JP2006163951A - Digital content management system and management method therefor - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To allow only a purchaser side computer to obtain content with the purchaser's electronic fingerprint embedded, in a content management system. <P>SOLUTION: A purchaser side PC3 can decode only either one of cipher text of cipher text c<SB>j</SB><SP>(0)</SP>of packets with "0" bits embedded therein and a cipher text c<SB>j</SB><SP>(1)</SP>of packets with "1" bits embedded therein, by the use of each random number key<SB>i, j</SB>included in a partial key transmitted from a management center side server. Hereat, the partial key is generated by selecting a random number according to respective bits composing the purchaser's electronic fingerprint from among random numbers included in an extended key, so that the purchaser side PC3, by composing each packet decoded by using each random number key<SB>i, j</SB>included in the partial key, can obtain content with the purchaser's fingerprint, but a seller side can not obtain the partial key from the extended key, and can not obtain the content with an electronic fingerprint. <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

  The present invention relates to a digital content management system using an electronic fingerprint and a management method therefor, and more particularly, to digital content requested by a purchaser when the on-demand type digital content is distributed. In particular, the present invention relates to a technique for identifying a distributor of illegally copied digital content by embedding.

  2. Description of the Related Art Conventionally, a management system for digital content (hereinafter abbreviated as content) using an electronic fingerprint is known (see, for example, Patent Documents 1 and 2). However, in some conventional content management systems, as in the systems disclosed in Patent Documents 1 and 2, the asymmetry of information held by the purchaser and the seller cannot be realized. In this case, the information asymmetry means that only the purchaser can obtain the content embedded with the electronic fingerprint of the purchaser after the content transaction protocol is completed, and the seller It is a property that content with embedded fingerprints cannot be obtained.

  The realization of the above information asymmetry is the most important thing in the content management system. This point will be described in detail below. As shown in FIG. 11, not only the purchaser but also the seller possesses the content in which the electronic fingerprint of the purchaser is embedded (the content with the electronic fingerprint in the figure). Even if the content that is illegally distributed by the purchaser is found, and the purchaser who has illegally distributed it by detecting the electronic fingerprint from the content is identified, the seller may legally prove the purchaser's fraud Can not. This is because the seller himself / herself may distribute contents in which the electronic fingerprint of the purchaser is embedded in order to fall into the purchaser. Therefore, in order to prove the illegal distribution of the content by the purchaser, it is necessary to realize the above asymmetry.

  Therefore, in the conventional content management system using electronic fingerprints, the above asymmetry was realized by utilizing the property of the public key cryptosystem that “only one of the traders can decrypt the data”. There is something. Hereinafter, a conventional content management system realizing asymmetry will be described with reference to FIG. In this system, a purchaser computer (abbreviated as purchaser in the figure) has both a public encryption key and a decryption key that is a secret key. Have a public encryption key only. The purchaser-side computer encrypts ID information such as the purchaser's registration number with the disclosed encryption key and transmits it to the seller-side computer. Upon receiving the ciphertext of the ID information and the purchase request from the purchaser computer, the merchant computer encrypts the content requested from the purchaser computer with the public encryption key, and then encrypts the ciphertext of this content. And the ciphertext of the ID information received from the purchaser's computer based on the properties of the homomorphic mapping of the cipher used in these ciphertexts, thereby obtaining the ciphertext of the content with the electronic fingerprint.

  However, in the conventional content management system using electronic fingerprints, the above asymmetry is realized by utilizing the property of the public key cryptosystem that “only one of the traders can decrypt the data”. Therefore, as shown in FIG. 13, it is necessary to perform encryption by a public key cryptosystem that requires a huge amount of calculation. Moreover, in order for the seller side computer to obtain the ciphertext of the content with the electronic fingerprint based on the ciphertext of the ID information received from the purchaser side computer, the ciphertext of the above ID information and the uncompressed state Since it is necessary to multiply the encrypted text of the content, the public key encryption method that requires a huge amount of calculation is performed on the huge amount of content data that is not compressed. Therefore, there is a problem that the time required for content encryption becomes long.

  In general, content data is compressed by irreversible compression, and a high compression effect can be obtained. However, if lossy compression is performed on the ciphertext, it cannot be decrypted. Further, since the ciphertext is a random data series unlike the content, even if lossless compression is performed, the compression effect cannot be expected. For this reason, it has not been performed to transmit the ciphertext of the content including the electronic fingerprint to the purchaser computer in a compressed state. Therefore, in a conventional content management system using electronic fingerprints, the seller's computer does not compress the ciphertext of the electronic fingerprint-containing content, which has about twice to three times the amount of information as the original content. Since it was transmitted to the purchaser's computer, the data amount of the content to be transmitted increases.

As described above, the problem is that the time required for content encryption becomes long, and the amount of content packet data (hereinafter referred to as packets) transmitted from the seller computer to the purchaser computer increases. The problem leads to a problem that the purchaser computer cannot perform real-time playback processing of playing back while receiving a packet of purchased content.
JP-A-11-119651 Japanese Patent Laid-Open No. 11-7241

  The present invention has been made in order to solve the above-mentioned problem. Only the purchaser's computer can obtain the content in which the purchaser's electronic fingerprint is embedded, so that the content fraud by the purchaser can be obtained. The distribution is easy to verify, and when the seller computer receives the purchase request from the purchaser computer, it creates the ciphertext of the content on the purchaser computer after receiving the purchase request. Digital content management system and digital content in which the purchaser computer can perform real-time playback processing of the purchased content by reducing the processing time and the amount of content packet data transmitted to the purchaser computer The purpose is to provide a management method.

  In order to achieve the above object, a first aspect of the present invention is a seller-side computer installed on a digital content seller side, a buyer-side computer installed on a digital content purchaser side, and the seller side. In the digital content management system using an electronic fingerprint, the seller-side computer is composed of a center-side computer installed in a management center that manages the buying and selling of digital content between the computer and the purchaser-side computer. Content recording means for recording various digital contents, dividing means for dividing each digital content recorded in the content recording means into a plurality of packet data (hereinafter abbreviated as packets), and dividing by the dividing means Embed “0” or “1” information in each packet Embedding means, compression means for compressing each packet in which “0” or “1” information is embedded by the embedding means, and a purchase request receiving means for receiving a purchase request from the purchaser computer And when the purchase request is received by the purchase request receiving means, an encryption means for performing encryption processing on each packet compressed by the compression means, and each packet after encryption processing by the encryption means Packet transmitting means for transmitting to the purchaser side computer, the purchaser side computer being transmitted by the purchase request transmitting means for transmitting a purchase request to the seller side computer and the packet transmission means of the seller side computer. Receiving means for receiving each packet, and decoding means for decoding each packet received by the receiving means. Before receiving a digital content purchase request from the purchaser computer, the computer uses a recording process by the content recording unit, a dividing process by the dividing unit, an embedding process by the embedding unit, and a compressing unit. Digital content in which the purchaser's electronic fingerprint is embedded by assembling the digital content only from each packet that has been successfully decrypted as a result of decryption by the decryption means. It is something to get.

  According to a second aspect of the present invention, in the digital content management system according to the first aspect, the encryption unit performs the encryption process by a common key encryption method.

  According to a third aspect of the present invention, there is provided a seller side computer installed on the digital content seller side, a purchaser side computer installed on the digital content purchaser side, the seller side computer, and the purchaser side computer. In the digital content management system using electronic fingerprints, the center computer has a plurality of keys based on a basic key. A center-side expanded key generating means for generating an expanded key composed of random numbers, an electronic fingerprint generating means for generating a purchaser's electronic fingerprint composed of a series of bit strings based on the purchaser's ID information, and the center-side expanded From the random numbers included in the extended key generated by the key generation means, the electronic fingerprint generation means Selecting a random number corresponding to the value of each bit constituting the generated electronic fingerprint and generating a partial key of the extended key; and purchasing the partial key generated by the partial key generating unit A partial key transmitting means for transmitting to the seller-side computer, wherein the seller-side computer is a content recording means for recording various digital contents, and each piece of digital content recorded in the content recording means is a plurality of packet data ( (Hereinafter abbreviated as "packet"), a packet is created, a packet in which "0" bits are embedded in each packet divided by the above-mentioned packet dividing means, and a packet in which "1" bits are embedded in each packet Embedded packet creating means, a purchase request receiving means for receiving a purchase request from the purchaser side computer, and the center side link. Based on the basic key storage means for storing the same basic key as the basic key used to generate the extended key in the computer, and based on the basic key stored in the basic key storage means, the center side extended key generation means Based on each random number constituting the extended key generated by the seller side extended key generation means, the embedded packet generation means generates the same extended key as the extended key. An encryption means for encrypting each created packet; a packet in which a bit of “0” created by the embedded packet creation means is embedded based on the same packet divided by the dividing means; and “1” An arrangement unit that arranges the packets after encryption by the encryption unit, and each packet after the arrangement by the arrangement unit so that the packet in which the bit is embedded is adjacent to the packet. Packet transmitting means for transmitting a packet to the purchaser-side computer, wherein the purchaser-side computer transmits a purchase request to the seller-side computer, and a partial key transmission of the center-side computer Receiving means for receiving the partial key transmitted by the means, and each packet transmitted by the packet transmitting means of the seller side computer, and the partial key for receiving each packet received by the receiving means by the receiving means A decoding means for decoding using each random number included in the data, a determination means for determining whether or not each packet has been successfully decoded as a result of the decoding by the decoding means, and the determination means determining that the decoding has been successful. Packet assembling means for assembling each packet, and the purchaser-side computer uses the packet assembling means to By assembling the packet, in which was set to obtain a digital content fingerprint of the purchaser it is embedded.

  According to a fourth aspect of the present invention, in the digital content management system according to the third aspect, the seller-side computer further comprises a packet compression unit that compresses each packet created by the embedded packet creation unit, The encryption means performs encryption processing by the encryption means on each packet compressed by the packet compression means.

  According to a fifth aspect of the present invention, in the digital content management system according to the fourth aspect, before the purchase request receiving means receives the purchase request from the purchaser side computer, the packet compression means of the seller side computer Each packet created by the embedded packet creation means is compressed.

  According to a sixth aspect of the present invention, in the digital content management system according to the third aspect, the encryption unit performs the encryption process by a common key encryption method.

  According to a seventh aspect of the present invention, in the digital content management system according to the third aspect, each time the arranging means performs a process of arranging the encrypted packets, the packet in which the “0” bit is embedded The order before and after the packet in which the bit “1” is embedded is rearranged.

  According to an eighth aspect of the present invention, in the digital content management system according to the third aspect, the partial key generation unit converts the random number included in the extended key generated by the center side extended key generation unit into two random numbers. Included in the nth random number set according to whether the value of the nth bit is “0” or “1” among the bits constituting the electronic fingerprint generated by the electronic fingerprint generation means It is determined which one of two random numbers to be selected is selected.

  According to a ninth aspect of the present invention, in the digital content management system according to the third aspect, the center-side computer further comprises key list storage means for storing a key list made up of a bundle of basic keys delivered from a seller. The center side expanded key generation means selects a basic key corresponding to the purchaser from the basic keys included in the key list stored in the key list storage means, and expands based on the selected basic key. A key is generated, and the partial key transmission means, along with the partial key, information indicating what number of basic keys the center side expanded key generation means has selected from the basic keys included in the key list ( The purchase request transmission means of the purchaser side computer transmits the index information received by the reception means from the center side computer, The basic key storage unit of the seller computer stores the same key list as the key list stored in the key list storage unit of the center computer. The seller side computer receives the index information together with the purchase request by the purchase request receiving means, and based on the received index information, the key list stored in the basic key storage means The basic key identical to the basic key used for generating the extended key by the center side extended key generating means is selected from the basic keys included in the key.

  The invention of claim 10 is a seller-side computer installed on the digital content seller side, a purchaser computer installed on the digital content purchaser side, the seller-side computer, and the purchaser-side computer. In the digital content management method using digital fingerprints, which is applied to a digital content management system comprising a center-side computer installed in a management center that manages the sales of digital content to and from the seller, the seller A step in which the side computer records various digital contents, a step in which the seller side computer divides each recorded digital content into a plurality of packet data (hereinafter abbreviated as packets), and the seller side computer , "0" or A step of embedding “1” information, a step in which the seller computer compresses each packet in which the information of “0” or “1” is embedded, and the purchaser computer is in the seller side Transmitting a purchase request to a computer, the seller computer receiving a purchase request from the purchaser computer, the seller computer performing encryption processing on each compressed packet, The seller-side computer transmitting each packet after the encryption processing to the purchaser-side computer; the purchaser-side computer receiving each packet transmitted from the seller-side computer; and The purchaser computer decrypts each received packet. The seller computer includes the steps of recording, dividing, embedding, and performing the compression process before receiving a digital content purchase request from the purchaser computer. As a pre-process, the purchaser computer assembles the digital content only from each packet successfully decoded as a result of the decoding in the decoding step, thereby obtaining the digital content in which the electronic fingerprint of the purchaser is embedded. It is a thing.

  According to an eleventh aspect of the present invention, in the digital content management method according to the tenth aspect, the encryption processing is performed by a common key cryptosystem.

  According to a twelfth aspect of the present invention, there is provided a seller side computer installed on the digital content seller side, a purchaser side computer installed on the digital content purchaser side, the seller side computer, and the purchaser side computer. In the digital content management method using digital fingerprints, which is applied to a digital content management system composed of a center side computer installed in a management center that manages the trading of digital content with The computer generates a purchaser's electronic fingerprint composed of a series of bit strings based on the purchaser's ID information, and the center computer generates an extended key composed of a plurality of random numbers based on the basic key. Step, the center computer is included in the extended key Selecting a random number corresponding to the value of each bit constituting the electronic fingerprint from among the numbers to generate a partial key of the extended key, wherein the center computer sends the partial key to the purchaser computer The step of receiving the partial key transmitted from the center side computer, the step of transmitting the purchase request to the seller side computer, the seller side computer, The side computer divides each digital content recorded in the device into a plurality of packet data (hereinafter abbreviated as packets), and the seller computer embeds a bit of “0” in each packet. Creating a packet and a packet in which a bit of “1” is embedded in each packet, the seller A step in which a computer receives a purchase request from the purchaser-side computer, and the seller-side computer is based on the same basic key as the basic key used to generate an extended key in the center-side computer, Generating an expanded key identical to the expanded key generated in the computer; the seller-side computer, based on each random number constituting the expanded key; a packet in which the bit of “0” is embedded; A step of encrypting a packet in which a bit of “1” is embedded, a packet in which the seller computer embeds a bit of “0” and a packet in which a bit of “1” is embedded, created based on the same packet Arranging the encrypted packets so that and are adjacent to each other, the seller side computer Transmitting the arranged packets to the purchaser computer, the purchaser computer receiving each packet transmitted from the seller computer, and the purchaser computer Decrypting each packet received from the buyer computer using each random number included in the partial key received from the center computer, the buyer computer successfully decrypted each packet as a result of the decryption And the step of assembling each packet determined to be successful in the determination, the purchaser computer embeds the electronic fingerprint of the purchaser by assembling each packet. The digital content is obtained.

  According to a thirteenth aspect of the present invention, in the digital content management method according to the twelfth aspect, the seller-side computer includes a packet in which the bit of “0” is embedded and a packet in which the bit of “1” is embedded. After compression, these packets are encrypted.

  A fourteenth aspect of the present invention is the digital content management method according to the thirteenth aspect, wherein the seller side computer embeds the bit of “0” before receiving the purchase request from the purchaser side computer. And the packet in which the bit of “1” is embedded.

  According to a fifteenth aspect of the present invention, in the digital content management method according to the twelfth aspect, the seller-side computer performs the encryption process by a common key encryption method.

  According to a sixteenth aspect of the present invention, in the digital content management method according to the twelfth aspect, each time the seller side computer executes the step of arranging the encrypted packets, the bit of “0” is embedded. The order before and after the packet in which the “1” bit is embedded is rearranged.

  According to a seventeenth aspect of the present invention, in the digital content management method according to the twelfth aspect, in the step of generating the partial key, the center computer converts the random number included in the extended key into a set of two random numbers. In accordance with whether the value of the nth bit among the bits constituting the electronic fingerprint is “0” or “1”, any one of the two random numbers included in the set of the nth random number Is to be selected.

  According to an eighteenth aspect of the present invention, in the digital content management method according to the twelfth aspect, in the step of generating the expanded key, the center side computer generates a key from among the basic keys included in the key list passed from the seller. In the step of selecting a basic key corresponding to the purchaser, generating an extended key based on the selected basic key, and transmitting the partial key, the own device is included in the key list together with the partial key. Information (hereinafter referred to as index information) indicating that the selected basic key is selected from the basic keys, and the purchaser side computer uses the index information received from the center side computer as the purchase request. Together with the key list stored in the center computer. The seller side computer generates an extended key in the center side computer from the basic keys included in the key list based on the index information received from the purchaser side computer. The same basic key as that used in the above is selected.

  According to the invention of claim 1 or claim 10, before the seller side computer receives the digital content purchase request from the purchaser side computer, the seller side computer performs a process for recording various digital contents and a plurality of digital content items. Processing for dividing into packets, embedding processing of information “0” or “1” in each packet, and compression processing of each packet in which information “0” or “1” is embedded are performed as preprocessing. I made it. As a result, the processing performed after the seller side computer receives the digital content purchase request from the purchaser side computer performs the encryption process for each compressed packet, and each packet after the encryption process is sent to the purchaser side computer. Can only be sent to. In addition, unlike conventional content management systems that realize information asymmetry, each content packet can be encrypted after being compressed, so conventional content management systems that realize asymmetry of information As compared with the above, it is possible to reduce the data amount of the content to be encrypted. Therefore, it is possible to shorten the processing time from when the seller side computer receives the purchase request from the purchaser side computer to creation of the ciphertext of the content.

  In addition, as described above, the seller side computer compresses each packet constituting the content and then encrypts it, thereby reducing the data amount of the encrypted packet transmitted to the purchaser side computer. Therefore, the communication time necessary for transmitting these packets can be shortened.

  Therefore, the purchaser computer can perform real-time playback processing of the purchased content.

  According to the second or eleventh aspect of the present invention, since the encryption process for each compressed packet is performed by the common key cryptosystem, the encryption is performed by the public key cryptosystem that requires a huge amount of calculation. Compared with the case where the process is performed, the processing time required for the merchant computer to create the ciphertext of each packet constituting the content can be shortened.

  According to the invention of claim 3 or claim 12, the seller-side computer embeds a bit of “0” in each packet constituting the content based on a different random number among the random numbers constituting the expanded key. The encrypted packet and the packet in which the “1” bit is embedded are encrypted and transmitted to the purchaser computer. Then, the purchaser's computer only selects either one of the packet obtained by encrypting the packet in which the “0” bit is embedded and the packet obtained by encrypting the packet in which the “1” bit is embedded. The decryption can be performed using each random number included in the partial key transmitted from the center computer. Here, since the partial key is generated by selecting a random number corresponding to the value of each bit constituting the purchaser's electronic fingerprint from the random numbers included in the expanded key, the purchaser side The computer can obtain digital content in which the electronic fingerprint of the purchaser is embedded by assembling each packet that can be decrypted using each random number included in the partial key. That is, when the “0” bit and the “1” bit embedded in each packet constituting the digital content acquired by the purchaser computer are arranged, the electronic fingerprint of the purchaser is obtained.

  As described above, since the purchaser's computer has a partial key, it is possible to obtain digital content in which the electronic fingerprint of the purchaser is embedded using this partial key. Because it does not have information on the purchaser's partial key and the purchaser's partial key cannot be obtained from the expanded key of the seller's computer, digital content in which the purchaser's electronic fingerprint is embedded can be obtained I can't. Therefore, since only the purchaser can obtain the content in which the electronic fingerprint of the purchaser is embedded, it becomes possible to verify the illegal distribution of the digital content by the purchaser, and effectively protect the copyright of the digital content. be able to.

  According to the invention of claim 4 or claim 13, the seller side computer compresses the packet in which the bit of “0” is embedded and the packet in which the bit of “1” is embedded, and then these By performing the encryption process on the packet, the data amount of the content to be encrypted can be reduced as compared with a conventional content management system that realizes asymmetry of information. Accordingly, it is possible to shorten the processing time from when the seller side computer receives the purchase request from the purchaser side computer until the content ciphertext is created. In addition, as described above, the seller side computer compresses each packet constituting the content and then encrypts it, thereby reducing the data amount of the encrypted packet transmitted to the purchaser side computer. Therefore, the communication time necessary for transmitting these packets can be shortened. Therefore, the purchaser computer can perform real-time playback processing of the purchased content.

  According to the invention of claim 5 or claim 14, before the seller side computer receives the purchase request from the purchaser side computer, the seller side computer embeds the packet in which the bit “0” is embedded and the bit “1”. The processing performed after the seller side computer receives the digital content purchase request from the purchaser side computer by compressing the packet, and the encryption processing for each compressed packet and the encryption processing Only the process of transmitting each subsequent packet to the purchaser computer can be performed. Accordingly, it is possible to shorten the processing time from when the seller side computer receives the purchase request from the purchaser side computer to when the ciphertext of the content packet is transmitted.

  According to the invention of claim 6 or claim 15, since the seller side computer performs the encryption process for each compressed packet by the common key encryption method, a huge amount of calculation is required. Compared with the case where encryption is performed by a public key encryption method, the processing time required for the seller side computer to create the ciphertext of each packet constituting the content can be shortened.

  According to the seventh or sixteenth aspect of the invention, the seller side computer embeds a packet in which a bit of “0” is embedded and a bit of “1” each time the encrypted packets are arranged. By rearranging the order before and after the packet, it is possible to prevent the purchaser from knowing the order before and after the packet with the "0" bit embedded and the packet with the "1" bit embedded. it can. Therefore, it is possible to prevent the purchaser from knowing his / her electronic fingerprint.

  According to the invention of claim 8 or claim 17, the process of generating a partial key of the expanded key by selecting a random number corresponding to the value of each bit constituting the electronic fingerprint from the random numbers included in the expanded key 2, the random number included in the extended key is divided into two random number pairs, and the value of the nth bit among the bits constituting the purchaser's electronic fingerprint is “0” or “1”. , It is determined which of the two random numbers included in the n-th random number pair is to be selected. The purchaser's computer can obtain digital content in which the electronic fingerprint of the purchaser is embedded by assembling each packet that can be decrypted using each random number included in this partial key. That is, when the “0” bit and the “1” bit embedded in each packet constituting the digital content acquired by the purchaser computer are arranged, the electronic fingerprint of the purchaser is obtained.

  According to the invention of claim 9 or claim 18, the center side computer and the seller side computer store the same key list and respond to the purchaser from the basic keys included in this key list. By selecting a basic key and generating an extended key based on the selected basic key, a different extended key can be generated for each purchaser, and a part generated based on the extended key Key variations can be increased.

  The best mode for carrying out the present invention will be described with reference to the drawings. The present invention relates to a digital content management system using an electronic fingerprint and a management method therefor, and more particularly, to digital content requested by a purchaser when the on-demand type digital content is distributed. It is related with the technique which specifies the distributor of the digital content illegally copied by embedding and transmitting to a purchaser. The embodiments described below do not cover the present invention, and the present invention is not limited to the following modes.

  FIG. 1 shows an outline of processing in the digital content management system according to this embodiment. A digital content management system 1 (hereinafter abbreviated as “content management system”) is a seller-side server 2 (seller-side computer installed on the seller side of a digital content (hereinafter abbreviated as “content”)). Abbreviation), purchaser-side PC3 (purchaser-side computer; abbreviated as purchaser in the figure) installed on the purchaser side of the content, and purchase and sale of content between the seller-side server 2 and the purchaser-side PC3 Is a system in which a management center side server 4 (center side computer; abbreviated as “center” in the figure) installed in a management center that manages the network is connected via a network 5 (see FIG. 2) such as the Internet. A third-party organization such as an administrative organization or a bank corresponds to the management center. In the conventional content management system that realizes the asymmetry of the information shown in FIG. 12, the ciphertext transmitted from the purchaser side to the seller side really includes the purchaser's ID information. Since it is unknown whether or not it is necessary, a management center is required to issue a registration certificate for illuminating that the ciphertext contains the purchaser's ID information.

  Next, an outline of processing in the content management system 1 will be described. As shown by an arrow 11 in the figure, a seller who wants to sell content he owns a key list 9 consisting of a bundle of basic keys used by the seller side server 2 to the management center side server 4. The key list 9 is registered in the management center side server 4. When the user registration application data is transmitted from the purchaser side PC 3 to the management center side server 4 as indicated by an arrow 12 in the figure, the management center side server 4 includes the basics included in the key list 9. One basic key is selected from the keys, and an expanded key is generated based on the basic key. Next, the management center side server 4 issues a decryption key sequence (corresponding to a partial key in the claims) composed of random numbers selected from random numbers included in the expanded key, and the arrow 13 in the figure. The decryption key sequence is transmitted to the purchaser side PC 3 together with the registration certificate data as shown in FIG. Then, as indicated by an arrow 14 in the figure, the purchaser purchases the seller by sending the registration certificate data and the purchase request to the seller-side server 2 using the purchaser-side PC 3. When the request is made, the seller-side server 2 distributes the ciphertext of the content packet to the purchaser-side PC 3 as indicated by an arrow 15 in the figure.

  Here, it is desirable to use electronic money as registration certificate data transmitted from the purchaser-side PC 3 to the seller-side server 2. That is, the purchaser and the seller are registered in the management center side server 4, and the purchaser makes a purchase request to the seller using the electronic money withdrawn from the management center, and the seller later manages the bank or the like. It is desirable to have a mechanism for collecting profits from the center.

Although details will be described later, in the content management system 1, the purchaser-side PC 3 decrypts the ciphertexts of a large number of packets transmitted from the seller-side server 2 and assembles only the packets that have been successfully decrypted. The content in which the electronic fingerprint of the purchaser is embedded ⁽ content X ^(wi) with electronic fingerprint in the figure) can be obtained. Further, in the content management system 1, before the seller-side server 2 receives the content purchase request from the purchaser-side PC 3, the content-side management system 1 performs processing for dividing each content into a plurality of packets, compression processing for each packet, and the like. By performing the preprocessing, it is possible to reduce the amount of data to be encrypted, compared to the case where each packet is encrypted without being compressed. Accordingly, it is possible to shorten the processing time from when the seller-side server 2 receives the purchase request from the purchaser-side PC 3 until the content ciphertext is created. Further, as described above, the seller-side server 2 compresses and encrypts each packet constituting the content, thereby reducing the data amount of the encrypted packet transmitted to the purchaser-side PC 3. Since it can be reduced, the communication time required for transmitting these packets can be shortened. Accordingly, the purchaser-side PC 3 can perform real-time playback processing of the purchased content.

  Next, the hardware configuration of the content management system 1 will be described with reference to FIG. The seller side server 2 includes a microprocessor 60 that controls the entire apparatus, a hard disk 61 (content recording means, basic key storage means) that stores various data, programs, and the like, and each stored in the hard disk 61. When the program is executed, a memory 62 in which each program is loaded, an operation unit 64 including a mouse and a keyboard for inputting various instructions, and other connected devices on the network 5 (the purchaser side PC 3 and the management center) A transmission / reception unit 63 (packet transmission means) for transmitting / receiving data to / from the server 4 and a display 65. In the hard disk 61, in addition to the key list 9 described above, a compressed packet 54, which is a packet obtained by performing preprocessing such as the above compression processing on each packet constituting the content for distribution, and various work data The pre-processing PG 66, which is a program for executing the pre-processing such as the above-described compression processing, on each packet constituting the content for distribution 69, the pre-processing PG 66, etc. An encryption PG 67 that is a program for performing an encryption process on the processed packets, a rearrangement PG 68 that is a program for rearranging each packet after the encryption process, and various other data 69 are stored. Has been.

  The microprocessor 60 and the preprocessing PG 66 correspond to a dividing unit, an embedding unit, an embedded packet creating unit, a compressing unit, and a packet compressing unit in the claims. Further, the microprocessor 60 and the encryption PG 67 correspond to encryption means and seller side expanded key generation means in the claims. Furthermore, the microprocessor 60 and the rearrangement PG 68 correspond to the arrangement means in the claims.

Further, as shown in the figure, the purchaser-side PC 3 has substantially the same configuration as the seller-side server 2. In order to assemble only the packets that can be decrypted by the decryption PG 76, which is a program for decrypting the ciphertext of the packet transmitted from the seller-side server 2, in the hard disk 71 of the purchaser-side PC 3 Are stored as various programs 79 including the packet assembly PG 77, the content X ^{(wi) with} electronic fingerprint assembled by the packet assembly PG 77, and other work data. The other configuration of the purchaser-side PC 3 is basically the same as that of the seller-side server 2, and thus the description thereof is omitted here. The transmission / reception unit 73 of the purchaser side PC 3 corresponds to the purchase request transmission means and the reception means in the claims. The microprocessor 70 and the decryption PG 76 of the purchaser side PC 3 correspond to the decryption means in the claims. The microprocessor 70 and the packet assembly PG 77 of the purchaser side PC 3 correspond to the determination means and the packet assembly means in the claims.

  Further, as shown in the figure, the management center side server 4 has substantially the same configuration as the seller side server 2. The hard disk 81 (key list storage means) of the management center side server 4 has a key list DB 86, which is a database of the key list 9 transmitted from the seller side server 2, and a purchaser generated based on the purchaser's ID information. The electronic fingerprint DB 87, which is a database of electronic fingerprints, the decryption key creation PG 88, which is a program for creating a decryption key sequence to be transmitted to the purchaser PC 3, and various data 89 including other work data are stored. Yes. Since the other configuration of the management center side server 4 is basically the same as that of the seller side server 2, description thereof is omitted here. The microprocessor 80 and the decryption key creation PG 88 of the management center side server 4 correspond to the center side expanded key generation means, the electronic fingerprint generation means, and the partial key generation means in the claims. Further, the transmission / reception unit 83 of the management center side server 4 corresponds to a partial key transmission unit in the claims.

  In the following description, in order to simplify the description, the seller side server 2, the purchaser side PC 3, and the management center side server 4 will be described as the subject of each process. The processing is mainly performed by the microprocessor 60 of the seller side server 2, the microprocessor 70 of the purchaser side PC 3, and the microprocessor 80 of the management center side server 4.

FIG. 3 is a diagram showing an image of processing in the content management system 1, and shows substantially the same contents as FIG. As shown by the arrow 10, a common key cryptosystem is used for encrypting the content packet transmitted from the seller-side server 2 to the purchaser-side PC 3. Although details will be described later, the content acquired by the purchaser-side PC 3 by executing the electronic fingerprint protocol indicated by the arrow 10 is the content embedded with the electronic fingerprint ^(the content X ^{(including the} electronic fingerprint shown in FIG. 1 X ^{( wi)} )

  In the content management system 1, a content seller consists of a bundle of basic keys used by himself / herself as indicated by an arrow 11 in the figure when registering as a seller in the management center side server 4. The key list 9 is transmitted from the seller side server 2 to the management center side server 4, and the key list 9 is registered in the management center side server 4.

Next, with reference to FIGS. 4 and 5, processing performed by the management center side server 4 when the content purchaser performs registration as a purchaser will be described. As indicated by an arrow 12 in FIG. 4, when the i-th purchaser performs registration (user registration) as a purchaser in the management center side server 4, the purchaser side PC 3 enters the management center side server 4. When (the i index) ID information _ID i of the self (the purchaser) to the management center side server 4, as shown in FIG, with reversible function h (·), buyer ID information ID _i Based on, a purchaser's electronic fingerprint w _i comprising a series of bit strings (data in which “0” bits and “1” bits are arranged) is generated. The reversible function h (•) is kept secret to those other than those related to the management center, so that the purchaser and the seller cannot know the electronic fingerprint w _i of the purchaser.

Next, as shown in FIG. 5, the management center side server 4 selects a basic key corresponding to the purchaser from the basic keys included in the key list 9. For example, if the client registration requester is the i-th purchaser, the basic key k _i (i is an index) shown in the figure is selected. Then, as indicated by an arrow 16 in the figure using the pseudo-random number generator g (·) is a function that generates a sequence of pseudo-random number, based on the basic key k _i of the enlarged key sequence g (k _i ) is generated. That is, using the sequence of random numbers represented by g (k _i) as a sequence of expanded key. The key list 9 and the pseudo-random number generator g (•) are selected on the seller side in principle and transmitted from the seller server 2 to the management center server 4. Accordingly, we and the management center side server 4 and the seller server 2, since it has the same key list 9 and the pseudo-random number generator g (·), to generate the same expanded key sequence g (k _i) it can.

Next, the management center side server 4, based on the ID information ID _i of the purchaser, generates a decryption key sequence key _i (partial keys or user key) from the series of the expanded key g _{(k i).} Specifically, if the value w _{i, j} of the j (j = 0 to n−1) -th bit among the bit strings constituting the electronic fingerprint w _i is “0”, the extended key sequence g ( The 2j-th random number k _{i, 2j} included in k _i ) is the j-th random number key _{i, j} included in the decryption key sequence key _i , and the value w _{i, j} of the j-th bit is “1”. In this case, the 2j + 1-th random number k _{i, 2j + 1} included in the extended key sequence g (k _i ) is set as the j-th random number key _{i, j} included in the decryption key sequence key _i .

For example, as shown by the arrow 17a in the figure, when _{the 0th} random number key _{i, 0} included in the decryption key sequence key _i is determined _{, the 0th} bit string constituting the electronic fingerprint w _i When the bit value w _{i, 0} is “0”, the 0 (2X0 = 0) -th random number k _{i, 0} included in the extended key sequence g (k _i ) is 0 included in the decryption key sequence key _i. a second random number key _{i, 0,} in the case of values w _{i, 0} of 0 th bit of the "1", 1 included in the expanded key sequence _{g (k i) (2X0 +} 1 = 1) th random number k _{Let i, 1} be the 0th random number key _{i, 0} included in the decryption key sequence key _i . Further, as shown by the arrow 17b in the figure, when determining the _first random number key _{i, 1} included in the decryption key sequence key _i , the first random number of the bit strings constituting the electronic fingerprint w _i When the bit value w _{i, 1} is “0”, the 2 (2 × 1 = 2) -th random number k _{i, 2} included in the extended key sequence g (k _i ) is 1 included in the decryption key sequence key _i. a second random number key _{i, 1,} when the value w _{i, 1} of the first bit of the "1", the expanded key sequence g 3 included in the _{(k i) (2X1 + 1} = 3) -th random number k _{Let i, 3} be the first random number key _{i, 1} included in the decryption key sequence key _i .

In other words, the above-described method for generating the decryption key sequence key _i divides the random numbers included in the extended key sequence g (k _i ) into two sets of random numbers 30a, 30b, 30c, etc. Depending on whether the value w _{i, n} of the n-th bit among the bits constituting the fingerprint w _i is “0” or “1”, one of the two random numbers included in the n-th random number pair It is to decide whether to select a random number.

As described above, for generation processing of a decryption key sequence key _i is carried out based on the fingerprint w _i, the fingerprint w _i are those created based on the ID information ID _i of the buyer It can also be said that the decryption key sequence key _i represents the purchaser's own ID information ID _i . The relationship between the ID information ID _i , the index i, the basic key k _i and the decryption key key _i used or generated in the processing in the management center server 4 is registered in the hard disk 81 of the management center server 4. Recorded as a distribution log.

The management center side server 4 transmits the purchaser-specific decryption key sequence key _i generated by the above method and its index i to the purchaser side PC 3 at the time of user registration of the purchaser. That is, as indicated by an arrow 13 in the figure, the management center issues a purchaser-specific decryption key sequence key _i to the purchaser. Since the decryption key sequence key _i transmitted from the management center side server 4 to the purchaser side PC 3 is composed of only a part of the random numbers constituting the extended key sequence g (k _i ), the management center side server 4 will send only a portion of the expanded key sequence g is the master key (k _i) the purchaser PC3. Further, the management center side server 4 stores the data of the registration certificate for allowing the purchaser to perform a transaction with the seller together with the decryption key sequence key _i and the index i. To the side PC 3. As described above, it is desirable to use electronic money as the data of the registration certificate.

Next, an electronic fingerprint protocol performed between the purchaser side PC 3 and the seller side server 2 will be described. First, processing at the start of the electronic fingerprint protocol shown in FIG. 6 will be described. In this electronic fingerprint protocol, the purchaser-side PC 3 sends the index i and registration certificate data received from the management center-side server 4 together with the content purchase request, as indicated by the arrow 18 in the figure. It starts by sending it to the server 2. Upon receiving these data, the seller-side server 2 checks the registration certificate in order to verify that the purchaser is an authorized user. As a result, when it is determined that the purchaser is a legitimate user, the seller-side server 2 selects the purchaser from the basic keys included in the key list 9 as indicated by an arrow 19 in the figure. The basic key k _i corresponding to the index i received from the side PC 3 is extracted. Since the key list 9 and the basic key index i held by the seller-side server 2 are the same as those used by the management center-side server 4 at the time of registration of the corresponding purchaser, the basic list extracted by the above processing is used. the key k _i is the same as that at the time of registration of the relevant purchaser selected by the management center side server 4.

Next, as shown in the figure, the seller-side server 2 uses the same pseudo-random number generator g (•) as the pseudo-random number generator held by the management center-side server 4 to use the basic key k _i described above. the basis to generate the same enlarged and extended key sequence by the management center side server 4 to generate a key sequence g (k _i). As indicated by an arrow 20 in FIG seller server 2 is holding the entire expanded key sequence g (k _i), purchaser PC3 is expanded key sequence g a (k _i) Only the decryption key sequence key _i composed only of a part of the constituent random numbers is held, and the expanded key sequence g (k _i ) itself is not held. Therefore, a gap is generated between the information held by the seller side server 2 and the information held by the purchaser side PC 3. In this content management system 1, by using a gap of the above information, the seller side so that it is not possible to know the electronic fingerprint w _i of the purchaser.

Next, with reference to FIG. 7 and FIG. 8, content ciphertext creation processing performed on the seller-side server 2 side will be described. First, pre-processing performed by the seller-side server 2 before encrypting the content X packet will be described. The seller-side server 2 speeds up the processing after receiving the purchase request by performing the following pre-processing before receiving the purchase request from the purchaser-side PC 3. This preprocessing includes the following processes. As shown in FIG. 7, the first preprocessing is a process of dividing the content X into small packets (content X divided into each frame or each segment). For example, when the original content X is a movie file, each divided packet is obtained by dividing the data in the original file into segments (blocks) from several seconds to several minutes. The second process is a process of embedding “0” bits in each divided packet (see 32 in FIG. 8) and a process of embedding “1” bits in each divided packet (in FIG. 8). 36). Through these embedding processes, each packet in which “0” bits are embedded and each packet in which “1” bits are embedded are created based on each divided packet. In FIG. 8, a packet in which “0” bit is embedded in j-th packet x _j among the divided packets is represented by x _j ⁽⁰⁾ , and “1” bit is included in the packet x _j described above. A packet in which is embedded is represented by x _j ⁽¹⁾ . The third process is a process (see 33 and 37 in FIG. 8) for compressing each packet by a method such as MPEG compression.

The seller-side server 2 converts each compressed packet generated by the division, embedding, and compression processing performed before receiving the purchase request from the purchaser-side PC 3 as described above into the above-described expanded key sequence g. (k _i) is encrypted with the common key cryptosystem each random number constituted by using as the encryption key (see 34 and 38 in FIG. 8). Encrypting the packet bit compressed packet x _j ⁽⁰⁾ with embedded above the "0", of the random number constituting the extended key sequence g a (k _i), k i is 2j-th random number _{, 2j} are used, "1" of the encryption of the bit compressed packet x _j ⁽¹⁾ with embedded packet, among the random numbers that constitute the expanded key sequence _{g (k i), 2j +} 1 th random number K _{i, 2j + 1} is used. C _j ⁽⁰⁾ and c _j ^{(1) in} FIG. 8 are ciphertexts about a packet obtained by compressing the packet x _j ⁽⁰⁾ and a packet obtained by compressing the packet x _j ⁽¹⁾ , respectively. The order of the ciphertext c _j ⁽⁰⁾ for the compressed packet in which the bit of “0” is embedded and the ciphertext c _j ⁽¹⁾ for the compressed packet in which the bit of “1” is embedded is the function σ Sorted by _j (c _j ⁽⁰⁾ , c _j ⁽¹⁾ ). Function ^{_{σ j (c j (0)}} , c j (1)) , given the two ciphertext c _j ⁽⁰⁾ and c _j ⁽¹⁾ as an argument, these ciphertext, this time, c _j ^{The order of (0)} , c _j ⁽¹⁾ , next time, c _j ⁽¹⁾ , c _j ⁽⁰⁾ , and so on are rearranged at random and output. As described above, the ciphertext σ _j (c _j ⁽⁰⁾ , c _j ⁽¹⁾ ) corresponding to the j-th packet x _j among the packets created by dividing the content X in FIG. Created.

The seller-side server 2 repeats the processing shown in the frame 30 in FIG. 8 for all packets x _{0 to} x _n−1 created by dividing the content X in FIG. The ciphertext 22 shown in the lower left of is created. Note that the arithmetic processing 21 shown on the left side in FIG. 7 and FIG. 8 includes each processing included in the frame 30 described above. Each ciphertext σ ₀ (c _j ⁽⁰⁾ , c _j ⁽¹⁾ ) to σ _n-1 (c _j ⁽⁰⁾ , c _j ⁽¹⁾ ) constituting the ciphertext 22 has been created. The ciphertext is sequentially transmitted to the purchaser side PC 3.

Next, decryption processing of the ciphertext 22 performed by the purchaser side PC 3 will be described with reference to FIG. The purchaser-side PC 3 configures the ciphertext 22 using each random number key _{i, 0 to} key _{i, n-1} included in the purchaser's decryption key sequence key _i shown in FIG. 5 as a decryption key. Each ciphertext σ ₀ (c _j ⁽⁰⁾ , c _j ⁽¹⁾ ) to σ _n-1 (c _j ⁽⁰⁾ , c _j ⁽¹⁾ ) is decrypted (see 41 in FIG. 9), and the electronic Get fingerprinted content X ^(wi) . More specifically, as shown in a frame 40 in the figure, the purchaser-side PC 3, for example, selects the j-th ciphertext σ _j (c _j ⁽⁰⁾ , c _j ^{( For 1)} ), decryption is performed using key _{i, j} , which is the j-th random number among the random numbers included in the decryption key sequence key _i , as the decryption key.

Here, the decryption key key _{i, j} is the 2j-th random number k _{i, 2j} and the 2j + 1-th random number k _{i, 2j + 1} included in the extended key sequence g (k _i ) as described in FIG. The random numbers k _{i, 2j} and random numbers k _{i, 2j + 1} are ciphertexts σ _j (c _j ⁽⁰⁾ , c _j ⁽¹⁾ ) respectively. (also a cryptographic key is also the decryption key) key and sentence c _j ⁽⁰⁾ and the ciphertext c _j ⁽¹⁾ since it is, among the ciphertext c _j ⁽⁰⁾ and the ciphertext c _j ⁽¹⁾ One of the ciphertexts is restored. Then, as described with reference to FIG. 5, when the value w _{i, j} of the j-th bit among the bit strings constituting the electronic fingerprint w _i is “0”, the j-th bit included in the decryption key sequence key _i . The random number key _{i, j} is the 2j-th random number k _{i, 2j} included in the extended key sequence g (k _i ), and when the value of the j-th bit w _{i, j} is “1”, Since the j-th random number key _{i, j} is the 2j + 1-th random number k _{i, 2j + 1} included in the extended key sequence g (k _i ), the j-th random number key _{i, j} is j-th among the bit strings constituting the electronic fingerprint w _i. When the bit value w _{i, j} of “0” is “0”, the ciphertext c _j ⁽⁰⁾ for the compressed packet in which the bit of “0” is embedded is restored, and the value w _{i, j} of the j th bit is In the case of “1”, the ciphertext c _j ⁽¹⁾ for the compressed packet in which the bit of “1” is embedded is restored. Accordingly, of the two ciphertexts c _j ⁽⁰⁾ and ciphertext c _j ⁽¹⁾ included in the ciphertext σ _j (c _j ⁽⁰⁾ , c _j ⁽¹⁾ ), _Means that the value w _{i, j} of the j-th bit in the bit string constituting the electronic fingerprint w _i is included.

For this reason, each packet x ₀ ^{(wi, 0) to} x _n-1 ^{(wi, n-1)} of the content obtained by decompressing each compressed packet that has been successfully restored has an electronic fingerprint w _i , respectively. Of the bit string that constitutes the value, the values of the 0th to (n-1) th bits are embedded. Accordingly, by assembling these packets x ₀ ^{(wi, 0) to} x _n-1 ^{(wi, n-1)} , the content X ^(wi) with electronic fingerprint can be obtained.

Note that the arrow 44 in FIG. 9 indicates the ciphertext c _j ⁽⁰⁾ and the packet of the compressed packet of the packet x _j ⁽⁰⁾ included in the ciphertext σ _j (c _j ⁽⁰⁾ , c _j ⁽¹⁾ ). Which ciphertext of the ciphertext c _j ⁽¹⁾ of the compressed packet of x _j ⁽¹⁾ is restored depends on the value of the jth bit w _i , of the bit string constituting the electronic fingerprint wi _. It means that it is decided according to _j . In the content management system 1, the seller can embed a bit of “0” or “1” in each packet x _{0 to} x _n−1 constituting the content X, but the seller has “0”. It is impossible to know which one of the ciphertext c _j ⁽⁰⁾ for the compressed packet with embedded bits and the ciphertext c _j ⁽¹⁾ for the compressed packet with embedded “1” bits restored. . Therefore, the seller side cannot know the electronic fingerprint w _i of the purchaser.

  Next, with reference to FIG. 10, a device for speeding up the processing in the content management system 1 will be described. In the content management system 1, before the seller-side server 2 receives a content purchase request from the purchaser-side PC 3, recording processing of various types of content on the hard disk 61 and division of each content into a plurality of packets are performed. Processing, embedding processing of “0” or “1” bits in each packet, and compression processing of each packet in which “0” or “1” bits are embedded are performed as preprocessing 51 by offline processing. , Each compressed packet 52 in which the bit “0” is embedded and each compressed packet 53 in which the bit “1” is embedded are prepared. As a result, the processing (online processing) performed after the seller-side server 2 receives the content purchase request from the purchaser-side PC 3 performs the encryption processing for each compressed packet, and each packet after the encryption processing. Only the process of transmitting to the purchaser-side PC 3 can be performed. In addition, unlike the conventional content management system that realizes anonymity of information as shown in FIG. 12, each packet constituting the content can be compressed and then encrypted. Compared with a content management system that realizes security, it is possible to reduce the data amount of content to be encrypted. Furthermore, since the encryption process for each compressed packet is performed by the common key encryption method, a huge amount of calculation is required like a conventional content management system that realizes asymmetry of information. Compared with the case where encryption is performed by the public key cryptosystem, the processing time required for the merchant-side server 2 to create the ciphertext of each packet constituting the content can be shortened. Accordingly, it is possible to shorten the processing time from when the seller-side server 2 receives the purchase request from the purchaser-side PC 3 until the content ciphertext is created.

  Further, as described above, the seller-side server 2 compresses and encrypts each packet constituting the content, thereby reducing the data amount of the encrypted packet transmitted to the purchaser-side PC 3. Since it can be reduced, the communication time required for transmitting these packets can be shortened.

  As described above, the seller-side server 2 shortens the processing time from receiving the purchase request from the purchaser-side PC 3 to creating the encrypted text of the content, and transmission of the packet to the purchaser-side PC 3. By reducing the communication time required for the purchase, the purchaser-side PC 3 can perform real-time playback processing of the purchased content.

  In the above processing, the encryption rate is 1/2, and it is necessary to send twice the amount of content to send one content, but the conventional information as shown in FIG. The encryption rate of the content management system that realizes the anonymity is half or one third, and it is necessary to send content with twice or three times the amount of data to send one content In consideration of the fact that there is no information, it can be said that the encryption rate is improved as compared with the conventional content management system that realizes the non-identity of information.

  As described above, according to the content management system 1 and the management method thereof according to the present embodiment, the seller-side server 2 configures the content based on the different random numbers among the random numbers that configure the expanded key. The packet in which the “0” bit is embedded in the packet and the packet in which the “1” bit is embedded are encrypted and transmitted to the purchaser PC 3. The purchaser-side PC 3 then selects only one of the packet obtained by encrypting the packet in which the “0” bit is embedded and the packet obtained by encrypting the packet in which the “1” bit is embedded. The decryption can be performed using each random number included in the partial key transmitted from the management center side server 4. Here, since the partial key is generated by selecting a random number corresponding to the value of each bit constituting the purchaser's electronic fingerprint from the random numbers included in the expanded key, the purchaser side The PC 3 can obtain the content in which the electronic fingerprint of the purchaser is embedded by assembling each packet that could be decrypted using each random number included in the partial key. That is, when the “0” bit and the “1” bit embedded in each packet constituting the content acquired by the purchaser-side PC 3 are arranged, the purchaser's electronic fingerprint is obtained.

  As described above, since the purchaser-side PC 3 has a partial key, it is possible to obtain digital content in which the purchaser's electronic fingerprint is embedded using the partial key. Does not have information on the purchaser's partial key and cannot obtain the purchaser's partial key from the expanded key of the seller-side server 2, so the digital content in which the electronic fingerprint of the purchaser is embedded cannot be obtained. Can't get. Therefore, since only the purchaser can obtain the content in which the electronic fingerprint of the purchaser is embedded, it becomes possible to verify the illegal distribution of the digital content by the purchaser, and effectively protect the copyright of the digital content. be able to.

  Further, the merchant-side server 2 rearranges the order before and after the packet in which the bit “0” is embedded and the packet in which the bit “1” is embedded every time the encrypted packets are arranged. By doing so, it is possible to prevent the purchaser from knowing the order before and after the packet in which the bit “0” is embedded and the packet in which the bit “1” is embedded. Therefore, it is possible to prevent the purchaser from knowing his / her electronic fingerprint.

  The present invention is not limited to the above embodiment, and various modifications can be made. For example, in the above-described embodiment, an example has been shown in which the seller-side server 2 stores the compressed packet 54 in which preprocessing such as compression is performed on each packet constituting the content for distribution in the hard disk 61. However, the recording medium for recording the compressed packet is not limited to the hard disk, and may be another type of recording medium such as a DVD (Digital Versatile Disc) -RAM (Random Access Memory). In the above-described embodiment, the key list 9 including the bundle of basic keys is transmitted from the seller side server 2 to the management center side server 4. However, the management center side server 4 transmits the key list 9 for each seller. And the key list 9 may be transmitted to the seller-side server 2 when the seller is registered.

The figure which shows the outline of the process in the digital content management system by one Embodiment of this invention. The hardware block diagram of the said digital content management system. The figure which shows the image of the process in the said digital content management system. FIG. 3 is an explanatory diagram of an electronic fingerprint generation process when a content purchaser registers with a management center server in the digital content management system. Explanatory drawing of the process which the management center side server performs when the purchaser of the said content registers. Explanatory drawing of the process at the time of the start of the electronic fingerprint protocol performed between a seller side server and a purchaser side PC in the said digital content management system. Explanatory drawing of the division | segmentation process into the packet of the digital content performed with the said merchant side server. Explanatory drawing of the production | generation process of the ciphertext of the digital content performed with the said merchant side server. Explanatory drawing of the decoding process of the ciphertext performed by the said purchaser side PC. Explanatory drawing of the device for aiming at the speeding-up of the process in the said digital content management system. Explanatory drawing of the conventional digital content management system. Explanatory drawing of the digital content management system which implement | achieved the asymmetry in the past. The figure which shows the image of the process in the digital content management system which implement | achieved the asymmetry in the past.

Explanation of symbols

1 Content management system 2 Seller server (merchant computer)
3 Purchaser PC (Purchaser computer)
4 Management center server (center computer)
9 Key list 60 Microprocessor (dividing means, embedding means, embedded packet creation means, compression means, packet compression means, encryption means, seller side expanded key generation means, arrangement means)
61 Hard disk (content recording means, basic key storage means)
63 Transmission / reception unit (packet transmission means)
66 Preprocessing PG (dividing means, embedding means, embedded packet creating means, compression means, packet compression means)
67 Encryption PG (encryption means, merchant side expanded key generation means)
68 Sort PG (arrangement means)
70 Microprocessor (decoding means, determination means, packet assembly means)
73 Transmitter / Receiver (Purchase Request Transmitter, Receiver)
76 Decryption PG (Decoding means)
77 Packet assembly PG (determination means, packet assembly means)
80 Microprocessor (center side expanded key generation means, electronic fingerprint generation means, partial key generation means)
81 Hard disk (key list storage means)
83 Transmission / reception unit (partial key transmission means)
88 Decryption key creation PG (center side expanded key generation means, electronic fingerprint generation means, partial key generation means)

Claims (18)

A seller-side computer installed on the digital content seller side, a buyer-side computer installed on the digital content purchaser side, and a digital content between the seller-side computer and the purchaser-side computer. In a digital content management system that uses electronic fingerprints, consisting of a center-side computer installed in a management center that manages trading
The seller-side computer includes content recording means for recording various digital contents,
Dividing means for dividing each digital content recorded in the content recording means into a plurality of packet data (hereinafter abbreviated as packets);
Embedding means for embedding information of “0” or “1” in each packet divided by the dividing means;
Compression means for compressing each packet in which information of “0” or “1” is embedded by the embedding means;
Purchase request receiving means for receiving a purchase request from the purchaser computer;
An encryption unit that performs an encryption process on each packet compressed by the compression unit when receiving a purchase request by the purchase request reception unit;
Packet transmission means for transmitting each packet after encryption processing by the encryption means to the purchaser-side computer,
The purchaser-side computer includes purchase request transmission means for transmitting a purchase request to the seller-side computer;
Receiving means for receiving each packet transmitted by the packet transmitting means of the seller side computer;
Decoding means for decoding each packet received by the receiving means,
The seller-side computer, before receiving a digital content purchase request from the purchaser-side computer, a recording process by the content recording means, a division process by the dividing means, an embedding process by the embedding means, The compression processing by the compression means is performed as a preprocessing,
The purchaser-side computer obtains digital content in which the electronic fingerprint of the purchaser is embedded by assembling digital content only from each packet that has been successfully decrypted as a result of decryption by the decryption means. Digital content management system.   The digital content management system according to claim 1, wherein the encryption unit performs the encryption process by a common key encryption method. A seller-side computer installed on the digital content seller side, a buyer-side computer installed on the digital content purchaser side, and a digital content between the seller-side computer and the purchaser-side computer. In a digital content management system that uses electronic fingerprints, consisting of a center-side computer installed in a management center that manages trading.
The center side computer includes center side extended key generation means for generating an extended key composed of a plurality of random numbers based on a basic key;
An electronic fingerprint generating means for generating an electronic fingerprint of the purchaser composed of a series of bit strings based on the purchaser's ID information;
From the random numbers included in the expanded key generated by the center side expanded key generating means, a random number corresponding to the value of each bit constituting the electronic fingerprint generated by the electronic fingerprint generating means is selected, and the expanded A partial key generating means for generating a partial key of the key;
A partial key transmitting means for transmitting the partial key generated by the partial key generating means to the purchaser-side computer,
The seller-side computer includes content recording means for recording various digital contents,
Dividing means for dividing each digital content recorded in the content recording means into a plurality of packet data (hereinafter abbreviated as packets);
Embedded packet creating means for creating a packet in which a bit of “0” is embedded in each packet divided by the dividing means and a packet in which a bit of “1” is embedded in each packet;
Purchase request receiving means for receiving a purchase request from the purchaser computer;
Basic key storage means for storing the same basic key as the basic key used for generating the extended key in the center-side computer;
Based on the basic key stored in the basic key storage means, a seller side extended key generation means for generating the same extended key as the extended key generated by the center side extended key generation means,
Of each random number constituting the extended key generated by the seller side extended key generation means, a bit of “0” is added to each packet generated by the embedded packet generation means based on a different random number. An encryption means for encrypting the embedded packet and the packet embedded with the bit of “1”;
Based on the same packet divided by the dividing unit, the packet embedded with the “0” bit created by the embedded packet creating unit and the packet embedded with the “1” bit are adjacent to each other. And arrangement means for arranging the packets after encryption by the encryption means;
Packet transmitting means for transmitting each packet after being arranged by the arranging means to the purchaser-side computer,
The purchaser-side computer includes purchase request transmission means for transmitting a purchase request to the seller-side computer;
Receiving means for receiving the partial key transmitted by the partial key transmitting means of the center side computer and each packet transmitted by the packet transmitting means of the seller side computer;
Decryption means for decrypting each packet received by the reception means using each random number included in the partial key received by the reception means;
As a result of decoding by the decoding means, determination means for determining whether or not each packet has been successfully decoded;
Packet assembling means for assembling each packet determined to have been successfully decoded by the determining means,
The digital content management system, wherein the purchaser computer obtains digital content in which a purchaser's electronic fingerprint is embedded by assembling the packets by the packet assembling means. The seller side computer further includes a packet compression means for compressing each packet created by the embedded packet creation means,
4. The digital content management system according to claim 3, wherein the encryption unit performs an encryption process by the encryption unit on each packet compressed by the packet compression unit.   The packet compression means of the seller side computer compresses each packet created by the embedded packet creation means before the purchase request reception means receives a purchase request from the purchaser side computer. The digital content management system according to claim 4.   4. The digital content management system according to claim 3, wherein the encryption unit performs the encryption process by a common key encryption method.   The arrangement means rearranges the order before and after the packet in which the “0” bit is embedded and the packet in which the “1” bit is embedded each time the encrypted packets are arranged. The digital content management system according to claim 3, wherein the digital content management system is a digital content management system.   The partial key generation means divides a random number included in the extended key generated by the center side extended key generation means into a set of two random numbers, and configures each of the electronic fingerprints generated by the electronic fingerprint generation means Of the bits, depending on whether the value of the nth bit is “0” or “1”, it is determined which of the two random numbers included in the nth random number pair is to be selected. The digital content management system according to claim 3, wherein the digital content management system is a digital content management system. The center-side computer further comprises key list storage means for storing a key list made up of a bundle of basic keys delivered from a seller,
The center side expanded key generation means selects a basic key corresponding to a purchaser from basic keys included in a key list stored in the key list storage means, and expands the key based on the selected basic key. Produces
The partial key transmission means, together with the partial key, information indicating what number of basic keys the center side expanded key generation means has selected from the basic keys included in the key list (hereinafter referred to as index information). )
The purchase request transmission means of the purchaser side computer transmits the index information received by the reception means from the center side computer together with the purchase request to the seller side computer,
The basic key storage means of the seller side computer stores the same key list as the key list stored in the key list storage means of the center side computer,
The seller-side computer receives the index information together with the purchase request by the purchase request receiving means, and based on the received index information, the basic information included in the key list stored in the basic key storage means 4. The digital content management system according to claim 3, wherein the same basic key as the basic key used for generating the extended key by the center side extended key generating means is selected from the keys. A seller-side computer installed on the digital content seller side, a buyer-side computer installed on the digital content purchaser side, and a digital content between the seller-side computer and the purchaser-side computer. In a digital content management method using an electronic fingerprint, which is applied to a digital content management system composed of a center-side computer installed in a management center that manages trading.
The seller-side computer records various digital contents;
The seller-side computer dividing each recorded digital content into a plurality of packet data (hereinafter abbreviated as packets);
The merchant computer embeds "0" or "1" information in each packet;
The seller side computer compresses each packet in which the information of “0” or “1” is embedded;
The purchaser computer sends a purchase request to the seller computer;
The merchant computer receiving a purchase request from the buyer computer;
The merchant computer performs an encryption process on each compressed packet;
The seller-side computer transmitting each packet after the encryption processing to the purchaser-side computer;
The purchaser computer receives each packet transmitted from the seller computer, and the purchaser computer decrypts each received packet;
The seller side computer performs the recording step, the dividing step, the embedding step, and the compressing step before receiving the digital content purchase request from the purchaser side computer. As a process,
The purchaser-side computer obtains the digital content in which the electronic fingerprint of the purchaser is embedded by assembling the digital content only from each packet successfully decrypted as a result of the decryption in the decrypting step. Digital content management method.   The digital content management method according to claim 10, wherein the encryption processing is performed by a common key cryptosystem. A seller-side computer installed on the digital content seller side, a buyer-side computer installed on the digital content purchaser side, and a digital content between the seller-side computer and the purchaser-side computer. In a digital content management method using an electronic fingerprint, which is applied to a digital content management system composed of a center-side computer installed in a management center that manages trading.
The center-side computer generating a purchaser's electronic fingerprint composed of a series of bit strings based on the purchaser's ID information;
The center-side computer generates an extended key composed of a plurality of random numbers based on a basic key;
The center-side computer selecting a random number corresponding to the value of each bit constituting the electronic fingerprint from random numbers included in the expanded key, and generating a partial key of the expanded key;
The center computer transmitting the partial key to the purchaser computer;
The purchaser-side computer receiving a partial key transmitted from the center-side computer;
The purchaser computer sends a purchase request to the seller computer;
The seller-side computer divides each digital content recorded in the device into a plurality of packet data (hereinafter abbreviated as packets);
The seller-side computer creating a packet in which a bit of “0” is embedded in each packet and a packet in which a bit of “1” is embedded in each packet;
The merchant computer receiving a purchase request from the buyer computer;
The seller-side computer generates an expanded key that is the same as the expanded key generated in the center-side computer, based on the same basic key used for generating the expanded key in the center-side computer ,
The seller-side computer, based on different random numbers among the random numbers constituting the extended key, includes a packet in which a bit of “0” is embedded and a packet in which a bit of “1” is embedded. Encryption step,
The merchant-side computer creates the encrypted packet so that the packet embedded with the “0” bit and the packet embedded with the “1” bit, which are created based on the same packet, are adjacent to each other. Arranging each packet,
The seller side computer transmitting the arranged packets to the purchaser side computer;
The buyer computer receiving each packet transmitted from the seller computer;
The purchaser-side computer decrypts each packet received from the seller-side computer using each random number included in the partial key received from the center-side computer;
The purchaser computer comprises the steps of determining whether or not each packet has been successfully decoded as a result of the decoding, and assembling each packet that has been determined to have been successfully decoded in the determination,
The digital content management method, wherein the purchaser computer assembles the packets to obtain digital content in which the purchaser's electronic fingerprint is embedded.   The seller computer compresses the packet in which the “0” bit is embedded and the packet in which the “1” bit is embedded, and then performs an encryption process on the packet. The digital content management method according to claim 12, wherein:   The seller-side computer compresses the packet in which the “0” bit is embedded and the packet in which the “1” bit is embedded before receiving a purchase request from the purchaser-side computer. The digital content management method according to claim 13.   13. The digital content management method according to claim 12, wherein the seller-side computer performs the encryption processing by a common key encryption method.   Each time the seller-side computer executes the step of arranging the encrypted packets, the order of the packet with the “0” bit embedded and the packet with the “1” bit embedded are arranged in order. The digital content management method according to claim 12, wherein the digital content management method is replaced.   In the step of generating the partial key, the center side computer divides the random number included in the extended key into a set of two random numbers, and the value of the nth bit among the bits constituting the electronic fingerprint 13. The method according to claim 12, wherein one of two random numbers included in the n-th random number pair is selected depending on whether the value is “0” or “1”. The digital content management method described. The center computer is
In the step of generating the extended key, a basic key corresponding to the purchaser is selected from the basic keys included in the key list delivered from the seller, and the extended key is generated based on the selected basic key. ,
In the step of transmitting the partial key, together with the partial key, transmits information indicating what number of basic keys the device has selected from the basic keys included in the key list (hereinafter referred to as index information). And
The purchaser computer sends the index information received from the center computer to the seller computer together with the purchase request,
The seller side computer stores the same key list as the key list stored in the center side computer,
The seller-side computer is based on the index information received from the purchaser-side computer, and is identical to the basic key used for generating the extended key in the center-side computer from the basic keys included in the key list. 13. The digital content management method according to claim 12, wherein a basic key is selected.

Images