JP2007036625A - Content distribution method, content receiver, content transmitter and restricted receiving module - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a content distribution method capable of reducing exchange between a broadcast station and a key management center in update of information about an agreement of pay broadcast or new installation thereof, a content receiver, a content transmitter, a restricted reception module, and a system. <P>SOLUTION: In this content transmission reception method, a pair of a public key and a secret key is generated per ID in the key management center 31, and the pair is managed as an ID management database 311. In issuing an IC card; an ID, and a public key and a secret key corresponding thereto are written into the IC card, and the IC card is distributed. At the same time, a list of the ID and the public key is publicized to a broadcast station 32. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to a content distribution method, a content reception device, a content transmission device, and a conditional access module, and more particularly to a digital broadcast reception device that receives an encrypted digital content broadcast, a digital broadcast transmission device that transmits, a distribution method, and a conditional reception module. .

  In recent years, digital satellite broadcasting and terrestrial digital broadcasting using communication satellites and broadcasting satellites have been performed.

  In satellite digital broadcasting, pay broadcasting is performed, and a limited reception system that allows viewing control by various methods such as channel units, program units, and time units is operated (see, for example, Patent Document 1). In this limited reception system, individual contract information corresponding to the user's contract status or the like is transmitted to the receiving device, and set in the receiving device or an IC card to be inserted into the receiving device. Hereinafter, it will be described that the setting is made in the receiving apparatus including the case where the setting is made in a security module such as an IC card.

  Individual viewing contract information transmitted to each receiving device is called EMM (Entitlement Management Message) data. An ID (Identification) number unique to the receiving apparatus is added to the EMM data. The EMM data is encrypted with a unique master key (Km) for each ID unique to the receiving device, multiplexed on a broadcast signal, and transmitted from the center device on the broadcast station side to each receiving device.

  In addition, contents such as video, audio, and data are scrambled by a scramble key (Ks), multiplexed on a broadcast signal, and transmitted from the center device on the broadcast station side to each receiving device. The scramble key (Ks) is encrypted by a work key (Kw) transmitted as a part of EMM data, and then multiplexed as an ECM (Entitlement Control Message) on a broadcast signal and transmitted from the center device on the broadcast station side to each receiving device. Is transmitted to.

  At present, domestic digital broadcasting is operated in a system compliant with ARIB-STD B25, and has a triple key structure using ECM and EMM as described above. The encryption method used here is a common key encryption method, in which an information sender and a receiver share the same key to send and receive encrypted information.

  FIG. 10 shows the exchange of information among the key management center 31 that issues and manages the IC card 5, the broadcasting station 32 that performs broadcasting, the receiving device 1 that receives broadcasting, and the IC card 5 that is connected to the receiving device 1. FIG. The key management center 31 issues the IC card 5 by embedding ID1 (51) and master key Km1 (54) unique to the IC card 5. When a contract for viewing a program is made with the receiver to which the issued IC card 5 is connected, the EMM including the work key Kw 321 is transmitted from the broadcasting station 32 to the key management center 31 as Km1 (54 ) And the encrypted EMM 322 is distributed via broadcast. The receiving apparatus 1 that has received the EMM 322 sends it to the IC card 5, decrypts it with the set Km 1 (54) in the IC card 5, and stores Kw 321. When viewing the program, in order to decrypt the content encrypted with Ks323, the ECM325 is sent to the IC card 5, the IC card 5 decrypts the ECM325 with Kw321, extracts Ks323, and returns it to the receiving device 1, The receiving device 1 that has received the message decrypts the encrypted content 324 using the Ks323.

  As described above, in the conditional access system using a common key, each broadcast station 32 and the key management center 31 that manages the IC card 5 are independent, so that the master key information is not external, thereby improving security. ing.

In addition, as a method for improving security, a system in which an encryption key is managed by a management center and encrypted content is distributed and decrypted using an encryption key sent to a content distribution site and a user is also considered ( For example, see Patent Document 1).
JP 2003-8563 A

  However, every time the broadcast station sets contract information, it is necessary to send a plain text EMM to the key management center for encryption with the target Km, and with the increase in the number of broadcast stations and subscribers. During this time, traffic may increase and become a bottleneck.

  Therefore, an object of the present invention is to reduce exchanges between a broadcasting station and a key management center when contract information is updated or newly set.

  Another object of the present invention is to provide a receiving apparatus that can operate even when the existing scheme and the scheme of the present invention are performed simultaneously.

  In order to achieve the above object, the present invention provides content to a specific subscriber using a conditional access module composed of an IC card, a memory card incorporating a CPU, a hardware shape such as LSI, or software. In the content distribution method provided, a key management center that performs ID management and key issuance management of the conditional access module corresponding to a subscriber generates a pair of ID, public key, and private key that is different for each conditional access module. The ID / public key / private key pair is set in the conditional access module and distributed to subscribers, the ID / public key list is released to a broadcasting station, and the content is distributed. The broadcast station uses a work key for decrypting encryption applied to viewing contract information for each subscriber and common information (ECM) related to content viewing control. Kw) is generated and the individual information (EMM) is generated and encrypted from the public key list with the public key corresponding to the ID of the conditional access module connected to the content receiver of the subscriber. The content is encrypted and distributed with a scramble key (Ks), and common information (ECM) including program information indicating the Ks and the viewing condition of the content is generated, and further encrypted with the work key (Kw). The content receiving apparatus receives the EMM corresponding to the ID of the conditional access module connected from a broadcast wave or a communication channel, the encrypted content and the ECM, and receives the EMM and the ECM. Is input to the connected conditional access module, and if the Ks is obtained from the output of the ECM, it is encrypted before The content is decrypted with Ks and outputted, and when the EMM is inputted, the conditional access module obtains and stores the Kw and the contract information by decrypting with the secret key set in itself. When the ECM is input, the program attribute information obtained by decrypting with the Kw and the contract information obtained by receiving the EMM are compared and the content can be viewed if the Ks is the content. Provided is a content distribution method that enables the content to be provided only to a specific subscriber by outputting to a receiving device.

  In addition, the present invention provides an IC card, a memory card with a built-in CPU, a limited reception module composed of a hardware shape or software such as LSI, and provides content to a specific subscriber over a broadcast wave or a communication network. In the content distribution method for providing the ID, the key management center that performs ID management and key issuance management of the conditional access module corresponding to a subscriber, a pair of ID, public key, and private key that is different for each conditional access module, and A different common key is generated for each conditional access module, and at least one of the ID, the public key and private key pair, and the common key is set in the conditional access module, and the common key, public key, and private key are set. Set attribute information indicating whether or not both or both of the pairs are set and distribute to the subscriber, and the ID The public key list is disclosed to broadcasting stations, and the first broadcasting station group decrypts the encryption applied to the viewing contract information for each subscriber and the common information (ECM) related to content viewing control. The individual information (EMM) including the work key (Kw) is generated, encrypted from the public key list with the public key corresponding to the ID of the conditional access module possessed by the subscriber, and the encryption method is identified. The information to be transmitted is set in the non-encrypted part and transmitted as the first encrypted EMM. In the second broadcasting station group, the viewing contract information for each subscriber and the common information (ECM) related to the viewing control of the content are stored. Individual information (EMM) including a work key (Kw) for decrypting the applied encryption is generated, input to the key management center, and the subscriber has the subscriber by the key management center Receives the individual information in which the information for identifying the encryption by the common key corresponding to the ID of the constant reception module and the encryption method is set in the non-encrypted part, transmits this as the second encrypted EMM, and further the contents Is encrypted with a scramble key (Ks) in both the first and second broadcasting station groups and distributed, and generates common information (ECM) including program information indicating the viewing conditions of the Ks and the content. The content reception apparatus transmits the first and second encrypted EMMs, ECMs, which are distributed from the first and second broadcast station groups from a broadcast wave or a communication network. The encrypted content is received, the first and second encrypted EMMs are filtered by the ID and attribute information obtained from the conditional access module, and the limited content is received. In a method that can be decrypted by comparing the encryption method identification information indicated in the first or second encrypted EMM and the attribute information set in the input to the reception module. Yes, when there is a decryption key, decrypt with the set decryption key, store Kw and viewing contract information, and decrypt with Kw when ECM is input from the content receiver to the conditional access module The program information obtained is compared with the contract information stored after receiving the first or second encrypted EMM, and if it is in a viewable state, Ks is output to the receiver. Provided is a content distribution method that makes it possible to provide content only to subscribers.

  Furthermore, the present invention provides an IC card, a memory card with a built-in CPU, a content distribution method for providing content to a specific subscriber using a conditional access module configured by hardware or software such as LSI. In the key management center that performs ID management and key issuance management of the conditional access module corresponding to the subscriber, a different ID and public key pair is generated for each conditional access module, and the ID is assigned to the conditional access module. And the public key pair are set and distributed to the subscriber, the list of the ID and the public key is made public to the broadcasting station, and the public key with the subscriber is used in the broadcasting station that distributes the content A common key that is temporarily generated is shared between the broadcasting station and the receiving device through secure communication, and the common information for viewing content with the common key. The individual information (EMM) including the work key (Kw) for decrypting the ECM) is encrypted and transmitted, the content is encrypted by the scramble key (Ks) and distributed, and the Ks and the viewing condition of the content are indicated. The program attribute information is encrypted and transmitted as common information (ECM) with the work key (Kw), and the receiving device receives an EMM corresponding to an ID of the conditional access module connected from a broadcast wave or a communication path, The encrypted content and the ECM are received, the EMM and the ECM are input to the connected conditional access module, and if Ks is obtained from the output from which the ECM is input, the encrypted content is converted into the encrypted content. When the EMM is input to the conditional access module, the KMM decrypts it with the private key stored in the KMM and outputs it. The contract information is acquired and stored, and when the ECM is input, the program attribute information obtained by decoding with the Kw is compared with the contract information, and the Ks is received if the contract information can be viewed. Provided is a content distribution method that enables content to be provided only to a specific subscriber by outputting to an apparatus.

  Further, the present invention generates individual information (EMM) including a work key (Kw) for decrypting encryption applied to common contract information (ECM) related to viewing contract information for each subscriber and content viewing control. An EMM generation unit, a public key list reference unit that references a public key list released from the key management center, an IC card that distributes an EMM, a memory card that incorporates a CPU, and a hardware shape or software such as an LSI An EMM encryption unit that encrypts and outputs the generated EMM with a public key corresponding to the ID of the conditional access module, a content encryption unit that encrypts content with a scramble key (Ks), the Ks and the An ECM generating unit that generates common information (ECM) including program information indicating content viewing conditions, and encrypting the ECM with the Kw Provided with the ECM encryption unit that, the encrypted content, encrypted EMM, the content transmission device which includes a distribution unit for distributing the encrypted ECM.

  Further, the present invention generates individual information (EMM) including a work key (Kw) for decrypting encryption applied to common contract information (ECM) related to viewing contract information for each subscriber and content viewing control. An EMM generation unit, a public key list reference unit that references a public key list released from the key management center, an IC card that distributes an EMM, a memory card that incorporates a CPU, and a hardware shape or software such as an LSI A first encrypted EMM generation unit that encrypts and outputs the generated EMM with a public key corresponding to the ID of the conditional access module to be sent, and sends the EMM to the key management center and receives the encrypted EMM A second encrypted EMM generator, at least one of the encrypted EMM generators, a throat of the first encrypted EMM generator and the second encrypted EMM generator A cipher identification information setting unit that sets cipher identification information indicating whether the content has been encrypted in the non-encrypted part of the EMM, a content encryption unit that encrypts content with a scramble key (Ks), the Ks and the content An ECM generation unit that generates common information (ECM) including program information indicating the viewing conditions, an ECM encryption unit that encrypts the ECM generated in the ECM generation unit with the Kw, and the encrypted Provided is a content transmission apparatus including a distribution unit that distributes content, one of the first and second encrypted EMMs, and the encrypted ECM.

  Furthermore, the present invention provides a content receiving device disclosed from a key management center or an IC card to be connected, a memory card incorporating a CPU, an ID and disclosure of a limited receiving module configured by hardware such as LSI or software. Referring to a public key list indicating a setting status of a key, an encrypted communication unit that performs encrypted communication with a public key corresponding to an ID of the conditional access module connected to the content receiving device or the content receiving device; A key sharing unit that shares a key with the content receiving device in encrypted communication in the encrypted communication unit, and common information related to contract information and content viewing control for a content distribution application from a subscriber Individual information (EMM) including a work key (Kw) for decrypting the encryption applied to (ECM) is generated. An EMM generation unit that performs encryption, an EMM encryption unit that encrypts EMM with the shared key, a content encryption unit that encrypts content with a scramble key (Ks), and viewing conditions for the Ks and the content ECM generation unit for generating common information (ECM) for the program attribute information, ECM encryption unit for encrypting the ECM with the work key (Kw), the encrypted content, the encrypted EMM, the encryption Provided is a content transmission apparatus including a distribution unit that distributes the converted ECM.

  The present invention also provides a receiving means for receiving content encrypted from a broadcast wave or a communication channel, common information (ECM) related to viewing control of the content, individual information (EMM) related to a viewing contract, and content viewing. An IC card for control and contract management, a memory card with a built-in CPU, a limited reception module composed of hardware or software such as LSI, an interface means for transmitting and receiving information, and the limitation connected to the interface means Means for acquiring the conditional access module attribute information including at least an ID of the conditional access module and information for specifying an encryption method capable of decrypting the individual information from the reception module; and the individual information received by the individual information receiving means. Refer to the receiving module attribute information, at least before Filtering the individual information that matches the ID of the conditional access module, the information that specifies the encryption method capable of decrypting the individual information, and the filtered individual information for the conditional access module connected to the interface unit For storing the information in the conditional access module, the personal information transmitting means for transmitting the filtered individual information to the conditional access module connected to the interface means, and the decryption for decrypting the encrypted content. In order to obtain a key, common information transmission means for transmitting the common information to the conditional access module connected to the interface means, and transmission of the common information by the common information transmission means from the conditional reception module Sent encrypted content A decryption key obtaining unit for obtaining a decryption key for decrypting the content, and a content decrypting unit for decrypting the encrypted content using the decryption key obtained by the decryption key obtaining unit And a receiving apparatus comprising content reproducing means for reproducing the content decrypted by the content decrypting means.

  The present invention also provides a receiving means for receiving content encrypted from a broadcast wave or a communication channel, common information (ECM) related to viewing control of the content, individual information (EMM) related to a viewing contract, and content viewing. An IC card for control and contract management, a memory card with a built-in CPU, a limited reception module composed of hardware or software such as LSI, an interface means for transmitting and receiving information, and the limitation connected to the interface means Means for obtaining the conditional access module attribute information including at least an ID of the conditional access module from the reception module and a public key set in the conditional reception module; and from the broadcasting station and the conditional access module on the communication path. Encrypted communication is performed using the acquired public key. And a key sharing means for sharing a key for decrypting the individual information by the encrypted communication means, and a sharing for transmitting the key shared by the key sharing means to the conditional access module connected to the interface means A means for filtering the individual information received by the individual information receiving means with reference to the conditional access module attribute information, and filtering the individual information that matches at least the ID of the conditional access module; Transmitting the filtered individual information to the conditional access module connected to the interface means for storing the filtered individual information in the conditional reception module for the conditional access module connected to the interface means Individual information transmitting means and the encrypted content In order to obtain a decryption key for decryption, common information transmission means for transmitting the common information to the conditional access module connected to the interface means, and transmission of the common information by the common information transmission means The decryption key acquisition means for acquiring the decryption key for decrypting the encrypted content transmitted from the conditional access module via the interface means, and the decryption key acquired by the decryption key acquisition means There is provided a receiving apparatus comprising: a content decrypting unit that decrypts the encrypted content using the content decoding unit; and a content reproducing unit that reproduces the content decrypted by the content decrypting unit.

  Furthermore, the present invention is a conditional access module comprising a hardware shape or software such as an IC card for performing content viewing control and contract management, a memory card incorporating a CPU, and an LSI, An ID, an individual information decryption key for decrypting at least one or more pieces of individual information, decryption key identification information for identifying the type of the decryption key, at least information related to a contract, and common information (ECM related to content viewing control) ), A non-volatile memory for storing a common information decryption key, an interface unit for transmitting / receiving information to / from the receiving device, and an individual information receiving unit for receiving the individual information from the receiving device via the interface unit And encryption key identification information described in the individual information and stored in the nonvolatile memory Comparison means for comparing at least one or more decryption key identification information, and an individual indicated by the decryption key identification information when the comparison means determines that there is decryption key identification information having the same value as the encryption key identification information Means for decrypting the individual information with an information decryption key; means for storing at least information related to the contract and the common information decryption key in the nonvolatile memory from the decrypted individual information; and Common information receiving means for receiving common information (ECM) related to viewing control from the receiving device, decrypting the common information with the common information decryption key, and comparing information related to the contract with information related to viewing control Means for performing viewing determination, and means for transmitting a scramble key (Ks) to the receiving device when the viewing determination means determines that viewing is possible. Providing conditional access module, characterized in that the.

  The present invention relating to the apparatus is also established as an invention relating to a method, and the present invention relating to a method is also established as an invention relating to an apparatus.

  Further, the present invention relating to an apparatus or a method has a function for causing a computer to execute a procedure corresponding to the invention (or for causing a computer to function as a means corresponding to the invention, or for a computer to have a function corresponding to the invention. It can also be realized as a program (for realizing the program), and can also be realized as a computer-readable recording medium on which the program is recorded.

  According to the present invention, the exchange of information between the broadcasting station and the key management center can be reduced, and the conventional method and the method of the present invention can be realized by one conditional access module.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings.

[First Embodiment]
(System configuration)
FIG. 1 is an external view showing a receiving apparatus 1 and a receiving environment for digital broadcasting according to the present invention. Connected to the receiving device 1 are an antenna 2 for receiving digital broadcast radio waves and a communication line 3 for transmitting a pay broadcast reception history to a broadcaster or for acquiring content from the broadcaster. Yes.

  In addition, the receiving device 1 receives a monitor 141 that displays content images, a speaker 151 that generates content audio, a card slot 161 for inserting an IC card 5 for limited reception described later, and an infrared signal from the remote controller 4. A remote control receiving unit 191 is provided.

  When the paid digital broadcast radio wave received by the antenna 2 is received by the antenna 2, it is sent to the receiving device 1, viewing judgment is performed by the IC card 5 inserted in the card slot 161, and if viewing is possible. The descrambling key is transferred from the IC card to the receiver, and the content signal of the pay digital broadcast is descrambled in the receiving device 1, and the display of the image from the monitor 141 can be generated by the speaker.

  The user selects a program to be viewed by operating the remote controller 4.

  In FIG. 1, the antenna 2 is depicted as a parabolic antenna for receiving a BS broadcast, but the present invention is not limited to this and may receive a terrestrial broadcast. Moreover, it may be configured to receive a digital broadcast by cable television. In this case, it is connected to the CATV terminal instead of the antenna 2.

  The communication line 3 is for accessing a server on the broadcasting station side, and there is no particular limitation on communication means such as a telephone line, an optical line, and a LAN.

(Internal configuration of receiving apparatus 1)
FIG. 2 is a block diagram showing the configuration of the receiving apparatus according to the first embodiment of the present invention.

  In FIG. 2, the receiving device 1 includes a tuner unit 11, a descrambler 12, a TS decoding unit 13, a video / audio decoding unit 14, a display processing unit 15, a control unit 16, a key input unit 17, an IC card I / F unit 18, The memory unit 19 and the communication processing unit 20 are included.

  The tuner unit 11 selects a desired channel from the broadcast wave input to the receiving device 1, and outputs a transport stream (hereinafter referred to as TS) of the selected channel to the descrambler 12. The TS is scrambled for content protection.

  The descrambler 12 descrambles the TS input from the tuner unit 11 and outputs it to the TS decoding unit 13.

  The TS decoding unit 13 separates necessary packets from the TS input from the descrambler 12, and further extracts broadcast program signals (video, audio) and various multiplexed data (various SI (Service Information)) from the separated packets. Data, ECM, EMM, etc.).

  The TS decoding unit 13 outputs the separated broadcast program signal (video, audio) to the video / audio decoding unit 14.

  The display processing unit 15 decodes the broadcast program signal (video, audio) input from the TS decoding unit 13 and outputs it to an external monitor (not shown) for display / audio reproduction.

  The display processing unit 15 also has a function of performing an interface function with the user such as displaying an EPG screen composed of SI data separated by the TS decoding unit 13 and displaying various error information.

  The key input unit 17 has a function of receiving a remote operation signal by infrared rays or the like from a user interface device such as a remote controller (remote controller) 4.

  The memory unit 19 includes a RAM and a nonvolatile memory.

  The communication processing unit 20 is connected to a network line such as Ethernet and transmits / receives data via the network. The communication processing unit 20 receives a content from a server of a content distribution company and receives an ECM and an EMM, as well as a terminal. Has a function to obtain a list.

  The control unit 16 has a function of controlling each function described above, and controls each function by bus connection, serial communication connection, or the like.

  The IC card I / F unit 18 is an IC card interface compliant with ISO 7816, which is an ISO standard.

  The IC card 5 performs contract management and viewing control, and includes a CPU, a ROM, a RAM, a non-volatile memory, and an interface conforming to ISO 7816, which is an ISO standard. At least a card ID and a card-specific key are set in advance in the nonvolatile memory.

  Under the control of the control unit 16, the EMM or ECM separated from the TS by the TS decoding unit 13 is output to the IC card via the IC card I / F unit 18.

  In the IC card 5, when the EMM is input, it is decrypted with a key unique to the card, and information obtained by contract such as a work key (Kw) is stored in the nonvolatile memory, and when the ECM is input. Decrypts with the work key stored in the non-volatile memory, and outputs a scramble key (Ks) after determining whether or not the program can be viewed.

  When the control unit 16 sets the scramble key (Ks) in the descrambler 12, the content is descrambled and becomes viewable.

(Content distribution system configuration)
FIG. 3 is a functional block diagram showing the configuration of the content distribution system according to the first embodiment of the present invention.

  The key management center 31 generates a public key / private key pair for each ID and manages it as an ID management database (DB) 311. When the IC card 5 is issued, a pair of public key (Kmp) 52 and secret key (Kmc) 53 corresponding to ID 51 is written and distributed to the subscriber. Further, the ID of the IC card 5 distributed to the subscriber and the public key (Kmp) list 312 are made public to the broadcasting station 32.

  When the subscriber wants to view content from the broadcasting station 32, the subscriber notifies the ID 51 of the IC card 5 via the receiving apparatus 1, makes a contract application to the broadcasting station 32, and waits for reception of the EMM.

  The broadcasting station 32 generates an EMM describing contract information including Kw 321 which is a key for decrypting the ECM for the contract application, and encrypts the EMM with the public key (Kmp) 52 corresponding to the notified ID. Distribute the encrypted EMM 322.

  When the receiver receives the EMM 322 in which the ID 51 of the IC card 5 is described, it transmits the EMM 322 to the IC card 5, which decrypts the secret key (Kmc) 53 set in the IC card 5 and stores the contract information of the Kw 321 and others. Store in the area.

  The content is encrypted from the broadcasting station 32 with a scramble key Ks323 and distributed as encrypted content 324 (scrambled content). The receiving device 1 receives this and encrypts it with Kw321 distributed in parallel. ECM 325 is received. When the ECM 325 is received, the ECM 325 is transmitted to the IC card 5, and the IC card 5 receiving the ECM 325 decrypts the ECM 325 with Kw 321 and returns the obtained Ks 323 to the receiving device 1.

  The receiving apparatus 1 decrypts the encrypted content 324 using the received Ks 323 and reproduces the content 326.

  Thus, by using the public key algorithm for encryption and decryption of EMM, it is possible to encrypt EMM at the broadcasting station without requesting encryption of EMM between each broadcasting station and the key management center. , Improve responsiveness to contract applications and reduce work processes.

(Second Embodiment)
FIG. 4 is a diagram illustrating a second embodiment. In addition, in each component of FIG. 4, the same number is attached | subjected to what has the same function as 1st Embodiment.

  The broadcasting station 32 has communication means with the receiving device 1. The nonvolatile memory of the memory unit 19 stores a pair of terminal ID, public key, and secret key issued by the key management center. The receiving apparatus 1 connects to the portal site, performs authentication and encryption using each other's public key and private key, and executes SSL communication. Since a secure session is established by SSL communication, the broadcasting station 32 and the receiving device 1 can safely share Ksk. As in the first embodiment, the broadcasting station 32 generates an EMM 322 describing contract information including Kw 321 that is a key for decrypting the ECM for the contract application, and this time the shared Ksk encrypted and distributed. To do.

  The receiving device 1 sends the shared Ksk to the IC card 5 and further receives the encrypted EMM 322 in which the ID 51 of the IC card 5 is described, and sends it to the IC card 5. The IC card 5 decrypts the encrypted EMM 322 with Ksk and stores Kw and contract information in its own storage area.

FIG. 5 shows a case where the IC card 5 is operated as a token function with respect to the receiving apparatus 1. In this case, the receiving apparatus 1 acquires a public key from the IC card 5 when performing SSL communication, and the same as described above. Encryption processing or the like is performed, but when processing using a secret key such as signature generation is required, data is transmitted to the IC card 5 and an operation of receiving a result processed by the IC card 5 is performed. As a result, communication with the IC card 5 is performed directly, and there is no need to set a public key and a secret key in the receiving device 1.
(Third embodiment)
Next, a third embodiment of the present invention will be described. The third embodiment shows an embodiment in which the present invention is added to a system in which EMM distribution using a common key has already been established.

  Hereinafter, since the configuration of the third embodiment is the same as that of the first embodiment, the description thereof will be omitted, and only the parts different from the first embodiment will be described.

  FIG. 6 is a functional block diagram showing the configuration of the content distribution system according to the third embodiment of the present invention.

  Broadcasting station group A32a is a broadcasting station for BS / CS and terrestrial digital broadcasting, and broadcasting station group B32b is a broadcasting station that distributes content using a communication network such as FTTH and ADSL (the broadcasting described here). The station collectively indicates the business that distributes the content, and is not limited to the broadcasting station that has acquired the broadcasting license). Each broadcasting station in broadcasting station group A distributes EMM using a common key, and the case where broadcasting station group B newly operates on the system will be described.

  The key management center 31 generates a pair of a common key Km54, a public key (Kmp) 52, and a secret key (Kmc) 53 for each ID 51 and manages it as a database. Further, a list of ID 51 and public key (Kmp) 52 of the IC card 5 issued to the broadcasting station group B 32b is made public.

  When the subscriber wants to view the contents of the broadcasting station group B32b, the subscriber notifies the ID 51 of the IC card 5 via the receiving apparatus 1, makes a contract application to the broadcasting station, and waits for the EMM to be received. .

  The broadcasting station 32b generates an EMM describing contract information including Kw 321b which is a key for decrypting the ECM for the contract application, and encrypts the EMM with the public key (Kmp) 52 corresponding to the notified ID 51. And distributed as EMM322b.

The receiving device 1 communicates with the IC card 5 and acquires the ID 51 and attribute information of the IC card 5. As attribute information, for example, a card having a decryption function using the common key 54 is defined as Type A, and a card having the decryption function of the public key 52 is defined as Type B. = TypeA or attribute = TypeB, if both are provided, the information is such that attribute = TypeA + TypeB.
The notation of Type A and Type B of the attribute of the IC card 5 is one example, and the IC card 5 that supports decryption with a public key, such as Type B when there is some attribute information and Type A when there is nothing. You may only have this information.

  When the receiving device 1 receives the EMM 322b in which the ID 51 of the IC card 5 is described, the attribute information of the received EMM 322b is checked. If the attribute is Type A, the command A sends an EMM of Type A. If Type B, the EMM of Type B In this example, the command B is selected so that the Type B EMM is transmitted to the IC card 5. The IC card 5 decrypts the data sent by the command A with the set common key Km54, and when sent by the command B, decrypts it with the set secret key (Kmc) 53. Kw321 and contract information are stored in the nonvolatile memory 25.

  Hereinafter, the process from the acquisition of the ECM to the decryption of the content is the same as that in the first embodiment, and thus the description thereof is omitted.

  In addition, as a method of expressing attribute information, there is a method of including attribute information in the card ID itself. For example, if the ID is “00XX-XXXX-XXXX-XXXX-XXXX”, the card can only decrypt the common key. If the ID is “01XX-XXXX-XXXX-XXXX-XXXX”, the card can only decrypt the public key. An ID “11XX-XXXX-XXXX-XXXX-XXXX” can be expressed by defining a card that supports both a common key and a public key. In the receiver, the EMM ID information part is filtered, and if the upper bit value is “00”, the command A is sent, and if the upper bit value is “01”, the EMM is sent to the IC card by the command B ( In the EMM to be transmitted, the value of the upper bit is not “11”).

Furthermore, as another method, there is a method in which information on which the encryption method is coded (for example, Type A = 0x00, Type B = 0x80, etc.) is expressed as encryption key identification information in a non-encryption area in the EMM on the transmission side. In this case, the attribute of the IC card is acquired in advance on the receiver side, and it is always sent to the IC card with the same command without judging the processing branch.
The non-volatile memory 25 of the IC card 5 stores the card ID, a key for decrypting the EMM (a public key / private key pair or at least one of a common key), and a key that can be decrypted by any encryption method. Decryption key identification information indicating whether or not it has been stored in advance, and when the EMM is sent from the receiver, the encryption key identification information in the EMM and the decryption key identification information in the nonvolatile memory 25 are compared. If they have matching keys, decryption processing is performed with the corresponding encryption method and decryption key, and the work key and contract information for decrypting the ECM are stored in the nonvolatile memory 25.

(ID management database)
FIG. 7A is an example of a DB table in the ID management DB 311 of the key management center 31. As shown in FIG. 7A, the attribute, Km, Kmp, and Kmc data are arranged for each managed ID. When the attribute is A, only Km is stored, and when the attribute is B, Kmp and Kmc are stored. When the attribute is AB, all keys are stored to support both.

  FIG. 7B is an example of the public key list 312 transmitted from the key management center 31 to the broadcasting station group B. In the DB table shown in FIG. 7A, only the data portion related to the public key is extracted, and the ID given the public key and the corresponding public key are stored.

(Operation flow when receiving)
Next, an example of an operation flow at the time of broadcast reception in the second embodiment of the receiving apparatus 1 according to the present invention will be described with reference to the drawings.

  FIG. 8 is a flowchart of the initial setting operation when the IC card 5 is first inserted.

  First, communication with the IC card is performed (step S101). The receiving device 1 connects a circuit with the IC card 5 inserted into the card slot and starts communication.

  Next, the receiving device 1 acquires and stores the ID and attribute of the IC card 5 (step S102). The receiving device 1 calls the ID and attribute stored in the IC card 5 and stores them in its own memory. Then, the process of this flow is complete | finished.

  FIG. 9 is a flow of the EMM reception operation in the case of using a reception device and an IC card that can be received using either a common key or a public key.

  First, the received EMM is filtered using the ID stored in the IC card (step S111). Since the received EMM includes EMMs of all recipients, it is necessary to extract the EMM corresponding to the ID from among them.

  Next, it is determined whether or not the target EMM has been received (step S112). If it is determined that the target EMM has not been received yet (S112: NO), this process is repeated. If it is determined that the target EMM has been received (S112: YES), then the attribute of the EMM is determined. (Step S113). If it is determined that the EMM attribute is A (S113: A), data is sent to the IC card by command A (step S114), and if it is determined that the EMM attribute is B (S113: B) ), Data is sent to the IC card by command B (step S115).

  The above-described receiving apparatus 1 has been described with a configuration using an IC card for limited reception. However, the present invention is not limited to an IC card, but a hardware shape such as a memory card incorporating an CPU, an LSI, or the like. A conditional access module configured by software or the like may be used.

  Further, the present invention is not limited to the above-described embodiments as they are, and can be embodied by modifying the constituent elements without departing from the scope of the invention in the implementation stage. In addition, various inventions can be formed by appropriately combining a plurality of constituent elements disclosed in the embodiment. For example, some components may be deleted from all the components shown in the embodiment. Furthermore, constituent elements over different embodiments may be appropriately combined.

1 is an external view showing a receiving device 1 and a digital broadcasting receiving environment according to the present invention. FIG. It is a block diagram which shows the internal structure of the receiver 1 which concerns on this invention. It is a functional block diagram which shows the structure of the content delivery system which concerns on the 1st Embodiment of this invention. It is a functional block diagram which shows the structure of the content delivery system which concerns on the 2nd Embodiment of this invention. It is a functional block diagram which shows another structure of the content delivery system which concerns on the 2nd Embodiment of this invention. It is a functional block diagram which shows the structure of the content delivery system which concerns on the 3rd Embodiment of this invention. (A) is an example of a DB table in the ID management DB 311 of the key management center 31 and an example of a public key list 312 transmitted from the key management center 31 to the broadcasting station group B. It is a flow of initial setting operation when the IC card 5 is first inserted. It is a flow of the reception operation of the EMM in the case of using a reception device and an IC card that can be received using any method of a common key and a public key. The example which shows another structure of the content delivery system which concerns on the conventional form.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1, Receiver 2, Antenna 3, Telephone line terminal 4, Remote control 5, IC card 11, CPU 12, Memory 13, Signal conversion unit 14, Image display unit 15, Audio generation unit 16, Card I / F 17, Reception Part 18, Telephone modem 19, Remote control I / F
20, main internal bus

Claims (9)

In a content distribution method for providing content to a specific subscriber by using a limited reception module composed of an IC card, a memory card incorporating a CPU, a hardware shape or software such as LSI,
A key management center that performs ID management and key issuance management of the conditional access module corresponding to a subscriber, generates a pair of different ID, public key, and private key for each conditional access module, and A pair of ID, the public key and the private key is set and distributed to the subscriber, and the list of the ID and the public key is made public to a broadcasting station,
The broadcasting station that distributes content generates individual information (EMM) including work key (Kw) for decrypting encryption applied to viewing contract information for each subscriber and common information (ECM) related to content viewing control. Then, this is encrypted and transmitted from the public key list with the public key corresponding to the ID of the conditional access module connected to the content receiving device of the subscriber, and the content is scrambled key (Ks) Encrypted and distributed, generates common information (ECM) including program information indicating the Ks and the viewing conditions of the content, further encrypted with the work key (Kw) and transmitted,
The content receiving apparatus receives the EMM corresponding to the ID of the conditional access module connected from a broadcast wave or a communication channel, the encrypted content and the ECM, and the EMM and the ECM are connected to each other. When the Ks is obtained from the input to the conditional access module and the ECM is input, the encrypted content is decrypted with the Ks and output.
In the conditional access module, when the EMM is input, the KMM and the contract information are acquired and stored by decrypting with the secret key set in the EMM, and when the ECM is input, the KMM and the contract information are acquired. If the program attribute information obtained by decrypting with Kw and the contract information obtained by receiving the EMM are compared with each other for viewing, the Ks is output to the content receiving device. A content distribution method that makes it possible to provide the content only to subscribers. Content distribution method for providing content to a specific subscriber over a broadcast wave or a communication network using a limited reception module composed of an IC card, a memory card incorporating a CPU, a hardware shape or software such as LSI In
In the key management center that performs ID management and key issuance management of the conditional access module corresponding to a subscriber, a pair of a different ID, public key, and private key for each conditional access module and a common key that differs for each conditional access module And at least one of the ID, the public key / private key pair, and the common key is set in the conditional access module, and one or both of the common key, the public key / private key pair is set. Set attribute information indicating whether or not is set and distribute it to the subscriber, publish the list of the ID and the public key to a broadcasting station,
In the first broadcasting station group, individual information (EMM) including a work key (Kw) for decrypting encryption applied to viewing contract information for each subscriber and common information (ECM) related to content viewing control is provided. Generated and encrypted from the public key list with the public key corresponding to the ID of the conditional access module possessed by the subscriber, and further sets information for identifying the encryption method in the non-encryption part. As an encrypted EMM
In the second broadcasting station group, individual information (EMM) including a work key (Kw) for decrypting encryption applied to the viewing contract information for each subscriber and common information (ECM) related to content viewing control is provided. Generated and input to the key management center, and the key management center stores information identifying the encryption and encryption method using the common key corresponding to the ID of the conditional access module of the subscriber in the non-encryption unit. Receive the set individual information and send it as a second encrypted EMM,
Further, the content is encrypted with a scramble key (Ks) in both the first and second broadcasting station groups and distributed, and common information (ECM) including the Ks and program information indicating viewing conditions of the content is provided. Generated, encrypted with Kw and sent,
The content receiving apparatus receives the first and second encrypted EMMs and ECMs and encrypted contents distributed from the first and second broadcasting station groups from a broadcast wave or a communication network, and the limited reception. Filtering the first and second encrypted EMMs according to the ID and attribute information obtained from the module and inputting them to the conditional access module,
The conditional access module is a method capable of decrypting by comparing the encryption method identification information indicated in the input first or second encrypted EMM with the attribute information set in itself, and has a decryption key To decrypt with the decryption key set, and store Kw and viewing contract information,
When ECM is input from the content receiving device to the conditional access module, program information obtained by decrypting with Kw and contract information stored by receiving either the first or second encrypted EMM are stored. A content distribution method that makes it possible to provide content only to a specific subscriber by outputting Ks to a receiver if it can be viewed in comparison. In a content distribution method for providing content to a specific subscriber by using a limited reception module composed of an IC card, a memory card incorporating a CPU, a hardware shape or software such as LSI,
In the key management center that performs ID management and key issuance management of the conditional access module corresponding to a subscriber, a different ID and public key pair is generated for each conditional access module, and the ID and the Set up a public key pair and distribute it to subscribers, publish the list of IDs and public keys to broadcast stations,
A broadcast station that distributes content shares a temporarily generated common key between the broadcast station and the receiving device by secure communication with the subscriber using the public key, and uses the common key for content viewing. The individual information (EMM) including the work key (Kw) for decrypting the information (ECM) is encrypted and transmitted, the content is encrypted and distributed with the scramble key (Ks), and the viewing conditions for the Ks and the content Is transmitted with the work key (Kw) encrypted as common information (ECM),
The receiving apparatus receives an EMM corresponding to an ID of the conditional access module connected from a broadcast wave or a communication channel, encrypted content and ECM, and the conditional access module connected to the EMM and the ECM. If Ks is obtained from the output obtained by inputting the ECM, the encrypted content is decrypted by the Ks and output.
In the conditional access module, when the EMM is input, the KMM and the contract information are obtained by decrypting with the secret key stored in the EMM, and when the ECM is input, the Kw is used. If the program attribute information obtained by decryption is compared with the contract information, the content can be provided only to a specific subscriber by outputting the Ks to the receiving device if it can be viewed. Content delivery method that enables. An EMM generating unit that generates individual information (EMM) including a work key (Kw) for decrypting encryption applied to common information (ECM) related to viewing contract information and content viewing control for each subscriber;
A public key list reference unit for referring to a public key list disclosed from the key management center;
An EMM cipher that encrypts and outputs the generated EMM with a public key corresponding to an ID of a conditional access module composed of an IC card that distributes EMM, a memory card with built-in CPU, or a hardware shape or software such as LSI And
A content encryption unit that encrypts content with a scramble key (Ks);
An ECM generating unit that generates common information (ECM) including program information indicating the Ks and the viewing condition of the content;
A content transmission apparatus comprising: an ECM encryption unit that encrypts the ECM with the Kw; and a distribution unit that distributes the encrypted content, the encrypted EMM, and the encrypted ECM. An EMM generating unit that generates individual information (EMM) including a work key (Kw) for decrypting encryption applied to common information (ECM) related to viewing contract information and content viewing control for each subscriber;
A public key list reference unit for referring to a public key list disclosed from the key management center;
First, the generated EMM is encrypted and output with a public key corresponding to the ID of a conditional access module composed of an IC card for distributing EMM, a memory card incorporating a CPU, a hardware shape such as LSI or software, and the like. An encrypted EMM generator of
A second encrypted EMM generator and at least one encrypted EMM generator that sends the EMM to the key management center and receives the encrypted EMM;
A cryptographic identification information setting unit that sets cryptographic identification information indicating whether the first encrypted EMM generation unit or the second encrypted EMM generation unit is encrypted in a non-encrypted part of the EMM;
A content encryption unit that encrypts content with a scramble key (Ks);
An ECM generating unit that generates common information (ECM) including program information indicating the Ks and the viewing condition of the content;
An ECM encryption unit that encrypts the ECM generated by the ECM generation unit with the Kw, the encrypted content, one of the first and second encrypted EMMs, and an encrypted ECM. A content transmission apparatus including a distribution unit for distribution. Indicates the setting status of the ID and public key of the conditional access module configured by a content receiving device or a connected IC card, a memory card with built-in CPU, a hardware shape such as LSI or software, etc. An encrypted communication unit that refers to a public key list and performs encrypted communication with a public key corresponding to an ID of the content receiving device or the conditional access module connected to the content receiving device;
A key sharing unit for sharing a key with the content receiving device in encrypted communication in the encrypted communication unit;
In response to a content distribution application from a subscriber, individual information (EMM) including a work key (Kw) for decrypting contract information and common information (ECM) related to content viewing control is generated. An EMM generator,
An EMM encryption unit that encrypts EMM with the shared key; a content encryption unit that encrypts content with a scramble key (Ks);
The ECM generation unit that generates common information (ECM), the ECM encryption unit that encrypts the ECM with the work key (Kw), and the encrypted program attribute information indicating the viewing conditions of the Ks and the content. Content transmission apparatus comprising a distribution unit that distributes encrypted content, encrypted EMM, and encrypted ECM. Receiving means for receiving content encrypted from a broadcast wave or communication channel, common information (ECM) related to viewing control of the content, and individual information (EMM) related to a viewing contract;
An IC card for content viewing control and contract management, a memory card with a built-in CPU, a limited receiving module configured by hardware or software such as LSI, and an interface means for sending and receiving information;
Means for acquiring the conditional access module attribute information including at least the ID of the conditional access module connected to the interface means and information for specifying an encryption method capable of decrypting the individual information;
The individual information received by the individual information receiving means is filtered with reference to the conditional access module attribute information, and the individual information that matches at least the ID of the conditional access module and the information specifying the encryption method that can decrypt the individual information is filtered. Means to
In order to store the filtered individual information in the conditional access module for the conditional access module connected to the interface means, the filtered individual information to the conditional access module connected to the interface means Individual information transmitting means for transmitting;
Common information transmitting means for transmitting the common information to the conditional access module connected to the interface means to obtain a decryption key for decrypting the encrypted content;
Decryption key acquisition means for acquiring, via the interface means, a decryption key for decrypting the encrypted content transmitted from the conditional access module in response to the transmission of the common information by the common information transmission means. When,
Content decrypting means for decrypting the encrypted content using the decryption key obtained by the decryption key obtaining means;
A receiving apparatus comprising content reproducing means for reproducing the content decrypted by the content decrypting means. Receiving means for receiving content encrypted from a broadcast wave or communication channel, common information (ECM) related to viewing control of the content, and individual information (EMM) related to a viewing contract;
An IC card for content viewing control and contract management, a memory card with a built-in CPU, a limited receiving module configured by hardware or software such as LSI, and an interface means for sending and receiving information;
Means for obtaining the conditional access module attribute information including at least an ID of the conditional access module from the conditional access module connected to the interface means and a public key set in the conditional reception module;
Means for performing encrypted communication using the public key acquired from the broadcast station and the conditional access module on the communication path;
Key sharing means for sharing a key for decrypting the individual information by the encrypted communication means;
Shared key transmitting means for transmitting the key shared by the key sharing means to the conditional access module connected to the interface means;
Means for filtering the individual information that matches at least the ID of the limited reception module with reference to the limited reception module attribute information for the individual information received by the individual information reception unit;
In order to store the filtered individual information in the conditional access module for the conditional access module connected to the interface means in the communication path, the filtered information is sent to the conditional access module connected to the interface means. Individual information transmitting means for transmitting individual information;
Common information transmitting means for transmitting the common information to the conditional access module connected to the interface means to obtain a decryption key for decrypting the encrypted content;
Decryption key acquisition means for acquiring, via the interface means, a decryption key for decrypting the encrypted content transmitted from the conditional access module in response to the transmission of the common information by the common information transmission means. When,
Content decrypting means for decrypting the encrypted content using the decryption key obtained by the decryption key obtaining means;
A receiving apparatus comprising content reproducing means for reproducing the content decrypted by the content decrypting means. An IC card for content viewing control and contract management, a memory card with a built-in CPU, a limited reception module configured by hardware such as LSI or software,
For the ID of the conditional access module, the individual information decryption key for decrypting at least one or more pieces of individual information, the decryption key identification information for identifying the type of the decryption key, and at least the information related to the contract and the viewing control of the content A non-volatile memory for storing a common information decryption key for decrypting related common information (ECM);
Interface means for sending and receiving information to and from the receiving device;
Individual information receiving means for receiving the individual information from the receiving device via the interface means;
Comparing means for comparing the encryption key identification information described in the individual information with at least one or more decryption key identification information stored in the nonvolatile memory;
Means for decrypting the individual information with the individual information decryption key indicated by the decryption key identification information when the comparison means determines that there is decryption key identification information having the same value as the encryption key identification information;
Means for storing at least information related to the contract and the common information decryption key in the nonvolatile memory from the decrypted individual information;
Common information receiving means for receiving common information (ECM) related to content viewing control from the receiving device via the interface means, decrypting the common information with the common information decryption key, and information related to the contract and viewing And a means for judging viewing by comparing information related to control, and a means for transmitting a scramble key (Ks) to the receiving device when the viewing judging means judges that viewing is possible. Conditional access module.

Images