JP2005109840A - Signal processing system, recording/reproducing apparatus, recording method, and program therefor, and recording medium - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To prevent a general user from creating writing software of a copyright protection technique by protecting writing data by the copyright protection technique. <P>SOLUTION: Disk type data 301 are supplied to each of multiplexers 302, 303, and mixed with random numbers from random number generators 304, 305, and 64-bit random number data Ra1, Ra2 containing the disk type data are generated, respectively. The random data Ra1, Ra2 are transmitted to a PC side, and the PC can acquire the disk type data 301 from the random number Ra1 by a demultiplexer 401. The random number generated in the authentication section 91 of the DVD drive is exchanged with the random number generated in the authentication section 92 of the PC. As a result of comparison, if it is determined that the two generated random numbers are the same, the authentication of the DVD drive by the PC is successfully performed, otherwise, the authentication is unsuccessful. <P>COPYRIGHT: (C)2005,JPO&NCIPI

Description

The present invention records content on a disc medium such as a DVD (Digital Versatile Disc) standard disc by a drive connected to a personal computer, for example,
The present invention also relates to a signal processing system, a recording / reproducing apparatus, a recording method, a recording method program, and a recording medium that are applied when content is reproduced from a disk medium.

  In a recently developed recording medium such as a DVD, it is possible to record a large amount of data for one movie as digital information on one medium. As described above, when a large amount of video information or the like can be recorded as digital information, it becomes more and more important to prevent unauthorized copying and protect the copyright holder.

  For example, DVD-Video employs a copyright protection technology called CSS (Content Scramble System). Non-patent document 1 and non-patent document 2 below are described regarding copyright protection methods for DVDs.

“Part 2 Intellectual Property Protection: Meditation to prevent unauthorized copying, the key to software decryption”, Nikkei Electronics 1997.8.18, p.110-119 Yamada, “Expanding copyright protection space from DVD”, Nikkei Electronics 2001.8.13, p.143-153

  FIG. 1 shows an overview of the CSS scheme described in these documents. In the case of this method, three encryption key data are used. The three encryption key data are a master key issued by the CSS key issuing center, a disc key and a title key determined by the copyright holder or the like. The master key is a secret key that has a fixed value that varies from manufacturer to manufacturer, and the disk key has a value that varies from disk to disk. A set of disc keys that can be decrypted by any master key is created and stored on the disc. When the disk key is stored on the disk, it is encrypted and is called a secured disk key.

MPEG (Moving) that compresses content data such as video data and audio data
For picture 1 (picture coding experts group) data 1, a title key 2 which is an encryption key assigned to the content is prepared. Further, a disk key 3 that is an encryption key assigned to each disk is prepared. Then, the key issuing center 4 that manages encryption uses the master key 5 managed by the center 4 to encrypt the disk key 3 with an encryption circuit (hereinafter referred to as an encryptor as appropriate) 6, and further to the disk key. 3 is used to encrypt the title key 2 by the encryptor 7. Then, the MPEG data 1 is encrypted by the scrambler 8 using the title key 2.

  Encrypted content data (hereinafter referred to as scrambled MPEG data or scrambled content as appropriate) 9, encrypted disc key (hereinafter referred to as secure disc key as appropriate) 10, and encrypted title key ( 11) is recorded on the DVD-Video disc 12 when the DVD-Video disc is manufactured. The secured disc key is recorded in a predetermined position in the lead-in area of the disc 12, and the encrypted title key is recorded in each sector of the content data having the sector structure. These secured disk key and encrypted title key are key information for a copyright protection system, and both are collectively referred to as a CSS key.

As shown in FIG. 2, the DVD-Video disc 12 is reproduced by the DVD player, and the scrambled MPEG data 9, the secured disc key 10 and the encrypted title key 11 are reproduced and read into the DVD player 21. In the DVD player 21, the disc key is decrypted by an encryption decryption circuit (hereinafter referred to as a decryptor) 23 using the master key 22, and the title key is decrypted by the decryptor 24 using the decrypted disc key. MPEG data is decrypted by the descrambler 25 using the decrypted title key. Audio / visual data 27 is decoded by the MPEG decoder 26.

  FIG. 3 shows the data structure of the lead-in area, which is the area that is first read by the player during disc playback. The lead-in area is used from a sector with a physical sector number of 0h (h is a symbol indicating that it is in hexadecimal notation: the same shall apply hereinafter) to 30000h. A reference code is arranged in this area, an area having all values of 0 is arranged again, and a control data area is provided thereafter. Thereafter, there is an area where all the values are 0, which becomes a main data area where content data is recorded from the sector number 30000h.

  In the control data area, physical format information is arranged in the first 1 sector (sector 0), disk manufacturing information is arranged in the next 1 sector (sector 1), and contents are supplied to the next 14 sectors (sectors 2 to 15). Information is placed. Information of 16 sectors from sector 0 to sector 15 is repeatedly arranged in the control data area. Then, a secure disk key specific to the disk is arranged in a section where content provider information (content supplier information) is arranged.

  The structure in which the title key is recorded will be described based on the sector structure example shown in FIG. 4. Each sector in which main data such as content data is recorded is composed of 2064 bytes. Of the 2064 bytes, the first 4 bytes are used as ID data indicating a sector number, and the subsequent 2 bytes are used as ID data error detection data. Further, the next 6 bytes are used as copy management data, and an encrypted title key is arranged in the copy management data. Then, 2048 (2K) bytes following the copy management data are used as a main data recording area in which content data and the like are recorded. Further, error detection data for the entire sector is arranged in the last 4 bytes.

In this way, a disk in which data is stored after being encrypted using a disk key and a title key is basically a reproduction-only disk, but some DVD standards include a recordable standard disk. Exists. For example, DVD-RW / -R standard discs and DVD + RW / + R standard discs are capable of recording data, and are digitally reproduced from other media called bit-by-bit copies. The data is recorded on another medium as it is, and the data read from the DVD-Video is recorded on the disc of these standards as it is, so that the content data such as the video data of the DVD-Video disc can be copied. Can be created illegally. However, by preparing the above-described disc key and title key, content data such as illegally copied video data cannot be decrypted.

The point that this illegally copied disk cannot be correctly decrypted from encryption will be described with reference to FIG. First, a DVD-Video disc Da in which a secured disc key and an encrypted title key are recorded in the above-described arrangement is prepared, and the user reproduces the disc Da. In the player, a secured disc key is obtained from the lead-in area at the innermost periphery of the disc, and an encrypted title key is obtained from the sector in which the content data is recorded. The secured disc key is decrypted with the master key, and the encrypted title key is decrypted with the disc key. The scrambled MPEG data is decoded by the title key, and audio / visual data is obtained.

The content data recorded on the DVD-Video disc Da is DVD-RW /-.
It is assumed that the user executes recording on the R standard disc Db by bit-by-bit copying. Here, in the disk Db, a part of the lead-in area is an area that has been written with pits at the time of manufacturing the disk, and a disk key assigned to the disk Db or an invalid key is previously written in the written area. is there.

Therefore, the DVD-Video disc Da is placed in the data recordable area of the disc Db.
When the user produces a DVD-R / RW standard disc Db ′ in which the content data read from is recorded as it is, the disc Db ′ has a disc key different from that of the original disc Da. Since the disc key is different from the original disc Da, even if the user tries to reproduce the copied disc Db ′, the player cannot correctly decrypt it, and as a result, illegal copying is prevented. .

Here, the case of the CSS method applied mainly to a DVD-Video disc has been described, but the case of the CPPM (Content Protection for Pre-Recorded) method, which is a scramble method applied to a DVD audio disc or the like, has been described. The basic principle is the same.

FIG. 6 shows a method of taking out a disc key and a title key by a PC and a drive for reproducing a ROM disc, for example, a DVD-Video disc recorded by the CSS method, and a descrambling method of scramble data. In FIG. 6, reference numeral 31 denotes a DVD drive as a playback device for playing back a DVD-Video disc recorded in CSS. Reference numeral 51 indicates a PC as a data processing apparatus. DVD player application software is installed on the PC 41.

  The DVD drive 31 and the PC 41 are connected with a standard interface. The interfaces are ATAPI (AT Attachment with Packet Interface), SCSI (Small Computer System Interface), USB (Universal Serial Bus), IEEE (Institute of Electrical and Electronics Engineers) 1394, and the like.

  The DVD drive 31 includes an authentication unit 32 and bus encryptors 33 and 34. The PC 41 includes an authentication unit 42 and bus encryptors 43 and 44. The authentication unit 32 and the authentication unit 42 perform mutual authentication and generate a different session key (also called a bus key) Ks for each authentication operation. Further, the PC 41 is provided with a master key 45, decryptors 46 and 47, and a descrambler 48, and MPEG data obtained from the descrambler 48 is decoded by an MPEG decoder 49 to obtain audio / visual data 50.

  The authentication operation is always performed when a disk is detected after the power is turned on and when a disk is replaced. Further, the authentication operation may be performed when the recording operation is performed by pressing the recording button and when the reproducing operation is performed by pressing the reproduction button. As an example, authentication is performed when a record button or a playback button is pressed.

The scrambled MPEG data 9 obtained from the DVD-Video disc, the secured disc key 10, and the encrypted title key 11 are read into the DVD drive 31. An encrypted title key is obtained from the sector in which the content data is recorded. The secured disc key is decrypted with the master key, and the encrypted title key is decrypted with the disc key. The scrambled MPEG data is decoded by the title key, and audio / visual data is obtained.

FIG. 7 shows a procedure for exchanging signals between the DVD drive 31 and the PC 41 in the current system shown in FIG. The PC 41 sends a command to the DVD drive 31, and the DVD drive 31 performs an operation in response to the command. The sequence starts when a DVD-Video disc is inserted, and the authentication sequence AKE (Authentication and Key Exchange) (
Step S1) is performed. When mutual authentication is established, the session key Ks is shared by the DVD drive 31 and the PC 41. If the authentication is not successful, the process is interrupted.

Next, the content data zone on the DVD-Video disc 12 is sought and read in response to a request from the PC 41 (step S2). In the next step S3, the PC 41 requests a secured disk key from the drive 31, and the drive 31 reads the secured disk key from the DVD-Video disk 12 (steps S4 and S5). The secured disk key is encrypted by the bus encryptor 33 using the session key Ks. The secured disk key encrypted with Ks is returned from the drive 31 to the PC 41 (step S6).

Next, the PC 41 requests the drive 31 for the encrypted title key and copy generation management information CGMS (Copy Generation Manager System) (step S7).
1 reads the encrypted title key and CGMS from the DVD-Video disc 12 (steps S8 and S9). The encrypted title key and CGMS are encrypted by the bus encryptor 34 using the session key Ks. The encrypted title key and CGMS encrypted with Ks are returned from the drive 31 to the PC 41 (step S10).

Next, the PC 41 requests the drive 31 for scrambled content (which has the same meaning as the scrambled MPEG data) (step S11), and the drive 31 reads the scrambled content from the DVD-Video disc 12 (step S12). , S1
3). The scrambled content is returned from the drive 31 to the PC 41 (step S14).

The above-described CSS system is only approved for use with DVD-ROM media, and the CSS system is prohibited by a CSS contract for recording DVDs such as DVD-R, DVD-RW, DVD + R, and DVD + RW. Therefore, the entire contents of a DVD-Video that is copyright-protected by the CSS method can be copied to a recordable DVD (bit-by-bit copy).
To do is not an accepted act under the CSS contract.

However, there was a situation where the CSS encryption method was broken. "DeC" that enables the content of DVD-Video to be copied to the hard disk easily by removing CSS encryption
Software called “SS” was distributed on the Internet. The background of the appearance of “DeCSS” was that the reproduction software designed without tamper-proofing the key data for CSS decryption that was supposed to be tamper-proof was reverse engineered and the key data was decrypted. As a result, the entire CSS algorithm has been decoded in a chain.

  After CSS, CPPM (Content Protection for Pre-Recorded Media), which is a copyright protection technology for DVD-ROM such as DVD-Audio, and CPRM (Content Protection for Recordable Media) for recordable DVD and memory cards Has been proposed. These systems have the feature that the system can be updated when a problem occurs in content encryption, management information storage, etc., and reproduction can be restricted even if the entire data is copied. That is, CPRM pre-records an area for recording key information of the lead-in area in order to prohibit bit-by-bit copying. CPRM is described in the following document (Non-Patent Document 3) distributed by license manager 4C Entity, LLC.

"Content Protection for Recordable Media Specification DVD Book", Internet <URL: http://www.4Centity.com/>

  Along with the practical application of BS digital broadcasting and terrestrial digital broadcasting, the necessity for encrypted recording of broadcasts is increasing in order to protect the copyright of broadcast contents. At the time of recording, CGMS is transmitted from the PC to the drive. For example, when the copy restriction information included in the broadcast content can be recorded only once, when recording on a rewritable disc, the recorded CGMS is changed to non-copyable. If the CGMS transmitted from the PC to the drive is altered and made copy-free, the copyright cannot be protected.

  Furthermore, when writing copyright-protected content on a writable disc, it is usually recorded in an encrypted form, and the copyright-protected content can be written in connection with encryption. The types of discs that can be used may be limited. In this case, disc type identification information for identifying the disc type is recorded on the disc.

  Therefore, if the disc identification information read from the disc is falsified, the content information requiring copyright protection can be recorded without being encrypted, and the copyright of the content information cannot be protected.

  Therefore, an object of the present invention is to provide a signal processing system and a recording system that can securely exchange copyright protection information and disc type identification information between a recording / reproducing apparatus and an information processing apparatus, which are important for copyright protection. To provide a reproducing apparatus, a recording method, a recording method program, and a recording medium.

In order to solve the above-described problems, the present invention includes a recording / reproducing apparatus that reads information from a recording medium and records the information on the recording medium, and an information processing apparatus to which the recording / reproducing apparatus is connected via a transmission unit. A signal processing system for recording encrypted content information on a recording medium,
The recording / playback device
Authentication means for performing authentication with the information processing apparatus and generating a session key when authentication is established;
Recording means for recording the encrypted content information on a recording medium,
Information processing equipment
Having authentication means for performing authentication with the recording / reproducing apparatus and generating a session key when authentication is established;
The authentication unit of the recording / reproducing apparatus and the authentication unit of the information processing apparatus, when exchanging the generated random number data, a signal in which information on the type of the recording medium is mixed with a random number transmitted from the recording / reproducing apparatus to the information processing apparatus It is a processing system.

The present invention includes a recording / reproducing apparatus that reads information from a recording medium and records the information on the recording medium, and an information processing apparatus to which the recording / reproducing apparatus is connected via a transmission unit, and records encrypted content information. A signal processing system for recording on a medium,
The recording / playback device
Authentication means for performing authentication with the information processing apparatus and generating a session key when authentication is established;
Recording means for recording the encrypted content information on a recording medium,
Information processing equipment
Having authentication means for performing authentication with the recording / reproducing apparatus and generating a session key when authentication is established;
The signal processing system in which the authentication means of the recording / reproducing apparatus and the authentication means of the information processing apparatus mix copyright-related information with the random numbers transmitted from the information processing apparatus to the recording / reproducing apparatus when the generated random number data is exchanged It is.

The present invention is a recording / reproducing apparatus that is connected to an information processing apparatus via a transmission means and records content information encrypted by a content information encryption method on a recording medium,
Authentication means for performing authentication with the information processing apparatus and generating a session key when authentication is established;
Recording means for recording the encrypted content information on a recording medium,
The authentication means is a recording / reproducing apparatus that mixes information on the type of the recording medium with the random number transmitted to the information processing apparatus when the generated random number data is exchanged.

The present invention is a recording / reproducing apparatus that is connected to an information processing apparatus via a transmission means and records content information encrypted by a content information encryption method on a recording medium,
Authentication means for performing authentication with the information processing apparatus and generating a session key when authentication is established;
Recording means for recording the encrypted content information on a recording medium,
The authentication means is a recording / reproducing apparatus in which copyright-related information is mixed with random numbers received from the information processing apparatus when the generated random number data is exchanged.

The present invention includes a recording / reproducing apparatus that reads information from a recording medium and records the information on the recording medium, and an information processing apparatus to which the recording / reproducing apparatus is connected via a transmission unit, and records encrypted content information. A recording method for recording on a medium,
The recording / playback device
An authentication step of performing authentication with the information processing device and generating a session key when authentication is established;
A recording step of recording the encrypted content information on a recording medium,
Information processing equipment
An authentication step of performing authentication with the recording / reproducing device and generating a session key when authentication is established;
The recording / reproducing apparatus authentication step and the information processing apparatus authentication step include a recording medium type information mixed with random numbers transmitted from the recording / reproducing apparatus to the information processing apparatus when the generated random number data is exchanged. Is the method. The present invention also relates to a recording method program and a recording medium storing the program.

The present invention includes a recording / reproducing apparatus that reads information from a recording medium and records the information on the recording medium, and an information processing apparatus to which the recording / reproducing apparatus is connected via a transmission unit, and records encrypted content information. A recording method for recording on a medium,
The recording / playback device
An authentication step of performing authentication with the information processing device and generating a session key when authentication is established;
A recording step of recording the encrypted content information on a recording medium,
Information processing equipment
An authentication step of performing authentication with the recording / reproducing device and generating a session key when authentication is established;
The authentication step of the recording / reproducing device and the authentication step of the information processing device are recording methods in which copyright-related information is mixed with random numbers transmitted from the information processing device to the recording / reproducing device when the generated random number data is exchanged. is there. The present invention also relates to a recording method program and a recording medium storing the program.

  In the present invention, since the information on the type of the recording medium is mixed with the random number sent from the recording / reproducing apparatus to the information processing apparatus at the time of authentication, the information on the type of the recording medium can be prevented from being falsified. In the present invention, since copyright related information is mixed with a random number sent from the information processing apparatus to the recording / reproducing apparatus at the time of authentication, it is possible to prevent the copyright related information from being falsified. Therefore, this invention can protect the copyright of the recorded content.

  Hereinafter, the present invention will be described. In order to facilitate the understanding of the present invention, some possible examples and problems in that case will be described in order to realize recording by the CSS method with a DVD recorder. Further, in the following description, only recording on the DVD medium will be described, and the reproduction process is the same as the reproduction process by the CSS method, and thus the description thereof is omitted. Furthermore, the correspondence between terms used in the claims of the present specification and terms used in the embodiments will be described below.

  Recording medium: media such as a DVD writable disk, recording / reproducing apparatus: drive, information processing apparatus: personal computer, transmission means: interface, signal processing system: drive for recording / reproducing media and a personal computer are connected via an interface System.

  Content information: Information to be recorded on the medium, for example, audio / visual data is used as content information. Information on the type of recording medium: disc type. Copyright related information: CGMS.

FIG. 8 shows an example of a recording method when content is written to the recordable DVD medium (hereinafter appropriately referred to as a writable or recordable disc) 13a by the CSS method in the DVD recorder 51a. In this example, the secured disc key 10a is written in advance in a predetermined place in the lead-in area of the writable disc 13a as in the case of DVD-Video. The audio / visual data 60 is compressed and encoded by the MPEG encoder 52 of the DVD recorder 51a, scrambled by the scrambler 53, and the scrambled MPEG data 9 is recorded on the writable disc 13a.

  A title key is generated by a random number generator (RNG) 54 inside the DVD recorder 51a. The title key is generated each time recording is performed, and is also generated when the CGMS status changes. The scrambler 53 scrambles the MPEG data using the title key. The title key is encrypted by the encryptor 55, and the encrypted title key 11 is recorded on the writable disc 13a. The recorded secured disc key 10a is decrypted by the master key 57 in the decryptor 56 to obtain a disc key.

  The example shown in FIG. 9 is an example in which the secured disk key that is the encryption key information is not written in advance on the writable disk. The DVD recorder 51b has random number generators 54 and 58, and the random number generators 54 and 58 generate a disc key and a title key. The DVD recorder 51b writes the disc key to the writable disc 13b. For example, a disc key is written to the writable disc 13b by a blank disc formatting process. By writing the disc key later, the manufacturing cost of the recordable DVD medium can be reduced as compared with the method of FIG. 8 in which the disc key is already written.

  The configurations shown in FIGS. 10 and 12 are an example and another example in the case where the function of writing video content scrambled by the CSS method to a recordable DVD medium is realized by a combination of a PC and a drive.

  In these drawings, reference numeral 61 indicates a DVD drive as a recording / reproducing apparatus for recording and reproducing data to / from the writable disc 13a or 13b. Reference numeral 71 indicates a PC as a data processing apparatus (host), application software is installed in the PC 71, and the PC 71 functions as a DVD video encoder. However, the present invention is not limited to software processing, and may be a hardware configuration (substrate configuration) as a DVD video encoder.

  The DVD drive 61 and the PC 71 are connected by an interface. The interfaces are ATAPI (AT Attachment with Packet Interface), SCSI (Small Computer System Interface), USB (Universal Serial Bus), IEEE (Institute of Electrical and Electronics Engineers) 1394, and the like.

  The DVD drive 61 includes an authentication unit 62, a bus encrypter 63, and a bus decryptor 64. The PC 71 includes an authentication unit 72, a bus decryptor 73, and a bus encrypter 74. The PC 71 is provided with an MPEG encoder 52, a scrambler 53, a random number generator 54, an encrypter 55, a decryptor 56, and a master key 57. The audio / visual data 60 is compression-encoded by the MPEG encoder 52 and converted into stream data in the DVD format. The scrambler 53 is scrambled by the title key and supplied to the DVD drive 61 via the interface, and the scrambled MPEG data 9 is recorded on the writable disc 13a.

  A title key is generated by a random number generator 54 inside the PC 71. The scrambler 53 scrambles the MPEG data using the title key. The title key is encrypted by the encryptor 55, and the encrypted title key is encrypted by the bus encrypter 74 with the session key generated when the authentication is established. The output data of the bus encrypter 74 is supplied to the bus decryptor 64 of the DVD drive 61, and the encrypted title key is decrypted with the session key by the bus decryptor 64. The encrypted title key 11 is recorded on the writable disc 13a.

  The recorded secured disk key 10a is encrypted in the bus encryptor 63 of the DVD drive 61 by the session key generated by the establishment of authentication. The data is transmitted from the DVD drive 61 to the PC 71 via the interface, and decrypted by the bus decrypter 73 using the session key. Further, the decryptor 56 decrypts the master key 57 and obtains the disc key.

  FIG. 11 shows a procedure for exchanging signals between the DVD drive 61 and the PC 71 in the system shown in FIG. The PC 71 sends a command to the DVD drive 61, and the DVD drive 61 performs an operation in response to the command. The sequence is started by inserting a writable disc or the like, and an authentication sequence AKE (step S21) is first performed. When the authentication is established, the DVD drive 61 and the PC 71 share the session key Ks. If the authentication is not successful, the process is interrupted.

  Next, in response to a request from the PC 71, the DVD drive 61 seeks the control data zone on the writable disc 13a and reads the control data (step S22). In the next step S23, the PC 71 requests a secured disk key, and the DVD drive 61 reads the secured disk key (steps S24 and S25). The DVD drive 61 encrypts the secured disk key with the session key Ks by the bus encryptor 63, and the DVD drive 61 sends the encrypted secured disk key to the PC 71 (step S26). The bus decryptor 73 of the PC 71 decrypts the secured disk key, and the decryptor 56 decrypts the disk key.

  Next, in step S 27, the DVD drive 61 encrypts the encrypted title key and CGMS with the session key Ks in the bus encryptor 74 and sends it to the DVD drive 61. Further, the scrambled MPEG data from the scrambler 53 is sent to the DVD drive 61 in step S28. The DVD drive 61 records the encrypted title key decrypted with the session key Ks in the bus decryptor 6 and the scrambled MPEG data on the writable disc 13a (step S29).

  The configuration example shown in FIG. 12 is different from FIG. 10 in that a secured disc key is recorded on the writable disc 13b. For this reason, a random number generator 58 is provided in the PC 71 to generate a disc key. The disk key is encrypted by the master key 57 in the encryptor 59, and the secured disk key is encrypted by the session key Ks in the bus encryptor 75. The output of the bus encryptor 75 is transmitted to the DVD drive 61 via the interface, and decrypted by the session key Ks in the bus decrypter 65. Then, the secured disc key 10b is recorded on the writable disc 13b. Other configurations are the same as those of the system shown in FIG.

  FIG. 13 shows a procedure for exchanging signals between the DVD drive 61 and the PC 71 in the system shown in FIG. The procedure is the same as that shown in FIG. 11 in the system shown in FIG. However, the secured disk key encrypted with the session key Ks is sent to the DVD drive 61 by the bus encryptor 75 (step S33), and the secured disk key decrypted by the bus decryptor 65 with the session key Ks is received by the DVD drive 61. The processing for writing to the writable disc (step S34) is different.

  When the configuration or method shown in FIGS. 10 and 12 described above is adopted, there is a defect that it is possible to write a CSS encrypted data image created by using a CSS writing software created by a general user with a normal write command. The reason is that the CSS algorithm is not secret and is known. In the example of FIG. 10, when authentication is established, the application software is switched to the self-made one, and the title key generated by itself is used in accordance with the secured disc key recorded in advance on the writable disc 13a. A CSS scrambler that scrambles content can be created by a person who does not receive a CSS contract. Further, it is not considered to securely transmit disc-type information or copyright-related information, and there is a possibility that such information may be falsified.

  Next, a further configuration example will be described. In the configuration or method shown in FIGS. 10 and 12 described above, since the scrambled MPEG data passes through a standardized interface such as ATAPI between the DVD drive 61 and the PC 71, the scrambled MPEG data being written is stolen from the side. There is a risk that an act of returning to plaintext by applying “DeCSS” to this. In consideration of this point, the configuration examples shown in FIG. 14 and FIG. 16 respectively perform bus encryption and decryption on scrambled MPEG data.

  The configuration example of FIG. 14 is the same as the system of FIG. 10 in that the secured disc key 10a is recorded in advance on the writable disc 13a. 10 differs from the system of FIG. 10 in that the scrambled MPEG data obtained at the output of the scrambler 53 is encrypted by the bus encryptor 76 and then transmitted to the DVD drive 61 via the interface. 66 to be decoded. This reduces the risk of scrambled MPEG data being stolen when passing through the interface.

  FIG. 15 shows a procedure for exchanging signals between the DVD drive 61 and the PC 71 in the system of FIG. This procedure is the same as FIG. 11 showing the procedure of the system of FIG. The difference is that in step S28, the process of sending scrambled MPEG data is changed to sending scrambled MPEG data encrypted with the session key Ks in step S38.

  The configuration example of FIG. 16 is the same as the system of FIG. 12 in that the secured disc key 10b is recorded on the writable disc 13b. 12 differs from the system of FIG. 12 in that the scrambled MPEG data obtained at the output of the scrambler 53 is encrypted by the bus encryptor 76 and then transmitted to the DVD drive 61, and is decrypted by the bus decryptor 66 in the DVD drive 61. Is Rukoto. This reduces the risk of scrambled MPEG data being stolen when passing through the interface. For example, there is a possibility that scrambled MPEG data obtained from broadcast content is intercepted and recorded on a hard disk, and then decrypted by “DeCSS”.

  FIG. 17 shows a procedure for exchanging signals between the DVD drive 61 and the PC 71 in the system of FIG. This procedure is the same as FIG. 13 showing the procedure of the system of FIG. The difference is that in step S28, the process of sending scrambled MPEG data is changed to sending scrambled MPEG data encrypted with the session key Ks in step S38.

  In the further configuration or method shown in FIG. 14 and FIG. 16 described above, it is not considered to securely transmit disc-type information or copyright-related information, and there is a possibility that the information is falsified. Further, there is a defect that it is possible to write a CSS encrypted data image created by using a CSS writing software created by a general user with a normal write command.

  As described above, the present invention can solve the problem that occurs when encrypted writing, for example, CSS is applied to writing to a writable disc. Hereinafter, some embodiments of the present invention will be described with reference to the drawings.

  FIG. 18 shows a system configuration example of a first configuration example to which the present invention can be applied. Reference numeral 161 indicates a DVD drive, and reference numeral 171 is an information processing apparatus such as a PC that is connected to the DVD drive 161 through a standard interface and functions as a host. Application software is installed in the PC 171 or hardware (board) is provided, so that the PC 171 functions as a DVD video encoder. For example, a hardware video encoder board is incorporated in a television tuner board. In the first configuration example, a writable disc 13a in which a secured disc key 10a is recorded in advance in the lead-in area is used. For example, DVD + R / RW or DVD-R / RW can be used as a writable disc.

  The DVD drive 161 includes a random number generator 81 that generates a title key, an encrypter 82 that encrypts the generated title key with a disc key, a master key 83, and a decryptor 84 that decrypts a secured disc key with a master key. In preparation. Further, an authentication unit 62, a bus encrypter 63 for encrypting the secured disk key with the session key Ks, and a bus decryptor 66 for decrypting the scrambled MPEG data are provided. The DVD drive 161 is provided with these components with proper approval from the CSS key issuing center. In addition, since the DVD drive 161 is configured by hardware (LSI), it has tamper resistance that makes it impossible to know the contents of signal processing from the outside.

  The secured disc key 10 a read from the writable disc 13 a is decrypted by the master key 83 in the decryptor 84, and the disc key is supplied to the encryptor 82. In the encryptor 82, the title key from the random number generator 81 is encrypted, and an encrypted title key is generated. The encrypted title key is recorded on the writable disc 13a as defined by the CSS system.

  The PC 171 has a function as a DVD video encoder by application software or hardware (board). When mutual authentication between the authentication unit 62 of the DVD drive 161 and the authentication unit 72 of the PC 171 is established, a session key Ks is generated. In the bus encryptor 63 of the DVD drive 161, the secured disc key is encrypted with the session key Ks, and in the bus encrypter 85, the encrypted title key is encrypted with the session key Ks. These encrypted data are transmitted to the PC 171 via a standard interface.

  In the PC 171, the secured disc key is decrypted by the session key Ks in the bus decryptor 73, and the encrypted title key is decrypted by the session key Ks in the bus decryptor 77. In the decryptor 56, the disc key is decrypted by the master key 57, and in the decryptor 78, the encrypted title key from the bus decryptor 77 is decrypted by the disc key to obtain the title key.

  The audio / visual data 60 is compressed and encoded by MPEG2 in the MPEG encoder 52 and converted into data in the DVD standard format. For example, in the MPEG encoder 52, a transport stream received by digital broadcasting or the like is converted into a program stream and converted into DVD format data. The output data of the MPEG encoder 52 is scrambled by the scrambler 53 with the title key. The scrambled MPEG data from the scrambler 53 is encrypted by the bus encryptor 76 using the session key Ks. The output data of the bus encrypter 76 is transmitted to the DVD drive 161 via the interface. In the DVD drive 161, the scrambled MPEG data is decoded by the bus decryptor 66, and the scrambled MPEG data is recorded on the writable disc 13a. In the PC 171, components other than the MPEG encoder 52 are provided with proper approval from the CSS key issuing center.

  FIG. 19 shows a procedure for exchanging signals between the DVD drive 161 and the PC 171 in the system shown in FIG. The PC 171 sends a command to the DVD drive 161, and the DVD drive 161 performs an operation in response to the command. The sequence is started by inserting a writable disc or the like, and an authentication sequence AKE (step S41) is first performed. When the authentication is established, the DVD drive 161 and the PC 171 share the session key Ks. If the authentication is not successful, the process is interrupted.

  Next, in response to a request from the PC 171, the DVD drive 161 seeks the control data zone on the writable disc 13a and reads the control data (step S42). In the next step S43, the PC 171 requests a secured disk key, and the DVD drive 161 reads the secured disk key (steps S44 and S45). The DVD drive 161 encrypts the secured disk key with the session key Ks by the bus encryptor 63, and the DVD drive 161 sends the encrypted secured disk key to the PC 171 (step S46). The bus decryptor 73 of the PC 171 decrypts the secured disk key with the session key Ks, and further decrypts the disk key with the decryptor 56.

  Next, in step S47, an authentication sequence AKE is performed. When authentication is established, a session key Ks is newly generated, and the DVD drive 161 and the PC 171 share this session key Ks. If the authentication is not successful, the process is interrupted. When authentication is established, the PC 171 sends CGMS to the DVD drive 161 in step S48. As will be described later, the present invention is applied to securely transmit the CGMS. In step S49, the PC 171 requests the DVD drive 161 for a title key encrypted with the session key Ks.

  The DVD drive 161 supplies the encrypted title key from the encrypter 82 to the encryptor 85, and encrypts the encrypted title key with the session key Ks. The encrypted title key encrypted with Ks from the encryptor 85 is returned to the PC 171 (step S50).

  The PC 171 generates a title key by decryption processing by the bus decryptors 77 and 78, and the scrambler 53 encrypts the MPEG data to generate scrambled MPEG data. Further, the scrambled MPEG data is encrypted with the session key Ks in the bus encryptor 76, and the scrambled MPEG data encrypted with Ks is transmitted to the DVD drive 161 (step S51). The DVD drive 161 obtains scrambled MPEG data by decoding the data received by the bus decryptor 66 using the session key Ks. Then, the scrambled MPEG data and the encrypted title key are written on the writable disc 13a (step S52).

  In the first configuration example described above, the title key generated in the drive 161 is securely transferred to the PC 171 and used for CSS scrambling on the PC side. The CSS scrambled MPEG data received from the PC 171 and the title generated by the drive 161 are used. In this method, the key is written to the writable disc 13a. Therefore, in the first configuration example, the title key is not falsified on the PC side, and at the same time, the CSS key is not allowed to be scrambled by the title key, and the one that does not receive the license freely creates the CSS scramble writing software. This can be prevented. As will be described later, CGMS and disk type data can be transmitted securely.

  FIG. 20 shows the system configuration of the second configuration example of the present invention. In the second configuration example, a secured disc key is recorded on the writable disc 13b. The DVD drive 161 is provided with a random number generator 86 for generating a disc key in addition to a random number generator 81 for generating a title key. The disc key is used to encrypt the title key in the encrypter 82. Further, the disc key is encrypted by the encryptor 87 by the master key 83, and a secured disc key is generated. The secured disc key 10b is recorded in the lead-in area on the writable disc 13b.

  Thus, except for generating a disk key, encrypting the generated disk key to generate a secured disk key, and recording the secured disk key 10b in the lead-in area, the configuration and processing of the second configuration example Is the same as that of the first configuration example shown in FIG.

  FIG. 21 shows a procedure for exchanging signals between the DVD drive 161 and the PC 171 in the system shown in FIG. The procedure shown in FIG. 21 is the same as the signal exchange procedure shown in FIG. The difference is that when the PC 171 requests a secured disk key, the DVD drive 161 records the secured disk key on the writable disk 13b, and the encrypted disk key is encrypted with the session key Ks and returned to the PC 171. It is.

  In the second configuration example, the disc key and title key generated in the drive 161 are securely transferred to the PC 171 and used for CSS scrambling in the PC video encoder, and the scrambled MPEG data received from the PC 171 and the drive 161 This is a method of writing the secured disc key generated in step 1 and the encrypted title key to the writable disc. In this second configuration example, the title key is not altered on the PC side, and at the same time, the CSS key is not scrambled with the title key that is created arbitrarily, so that those who do not receive a license can freely create CSS scramble writing software. There is an effect to prevent. Furthermore, since it is not necessary to record a disc key in advance on the DVD medium, the manufacturing cost of the medium can be reduced. As will be described later, CGMS and disk type data can be transmitted securely.

  A third configuration example will be described with reference to FIG. In the third configuration example, a secured disc key is recorded in advance in the lead-in area of the writable disc 13a. The secured disc key 10a is decrypted by the decryptor 84 by the master key 83 to obtain a disc key. The title key is generated by a random number generator 81 in the DVD drive 261 and encrypted by the encryptor 82 with the disc key. The encrypted title key 11 from the encrypter 82 is recorded on the writable disc 13a.

  The DVD drive 261 has an authentication unit 91 and performs mutual authentication with the authentication unit 92 of the PC 271. If the authentication is established, the DVD drive 261 and the PC 271 share the session key Ks. The mutual authentication method is not limited to the same method as the CSS method, and a new method as described later can be adopted. By adopting a new authentication method, it is possible to more reliably prevent the creation of CSS writing software by those who do not receive a license.

  The PC 271 only has an MPEG encoder 52 that encodes the audio / visual data 60 and a bus encrypter 93 in addition to the authentication unit 92. Other processing is performed in the DVD drive 261. The PC 271 does not have any key or processing for CSS scramble, only has a mutual authentication function, and the load is remarkably reduced.

  The DVD drive 261 decrypts the MPEG data encrypted with the session key Ks from the PC 271 with the session key Ks in the bus decryptor 94. Then, it is encrypted by the scrambler 95, and the scrambled MPEG data 9 is recorded on the writable disc 13a. The scrambler 95 encrypts the MPEG data with the title key generated by the random number generator 81 and generates scrambled MPEG data.

  In the third configuration example, the title key is not falsified on the PC side, and at the same time, the CSS key is not scrambled with the title key that is created by itself. There is an effect to. By introducing a new authentication method, it is possible to more reliably prevent writing software from being created by a person who does not receive a license. Furthermore, the load on the PC side can be reduced. As will be described later, CGMS and disk type data can be transmitted securely.

  FIG. 23 shows a fourth configuration example. The difference from the third configuration example is that the disc key is generated by the random number generator 86 of the DVD drive 261, the disc key is encrypted by the master key 83 in the encryptor 87, and the secured disc key 10b is stored in the writable disc 13b. To record. Similar to the third configuration example, the PC 271 includes an authentication unit 92, a bus encrypter 93, and an MPEG encoder 52.

  This fourth configuration example also has the same operational effects as the third configuration example described above. Furthermore, since it is not necessary to record a disc key in advance on the DVD medium, the manufacturing cost of the medium can be reduced. As will be described later, CGMS and disk type data can be transmitted securely.

  FIG. 24 shows a fifth configuration example in which a mask control 101 as a mask control mechanism for the encrypted title key is added to the configuration of the first configuration example shown in FIG. The encrypted title key from the encryptor 82 is inputted to the mask control 101, and the encrypted title key 11 taken out from the output of the mask control 101 is recorded on the writable disc 13a.

  The mask control 101 controls the mask function in response to the authentication result of the authentication unit 62 of the DVD drive 161. That is, while the mutual authentication between the PC 171 and the DVD drive 161 is established and the session key Ks is generated, the mask function is canceled and the encrypted title key 11 is recorded on the writable disc 13a. On the other hand, if the authentication is not established, the mask function is enabled, the encrypted title key 11 is replaced with invalid data or dummy data such as zero data, and writing of the encrypted title key onto the rewritable disc 13a is substantially prohibited. Is done.

  FIG. 25 shows a second example in which a mask control 101 as a mask control mechanism for an encrypted title key and a mask control 102 as a mask control mechanism for a secured disc key are added to the configuration of the second configuration example shown in FIG. 6 shows a configuration example. Similar to the mask control 101, the mask control 102 performs a mask function for the secured disc key. That is, while the mutual authentication between the PC 171 and the DVD drive 161 is established and the session key Ks is generated, the mask function is canceled and the secured disc key 10b is recorded on the writable disc 13b. On the other hand, if the authentication is not established, the mask function is valid and the secured disc key 10b is not recorded on the writable disc 13b.

  As in the fifth and sixth configuration examples described above, the creation of CSS writing software by a general user can be more reliably prohibited by controlling the writing of the CSS key to the disc based on the result of mutual authentication. It becomes possible. Only authorized personnel can thereby create CSS writing application software. As will be described later, CGMS and disk type data can be transmitted securely.

  FIG. 26 shows a seventh configuration example in which a mask control 103 as a mask control mechanism for the encrypted title key is added to the configuration of the third configuration example shown in FIG. The encrypted title key from the encryptor 82 is input to the mask control 103, and the encrypted title key 11 taken out from the output of the mask control 103 is recorded on the writable disc 13a.

  The mask control 103 controls the mask function in response to the authentication result of the authentication unit 62 of the DVD drive 161. That is, while the mutual authentication between the PC 171 and the DVD drive 161 is established and the session key Ks is generated, the mask function is canceled and the encrypted title key 11 is recorded on the writable disc 13a. On the other hand, if the authentication is not established, the mask function is valid and the encrypted title key 11 is not recorded on the writable disc 13a.

  FIG. 27 shows a configuration in which a mask control 103 as a mask control mechanism for an encrypted title key and a mask control 104 as a mask control mechanism for a secured disc key are added to the configuration of the fourth configuration example shown in FIG. 8 embodiments are shown. Similar to the mask control 103, the mask control 104 provides a mask function for the secured disc key. That is, while the mutual authentication between the PC 171 and the DVD drive 161 is established and the session key Ks is generated, the mask function is canceled and the secured disc key 10b is recorded on the writable disc 13b. On the other hand, if the authentication is not established, the mask function is valid and the secured disc key 10b is not recorded on the writable disc 13b.

  As in the seventh and eighth configuration examples described above, the creation of CSS writing software by a general user can be more reliably prohibited by controlling the writing of the CSS key to the disc according to the result of mutual authentication. It becomes possible. Only authorized personnel can thereby create CSS writing application software. As will be described later, CGMS and disk type data can be transmitted securely.

  FIG. 28 is provided for each of the above-described third configuration example (FIG. 22), fourth configuration example (FIG. 23), seventh configuration example (FIG. 26), and eighth configuration example (FIG. 27). An embodiment of an authentication configuration or method according to the present invention applied to the authentication units 91 and 92 is described. In the example shown in FIG. 28, the session key is generated from the mutual authentication, and at the same time, the disk type information is securely transmitted from the drive to the PC. The disc type data is 2-bit information defined as follows.

(0, 0): ROM (0, 1): Undefined (1, 0): Writable type 1
(1,1): Writable disc type 2
For example, type 1 indicates a rewritable disc, and type 2 indicates a disc that can be recorded only once. As another example, type 1 means a type of disk that is allowed to write in the CSS system, and type 2 means a type of disk that is not allowed to write in the CSS system. The disc type is recorded at a predetermined position in the lead-in area on the disc. However, it may be recorded in the information of the wobbling groove, or may be determined from the optical characteristics of the disc. In FIG. 28, reference numeral 301 indicates disk type data.

  Disc type data 301 is supplied to multiplexers 302 and 303, respectively, and mixed with random numbers from random number generators 304 and 305 to generate 64-bit random number data Ra1 and Ra2 including disc type data, respectively. For example, disk type data is arranged at a predetermined 2-bit bit position in a 64-bit random number, for example, the lower 2 bits. The random numbers Ra1 and Ra2 are transmitted to the PC side, and the PC can obtain the disk type data 301 from the random number Ra1 by the demultiplexer 401. The PC executes application software corresponding to the acquired disk type data.

  The authentication unit 91 of the DVD drive 161 has an authentication key Km. The authentication key Km is often placed inside the LSI and is securely stored so that it cannot be read from the outside. In order for the drive 161 to be a legitimate drive that handles CSS recording, it requires confidential information about copyright protection technology such as the authentication key Km, so a clone that impersonates a genuine product without receiving a regular license. -Drive creation is prevented.

Reference numerals 306, 307, and 308 denote MAC (Message Authentication Code) calculation blocks that calculate MAC values using the authentication key Km as a parameter. Reference numerals 304, 305, and 309 are random number generators that generate 64-bit random numbers. As described above, the disk type and the random number are combined by the multiplexer 302, the random number Ra1 is output from the multiplexer 302, and this random number Ra1 is supplied to the MAC calculation block 306. The random number Ra2 from the multiplexer 303 is supplied to the MAC operation block 307. Further, the random number generator 309 generates a random number Ra3. Random number generators 304, 305, and 309 are, for example, random number generators configured as LSIs, and can generate random numbers closer to genuine random numbers as compared with a method of generating random numbers by software. The random number generator may be common hardware, but the random numbers Ra1, Ra2, and Ra3 are independent of each other.

  The PC-side authentication unit 92 also has an authentication key Km, and includes MAC operation blocks 406, 407, and 408 that calculate MAC values using the authentication key Km as a parameter. Furthermore, random number generators 404, 405, and 409 are provided for generating 64-bit random numbers Rb1, Rb2, and Rb3, respectively. The random numbers 28Rb1, Rb2, and Rb3 are supplied to the MAC calculation blocks 406, 407, and 408 of the authentication unit 92 on the PC side, transmitted to the DVD drive side, and supplied to the MAC calculation blocks 306, 307, and 308. The The random number generators 404, 405, and 409 normally generate random numbers by software, but may be used when hardware random numbers are available.

  The random number generated in the authentication unit 91 of the DVD drive and the random number generated in the authentication unit 92 of the PC are exchanged. That is, the random number Ra1 and the random number Rb1 are input to the MAC operation blocks 306 and 406, the random number Ra2 and the random number Rb2 are input to the MAC operation blocks 307 and 407, and the random number Ra3 and the random number Rb3 are input to the MAC operation blocks 308 and 408. .

The MAC value calculated by the MAC calculation block 306 and the MAC value calculated by the MAC calculation block 406 are compared in the comparison 410 in the authentication unit 92 to determine whether the two values are the same. The MAC value here is expressed as eKm (Ra1‖Rb1). eKm () represents that data in parentheses is encrypted using the authentication key Km as a key. The symbol Ra1‖Rb1 indicates that two random numbers are combined such that a random number Ra1 is arranged on the left side and a random number Rb1 is arranged on the right side. As a result of the comparison, if the two values are determined to be the same, it means that the authentication of the DVD drive by the PC has succeeded. Otherwise, the authentication has failed.

The MAC value calculated by the MAC calculation block 307 and the MAC value calculated by the MAC calculation block 407 are compared in the comparison 310 in the authentication unit 91 of the drive, and it is determined whether or not the two values are the same. The MAC value here is expressed as eKm (Rb2‖Ra2). As a result of comparison,
If it is determined that the two values are the same, the PC authentication by the DVD drive has succeeded. Otherwise, the authentication has failed.

In such mutual authentication, if both the comparisons 310 and 410 determine that the MAC values are the same and both the DVD drive and the PC are validated, that is, if the mutual authentication is successful, the MAC operation blocks 308 and 408 Thus, a common session key eKm (Ra3RaRb3) is generated. As described above, since the mutual MAC calculation values are exchanged and the matching is confirmed, it is possible to prevent tampering along the way or spoofing each other. In the present invention, not only mutual authentication but also one-way authentication may be performed.

  Another example of the disk type data is shown below.

  (0, 0): ROM (0, 1): Undefined (normal writable) (1, 0): Undefined (normal writable) (1, 1): Video writable disc (according to CSS / CPRM) Discs that allow video recording and private recording compensation is included in the disc sales price)

  An example of drive-side processing and PC-side processing when the disk type data defined in this way is mixed with random numbers transmitted to the PC side as described above will be described. FIG. 29 is a flowchart showing processing on the drive side.

As described in Non-Patent Document 3 mentioned at the beginning, a wobbled groove is formed in advance on the disk. The wobbling is modulated by information called ADIP (Address in Pre-groove). One piece of information included in ADIP is the media type (3 bytes). In the first step ST101, the media type is determined. In step ST102, it is determined whether the determination result is ROM. If it is ROM, it is determined in step ST103 that the disk type is ROM (0, 0). If it is not a ROM, it is determined in step ST104 whether the disc application code is video writable.

  Another information included in ADIP is a disk application code (1 byte). The disc application code is used to identify whether the disc is restricted to be used only for special applications. For example, the disc application code identifies that a video signal can be written (video writable).

  If the disc application code is video writable in step ST104, the disc type is determined to be video writable (step ST106). If it is determined in step ST104 that the disc application code is not video writable, the disc type is determined to be reserved (that is, undefined) (step ST105).

  As described above, the disk type determined by the drive is transmitted to the PC side mixed with the random number exchanged at the time of mutual authentication. FIG. 30 is a flowchart showing processing on the PC side. In step ST111, mutual authentication is performed, and in step ST112, the PC acquires disk type data from the drive.

  Whether the disk type is ROM is determined in step ST113. If it is determined to be ROM, data writing is prohibited in step ST114. If it is determined that it is not ROM, it is determined in step ST115 whether or not the disc type is video writable. If it is determined that the video is not video writable, it is determined in step ST116 that data can be written. If it is determined that the video is writable, it is determined in step ST117 that writing by CSS / CPRM is possible.

  FIG. 31 shows another example of the authentication units 91 and 92. In another example, the above-described example has a function of transmitting disk type information from the DVD drive to the PC in addition to mutual authentication, whereas CGMS information is transmitted from the PC to the DVD.

  The authentication unit 92 of the PC 9 has CGMS data 411 to be recorded. The CGMS data 411 is 2-bit data based on copyright management information included in video data to be recorded, and is 2-bit information defined as follows.

(0, 0): Copy free (0, 1): EPN (Encryption Plus Non-assertion) (
Content management information in digital broadcasting) (1, 0): Permit only one copy (1, 1): Prohibit copy The CGMS data 411 is separated from the video input to be recorded. For example, when the separated CGMS data is (1, 0) and only one copy is permitted, the CGMS data recorded on the writable disc is copied as a result of (1, 1). Changed to copy prohibited.

  In the authentication unit 92 on the PC side, the CGMS data 411 is supplied to the multiplexers 412 and 413, respectively, and mixed with the random numbers from the random number generators 404 and 405 to generate 64-bit random number data Rb1 and Rb2 including the CGMS data, respectively. The For example, CGMS data is arranged at a predetermined 2-bit bit position in a 64-bit random number, for example, the lower 2 bits. The random numbers Rb1 and Rb2 are transmitted to the DVD drive side, and the DVD drive can obtain the CGMS data 411 from the random number Rb2 by the demultiplexer 311. CGMS data 411 is recorded at a predetermined position on the writable disc.

FIG. 32 shows a configuration example when an AES (Advanced Encryption Standard) encryptor is used as the MAC operation blocks 306, 307, 308, 406, 407, and 408. A 128-bit random number A‖B obtained by combining two random numbers A and B and an authentication key Km are supplied to the AES encoder, and an output eKm (A‖B) obtained by encrypting the random number A‖B using the authentication key Km as a key.
Is formed.

  Furthermore, the flow of mutual authentication processing in the case of the configuration shown in FIG. 28 will be described with reference to the flowcharts of FIGS. The flowchart of FIG. 33 shows the flow of processing of the authentication unit 91 on the DVD drive side, and FIG. 34 shows the flow of processing of the authentication unit 92 on the PC side. First, in step ST21 in FIG. 34, the random number Rb1 and the random number Rb2 respectively generated by the random number generators 404 and 405 are transferred to the authentication unit 91 by the command SEND KEY. In step ST11 in FIG. 33, the authentication unit 91 receives these random numbers transferred from the authentication unit 92.

Thereafter, the authentication unit 92 requests the authentication unit 91 to transfer the response value by the MAC using the authentication key Km as a key and the random number Ra1 (including the disk type data) to the authentication unit 92 by the command REPORT KEY. (Step ST22). The response value is eKm (Ra1
It is written as ‖Rb1). eKm () represents that data in parentheses is encrypted using the authentication key Km as an encryption key. The symbol Ra1‖Rb1 indicates that two random numbers are combined such that a random number Ra1 is arranged on the left side and a random number Rb1 is arranged on the right side.

Upon receiving the command REPORT KEY from the authentication unit 92, the authentication unit 91 transfers the MAC value eKm (Ra1‖Rb1) and the random number Ra1 generated by the MAC calculation block 306 to the authentication unit 92 in step ST12. In step ST23, the authentication unit 92 calculates the MAC value in its own MAC calculation block 406, and confirms whether or not it matches the value received from the authentication unit 91 in the comparison 410. If the received MAC value matches the calculated MAC value, authentication of the authentication unit 91 (DVD drive) by the authentication unit 92 (PC) is successful. If the comparison results in step ST23 are not the same, authentication of the authentication unit 91 (DVD drive) by the authentication unit 92 (PC) has failed and reject processing is performed.

  If authentication of the authentication unit 91 by the authentication unit 92 is successful, in step ST24, the authentication unit 92 sends a command REPORT KEY to the authentication unit 91, and the authentication unit 91 sends a random number Ra2 (including disk type data) and a random number. Request transfer of Ra3. In response to this command, authentication unit 91 transfers these random numbers to authentication unit 92 in step ST13.

In step ST25, the MAC calculation block 407 of the authentication unit 92 calculates a response value eKm (Rb2‖Ra2) by MAC using the authentication key Km of the authentication unit 92 as a key from the random number received from the authentication unit 91, and the random number Rb3 At the same time, it is transferred to the authentication unit 91 using the command SEND KEY.

In step ST14, when receiving the response value eKm (Rb2RRa2) and the random number Rb3 from the authentication unit 92, the authentication unit 91 calculates the MAC value by itself, and in step ST15, the MAC received from the authentication unit 92 by the comparison 310. Check if it matches the value. If the received MAC value matches the calculated MAC value, the authentication unit 92 (PC) is successfully authenticated by the authentication unit 91 (DVD drive). In this case, in step ST16, the MAC calculation block 308 generates a session key eKm (Ra3‖Rb3), and transmits information indicating that the authentication is successful to the authentication unit 92, and the authentication process is completed. To do. The session key has a different value for each authentication operation.

  If the comparison results in step ST15 are not the same, authentication of the authentication unit 92 by the authentication unit 91 has failed, and error information indicating that the authentication has failed is transmitted to the authentication unit 92 in step ST17. .

The authentication unit 92 receives information indicating whether or not the authentication is successful from the authentication unit 91 as a response to the sent command SEND KEY, and determines whether or not the authentication is completed based on the received information in step ST26. It is determined that the authentication is completed by receiving information indicating that the authentication has been successful, and it is determined that the authentication has not been completed by receiving the information indicating that the authentication has failed. When the authentication is completed, in step ST27, the MAC operation block 408 generates a session key eKm (Ra3‖Rb3) (for example, 64 bits long) common to the drive side. If authentication is not completed, a reject process is performed.

  In all the embodiments of the present invention described above, the recording data transmitted from the PC to the DVD drive is encrypted by the bus encryptor, and the DVD drive is decrypted by the bus decryptor. In FIG. 35, reference numeral 501 indicates a bus encryptor, and reference numeral 511 indicates a bus encryptor.

  Data is transmitted from the PC to the DVD drive in a pack composed of 2 KB (kilobytes) of sector data. The type of pack is specified by the pack header. The AV pack detection unit 502 detects an audio pack, a bidet pack, and a sub-picture pack, and outputs a control signal according to the detection result.

  The selector 503 is controlled by a control signal from the AV pack detection unit 502. When the input data is an audio pack, a bidet pack, and a sub-picture pack, the input data is guided to the AV data encryptor 504 and encrypted by the session key. However, the pack header is not encrypted. In cases other than these packs, the input data is not encrypted and transmitted to the DVD drive via the interface.

  The AV pack detection unit 512 of the bus decrypter 511 detects the received pack type from the pack header. The selector 513 is controlled by a control signal from the AV pack detection unit 512. If the pack is an audio pack, a bidet pack or a sub-picture pack, the received data is guided to the AV data decryptor 514 and decoded by the session key.

  Since what is to be protected in the CSS system is audio / visual data, it is not necessary to encrypt other general data such as computer file data. Therefore, only the AV pack is encrypted.

  FIG. 36 shows the flow of bus encryption / decryption processing. In step ST31, it is determined whether or not it is a video pack from the detection result of the pack header detection unit. If it is a video pack, the data is encrypted / decrypted in step ST32. If it is not a video pack, the process moves to the step of determining whether or not it is an audio pack in step ST33.

  If it is determined in step ST33 that it is an audio pack, the data is encrypted / decrypted in step ST32. If not, the process moves to the step of determining whether or not it is a sub-picture pack in step ST34. If it is determined in step ST34 that it is a sub-picture pack, the data is encrypted / decrypted in step ST32. If not, the data is not encrypted / decrypted (step ST35). Then, the bus encryption / decryption process ends.

  FIG. 37 shows the structure of an audio pack, video pack or sub-picture pack of DVD video data. A pack header in which pack control information is arranged is arranged at the head, followed by a packet header, followed by audio data (AC3 data), video data (MPEG program stream) or sub-picture data (text data such as subtitles). ) Is arranged. Since the pack header and the packet header are variable-length data, for example, 128 bytes including the pack header and the packet header are excluded from bus encryption / decryption in consideration of the longest data length. Of 1920 bytes are subject to bus encryption / decryption. A total of 2K (2048) bytes is used as main data for one sector.

  In the above-described fifth configuration example (FIG. 24), sixth configuration example (FIG. 25), seventh configuration example (FIG. 26), and eighth embodiment (FIG. 27), the DVD drive and the PC are mutually connected. Mask controls 101, 102, 103, and 104 are provided that are controlled in accordance with whether or not authentication is established. Data to be masked by these mask controls will be described. First, the structure of data recorded on the writable disc will be described.

  In a DVD drive, data received from a PC is changed to a sector structure and recorded on a writable disc. FIG. 38 shows the data structure of one sector. A 12-byte sector header is added to 2 Kbytes of main data, and the last 4 bytes are used as an error detection code EDC for the entire sector, so that a data sector of 2064 bytes is formed as a whole.

The first 4 bytes of the sector header are an ID such as a sector number, the subsequent 2 bytes are an error detection code IED for the ID, and the subsequent 6 bytes are copy management data CPR. It is MAI (Copyright Management Information). CPR MAI is data required when data that requires copy management (copyright management) is recorded as main data. CPR An encrypted title key necessary for decrypting the main data is arranged in the MAI.

A process of generating the sector structure data shown in FIG. 38 at the time of recording will be described with reference to FIG. As shown in FIG. 39, sector header IDs are prepared. This ID is generated by the CPU in the DVD drive. That is, a write command is transmitted from the PC to the DVD drive at the time of recording, and LBA (Logical Block Address) data indicating the recording position on the disk and data of the write data length are added to the write command. When the CPU of the DVD drive determines that the instruction content of the write command is executable, the data is transmitted from the PC to the buffer memory of the drive by the amount corresponding to the write data length and stored in pack units of 2 Kbytes.

  Before actually starting the write operation, a PSN (Physical Sector Number) which is a physical address on the disk is calculated from the LBA data, and the value is used as an ID. An error detection code IED is added to the ID to form ID + IED (6 bytes).

Furthermore, CPR for (ID + IED) data MAI and main data are added, and further, an error detection code EDC for each sector is generated from these data (step ST41), and one unit (one frame) of data before being scrambled is formed. The main data in the data is scrambled with the title key, and a frame including scrambled domain data is formed (step ST42).

  Further, error correction coding is performed on the data obtained by collecting 16 scrambled frames (step ST43). Interleaving processing is performed on the main data in the 16-frame data to which ECC generated by error correction coding is added (step ST44). Then, 26 sync frames are modulated for each sector (step ST45). The modulated data is recorded on the writable disc.

FIG. 40 shows a 6-byte CPR. A more detailed data structure of MAI is shown. FIG. 40A shows CPR in the lead-in area of (PSN <030000h). FIG. 38B shows the data structure of the MAI. FIG. 38B shows the CPR in the data area of (PSN ≧ 030000h). The data structure of MAI is shown. CPR in the lead-in area shown in FIG. 40A The MAI is a kind of attribute information, and includes information indicating that the written data is a secured disk key. The first byte BP0 indicates the copyright protection system type. For example, it is indicated whether the copyright protection system type is CSS-compliant and whether it is CPRM-compliant.

  The next byte BP1 is the secured disk key mode. The next bytes BP2 and BP3 are undefined. The upper 2 bits of the next byte BP4 are undefined, and the lower 6 bits are a video authentication control code. Furthermore, byte BP5 is used as region management information.

CPR in the lead-in area as shown by the dashed line in FIG. 40A All MAI data is masked. In other words, when masking is performed without authentication, the CPR in the lead-in area All data of the MAI is rewritten to, for example, 00h data. The video authentication control code may not necessarily be masked.

CPR in the data area shown in FIG. 40B For MAI, CPM (1 bit), CP in the first byte BP0 SEC (1 bit), CGMS (2 bits), CPS MOD (4 bits) is arranged. The encrypted video title keys are arranged in order from the upper side to the lower side for the remaining 5 bytes BP1 to BP5.

As shown in FIG. 40B with a broken line, the CPR in the data area Bytes BP1-BP5 (encrypted video title keys) other than the first byte BP0 in MAI are masked. In other words, when masking is performed without authentication, the CPR in the lead-in area The MAI bytes BP1-BP5 are rewritten to, for example, 00h data.

FIG. 41 shows CPR in the data area. An example of the structure of the mask control with respect to MAI is shown. In this example, in the recording process shown in FIG. 39, mask control is performed immediately before step ST41 for adding EDC. In FIG. 41, reference numeral 601 is a register in which sector information (1 byte) is stored, and reference numeral 602 is a register in which PSN (3 bytes) is stored. These 4-byte IDs are input to the calculation unit 603, and a 2-byte error detection code IED is calculated.

Reference numeral 604 is CPR. This is a register in which the first byte BP0 of the MAI is stored. Reference numeral 605 denotes a buffer memory in which main data (2 Kbytes) is stored. CPR 1 byte BP0 of MAI is CPR Input to MAI filter 606 and CPR with a predetermined PSN The MAI is filtered out. 6-byte CPR The first byte BP0 of the MAI is input to the calculation unit 607, and the other five bytes are all set to zero data and input to the calculation unit 607. The calculation unit 607 generates an error detection code EDC for the entire sector. Sector information, PSN, error detection code IED, CPR for the mixer indicated by reference numeral 608 MAI, main data, and EDC are input to form one sector of data having the configuration shown in FIG.

FIG. 42 shows CPR An example of the MAI filter 606 is shown. PSN (3 bytes) which is an address on the disk is input to the comparator 611 and compared with a predetermined address, for example, 030000h. Also, CPR The first byte BP0 of the MAI is supplied to one input terminal of the selector 612. All zero data 00h is input to the other input terminal of the selector 612. The selector 612 is controlled by the output of the comparator 611. CPR masked to the output of selector 612 The MAI is retrieved.

If the comparator 611 determines that (PSN <030000h), the CPR recorded in the lead-in area The MAI (see FIG. 40A) is determined, and the selector 612 replaces BP0 with 00h data. In other cases, the selector 612 selects and outputs BP0 based on the output of the comparator 611.

  FIG. 43 is a flowchart showing a flow of processing of session key generation and annihilation and CSS key (encrypted title key and secured disc key, or encrypted title key) mask control. In the first step ST51, it is determined whether or not a disk, such as a DVD + RW / + R disk, which is subject to CSS scramble writing, is inserted. If it is determined that a disc has been inserted, it is determined in step ST52 whether or not the PC application is activated. That is, after the PC is turned on or restarted, it is determined whether the OS is started and the application program can be executed from the PC. The CSS key write mask function is in a state of prohibiting writing by default. Note that the order of steps ST51 and ST52 may be reversed.

  If it is determined in step ST52 that the PC application has been activated, mutual authentication is performed and a session key is generated in step ST53. In step ST54, it is determined whether or not the generation of the session key is completed. If it is determined that the generation is completed, the CSS key write mask function is canceled (step ST55).

  In step ST56, it is determined whether or not the PC application is terminated. If it is determined that the PC application is terminated, the session key generated in the PC is deleted in step ST57 (step ST57). Then, it is determined whether the PC application is activated again (step ST58). If it is determined that it is activated, control returns to step ST53.

  If it is determined in step ST58 that the application is not activated, it is determined in step ST59 whether or not the DVD + RW / + R disc has been ejected. If it is determined that it has not been discharged, control returns to step ST58. If it is determined in step ST59 that the disc has been ejected, the session key generated in the drive is erased in step ST60. Then, CSS key writing is prohibited by mask control (step ST61).

  If it is determined in step ST56 that the application is not activated, it is determined in step ST62 whether or not the DVD + RW / + R disc has been ejected. If it is determined that it has not been discharged, control returns to step ST56. If it is determined in step ST62 that the disc has been ejected, the session key generated in the drive is erased in step ST63. Then, CSS key writing is prohibited by mask control (step ST61).

  Note that a tree structure as described in JP-A-2002-236622 may be used as the master key distribution configuration. FIG. 44 shows a configuration when this method is applied to the embodiment shown in FIG. The drive 261 holds a device node key 111 common to a plurality of drives and a device ID 112 unique to the drive. The writable disk 13a stores a table composed of block data called EKB (Enable Key Block) 14. The EKB includes a plurality of encryption keys.

  The EKB is read from the writable disc into the decryption unit 113, and the decryption unit 113 decrypts the master key with the device node key 111 and the device ID 112. This method can be used to distribute a new master key or update a master key.

  The present invention is not limited to the above-described embodiment of the present invention, and various modifications and applications can be made without departing from the gist of the present invention. For example, an encryption method other than the CSS method may be used as long as the encryption method uses three encryption keys of a master key, a disc key, and a title key. The present invention can also be applied to a case where information is recorded on a medium such as an optical card or a memory card in addition to the disk.

It is a block diagram which shows the relationship of the key information at the time of recording on a ROM disk by a CSS system. It is a block diagram which shows the method of reproducing | regenerating the key information and scramble data in the DVD player which reproduces | regenerates the ROM disc recorded by the CSS system. It is a basic diagram which shows the data structure of the lead-in area of a ROM disc. It is a basic diagram which shows the structure of a sector. It is a basic diagram for demonstrating the copy protection function by a CSS system. It is a block diagram which shows the method of reproducing | regenerating the key information and scramble data by PC and a drive which reproduce | regenerate the ROM disc recorded by the CSS system. FIG. 7 is a schematic diagram illustrating a data flow between a drive and a disk in the system of FIG. 6. It is a block diagram which shows an example of the recording method at the time of writing data by the CSS system to the recordable DVD medium in which the disc key has been written. It is a block diagram which shows an example of the recording method at the time of writing data by the CSS system to the recordable DVD medium in which the disc key has not been written. It is a block diagram which shows an example in the case of implement | achieving the recording method at the time of writing data by the CSS system to the recordable DVD medium in which the disk key has been written with the combination of PC and drive. It is a basic diagram which shows the flow of the data between the drive and disk in the structure of FIG. FIG. 3 is a block diagram showing an example of a case where a recording method for writing data to a recordable DVD medium in which a disc key has not been written by the CSS method is realized by a combination of a PC and a drive. FIG. 13 is a schematic diagram showing a data flow between a drive and a disk in the configuration of FIG. 12. FIG. 11 is a block diagram showing a configuration in which scrambled data is bus-encrypted and transferred with respect to the configuration of FIG. 10. FIG. 15 is a schematic diagram illustrating a data flow between a drive and a disk in the configuration of FIG. 14. FIG. 13 is a block diagram showing a configuration in which scrambled data is bus-encrypted and transferred with respect to the configuration of FIG. FIG. 17 is a schematic diagram showing a data flow between a drive and a disk in the configuration of FIG. 16. It is a block diagram of the 1st example of composition of this invention. FIG. 19 is a schematic diagram showing a data flow between a drive and a disk in the configuration of FIG. 18. It is a block diagram of the 2nd example of composition of this invention. FIG. 21 is a schematic diagram illustrating a data flow between a drive and a disk in the configuration of FIG. 20. It is a block diagram of the 3rd structural example of this invention. It is a block diagram of the 4th example of composition of this invention. FIG. 19 is a block diagram of a fifth configuration example of the present invention in which a title key mask control mechanism is added to the configuration of FIG. 18. FIG. 21 is a block diagram of a sixth configuration example of the present invention in which a mask control mechanism for disc keys and title keys is added to the configuration of FIG. 20. FIG. 23 is a block diagram of a seventh configuration example of the present invention in which a title key mask control mechanism is added to the configuration of FIG. 22. FIG. 24 is a block diagram of an eighth configuration example of the present invention in which a disc key and title key mask control mechanism is added to the configuration of FIG. 23. FIG. 5 is a schematic diagram illustrating a mechanism for generating a session key from mutual authentication, and at the same time, a mechanism for securely transmitting a disk type from a drive to a PC. It is a flowchart explaining the processing of the disc type information on the drive side. It is a flowchart explaining the processing of the disc type information on the PC side. FIG. 9 is a schematic diagram illustrating a mechanism for generating a session key from mutual authentication, and simultaneously explaining means for securely transmitting copy generation management information from a drive to a PC. It is a block diagram which shows the example at the time of using AES in MAC calculation or session key generation. It is a flowchart which shows the process by the side of a drive from mutual authentication to session key generation. It is a flowchart which shows the process by the side of PC from mutual authentication to session key generation. It is a block diagram which shows an example of a process of bus encryption / decryption. It is a flowchart which shows the flow of the process of FIG. It is a basic diagram for demonstrating the structure of AV pack, and the target range of bus encryption. It is a basic diagram which shows the data structure of 1 sector. It is a basic diagram which shows the flow of a data recording process. It is a basic diagram for demonstrating the data which mask control makes object. It is a block diagram which shows an example of a structure of a mask control. The It is a block diagram which shows an example of a structure of the filter in a mask control. It is a flowchart which shows the production | generation and extinction of a session key, and the mask control process of a CSS key. It is a block diagram which shows the other example of the production | generation method of a master key.

Explanation of symbols

9 Scrambled MPEG data 10a, 10b Secured disc key 11 Encrypted title key 13a, 13b Writable disc 52 MPEG encoder 53, 95 Scrambler 56, 78, 84 Decryptor 57, 83 Master key 60 Audio / visual data 62, 72 Authentication Unit 63, 76, 85 Bus encryptor 66, 73, 77 Bus decryptor 81, 86 Random number generator 82, 87 Encryptor 161, 261 Drive 171, 271 PC

Claims (20)

A recording / reproducing apparatus that reads information from a recording medium and records the information on the recording medium, and an information processing apparatus to which the recording / reproducing apparatus is connected via a transmission unit, records encrypted content information on the recording medium. A signal processing system
The recording / reproducing apparatus comprises:
Authentication means for performing authentication with the information processing apparatus and generating a session key when authentication is established;
Recording means for recording the encrypted content information on a recording medium,
The information processing apparatus
Having authentication means for performing authentication with the recording / reproducing apparatus and generating a session key when authentication is established;
When the generated random number data is exchanged, the authentication unit of the recording / reproducing device and the authentication unit of the information processing device include information on the type of the recording medium in a random number transmitted from the recording / reproducing device to the information processing device. A signal processing system that mixes. In claim 1,
Further, a bus encryption means for transmitting information encrypted by the recording / reproducing device using the session key to the information processing device, and bus decrypting the information encrypted by the information processing device using the session key. Bus decoding means,
Bus encryption means for transmitting information encrypted by the information processing device using the session key to the recording / reproducing device, and bus decoding for decoding the bus encrypted information from the recording / reproducing device using the session key. And a signal processing system. A recording / reproducing apparatus that reads information from a recording medium and records the information on the recording medium, and an information processing apparatus to which the recording / reproducing apparatus is connected via a transmission unit, records encrypted content information on the recording medium. A signal processing system
The recording / reproducing apparatus comprises:
Authentication means for performing authentication with the information processing apparatus and generating a session key when authentication is established;
Recording means for recording the encrypted content information on a recording medium,
The information processing apparatus
Having authentication means for performing authentication with the recording / reproducing apparatus and generating a session key when authentication is established;
When the generated random number data is exchanged, the authentication unit of the recording / reproducing device and the authentication unit of the information processing device mix copyright-related information with the random number transmitted from the information processing device to the recording / reproducing device. Signal processing system. In claim 3,
Further, a bus encryption means for transmitting information encrypted by the recording / reproducing device using the session key to the information processing device, and bus decrypting the information encrypted by the information processing device using the session key. Bus decoding means,
Bus encryption means for transmitting information encrypted by the information processing device using the session key to the recording / reproducing device, and bus decoding for decoding the bus encrypted information from the recording / reproducing device using the session key. And a signal processing system. A recording / reproducing apparatus that is connected to an information processing apparatus via a transmission unit and records content information encrypted by a content information encryption method on a recording medium,
Authentication means for performing authentication with the information processing apparatus and generating a session key when authentication is established;
Recording means for recording the encrypted content information on a recording medium,
A recording / reproducing apparatus in which the authentication means mixes information on the type of the recording medium with a random number transmitted to the information processing apparatus when exchanging the generated random number data. In claim 5,
Furthermore, a bus encryption unit that transmits information encrypted by the session key to the information processing device, and a bus decryption unit that decrypts the bus encrypted information from the information processing device by the session key. A recording / reproducing apparatus. A recording / reproducing apparatus that is connected to an information processing apparatus via a transmission unit and records content information encrypted by a content information encryption method on a recording medium,
Authentication means for performing authentication with the information processing apparatus and generating a session key when authentication is established;
Recording means for recording the encrypted content information on a recording medium,
A recording / reproducing apparatus in which the authentication means mixes copyright-related information with a random number received from the information processing apparatus when exchanging generated random number data. In claim 7,
Furthermore, a bus encryption unit that transmits information encrypted by the session key to the information processing device, and a bus decryption unit that decrypts the bus encrypted information from the information processing device by the session key. A recording / reproducing apparatus. A recording / reproducing apparatus that reads information from a recording medium and records the information on the recording medium, and an information processing apparatus to which the recording / reproducing apparatus is connected via a transmission unit, records encrypted content information on the recording medium. Recording method,
The recording / reproducing apparatus comprises:
An authentication step of performing authentication with the information processing device and generating a session key when authentication is established;
A recording step of recording the encrypted content information on a recording medium,
The information processing apparatus
An authentication step for performing authentication with the recording / reproducing apparatus and generating a session key when authentication is established;
The authentication step of the recording / reproducing apparatus and the authentication step of the information processing apparatus include information on the type of the recording medium in a random number transmitted from the recording / reproducing apparatus to the information processing apparatus when the generated random number data is exchanged. Recording method that mixes. In claim 9,
Further, a bus encryption step for transmitting the information encrypted by the recording / reproducing device with the session key to the information processing device, and bus decrypting the information encrypted with the bus from the information processing device with the session key. A bus decoding step,
A bus encryption step of transmitting information encrypted by the information processing device using the session key to the recording / reproducing device; and bus decoding for decoding the bus encrypted information from the recording / reproducing device using the session key. Recording method. A recording / reproducing apparatus that reads information from a recording medium and records the information on the recording medium, and an information processing apparatus to which the recording / reproducing apparatus is connected via a transmission unit, records encrypted content information on the recording medium. Recording method,
The recording / reproducing apparatus comprises:
An authentication step of performing authentication with the information processing device and generating a session key when authentication is established;
A recording step of recording the encrypted content information on a recording medium,
The information processing apparatus
An authentication step for performing authentication with the recording / reproducing apparatus and generating a session key when authentication is established;
The authentication step of the recording / reproducing device and the authentication step of the information processing device mix copyright-related information with the random number transmitted from the information processing device to the recording / reproducing device when exchanging the generated random number data. Recording method. In claim 11,
Further, a bus encryption step for transmitting the information encrypted by the recording / reproducing device with the session key to the information processing device, and bus decrypting the information encrypted with the bus from the information processing device with the session key. A bus decoding step,
A bus encryption step of transmitting information encrypted by the information processing device using the session key to the recording / reproducing device; and bus decoding for decoding the bus encrypted information from the recording / reproducing device using the session key. Recording method. A recording / reproducing apparatus that reads information from a recording medium and records the information on the recording medium, and an information processing apparatus to which the recording / reproducing apparatus is connected via a transmission unit, records encrypted content information on the recording medium. A recording method program for
In the recording / reproducing apparatus,
An authentication step of performing authentication with the information processing device and generating a session key when authentication is established;
A recording step of recording the encrypted content information on a recording medium,
In the information processing apparatus,
Authenticate with the recording / reproducing device, execute an authentication step of generating a session key when authentication is established,
The authentication step of the recording / reproducing apparatus and the authentication step of the information processing apparatus include information on the type of the recording medium in a random number transmitted from the recording / reproducing apparatus to the information processing apparatus when the generated random number data is exchanged. Recording method program that mixes. In claim 13,
Further, a bus encryption step for transmitting the information encrypted by the recording / reproducing device with the session key to the information processing device, and bus decrypting the information encrypted with the bus from the information processing device with the session key. A bus decoding step,
A bus encryption step of transmitting information encrypted by the information processing device using the session key to the recording / reproducing device; and bus decoding for decoding the bus encrypted information from the recording / reproducing device using the session key. A recording method program comprising steps. A recording / reproducing apparatus that reads information from a recording medium and records the information on the recording medium, and an information processing apparatus to which the recording / reproducing apparatus is connected via a transmission unit, records encrypted content information on the recording medium. A recording method program for
In the recording / reproducing apparatus,
An authentication step of performing authentication with the information processing device and generating a session key when authentication is established;
A recording step of recording the encrypted content information on a recording medium,
In the information processing apparatus,
Authenticate with the recording / reproducing device, execute an authentication step of generating a session key when authentication is established,
The authentication step of the recording / reproducing device and the authentication step of the information processing device mix copyright-related information with the random number transmitted from the information processing device to the recording / reproducing device when exchanging the generated random number data. Program of recording method. In claim 15,
Further, a bus encryption step for transmitting the information encrypted by the recording / reproducing device with the session key to the information processing device, and bus decrypting the information encrypted with the bus from the information processing device with the session key. A bus decoding step,
A bus encryption step of transmitting information encrypted by the information processing device using the session key to the recording / reproducing device; and bus decoding for decoding the bus encrypted information from the recording / reproducing device using the session key. A recording method program comprising steps. A recording / reproducing apparatus that reads information from a recording medium and records the information on the recording medium, and an information processing apparatus to which the recording / reproducing apparatus is connected via a transmission unit, records encrypted content information on the recording medium. A recording medium storing a program of a recording method to be performed,
In the recording / reproducing apparatus,
An authentication step of performing authentication with the information processing device and generating a session key when authentication is established;
A recording step of recording the encrypted content information on a recording medium,
In the information processing apparatus,
Authenticate with the recording / reproducing device, execute an authentication step of generating a session key when authentication is established,
The authentication step of the recording / reproducing apparatus and the authentication step of the information processing apparatus include information on the type of the recording medium in a random number transmitted from the recording / reproducing apparatus to the information processing apparatus when the generated random number data is exchanged. A recording medium storing a recording method program that mixes the above. In claim 17,
Further, a bus encryption step for transmitting the information encrypted by the recording / reproducing device with the session key to the information processing device, and bus decrypting the information encrypted with the bus from the information processing device with the session key. A bus decoding step,
A bus encryption step of transmitting information encrypted by the information processing device using the session key to the recording / reproducing device; and bus decoding for decoding the bus encrypted information from the recording / reproducing device using the session key. A recording medium storing a program of a recording method. A recording / reproducing apparatus that reads information from a recording medium and records the information on the recording medium, and an information processing apparatus to which the recording / reproducing apparatus is connected through a transmission unit, records encrypted content information on the recording medium. A recording medium storing a program of a recording method to be performed,
In the recording / reproducing apparatus,
An authentication step of performing authentication with the information processing apparatus and generating a session key when authentication is established;
Recording the encrypted content information on a recording medium, and
In the information processing apparatus,
Authenticate with the recording / reproducing device, execute an authentication step of generating a session key when authentication is established,
The authentication step of the recording / reproducing device and the authentication step of the information processing device mix copyright-related information with the random number transmitted from the information processing device to the recording / reproducing device when exchanging the generated random number data. A recording medium storing a program for the recording method. In claim 19,
Further, a bus encryption step for transmitting the information encrypted by the recording / reproducing device with the session key to the information processing device, and bus decrypting the information encrypted with the bus from the information processing device with the session key. A bus decoding step,
A bus encryption step of transmitting information encrypted by the information processing device using the session key to the recording / reproducing device; and bus decoding for decoding the bus encrypted information from the recording / reproducing device using the session key. A recording medium storing a program of a recording method.

Images