On the other hand, if a file which is permitted to be copied only once as described above is illegally copied, both the media CGMS data and the original CGMS data become 10, which means that the copying is permitted only once, so that In this case, the CGMS determination information is 0, which means that reproduction is prohibited. On the other hand, the application identification circuit 1306 has therein application identification information permitted to be reproduced, compares the information with the application identification information input from the sector header decoding circuit 1304, and determines whether the scrambled file is reproduced. It is determined whether the usage is permitted. If the application identification information does not permit reproduction, an error is reported to the microcontroller 702 and the main data descramble circuit 1307. When reproducing the data of the scrambled file, the output destination of the selector 1301 is switched to the main data descramble circuit 1307, and the input read data is transferred to the main data descramble circuit 1307. The main data descramble circuit 1307 receives the title key from the sector header decryption circuit 1304, descrambles the scrambled data based on the received title key, and outputs it to the audio / video decoder circuit 706.

  As described above, the descrambling circuit 1308 decrypts the encrypted disk key and the encrypted title key. If the title key is permitted to be reproduced, the descrambling circuit 1308 performs the descrambling process on the main data, The digital AV data is output to the audio / video decoder circuit 706.

  Next, the operation of the descrambling circuit 1308 for reproducing the scrambled file will be described with reference to the flowchart in FIG. The processing contents of each step are shown below.

  (S1400) When the encrypted disk key information of the lead-in area is input to the read data, the output destination of the selector 1301 is set to the disk key decryption circuit 1302, and the encrypted disk key is transferred to the disk key decryption circuit 1302. The disk key decryption circuit 1302 receives the master key from the master key storage unit 1303, decrypts the encrypted disk key, and outputs the decrypted disk key to the sector header decryption circuit 1304.

  (S1401) The selector 1301 separates the scramble flag from the sector header of the scrambled file read prior to reproduction, and transfers it to the microcontroller 702 via the I / O control circuit 1300. The microcontroller 702 determines whether the scramble flag is “1”. If the determination result is 1, the flow branches to (S1402), and if not, the flow branches to (S1407).

  (S1402) The selector 1301 separates the encrypted sector header from the sector header of the scrambled file read prior to reproduction, and transfers it to the sector header decryption circuit 1304. The sector header decryption circuit 1304 decrypts the received encrypted sector header based on the disk key received in advance from the disk key decryption circuit 1302, separates the content for each content, and sends the original CGMS data to the CGMS inspection circuit 1305. The separate identification information is output to the application identification circuit 1306, and the title key is output to the main data descramble circuit 1307.

  (S1403) The CGMS inspection circuit 1305 responds to (Table 2) from the medium identification information received from the microcontroller 702, the media CGMS data received from the selector 1301, and the original CGMS data received from the sector header decoding circuit 1304. Outputs CGMS judgment information. However, in Table 2, when the CGMS determination information is 1, the I / O control circuit 1300 and the main data descramble circuit 1307 report that the CGMS control information is normal.

  (S1404) When the CGMS determination result is 0, the CGMS inspection circuit 1305 is used, and when the use identification information is a use whose reproduction is prohibited, the use identification circuit 1306 is used by the I / O control circuit 1300 and the main unit. An error is reported to the data descramble circuit 1307, and the reproduction process ends.

  (S1405) The application identification circuit 1306 determines the application identification information received from the sector header decoding circuit 1304, and if the reproduction is permitted, the I / O control circuit 1300 and the main data descramble circuit 1307 permit the reproduction. Report that the file is

  (S1406) Upon receiving the main data of the scrambled file as read data, the selector 1301 sets the output destination to the main data descramble circuit 1307 and transfers the main data. The main data descramble circuit 1307 executes descramble processing of the input main data based on the title key received from the sector header decryption circuit 1304.

  (S1407) The main data descramble circuit 1307 outputs the main data after descrambling when the descrambling process is executed, and the data input from the selector 1301 when the descrambling process is not executed. Output to video decoder circuit 706.

  As described above, since the descrambling circuit 1308 has the use identifying circuit, the descramble circuit 1308 selectively reproduces the file having the use identifying information whose reproduction is prohibited and the file having the identification information that the reproduction is permitted. It is possible.

Further, since a selector for separating the scramble identification flag is provided inside, it is possible to separate only the scramble flag and determine whether or not to perform descrambling.
Further, even if the information recording medium of the present invention is a high-security disk which is hierarchically encrypted / scrambled as in the fourth embodiment, a disk key decryption circuit, a sector header decryption circuit, a main data descrambler, and the like. When the circuits operate in cooperation with each other, processing can be performed in the same manner as when descrambling is not performed.

  Further, by having the CGMS inspection circuit 1305, it is possible to detect illegally copied data, and to prevent reproduction of illegally copied data. In addition, it is possible to manage the generation of the copy, that is, how many times the data is copied, and to copy the data on an information recording medium on which software that permits the copying operation only a predetermined number of times is recorded. Has a mechanism to protect rights.

  FIG. 24 is a block diagram showing a detailed configuration of the decoder authentication circuit 601 in the optical disk drive 509. Hereinafter, each component will be described. Reference numeral 1500 denotes an I / O control circuit that performs input / output control for performing communication with the microcontroller 602, and reference numeral 1501 denotes a random number generation circuit that generates a random number based on a time-varying key input from the I / O control circuit 1500. 1502 determines a function fk by a first input (denoted by k in FIG. 24) for determining a function, and obtains a function value fk (from a second input (denoted by R1 in FIG. 24) serving as an argument thereof. Similarly, a function fk (R1) generating circuit 1503 calculates and outputs a function gk (R2) from k and R2, and also outputs decoder response data input from the 1 / O control circuit 1500. A function gk (R2) generation / comparison circuit 1504 for comparing with a function gk (R2) generation / comparison circuit 1503 and a function fk (R1) generation circuit 1502 based on two function values output from the function fk (R1) generation circuit 1502 A bus key generation circuit for generating a key; The bus encryption circuit for encrypting the data output from the data reproduction circuit 606 in accordance with a bus key output from the generation circuit 1504, respectively.

  Hereinafter, the operation of the decoder authentication circuit 601 will be described.

  When the optical disk drive 509 is reset or the disk is replaced, the microcontroller 602 sends the mutual authentication key k read from the sector header area of the scramble information sector in the lead-in area of the disk to the function fk (R1) via the I / O control circuit 1500. It is preset in the generation circuit 1502 and the function gk (R2) generation / comparison circuit 1503.

The function fk (R1) generating circuit 1502 internally holds the mutual authentication key k, and calculates a function value fk (R1) when a random value R1 is input during the subsequent mutual authentication processing, and generates a bus key. Output to the circuit 1504 and the I / O control circuit 1500.
The bus key generation circuit 1504 internally stores the input function value fk (R1). Subsequently, when a time-varying key for random number generation is input from the microcontroller 602 via the I / O control circuit 1500, the random number generating circuit 1501 generates a random number R2 based on the time-varying key and The signal is returned to the O control circuit 1500 and output to the function gk (R2) generation / comparison circuit 1503.

  The function gk (R2) generation / comparison circuit 1503 that has received the random number R2 calculates a function value gk (R2) from the mutual authentication key k and the random number value R2 held in advance, and internally stores the function value gk (R2). Further, the function gk (R2) generation / comparison circuit 1503 receives the decoder response data from the I / O control circuit 1500 and compares it with the internally calculated function value gk (R2). As a result of the comparison, if the value of gk (R2) does not match the decoder response data, the microcontroller 602 is notified via the I / O control circuit 1500 that an error has occurred in the mutual authentication processing. If the mutual authentication processing has failed, processing such as transfer of the encrypted disk key and the encrypted title key subsequent to the mutual authentication processing is stopped.

  On the other hand, when the two values of gk (R2) and the decoder response data match, it is determined that the mutual authentication process has been completed normally, and the function value gk (R2) is output to the bus key generation circuit 1504. At this time, only when the function values fk (R1) and gk (R2) are normally input, the bus key generation circuit 1504 determines the bus key based on the two function values fk (R1) and gk (R2). Is generated and output to the bus encryption circuit 1505.

  The bus encryption circuit 1505 receives a control signal for switching a mode (hereinafter, referred to as a mode control signal) from the microcontroller 602 via the I / O control circuit 1500, and determines whether the mode is the disk key reproduction mode or In the title key reproduction mode, a predetermined encryption is performed on the encrypted disk key or the encrypted title key input from the data reproduction circuit 606 based on the bus key input in advance, and the SCSI control circuit 600 Output to

  On the other hand, when transmitting the actual file data after transmitting the encrypted title key, the mode control signal is switched to the data reproduction mode, and the bus encryption circuit 1505 performs the bus encryption without performing the bus encryption. The output data is output to the SCSI control circuit 600 as it is.

  As described above, the decoder authentication circuit 601 calculates the function value determined by the mutual authentication key in the mutual authentication process, and normally ends the mutual authentication process only when the function value matches the function value sent from the decoder. Further, in the reproducing operation, when the encrypted disk key and the encrypted title key are transferred, a process of transmitting key information further encrypted using the bus key generated in the mutual authentication process is performed.

Next, the configuration and operation of the drive authentication circuit 701 on the AV decoder card 507 and the AV decoder card 801 with a built-in SCSI control circuit will be described with reference to the drawings.
FIG. 25 is a block diagram showing a configuration of the drive authentication circuit 701. Hereinafter, each component will be described. Reference numeral 1600 denotes an I / O control circuit for transmitting and receiving control signals to and from the microcontroller 702, and 1601 receives a time-varying key from the I / O control circuit 1600, generates a random number R1, and generates an I / O control circuit 1600. , And a random number generation circuit 1602 which is output from the function fk (R1) generation / comparison circuit 1603 and a constant k which is input from the function fk (R1) generation / comparison circuit 1603 and which is input from the I / O control circuit 1600. A function gk (R2) generation circuit that calculates a function gk (R2) based on a random number R2 based on a random number R2, and a function fk (k) for k from 1 to n based on the random number R1 input from the random number generation circuit 1601 A function fk (R1) generation / comparison circuit for calculating the value of R1) and comparing with the drive response data inputted from the I / O control circuit 1600, and a function 1604 from the function gk (R2) generation circuit 1602 The output function value and A bus key generation circuit for generating a bus key from the function value output from the function fk (R1) generation / comparison circuit 1603, and a bus decryption unit 1605 for decoding data using the bus key output from the bus key generation circuit 1604 The circuits are respectively shown.

  Next, the operation of the drive authentication circuit 701 will be described.

  First, at the start of the mutual authentication process, the drive authentication circuit 701 receives a time-varying key for generating a random number from the microcontroller 702 via the I / O control circuit 1600, and the random number generation circuit 1601 generates a random number.

  The random number generation circuit 1601 outputs the generated random number R1 to the function fk (R1) generation / comparison circuit 1603 and the microcontroller 702. After that, the function fk (R1) generation / comparison circuit 1603 receives the drive response data from the microcontroller 702, and uses the random number value R1 held therein as an argument, and the functions f1 (R1), f2 (R1), and f3 (R1). ) Is calculated to obtain k such that the drive response data matches fk (R1). At this time, if it is not possible to find k that matches the drive response data even if all the held function calculations have been performed, the function fk (R1) generation / comparison circuit 1603 returns an error as an authentication result to I / O. The data is returned to the microcontroller 702 via the O control circuit 1600.

  On the other hand, if k is found such that the drive response data matches fk (R1), a normal end is returned to the microcontroller 702 as an authentication result, and k is output to the function gk (R2) generating circuit 1602. The function value fk (R1) is output to the bus key generation circuit 1604. When the value of k can be normally found, the drive authentication circuit 701 subsequently receives the random number R2 from the microcontroller 702 and inputs the random number R2 to the function gk (R2) generation circuit 1602. The function gk (R2) generation circuit 1602 calculates a function gk (R1) from the value k previously received from the function fk (R1) generation / comparison circuit 1603 and the input random number R2, and converts the calculated function value to a microcontroller value. 702 and the bus key generation circuit 1604.

  The bus key generation circuit 1604 generates a bus key based on the two function values fk (R1) and gk (R2) received in advance, and outputs the bus key to the bus decryption circuit 1605. On the other hand, when the function value gk (R2) sent to the microcontroller 702 is normally authenticated by the optical disc drive 509, the microcontroller 702 switches the mode control signal to change the mode of the bus decoding circuit 1605 to the disc key reproduction mode. Mode or title key playback mode, and the decryption processing function is used.

  At this time, data (encrypted disk key or encrypted title key) input from the SCSI control circuit 900 or the system interface circuit 700 is decrypted by the bus decryption circuit 1605 using the bus key stored in advance. However, only the bus encryption by the bus key is decrypted by the bus decryption circuit 1605, and the encrypted disk key encrypted by the master key and the encrypted title key encrypted by the disk key are encrypted. The data is output to the descramble circuit 705 as it is.

Thereafter, when the playback data of the scrambled file is input from the SCSI control circuit 900 or the system interface circuit 700, the bus decoding circuit 1605 is switched to the data playback mode by the mode control signal from the microcontroller 702, and The data is directly transferred to the descrambling circuit 705 without performing the decryption processing by.
As described above, the drive authentication circuit 701 calculates a plurality of function values from the internally generated random numbers, authenticates the drive when any one of them matches the drive response data, and receives the random numbers. A mutual authentication process is executed, in which the internal function value is calculated and returned, whereby authentication is performed from the optical disk drive 509.

  Also, in the reproducing operation, when the encrypted disk key and the encrypted title key are received, the decryption process is performed using the bus key generated in the mutual authentication process.

  Next, a protocol of a mutual authentication process executed in the fifth and sixth embodiments of the information reproducing apparatus of the present invention will be described with reference to the drawings.

  FIG. 26 is a flowchart for explaining a mutual authentication process between the optical disk drive 509 and the AV decoder card 507 or the AV decoder card 801 with a built-in SCSI control circuit.

  The mutual authentication process is appropriately executed when the device is reset, when the disk is exchanged, or when it is confirmed from the file management information that the file to be read is a scrambled file. Hereinafter, each processing step will be described. However, the AV decoder card 507 or the AV decoder card 801 with a built-in SCSI control circuit is hereinafter simply referred to as an AV decoder. Hereinafter, a command on the SCSI protocol is referred to as a device command.

  (S1700) The AV decoder generates a random number R1 based on a time-varying key that changes with time generated using a timer or the like.

  (S1701) The optical disk drive receives the random number R1 generated by the AV decoder according to the device command “Send R1”. At this time, the optical disk drive reads the mutual authentication key from the sector header area of the scramble information sector in the lead-in area if the mutual authentication key k of the mounted disk has not been stored yet.

  (S1702) If the optical disk drive detects any error during the processing of step (S1701) and reports an error, the flow branches to step (S1713), and if it ends normally, branches to step (S1703).

  (S1703) The optical disk drive receives the device command “Report fk (R1)” and, based on the random number value R1 received in advance and the value of the mutual authentication key k read from the disk, changes the value of the function fk (R1). Calculate and return the calculation result to the AV decoder. If any error occurs in the above processing, the optical disk drive reports the error as a command processing result.

  (S1704) If an error occurs during the processing of the device command "Report fk (R1)" and the command processing result is an error, the flow branches to step (S1713), and if the processing result ends normally, the step (S1705). Branch to.

  (S1705) The AV decoder calculates a function value fi (R1) for i from 1 to n (n is a positive integer) (i is a positive integer) using the function value generation circuit held therein. Then, the calculated value of fi (R1) is compared with the value of fk (R1) returned from the optical disk drive in (S1703). When the AV decoder detects a value of i such that fi (R1) = fk (R1), the value is held internally.

  (S1706) In the processing step (S1705), if the AV decoder cannot detect i such that fi (R1) = fk (R1), the process branches to step (S1713). Branch to S1707).

  (S1707) The optical disk drive receives the device command “Report R2” command, generates a random number based on a time-varying key that changes with time by an internal random number generation mechanism, and transfers it to the AV decoder. If the optical disk drive detects any error in this step, it reports the error.

  (S1708) In the step (S1707), if any error occurs in the process of executing the “Report R2” command, the flow branches to the step (S1713), and if it ends normally, the flow branches to the step (S1709).

  (S1709) The AV decoder that has received the random number R2 generated by the optical disk drive in response to the "Report R2" command in (S1708) uses the internal function calculation circuit to set the constant k (= i) already stored in step (S1705). ) And the function value gk (R2) is calculated based on the random number value R2 received from the optical disk drive in step (S1707).

  (S1710) The AV decoder that has calculated the function value gk (R2) executes the device command “Send gk (R2)” and transfers the function value calculated in step (S1709) to the optical disk drive. The optical disk drive that has received the function value gk (R2) calculates gk (R2) using the mutual authentication key k and the random value R2 in a function calculation circuit provided therein. Thereafter, the optical disk drive compares the function value gk (R2) received from the AV decoder with gk (R2) calculated by the internal calculation circuit, and if they match, reports a normal end as a processing result. On the other hand, if any error occurs during command processing, or if the received function value does not match the internally calculated function value, an error is reported as the command processing result.

(S1711) In step (S1710), if the command processing result is an error, the process branches to step (S1713).
Branch to.

  (S1712) Based on the two function values fk (R1) and gk (R2) obtained during the mutual authentication process, the AV decoder generates a bus key BK using a bus key generation circuit held therein. I do. Similarly, the optical disk drive generates a bus key BK from the two function values acquired during the mutual authentication process by using a bus key generation circuit that is internally held. (Here, the optical disk drive and the AV decoder are in the process of mutual authentication, and the generated bus key BK is the same.)

  (S1713) If an error occurs during execution of the device command, the mutual authentication process is stopped together with the error report in this step.

  By performing the mutual authentication process as described above, the key information for descrambling can be transferred because the optical disk drive can transfer the key information after confirming that the data transfer is not to the device performing the unauthorized copying. There is a hiding effect. Therefore, there is an effect of preventing unauthorized decryption of the scramble method.

  Further, since the AV decoder can decrypt the key information and descramble the data after confirming that the device receiving the data is not the device transferring the illegally copied data, the reproduction of the illegally copied data is prevented. Has the effect of doing

  In addition, since a different bus key is generated each time the mutual authentication process is performed, it is possible to prevent the key information from being illegally read and to prevent the encryption / scramble system from being illegally decrypted.

  Also, in the mutual authentication, since the optical disk drive authenticates the AV decoder and the AV decoder authenticates the optical disk drive, different functions are used. High security against attempts to decipher the authentication method.

  Also, in the mutual authentication process, since a time-varying key generated by each of the optical disk drive and the AV decoder is used, a different random number value is generated each time the mutual authentication process is performed, and a different function value is transferred. Since the bus key is generated, security against an attempt to decipher the method of the mutual authentication operation for the purpose of illegally performing the mutual authentication operation is high.

  Further, by using the mutual authentication key recorded on the information recording medium for the mutual authentication processing, security against an attempt to decrypt the mutual authentication operation scheme for the purpose of illegally performing the mutual authentication operation is high.

  In the above description, the fourth embodiment of the information recording medium of the present invention has been described as an example of the information recording medium, but the same processing can be applied to the third embodiment of the information recording medium of the present invention. Is possible.

  The information recording medium of the present invention has a lead-in area and a data recording area. The scrambled data recorded in the data recording area is descrambled based on the key information recorded in the lead-in area. As described above, security is improved by recording key information in the lead-in area. A drive device for an information recording medium can directly access the lead-in area, whereas a device other than the drive device (for example, a personal computer) cannot directly access the lead-in area. It is. Further, by recording the key information in the lead-in area, there is no need to provide a dedicated reading unit for reading the key information.

  Another information recording medium of the present invention has a lead-in area and a data recording area. The scrambled data is descrambled based on the first key information recorded in the lead-in area and the second key information recorded in the data recording area.

  As described above, since the key information for descrambling is duplicated, security is improved.

  According to the information reproducing apparatus of the present invention, the mutual authentication processing is performed before the scrambled data is transmitted to the decoding apparatus. The mutual authentication process mutually confirms that the other party is legitimate. Thereby, security is improved.

  According to the information reproducing apparatus of the present invention, the mutual authentication processing is performed between the reading apparatus and the decoding apparatus. When the mutual authentication process ends normally, bus key information common to the reading device and the decoding device is generated, and the key information encrypted by the bus key information is transmitted from the reading device to the decoding device. As described above, after performing the mutual authentication processing, the other party is mutually confirmed that the other party is legitimate by using the common bus key. Thereby, security is improved.

FIG. 3 is a diagram showing a data structure of an information recording medium according to the present invention. FIGS. 2A and 2B are diagrams showing a structure of scramble information recorded in a lead-in area of the information recording medium shown in FIG. FIG. 8 is a diagram showing another data structure of the information recording medium according to the present invention. FIG. 2 is a block diagram illustrating a configuration of an information reproducing apparatus according to the present invention. It is a block diagram showing other composition of the information reproducing device concerning the present invention. It is a block diagram showing other composition of the information reproducing device concerning the present invention. It is a block diagram showing other composition of the information reproducing device concerning the present invention. It is a block diagram showing other composition of the information reproducing device concerning the present invention. (A)-(c) is a figure for demonstrating an example of a scramble processing method. (A)-(f) is a figure which shows the data structure of the information recording medium which concerns on this invention. (A)-(c) is a figure which shows the data structure of the directory record in a volume file management area. (D) is a diagram showing a data structure of a scramble information sector. (E) is a diagram showing a data structure of a scramble sector. (F) is a diagram showing a data structure of a non-scrambled sector. (A)-(c) is a figure for demonstrating an example of a scrambling method. (A)-(c) is a figure which shows the data structure of the directory record in a volume file management area. (D) is a diagram showing a data structure of a scramble information sector. (E) is a diagram showing a data structure of a scramble sector. (F) is a diagram showing a data structure of a non-scrambled sector. FIG. 3 is a block diagram illustrating a configuration of an information reproducing device 500 according to the present invention. 5 is a block diagram illustrating a configuration of an optical disc drive 509 included in the information reproducing device 500. FIG. 5 is a block diagram illustrating a configuration of an AV decode card 507 included in the information reproducing device 500. FIG. FIG. 2 is a block diagram showing a configuration of an information reproducing device 800 according to the present invention. 5 is a block diagram showing a configuration of an AV decode card 801 with a built-in SCSI control circuit included in the information reproducing apparatus 800. FIG. FIG. 1 is a block diagram illustrating a configuration of an information reproducing apparatus (optical disc player) 1000 according to the present invention. FIG. 3 is a block diagram showing a configuration of a descrambling circuit 1106. 9 is a flowchart illustrating a procedure of a descrambling process executed by a descrambling circuit 1106. FIG. 3 is a block diagram showing a configuration of a descrambling circuit 1308. 9 is a flowchart illustrating a procedure of a descrambling process executed by a descrambling circuit 1308. FIG. 3 is a block diagram illustrating a configuration of a decoder authentication circuit 601. FIG. 3 is a block diagram illustrating a configuration of a drive authentication circuit 701. 6 is a flowchart for explaining a mutual authentication process between the optical disk drive 509 and the AV decoder card 507 or the AV decoder card 801 with a built-in SCSI control circuit.

Claims (15)

An information recording medium having a lead-in area and a data recording area,
The first key information is recorded in the lead-in area,
In the data recording area, the second key information and the scrambled data are recorded,
The scrambled data is descrambled based on information obtained by converting the second key information based on the first key information;
The lead-in area further records mutual authentication key information for performing mutual authentication between a reading device that reads the scrambled data and a decoding device that includes a descrambling circuit that descrambles the scrambled data. Information recording media. A read circuit for reading scrambled data and key information used to descramble the scrambled data from an information recording medium;
Before transmitting the scrambled data to a decoding device including a descrambling circuit for descrambling the scrambled data, an authentication circuit for authenticating that information corresponding to the key information is transmitted to the decoding device. Information reproducing device provided.   The information recording medium has a lead-in area and a data recording area, and the key information includes first key information recorded in the lead-in area and second key information recorded in the data recording area. The information reproducing apparatus according to claim 2, further comprising: key information of: Before receiving the scrambled data from a reading device that reads the scrambled data from the information recording medium and key information used to descramble the scrambled data, information corresponding to the key information is received. An authentication circuit that authenticates receiving from the reading device,
A descrambling circuit for descrambling the scrambled data received from the reading device.   The information recording medium has a lead-in area and a data recording area, and the key information includes first key information recorded in the lead-in area and second key information recorded in the data recording area. The information reproducing apparatus according to claim 4, further comprising key information.   6. The information reproducing apparatus according to claim 5, wherein the descrambling circuit descrambles the scrambled data based on information obtained by converting the second key information based on the first key information. apparatus. A read circuit for reading scrambled data and key information used to descramble the scrambled data from an information recording medium;
A decoding unit including a descrambling circuit for descrambling the scrambled data;
An authentication circuit that authenticates transmission of information corresponding to the key information to the decoding unit before transmitting the scrambled data to the decoding unit.   The information recording medium has a lead-in area and a data recording area, and the key information includes first key information recorded in the lead-in area and second key information recorded in the data recording area. The information reproducing apparatus according to claim 7, further comprising key information.   9. The information reproducing apparatus according to claim 8, wherein the descrambling circuit descrambles the scrambled data based on information obtained by converting the second key information based on the first key information. apparatus.   The information recording medium further records a scramble flag indicating whether or not data to be recorded in the data recording area is scrambled. The information reproducing apparatus according to claim 7, further comprising a control circuit that controls whether or not to activate the information reproducing apparatus.   The information reproducing apparatus according to claim 7, wherein the authentication by the authentication circuit is performed using a predetermined function.   8. The information reproducing apparatus according to claim 2, wherein the authentication by the authentication circuit is performed using information that changes with time.   The authentication circuit generates bus key information based on the authentication processing when the authentication processing ends normally, and encrypts the first key information and the second key information using the bus key information. The information reproducing apparatus according to claim 8, wherein the information reproducing apparatus is used.   14. The information reproducing apparatus according to claim 13, wherein the authentication circuit decrypts the encrypted first key information and the encrypted second key information using the bus key information. A reading device that reads scrambled data from an information recording medium and key information used to descramble the scrambled data, and a decoder device that includes a descramble circuit that descrambles the scrambled data. An information reproducing method for reproducing the scrambled data by using the information reproducing method.
Performing a mutual authentication process between the reading device and the decoding device;
Generating a bus key information common to the reading device and the decoding device based on the mutual authentication process, when the mutual authentication process between the reading device and the decoding device ends normally;
Encrypting the key information according to the bus key information;
Transmitting the encrypted key information from the reading device to the decoding device.

Images