JP2007336464A - Information processing system, encryption apparatus and method, decryption apparatus and method, information processing apparatus and method, and program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To appropriately protect protection information by defining an appropriate security level. <P>SOLUTION: A key management server 14 correspondingly records a value uniquely identifying equipment and a code constituted of a plurality of layers for forming an encryption or decryption key and transmits the code to a recording device 11 or a reproducing device 12. The recording device 11 generates the encryption key from the received code, encrypts contents using the key and records them on a recording medium. The reproducing device 12 generates the decryption key from the received code and decrypts contents read from the recording medium using the key to define the appropriate security level, thereby appropriately protecting the protection information. The information processing system may be applicable to a recording and reproducing system. <P>COPYRIGHT: (C)2008,JPO&INPIT

Description

  The present invention relates to an information processing system, an encryption device and method, a decryption device and method, an information processing device and method, and a program, and in particular, by defining an appropriate security level and realizing appropriate protection of protection information The present invention relates to an information processing system, an encryption device and method, a decryption device and method, an information processing device and method, and a program.

  In recent years, a protection technology for information (hereinafter referred to as protection information) that should protect copyright and the like, for example, a content protection technology is drawing attention.

  For example, the applicant records the digital name and public key certificate on the recording device side when recording the content on the recording medium, and the playback device side reads the digital name and public key certificate when reading the content. A technique for reproducing content after confirming the validity of a document to identify the record writer of the content and confirming that there is no falsification of the digital name and public key certificate has been proposed (for example, Patent Document 1). reference).

JP 2002-236622 A

  However, when content is encrypted and recorded on a recording medium, it is necessary to decrypt the encrypted content during playback, but the content is appropriately protected because it is not encrypted at an appropriate security level. However, there is a problem that it takes time to decrypt.

  For example, in a group that produces a program of a broadcasting station, the encrypted content recorded on the recording medium may be edited later by a person in the group. At this time, if there is annoyance of decrypting the encrypted content, the work efficiency is lowered. Therefore, it is necessary to easily decrypt the content within the same group. At the same time, if a recording medium on which content is recorded can be read by a computer, it must be prevented from being easily decrypted due to theft or loss.

  Conventionally, there is a generally known method of encrypting with an ID code unique to a recording medium that cannot be rewritten (for example, an ID code written in a BCA (Burst Cutting Area) area of the recording medium) as a key. With this technique, once the ID code is known, the content recorded on the recording medium can be decrypted by any device. Also, for example, the information recording / reproducing apparatus disclosed in Japanese Patent Laid-Open No. 2002-236622 reproduces content after confirming that there is no falsification of the digital name and public key certificate. Since the key encryption method is used, it is not suitable for the environment of the common key encryption method.

  Conventionally, a method for encrypting hierarchized plaintext data using an individual key set for each layer has also been proposed. In this method, an upper layer is a lower layer. There is a problem that it is difficult to manage the key when decrypting.

  As described above, in order to increase security, it is necessary to perform encryption processing when recording content on a recording medium. However, since the level of encryption security is not properly defined, It was not properly protected.

  The present invention has been made in view of such a situation, and defines an appropriate level of security so that contents can be appropriately protected.

  An information processing system according to a first aspect of the present invention is an information processing system including an encryption device, a decryption device, and an information processing device, wherein the information processing device encrypts a value that uniquely identifies a device, A first memory for storing a plurality of layers of codes for forming a decryption key in association with each other; a first control circuit for managing use of the stored code; and the encryption device Alternatively, when the code is used by the decryption device, a transmission circuit that transmits the stored code to the encryption device or the decryption device via a network is provided, and the code is encrypted. It is a plurality of hierarchies from the lowest hierarchy that is indispensable to the upper hierarchy for increasing the strength of the cipher. A first receiving circuit comprising a plurality of layers up to an upper layer for decrypting a cipher, wherein the encryption device receives the code transmitted from the information processing device via the network A second memory for storing the received code, and a first generation circuit for generating a first key for encrypting protection information, which is information to be protected, from the stored code An encryption circuit that encrypts the protection information using the generated first key, and a second control circuit that controls recording of the encrypted protection information on a recording medium, The decoding device stores a second receiving circuit that receives the code transmitted from the information processing device via the network, and a third memory that stores the received code. From the code A second generation circuit for generating a second key for decrypting the protection information, and a third control circuit for controlling reading of the encrypted protection information recorded on the recording medium; And a decryption circuit that decrypts the read protection information using the generated second key.

  In the information processing system according to the first aspect of the present invention, the information processing apparatus associates a value uniquely identifying a device with a code composed of a plurality of hierarchies for forming an encryption or decryption key. If the code is used by the encryption device or decryption device, the stored code is sent to the encryption device or decryption device via the network. The code is a plurality of layers from the lowest layer indispensable for encryption to the upper layer for increasing the strength of the encryption, and from the lowest layer indispensable for decryption, It consists of multiple layers up to the upper layer for decrypting stronger ciphers, and the encryption device receives the code transmitted from the information processing device via the network. The received code is stored, and from the stored code, a first key for encrypting protection information, which is information to be protected, is generated, and protection is performed using the generated first key. The information is encrypted, the recording of the encrypted protected information to the recording medium is controlled, and the decryption device receives the code transmitted from the information processing device via the network, and the received code is A second key for decrypting the protection information is generated from the stored and stored code, and reading of the encrypted protection information recorded on the recording medium is controlled and generated. The read protection information is decrypted using the key 2.

  An encryption apparatus according to a second aspect of the present invention is an encryption apparatus for encrypting protection information, which is information to be protected, recorded on a recording medium. A memory for storing a first code composed of a plurality of layers up to a higher layer for increasing the strength of the data, and a key for encrypting the protection information from the stored first code A generation circuit that encrypts the protection information using the generated key, and a control circuit that controls recording of the encrypted protection information on the recording medium.

  A receiving circuit for receiving the first code transmitted from the information processing apparatus that provides the first code may be further provided, and the received first code is stored in the memory. Can be made.

  The generation circuit may generate the key by combining the first code and a second code that uniquely identifies the recording medium.

  The first code can be composed of a code used for encryption in a layer required for encryption, and can be composed of a known code in a layer unnecessary for other encryption.

  The encryption method according to the second aspect of the present invention is the lowest method indispensable for encryption in the encryption method of the encryption apparatus for encrypting the protection information that is the information to be protected and recorded on the recording medium. A key for storing a first code composed of a plurality of layers from a layer to a higher layer for increasing the strength of encryption, and encrypting the protection information from the stored first code And encrypting the protection information using the generated key, and controlling recording of the encrypted protection information on the recording medium.

  The program according to the second aspect of the present invention is a program that causes a computer to execute an encryption process for encrypting protection information, which is information to be protected, recorded on a recording medium. A code consisting of a plurality of layers from a layer to a higher layer for increasing the strength of encryption is stored, and a key for encrypting the protection information is generated from the stored code and generated And encrypting the protection information using the key and controlling recording of the encrypted protection information on the recording medium.

  The encryption apparatus, method, and program according to the second aspect of the present invention comprise a plurality of layers from the lowest layer indispensable for encryption to a higher layer for increasing the strength of encryption. A first code is stored, a key for encrypting the protection information is generated from the stored first code, and the protection information is encrypted using the generated key, and encrypted. The recording of the protection information on the recording medium is controlled.

  The decryption device according to the third aspect of the present invention is the most indispensable for decryption in the decryption device that decrypts the protection information that is the encrypted information to be protected and is recorded on the recording medium. A memory for storing a code composed of a plurality of layers from a lower layer to a higher layer for decrypting higher-strength encryption, and for decrypting the protection information from the stored code A generation circuit that generates a key of the device, a control circuit that controls reading of the encrypted protection information recorded on the recording medium, and the protection information that has been read using the generated key And a decoding circuit for decoding.

  A receiving circuit for receiving the first code transmitted from the information processing apparatus that provides the first code may be further provided, and the received first code is stored in the memory. Can be made.

  In the generation circuit, when decryption of the protection information fails, the generation circuit has a lower rank than the layer that generated the key used when the decryption failed among the plurality of layers constituting the first code. The key can be generated from the hierarchy.

  The generation circuit may generate the key by combining the first code and a second code that uniquely identifies the recording medium.

  The first code may be composed of a code used for decoding in a layer required for decoding, and may be composed of a known code in a layer unnecessary for other decoding.

  The decryption method according to the third aspect of the present invention is lacking in decryption in the decryption method of the decryption apparatus for decrypting the protection information that is the information to be protected that is recorded on the recording medium. Stores a code consisting of a plurality of layers from the lowest layer that cannot be decrypted to a higher layer for decrypting higher-strength encryption, and decrypts the protection information from the stored code Generating a key for controlling the read-out of the encrypted protection information recorded on the recording medium, and decrypting the read-out protection information using the generated key Includes steps.

  The program according to the third aspect of the present invention is a program that causes a computer to execute a decryption process for decrypting protection information that is encrypted information to be protected and is recorded on a recording medium, and lacks decryption. Stores a code consisting of a plurality of layers from the lowest layer that cannot be decrypted to a higher layer for decrypting higher-strength encryption, and decrypts the protection information from the stored code Generating a key for controlling the read-out of the encrypted protection information recorded on the recording medium, and decrypting the read-out protection information using the generated key Includes steps.

  In the decryption apparatus and method and the program according to the third aspect of the present invention, a plurality of programs from the lowest layer indispensable for decryption to a higher layer for decrypting higher-strength ciphers A code consisting of the following layers is stored, a key for decrypting the protection information is generated from the stored code, and reading of the encrypted protection information recorded on the recording medium is controlled and generated The read protection information is decrypted using the read key.

  The information processing apparatus according to the fourth aspect of the present invention is a plurality of devices each having a common key, and uses the key when recording protection information, which is information to be protected, on a recording medium. Then, when the encrypted protection information is encrypted and the encrypted protection information recorded on the recording medium is reproduced, the device is connected via the network with the device that decrypts the protection information using the key. In an information processing apparatus, a memory that stores a value that uniquely identifies the device and a code that includes a plurality of hierarchies for forming the key, and manages the use of the stored code And a transmission circuit that transmits the stored code to the device via the network when the code is used by the device, and the code lacks encryption. For decrypting higher-strength ciphers from the lowest layer that cannot be decrypted to the upper layer to increase the strength of the cipher, and from the lowest layer that is indispensable for decryption It consists of multiple levels up to the upper level.

  When a new device is connected to the network, the control circuit can cause the code to be assigned to the new device connected to be assigned to the new device connected to the network. Can transmit the assigned code to the new device via the network.

  The control circuit can generate a code having a random value when a predetermined time for updating the key has elapsed, and the transmission circuit can generate the code generated via the network. It can be transmitted to multiple devices.

  A receiving circuit that receives encryption key information related to a key obtained by encrypting the protection information transmitted from the device via the network can be further provided, and the control circuit receives the On the basis of the encrypted key information, the generation of the key obtained by encrypting the protection information can be specified from the stored code, and the transmission circuit can specify the specified generation via the network. It is possible to cause the device to transmit a code corresponding to a key generation.

  The information processing method according to the fourth aspect of the present invention uses a plurality of devices each having a common key, and uses the key when recording protection information, which is information to be protected, on a recording medium. Then, when the encrypted protection information is encrypted and the encrypted protection information recorded on the recording medium is reproduced, the device is connected via the network with the device that decrypts the protection information using the key. In the information processing method of the information processing apparatus, a value that uniquely identifies the device and a code composed of a plurality of hierarchies for forming the key are stored in association with each other, and the stored code is used And, when the code is used by the device, includes controlling the transmission of the stored code to the device via the network, the code being devoid of encryption In order to decrypt a higher-strength cipher from the lowest hierarchy that is indispensable for decryption, which is a plurality of hierarchies from the lowest hierarchy that cannot be decrypted to a higher hierarchy for increasing the strength of the cipher It consists of a plurality of layers up to the upper layer.

  The program according to the fourth aspect of the present invention uses a plurality of devices each having a common key, and records the protection information, which is information to be protected, on the recording medium. When the protection information is encrypted and the encrypted protection information recorded on the recording medium is reproduced, the device is connected via a network to the device that decrypts the protection information using the key. In a program that causes a computer to execute information processing of an information processing device, a value that uniquely identifies the device and a code that includes a plurality of hierarchies for forming the key are stored in association with each other and stored Managing the use of a code and, when the code is used by the device, including controlling the transmission of the stored code to the device via the network, The code is composed of a plurality of layers from the lowest layer that is indispensable for encryption to the upper layer for increasing the strength of the encryption. It consists of a plurality of hierarchies up to a higher hierarchy for decrypting a high cipher.

  In the information processing apparatus, the information processing method, and the program according to the fourth aspect of the present invention, a value that uniquely identifies a device and a code that includes a plurality of hierarchies for forming a key are stored in association with each other, When the use of the stored code is managed and the code is used by the device, the stored code is transmitted to the device via the network, and the code is the lowest layer indispensable for encryption. To a higher hierarchy for increasing the strength of the cipher, from the lowest hierarchy indispensable for decryption to the upper hierarchy for decrypting a stronger cipher It consists of multiple levels.

  As described above, according to the first aspect of the present invention, protection information can be protected. In particular, according to the first aspect of the present invention, it is possible to define an appropriate level of security and appropriately protect the protection information.

  According to the second aspect of the present invention, the protection information can be protected. In particular, according to the second aspect of the present invention, the protection information can be encrypted at an appropriate level of security.

  According to the third aspect of the present invention, the protection information can be protected. In particular, according to the third aspect of the present invention, it is possible to decrypt protection information encrypted at an appropriate level of security.

  According to the fourth aspect of the present invention, the protection information can be protected. In particular, according to the fourth aspect of the present invention, it is possible to define an appropriate level of security and appropriately protect the protection information.

  Embodiments of the present invention will be described below. Correspondences between constituent elements of the present invention and the embodiments described in the specification or the drawings are exemplified as follows. This description is intended to confirm that the embodiments supporting the present invention are described in the specification or the drawings. Therefore, even if there is an embodiment which is described in the specification or the drawings but is not described here as an embodiment corresponding to the constituent elements of the present invention, that is not the case. It does not mean that the form does not correspond to the constituent requirements. Conversely, even if an embodiment is described here as corresponding to a configuration requirement, that means that the embodiment does not correspond to a configuration requirement other than the configuration requirement. It's not something to do.

  Further, this description does not mean that the invention corresponding to the specific examples described in the specification or the drawings is described in the claims. In other words, this description is an invention corresponding to a specific example described in the specification or drawings, and there is an invention that is not described in the claims of this application, that is, a divisional application may be made in the future. The existence of an invention added by amendment is not denied.

  An information processing system according to a first aspect of the present invention includes an encryption device (for example, the recording device 11 in FIG. 1), a decryption device (for example, the playback device 12 in FIG. 1), and an information processing device (for example, FIG. 1). In the information processing system (for example, the recording / reproducing system 1 in FIG. 1) including the key management server 14), the information processing apparatus (for example, the key management server 14 in FIG. 1) A first memory (for example, the memory 84 in FIG. 5) for storing a code consisting of a plurality of layers (for example, an identification ID code) for forming a key for encryption or decryption in association with each other; When the code is used by a first control circuit (for example, the key management control circuit 81 in FIG. 5) that manages the use of the code and the encryption device or the decryption device, via a network, Memory A transmission circuit (for example, the transmission circuit 82 in FIG. 5) that transmits the code being transmitted to the encryption device or the decryption device, the code from the lowest layer that is indispensable for encryption, Multiple hierarchies up to the upper hierarchy for increasing the strength of the cipher, from the lowest hierarchy that is indispensable for decryption to the upper hierarchy for decrypting stronger ciphers The encryption device (for example, the recording device 11 in FIG. 1) includes a first receiving circuit (for example, FIG. 3) that receives the code transmitted from the information processing device via the network. Receiving circuit 35), a second memory for storing the received code (for example, memory 33 in FIG. 3), and encryption of protection information, which is information to be protected, from the stored code of A first generation circuit that generates a first key (for example, the key generation circuit 31a in FIG. 3) and an encryption circuit that encrypts the protection information by using the generated first key (for example, 3 and a second control circuit (for example, recording / reproducing of FIG. 3) for controlling recording of the encrypted protection information on the recording medium (for example, recording medium 51 of FIG. 3). Circuit 32), and the decoding device (for example, the reproduction device 12 in FIG. 1) receives a second reception circuit (for example, the code transmitted from the information processing device via the network). 4, a third memory for storing the received code (for example, the memory 63 in FIG. 4), and a second memory for decrypting the protection information from the stored code. A second generation circuit (for example, FIG. Key generation circuit 61a) and a third control circuit (for example, FIG. 4) that controls reading of the encrypted protection information recorded on the recording medium (for example, recording medium 51 of FIG. 4). A recording / reproducing circuit 62), and a decryption circuit (for example, the decryption circuit 64 in FIG. 4) for decrypting the read protection information using the generated second key.

  The encryption apparatus according to the second aspect of the present invention is an encryption apparatus (for example, FIG. 3) that encrypts protection information, which is information to be protected, recorded on a recording medium (for example, the recording medium 51 of FIG. 3). In the recording device 11), a memory (for example, FIG. 3) stores a first code composed of a plurality of layers from the lowest layer indispensable for encryption to a higher layer for increasing the strength of encryption. Memory 33), a generation circuit for generating a key for encrypting the protection information from the stored first code (for example, the key generation circuit 31a in FIG. 3), and the generated key And an encryption circuit for encrypting the protection information (for example, the encryption processing circuit 34 in FIG. 3) and a control circuit for controlling recording of the encrypted protection information on the recording medium (for example, The recording / reproducing circuit 32) of FIG. Obtain.

  The encryption device according to the second aspect further includes a receiving circuit (for example, the receiving circuit 35 in FIG. 3) that receives the first code transmitted from the information processing device that provides the first code. The memory can store the received first code (for example, the process of step S75 in FIG. 11).

  The generation circuit can generate the key by combining the first code and a second code that uniquely identifies the recording medium (for example, the process of step S14 in FIG. 6).

  The first code is composed of a code used for encryption in a layer required for encryption, and is composed of a known code in a layer unnecessary for encryption. it can.

  The encryption method or program according to the second aspect of the present invention is a protection that is recorded on a recording medium, in an encryption method of an encryption device that encrypts protection information that is information to be protected, or recorded on a recording medium. In a program that causes a computer to execute encryption processing for encrypting protection information that is information to be transmitted, a plurality of programs from a lowest layer indispensable for encryption to a higher layer for increasing the strength of encryption A first code consisting of a hierarchy is stored (for example, the process of step S13 in FIG. 6), and a key for encrypting the protection information is generated from the stored first code (for example, FIG. 6), the protection information is encrypted using the generated key (for example, the process of step S15 of FIG. 6), and the encrypted protection information Controlling the recording on a recording medium (for example, step S16 in FIG. 6) includes the step.

  The decryption apparatus according to the third aspect of the present invention is a decryption apparatus that decrypts protection information that is encrypted and is protected information that is recorded on a recording medium (for example, the recording medium 51 of FIG. 4). (For example, the playback device 12 in FIG. 4) stores codes composed of a plurality of layers from the lowest layer indispensable for decryption to a higher layer for decrypting higher-strength ciphers. A memory (for example, the memory 63 in FIG. 4), a generation circuit (for example, the key generation circuit 61a in FIG. 4) that generates a key for decrypting the protection information from the stored code, The protection read out using the control circuit (for example, the recording / reproducing circuit 62 in FIG. 4) that controls reading of the encrypted protection information recorded in the recording medium and the generated key. Decrypt information Goka circuit (e.g., the decoding processing circuit 64 of FIG. 4) and a.

  The decoding device according to the third aspect further includes a receiving circuit (for example, the receiving circuit 65 in FIG. 4) that receives the first code transmitted from the information processing device that provides the first code. The memory can store the received first code (for example, the process of step S75 in FIG. 11).

  If the generation circuit fails to decrypt the protection information, the generation circuit is a layer lower than the layer that generated the key used when the decryption failed among the plurality of layers constituting the first code The key can be generated from (for example, the process of step S33 in FIG. 7).

  The generation circuit can generate the key by combining the first code and a second code for uniquely identifying the recording medium (for example, the process of step S33 in FIG. 7).

  The first code is composed of a code used for decoding in a layer required for decoding, and is composed of a known code in a layer unnecessary for decoding. it can.

  The decryption method or program according to the third aspect of the present invention provides a decryption method or a decryption method for decrypting protection information, which is encrypted information to be protected, recorded on a recording medium. In a program that causes a computer to execute decryption processing for decrypting protected information that is encrypted information to be protected recorded on a medium, higher strength is provided from the lowest layer that is indispensable for decryption. A code composed of a plurality of layers up to a higher layer for decrypting the cipher of the code is stored (for example, the process of step S32 in FIG. 7), and the protection information is decrypted from the stored code. A key for generating (for example, the process of step S33 of FIG. 7), and controlling reading of the encrypted protection information recorded on the recording medium (for example, Processing in step S34 in FIG. 7), by using the generated key, to decrypt the protected information read (e.g., including processing) step in step S35 in FIG. 7.

  The information processing apparatus according to the fourth aspect of the present invention is a plurality of devices each having a common key, and uses the key when recording protection information, which is information to be protected, on a recording medium. Then, when the encrypted protection information is encrypted and the encrypted protection information recorded on the recording medium is reproduced, the device is connected via the network with the device that decrypts the protection information using the key. In the information processing apparatus (for example, the key management server 14 in FIG. 5), a value for uniquely identifying the device and a code (for example, an identification ID code) composed of a plurality of layers for forming the key are obtained. Corresponding memory (for example, the memory 84 in FIG. 5), a control circuit (for example, the key management control circuit 81 in FIG. 5) for managing the use of the stored code, and the code by the device. Used A transmission circuit (for example, the transmission circuit 82 in FIG. 5) that transmits the stored code to the device via the network, and the code is the lowest order that is essential for encryption. Multiple hierarchies, from the lowest hierarchy that is indispensable for decryption to the upper hierarchy for decrypting stronger ciphers. It consists of multiple hierarchies.

  When a new device is connected to the network, the control circuit allocates the specified code including a predetermined layer to the connected new device (for example, step S56 in FIG. 8). The transmission circuit can transmit the assigned code to the new device via the network (for example, the process of step S57 in FIG. 8).

  The control circuit can generate a code having a random value when a predetermined time for updating the key has elapsed (for example, the process of step S92 in FIG. 12), and the transmission circuit Thus, the generated code can be transmitted to the plurality of devices (for example, the process of step S93 in FIG. 12).

  The information processing apparatus according to the fourth aspect includes a receiving circuit (for example, FIG. 5) that receives encrypted key information related to a key obtained by encrypting the protection information transmitted from the device via the network. And the control circuit specifies a generation of a key obtained by encrypting the protection information from the stored code based on the received encryption key information (for example, FIG. 15). The transmission circuit transmits a code corresponding to the specified generation of the key to the device via the network (for example, the process of step S133 in FIG. 15). Can do.

  The information processing method or program according to the fourth aspect of the present invention is a plurality of devices each having a common key, and when the protection information, which is information to be protected, is recorded on a recording medium, the key When encrypting the protection information using the key and reproducing the encrypted protection information recorded on the recording medium, the device decrypts the protection information using the key and the network. In the information processing method of the information processing apparatus connected to each other or when a plurality of devices each having a common key are set and the protection information, which is information to be protected, is recorded on the recording medium, the key is When using the device to encrypt the protection information and reproducing the encrypted protection information recorded on the recording medium, the device decrypts the protection information using the key and the network. Contact In a program for causing a computer to execute information processing of the information processing apparatus to be executed, a value that uniquely identifies the device and a code including a plurality of hierarchies for forming the key are stored in association with each other (for example, FIG. 8 (step S54 and step S59), the use of the stored code is managed (for example, step S56 in FIG. 8), and the code is used via the network when the device is used. , Including the step of controlling transmission of the stored code to the device (for example, the process of step S57 in FIG. 8), wherein the code is encrypted from the lowest layer indispensable for encryption. The higher-strength ciphers are restored from the lowest hierarchy that is indispensable for decryption. Consisting of a plurality of hierarchies to higher hierarchy to reduction.

  The program of the second aspect, the third aspect, or the fourth aspect of the present invention can be recorded on a recording medium (for example, the removable medium 221 in FIG. 16).

  Hereinafter, embodiments of the present invention will be described with reference to the drawings.

  FIG. 1 is a block diagram showing a configuration of an embodiment of a recording / reproducing system 1 to which the present invention is applied.

  The recording / playback system 1 is, for example, a system that protects content by encrypting content (Link Encryption). As of May 2006, SMPTE (Society of Motion Picture and Television Engineers) 427M “Link Encryption for 1.5Gb / s1 Serial Digital Interface ”. In the recording / reproducing system 1, the recording device 11 </ b> A, the recording device 11 </ b> B, the reproducing device 12 </ b> A, the reproducing device 12 </ b> B, the recording / reproducing device 13, and the key management server 14 that exchange protection information are mutually connected via the network 15. Configured to connect to.

  The form of the protection information is not particularly limited, but in the present embodiment, the content includes video, more precisely, the content is converted into an electric signal or is fixed as a signal on a recording medium. To do. However, hereinafter, for the sake of simplicity, the form in which the content is converted into an electric signal or the form in which the content is fixed as a signal on the recording medium will be simply referred to as content. In addition, for example, in this embodiment, the content is HD-SDI (it-Serial Digital Interface for High-Definition Television Systems) data defined by SMPTE 292M, and is composed of one or more frames. Assume baseband data. Note that the content is not limited to this embodiment, and may be, for example, compressed digital audio / video data.

  The recording device 11A is, for example, a so-called camcorder or deck, and records content on a recording medium such as an optical disk attached. At that time, the recording device 11A generates a key based on a predetermined encryption method, encrypts the content using the key, and records the content on the recording medium.

  By the way, there are roughly two types of encryption methods, a common key encryption method and a public key encryption method. In the common key encryption method, the sender and the receiver have a common key (generally referred to as a common key. Therefore, this is also referred to as a common key. However, in this embodiment, it is simply described as “key”. In this case, the sender performs encryption using the common key, and the receiver performs decryption using the common key. Also, in the public key encryption method, the sender and the receiver have different keys, so that the sender encrypts with the public encryption key, and the receiver uses the decryption key that only the self knows. Decrypt. In this embodiment, the common key encryption method is adopted as the encryption method.

  That is, in the example of FIG. 1, in order to protect content exchanged by a plurality of devices, an environment composed of the plurality of devices may be formed as follows. That is, when a common key is set for each of a plurality of devices and content is transmitted from a predetermined one of the plurality of devices to another one, the predetermined one uses the common key Then, it is only necessary to form an environment in which the content is encrypted and transmitted, and the encrypted content is decrypted by another device using a common key. Therefore, in the environment of the example of FIG. 1, such an operation is performed between a plurality of devices.

  Further, the common key used in the common key encryption method in the present embodiment is, for example, as shown in FIG. 2, a first code, a second code, and a third code as identification ID codes, and an individual ID. It is formed by combining a recording medium ID code as a code.

  Here, the identification ID code is a unique code assigned to each device from the key management server 14 described later. As the identification ID code, for example, a plurality of codes are assigned like the first code to the third code, and these codes are used hierarchically. That is, in the example of FIG. 2, the identification ID code is a code used for encryption in the codes up to the required layer among the first code to the third code, and other unnecessary layers For example, a known code such as a fixed value or zero is written in the code.

  The individual ID code is a code used to allow only a specific device or user to decrypt the content recorded on the recording medium. Specifically, since a unique recording medium ID code that cannot be rewritten is recorded on the rewritable recording medium, the individual ID code is formed from the recording medium ID code, for example. As a result, even if the content recorded on the recording medium is illegally copied to another recording medium, the recording medium ID code is different from the other recording medium, so that the content recorded on the other recording medium is reproduced. The device that performs the process cannot decrypt and reproduce the illegally copied content. The individual ID code may be formed from, for example, a password set by the user. Thereby, the user can reproduce the content recorded on the recording medium only after inputting a predetermined password.

  The identification ID code and the individual ID code are combined to form a key used for encryption or decryption. Hereinafter, for the sake of simplicity, the first code to the third code and the recording medium ID code are used. The level of security by a key generated by combining the two is called “level 3”, and the key generated by combining the first code, the second code, and the recording medium ID code (at this time, fixed to the third code) The level of security by which a known code such as a value is written) is referred to as “level 2”, and a key generated by combining the first code and the recording medium ID code (at this time, the second code and the third code) Will be described as "level 1". That is, the security level increases in the order of level 1, level 2, and level 3 in proportion to the number of codes to be hierarchized.

  Hereinafter, content that can be decrypted with the level 3 key is referred to as “level 3 content”, and content that can be decrypted with the level 2 key is referred to as “level 2 content”, and can be decrypted with the level 1 key. The content will be described as “level 1 content”. That is, the level of security increases in the order of level 1 content, level 2 content, and level 3 content.

  In the present embodiment, the security level includes, for example, lower security levels than the user. Specifically, for example, a device that holds a level 3 key encrypts content at level 1 or level 2 in addition to level 3, or level 1 content in addition to level 3 content. Content or level 2 content can be decrypted. Similarly, for example, a device that holds a level 2 key encrypts content at level 1 in addition to level 2 or decrypts content at level 1 in addition to level 2 content. Can be realized. Note that, for example, a device holding a level 1 key with the lowest security level can encrypt content at level 1 or decrypt level 1 content.

  As a more specific example of the security level, when a device constituting the recording / reproducing system 1 is a device used in an organization such as a company, for example, a device holding a level 1 key is: For example, a device that corresponds to a terminal used by all employees belonging to a program production company and holds a level 2 key is used by an employee belonging to a predetermined department such as a production department. A device that corresponds to a terminal and holds a level 3 key corresponds to, for example, a terminal used by an employee who belongs to a project that produces a music program in the production department or a group unit of the same job. Thus, for example, level 3 content produced in a project that produces a music program in the production department can be reproduced without being decrypted by a terminal other than the terminal used by an employee belonging to the project. Disappear.

  Here, as the common key encryption method, for example, an AES (Advanced Encryption Standard) 128-bit method is adopted. At this time, since the key length is 128 bits, for example, the first code to the third code are each formed as 32 bits, and the recording medium ID code is formed as 32 bits.

  In the example of FIG. 2, the identification ID code has been described as being hierarchically formed by three codes of the first code to the third code. However, the identification ID code is not limited to this and is hierarchically formed by a number other than three codes. It may be formed. Further, in the example of FIG. 2, since the AES128bit method is adopted as the common key encryption method in the example of FIG. 2, it has been described as 128 bits. However, other lengths may be selected according to the required encryption strength. Absent. For example, when DES (Data Encryption Standard) is adopted as the common key encryption method, the key length is 56 bits.

  In the above-described example, the key is described as being configured by combining the identification ID code and the individual ID code. However, in the present embodiment, the key is not limited thereto, and the key is configured only by the identification ID code. It may be.

  Returning to FIG. 1, the first code to the third code are expressed in the block of the recording apparatus 11 </ b> A. This is because the code used for encryption is written by the key management server 14. It shows that the 1st code to the 3rd code are assigned to the recording apparatus 11A. The relationship between the recording apparatus 11A and the code is the same in other devices described later.

  That is, the recording apparatus 11A generates a level 3 key, for example, by combining the first code to the third code and the recording medium ID code, and encrypts the content using the key. As a result, the content encrypted by the recording device 11A is encrypted using the level 3 key, and is therefore encrypted at the highest security level.

  As with the recording device 11A, the recording device 11B encrypts and records the content on the attached recording medium. At this time, since the recording device 11B stores the first code and the second code in which the code used for encryption is written, for example, the first code and the second code are combined with the recording medium ID code. The content is encrypted using the level 2 key generated in this way. As a result, the recording device 11B encrypts using the level 2 key, so that the content is encrypted at a lower security level than the recording device 11A that encrypts using the level 3 key. become.

  In the following description, the recording device 11A, the recording device 11B, and a recording device 11C (not shown) to be described later will be simply referred to as the recording device 11 when there is no need to distinguish them.

  The playback device 12A is, for example, a so-called deck, and reads and plays back the content recorded on the attached recording medium. Further, the playback device 11B stores a first code, a second code, and a third code in which a code used for decoding is written. For example, the first code, the second code, and the third code And a recording medium ID code read from the recording medium are combined to generate a level 3 key. Then, the playback device 12A uses the generated level 3 key to decrypt and play back the encrypted content recorded on the recording medium. Thereby, the playback device 12A can decrypt the encrypted content with the highest security level.

  Similar to the playback device 12A, the playback device 12B decrypts and plays back the content read from the attached recording medium. At this time, since the playback device 12B stores the first code, the content is decrypted using, for example, a level 1 key generated by combining the first code and the recording medium ID code. As a result, since the playback device 12B decrypts the content using the level 1 key, the content is subjected to decryption with a lower security level than the playback device 12A decrypts using the level 3 key. become. In other words, the playback device 12B can decrypt level 1 content, but cannot decrypt, for example, level 2 or level 3 content encrypted with a key of level 2 or higher.

  In the following description, when it is not necessary to distinguish between the playback device 12A and the playback device 12B, the playback device 12 will be simply referred to.

  The recording / reproducing apparatus 13 is, for example, a so-called deck or the like, and encrypts and records content on a mounted recording medium. Further, the recording / reproducing apparatus 13 decrypts and reproduces the content recorded on the attached recording medium. In other words, it can be said that the recording / reproducing apparatus 13 is a device having the functions of both the recording apparatus 11 and the reproducing apparatus 12.

  In addition, since the recording / reproducing apparatus 13 stores the first code to the third code, for example, the level 3 key is obtained by combining the first code to the third code and the recording medium ID code read from the recording medium. The content is generated and the content is encrypted or decrypted using the level 3 key. Thereby, the recording / reproducing apparatus 13 can perform encryption or decryption at the highest security level.

  The key management server 14 manages data related to a key used for content encryption or decryption by a device connected to the network 15. Specifically, the key management server 14 corresponds to, for example, a device ID for identifying a device connected to the network 15 in the device database shown in FIG. 9 or the key database shown in FIG. Data relating to the key is managed by registering the value of the first code to the value of the third code.

  Moreover, the key management server 14 updates the data regarding the key registered in the key database of FIG. 10 mentioned later suitably as needed, for example. In this case, the key management server 14 leaves the update history in the key database of FIG.

  The number of devices connected to the network 15 is five in the example of FIG. 1, that is, the recording device 11A, the recording device 11B, the reproducing device 12A, the reproducing device 12B, and the recording / reproducing device 13. The number is not limited to the number shown in FIG. 1, and any number may be used, and the key management server 14 can set keys of any security level for these devices.

  For example, Ethernet (trademark) is adopted as the network 15 in this embodiment, but digital video / audio compression such as IEEE1394 (Institute of Electrical and Electronic Engineers 1394) or Fiber Channel (trademark) is also used. The network is not particularly limited as long as it can transmit data or baseband data. In this embodiment, for example, HD-SDI defined in SMPTE 292M is adopted as a transmission form of content by a device connected to the network 15, that is, a transmission interface. However, the transmission interface is not limited to the example of the present embodiment, and any other interface capable of transmitting a digital image / audio baseband signal or a compressed signal such as SDI (Serial Digital Interface) is sufficient.

  In communication between devices connected to the network 15, various types of information are exchanged using, for example, encrypted information or hash values in order to prevent information leakage.

  FIG. 3 is a block diagram illustrating an example of a functional configuration of the recording apparatus 11.

  The recording device 11 includes an encryption control circuit 31, a recording / reproducing circuit 32, a memory 33, an encryption processing circuit 34, a reception circuit 35, and a transmission circuit 36. A recording medium 51 is also attached to the recording apparatus 11 as appropriate.

  The encryption control circuit 31, the recording / reproducing circuit 32, the encryption processing circuit 34, the reception circuit 35, and the transmission circuit 36 cooperate with software, for example, to realize calculation or processing of information according to the purpose. It can also be configured by a circuit that is a hardware resource such as a CPU (Central Processing Unit) 211 in FIG. Here, a circuit including a circuit that executes processing by software and a circuit that executes processing by hardware are referred to as a circuit. The configuration of such a circuit is the same in other drawings described later.

  In other words, a series of processes described below can be executed by hardware or can be executed by software.

  The recording / reproducing circuit 32 performs various processes for recording content on the recording medium 51. The recording / reproducing circuit 32 reads the recording medium ID code from the recording medium 51 and supplies the read recording medium ID code to the encryption control circuit 31. Note that the recording / reproducing circuit 32 can perform a process of reproducing the content recorded on the recording medium 51 in addition to the above-described process of recording the content on the recording medium 51.

  The receiving circuit 35 receives the identification ID code formed from the first code to the third code, for example, transmitted from the key management server 14 via the network 15, and supplies the received identification ID code to the memory 33. To do.

  The memory 33 is composed of, for example, a nonvolatile memory or a hard disk. The memory 33 stores, for example, an identification ID code formed from the first code to the third code supplied from the receiving circuit 35. The memory 33 supplies the stored identification ID code to the encryption control circuit 31 in response to a request from the encryption control circuit 31.

  The encryption control circuit 31 controls the encryption processing circuit 34 to encrypt the input content. Specifically, for example, when content encryption is instructed by a user operation, the recording medium ID code is supplied from the recording / reproducing circuit 32 to the encryption control circuit 31, and the first code to the first code are supplied from the memory 33. An identification ID code formed from three codes is supplied. Then, the encryption control circuit 31 generates a key used for encryption by combining the supplied first code to third code and the recording medium ID code, and supplies the generated key to the encryption processing circuit. To do.

  The encryption control circuit 31 is configured to include a key generation circuit 31a.

  The key generation circuit 31a generates a key used for encryption by combining the identification ID code and the recording medium ID code. Specifically, the key generation circuit 31a combines the first to third codes (32 bits × 3) and the recording medium ID code (32 bits) to generate the 128-bit AES encryption key shown in FIG. Is generated.

  The encryption processing circuit 34 encrypts the input content using the encryption key supplied from the encryption control circuit 31 based on the control of the encryption control circuit 31. The encryption processing circuit 34 supplies the encrypted content to the recording / reproducing circuit 32. Specifically, for example, the encryption processing circuit 34 uses the 128-bit AES encryption key of FIG. 2 from the encryption control circuit 31 to perform AES encryption processing on the input content. .

  The recording / reproducing circuit 32 records the encrypted content supplied from the encryption processing circuit 34 on the recording medium 51. As a result, the encrypted content is recorded on the recording medium 51. The recording medium 51 is, for example, an optical disk in the present embodiment, but is not particularly limited as long as it is a medium capable of recording image / audio data, such as a tape, a hard disk, or a memory card.

  The memory 33 stores device ID, which is information for uniquely identifying the recording device 11 and is information that is prohibited from being rewritten by the user. The memory 33 supplies the stored device ID to the transmission circuit 36 in response to a request transmitted from the key management server 14 via the network 15.

  The transmission circuit 36 transmits the device ID supplied from the memory 33 to the key management server 14 via the network 15.

  FIG. 4 is a block diagram illustrating an example of a functional configuration of the playback device 12.

  The playback device 12 includes a decoding control circuit 61, a recording / playback circuit 62, a memory 63, a decoding processing circuit 64, a receiving circuit 65, and a transmitting circuit 66. A recording medium 51 is also attached to the playback device 12 as appropriate.

  The recording / reproducing circuit 62 performs various processes for reproducing the content recorded on the recording medium 51. Specifically, the recording / reproducing circuit 62 reproduces the content recorded on the recording medium 51 and supplies the reproduced content to the decryption processing circuit 64.

  The recording / reproducing circuit 62 reads the recording medium ID code from the recording medium 51 and supplies the read recording medium ID code to the decoding control circuit 61. Note that the recording / reproducing circuit 62 can perform a process of recording the content on the recording medium 51 in addition to the above-described process of reproducing the content recorded on the recording medium 51.

  The receiving circuit 65 receives the identification ID code formed from the first code to the third code, for example, transmitted from the key management server 14 via the network 15, and supplies the received identification ID code to the memory 63. To do.

  The memory 63 is composed of, for example, a nonvolatile memory or a hard disk. The memory 63 stores, for example, an identification ID code formed from the first code to the third code supplied from the receiving circuit 65. The memory 63 supplies the stored identification ID code to the decryption control circuit 61 in response to a request from the decryption control circuit 61.

  The decryption control circuit 61 controls the decryption processing circuit 64 to decrypt the encrypted content recorded on the recording medium 51. Specifically, when the recording medium 51 is reproduced, the decoding control circuit 61 is supplied with the recording medium ID code from the recording / reproducing circuit 51, and the identification ID code formed from the first code to the third code from the memory 63. Is supplied. Then, the decryption control circuit 61 generates a key used for decryption by combining the supplied first to third codes and the recording medium ID code, and sends the generated key to the decryption processing circuit 64. Supply.

  The key generation circuit 61a generates a key used for decryption by combining the identification ID code and the recording medium ID code. Specifically, the key generation circuit 61a combines the first to third codes (32 bits × 3) and the recording medium ID code (32 bits) to generate the 128-bit AES decryption key shown in FIG. Is generated.

  Based on the control of the decryption control circuit 61, the decryption processing circuit 64 decrypts the content supplied from the recording / reproducing circuit 62 using the decryption key supplied from the decryption control circuit 61. When the decryption processing circuit 64 succeeds in decrypting the content, the decryption processing circuit 64 outputs the decrypted content. Specifically, the decryption processing circuit 64 uses the 128-bit AES decryption key of FIG. 2 from the decryption control circuit 61 to perform AES decryption processing on the content from the recording / playback circuit 62. Apply.

  The decryption processing circuit 64 indicates that the decryption has failed when the decryption of the content using the key from the decryption control circuit 61 fails, that is, when the content cannot be decrypted normally. The notification is supplied to the decryption control circuit 61. Then, in accordance with the notification from the decryption processing circuit 64, the decryption control circuit 61 generates a key by combining the identification ID code with one layer down and the recording medium ID code. Specifically, the decryption control circuit 61 generates a key by combining, for example, the first code and the second code of the first code to the third code, and the recording medium ID code, and again, the key Is supplied to the decryption processing circuit 64.

  The decryption processing circuit 64 supplied with the second key decrypts the content supplied from the recording / reproducing circuit 62 using the second key. When the decryption processing circuit 64 succeeds in decrypting the content using the second key, the decryption processing circuit 64 outputs the decrypted content, but the content decryption fails even if the second key is used. In this case, a notification indicating that the decoding has failed is supplied to the decoding control circuit 61 again. Then, the decryption control circuit 61 that has received the notification again generates a key by combining the identification ID code and the recording medium ID code, which is one level lower. Specifically, for example, the decryption control circuit 61 generates a key by combining the first code of the first code to the third code and the recording medium ID code, and decrypts the key again. This is supplied to the circuit 64.

  The decryption processing circuit 64 to which the third key is supplied decrypts the content supplied from the recording / reproducing circuit 62 by using the third key. When the decryption processing circuit 64 succeeds in decrypting the content using the third key, the decryption processing circuit 64 outputs the decrypted content, but the decryption of the content fails even if the third key is used. In this case, the content recorded on the recording medium 51 cannot be decrypted.

  In other words, at this time, the playback device 12 has not been given the security level authority for decrypting the content from the key management server 14. Specifically, if the playback device 12 fails to decrypt the content even if the third key is used, the third key is the last layer of the first code to the third code. Since the key is generated from one code, the hierarchy cannot be lowered, and no new key can be generated. Therefore, the content recorded on the recording medium 51 cannot be decrypted. In other words, the playback device 12 sequentially generates a key used for decryption while lowering the hierarchy of the identification ID code according to the decryption result, and decrypts the content using the sequentially generated key. It can also be said.

  Note that the method for decrypting the content is not limited to the above-described example. For example, together with the content recorded on the recording medium 51, a flag indicating at which security level the content is encrypted is recorded. Then, the playback device 12 refers to the flag recorded in the recording medium 51 and compares the security level indicated by the flag with the security level of the key held by itself, thereby A method such as decoding may be used.

  In addition, the memory 63 stores a device ID that is information for uniquely specifying the playback device 12 and is information that is prohibited from being rewritten by the user. The memory 63 supplies the stored device ID to the transmission circuit 66 in response to a request transmitted from the key management server 14 via the network 15.

  The transmission circuit 66 transmits the device ID supplied from the memory 63 to the key management server 14 via the network 15.

  Further, the recording / reproducing circuit 62 reads out information related to the recorded date of the content recorded on the recording medium 51. The recording / reproducing circuit 62 supplies the read information related to the date to the decoding control circuit 61.

  The decryption control circuit 61 generates a request for confirming the key generation based on the information about the date supplied from the recording / reproducing circuit 62. The decryption control circuit 61 supplies the generated request to the transmission circuit 66.

  The transmission circuit 66 transmits a request for confirming the generation of the key supplied from the decryption control circuit 61 to the key management server 14 via the network 15.

  It should be noted that the configuration of the recording / reproducing apparatus 13 having both functions can be easily understood by appropriately referring to the description of the functional configuration examples of the recording apparatus 11 and the reproducing apparatus 12 described above. Description of an example of the functional configuration of the recording / reproducing apparatus 13 is omitted. Further, the description of the operation of the recording / reproducing apparatus 13 is omitted for the same reason.

  FIG. 5 is a block diagram illustrating an example of a functional configuration of the key management server 14.

  The key management server 14 includes a key management control circuit 81, a transmission circuit 82, a reception circuit 83, and a memory 84.

  The key management control circuit 81 causes each unit to execute processing related to management of keys used for encryption or decryption in a device connected to the network 15.

  The key management control circuit 81 is configured to include a registration control circuit 81a, an identification ID code generation circuit 81b, and a key generation identification circuit 81c.

  For example, in response to a security level setting instruction by a user operation, the registration control circuit 81a gives an identification ID code such as a first code, a second code, or a third code to a device newly connected to the network 15. Assign. The registration control circuit 81a registers the identification ID code assigned to the new device, for example, in the device database shown in FIG.

  The identification ID code generation circuit 81b generates identification ID code values such as a first code, a second code, and a third code, and supplies the generated identification ID code values to the registration control circuit 81a. At that time, in order to make it difficult to decrypt the content, a random value is usually used as the identification ID code. That is, the identification ID code values such as the first code, the second code, and the third code are generated by a random number generator (not shown) built in the identification ID code generation circuit 81b, and the integrity and confidentiality are generated. Is stored safely.

  Further, the registration control circuit 81a registers the values of the identification ID codes such as the first code, the second code, and the third code from the identification ID code generation circuit 81b, for example, in the key database shown in FIG.

  The key generation specifying circuit 81c is an encryption used when recording a certain content on the recording medium 51 in response to a request transmitted from a device that reproduces the content recorded on the recording medium 51 via the network 15. The generation key when the content is encrypted is determined by determining whether the generation of the decryption key formed by the identification ID code stored in the device that reproduces the content matches the generation key. Identify.

  The transmission circuit 82 transmits various data to devices connected to the network 15 via the network 15 based on the control of the key management control circuit 81. The receiving circuit 83 receives various data from devices connected to the network 15 via the network 15 based on the control of the key management control circuit 81.

  The memory 84 is composed of, for example, a nonvolatile memory or a hard disk. The memory 84 stores, for example, a device database shown in FIG. 9 and a key database shown in FIG.

  Next, with reference to FIGS. 6 to 11, specific operations of the respective devices constituting the recording / reproducing system 1 will be described. First, encryption recording processing by the recording apparatus 11 of FIG. 3 will be described with reference to the flowchart of FIG. At this time, it is assumed that a rewritable recording medium 51 is attached to the recording apparatus 11.

  In step S11, the encryption control circuit 31 determines whether encryption is instructed based on an encryption instruction supplied in response to a user operation.

  If it is determined in step S11 that encryption is not instructed by the user, the process returns to step S11 and the above-described processing is repeated. That is, encryption of content to be recorded on the recording medium 51 is instructed by a user's operation on the recording device 11, and the process of step S11 is repeated until it is determined in step S11 that the user has instructed encryption. .

  On the other hand, when it is determined in step S11 that the encryption is instructed by the user, in step S12, the recording / reproducing circuit 32 reads the recording medium ID code as the individual ID code from the mounted recording medium 51, The recording medium ID code is supplied to the encryption control circuit 31.

  In step S <b> 13, the encryption control circuit 31 reads the first code to the third code as identification ID codes stored in the memory 33. As a result, the encryption control circuit 31 is supplied with the recording medium ID code and the first to third codes.

  In step S14, the key generation circuit 31a generates an encryption key by combining the first to third codes and the recording medium ID code, and supplies the key to the encryption processing circuit 34. Specifically, for example, as shown in FIG. 2, the key generation circuit 31a combines a first code to a third code (32 bits × 3) and a recording medium ID code (32 bits) to generate a 128-bit AES. Generate a key for encryption.

  At this time, for example, in the recording apparatus 11A (FIG. 1), the encryption control circuit 31 generates a level 3 key by combining the first code to the third code and the recording medium ID code, and the recording apparatus 11B ( In FIG. 1), the encryption control circuit 31 generates a level 2 key by combining the first code, the second code, and the recording medium ID code.

  In step S <b> 15, the encryption processing circuit 34 performs encryption processing on the input content using the key supplied from the encryption control circuit 31, and supplies the encrypted content to the recording / reproducing circuit 32. . Specifically, the encryption processing circuit 34 performs AES encryption processing on the input content using the 128-bit AES encryption key shown in FIG.

  At this time, for example, in the recording device 11A (FIG. 1), the encryption processing circuit 34 performs AES encryption processing on the input content using the level 3 key, and in the recording device 11B (FIG. 1). The encryption processing circuit 34 performs an AES encryption process on the input content using the level 2 key.

  In step S <b> 16, the recording / reproducing circuit 32 records the encrypted content supplied from the encryption processing circuit 34 on the attached recording medium 51.

  In step S17, the encryption processing circuit 34 determines whether or not the input content has been completed.

  If it is determined in step S17 that the input content has not ended, the process returns to step S15 and the above-described processing is repeated. That is, until it is determined in step S17 that the input content has been completed, the processing in steps S15 to S17 is repeated, so that the input content is processed by the encryption processing circuit 34 using, for example, the 128-bit key in FIG. AES encryption is performed, and the data is recorded on the recording medium 51 by the recording / reproducing circuit 32. As a result, the content recorded on the recording medium 51 is, for example, content that has been AES-encrypted at a predetermined level with the 128-bit key of FIG.

  If it is determined in step S17 that the input content has been completed, the encrypted recording process by the recording device 11 in FIG. 3 ends.

  At this time, for example, level 3 content AES-encrypted with a level 3 key is recorded in the recording device 51A (FIG. 1), and level 2 is recorded in the recording device 11B (FIG. 1). Level 2 content encrypted with AES key is recorded.

  As described above, the recording device 11 generates an identification ID code transmitted from the key management server 14 via the network 15 and has a security level key based on the identification ID code stored therein. Then, the content is encrypted using the key and recorded on the recording medium 51.

  Next, with reference to the flowchart of FIG. 7, the decoding / playback process by the playback device 12 of FIG. 4 will be described. Note that a recording medium 51 is mounted on the playback device 12, and the content recorded on the recording medium 51 is, for example, content recorded by the encryption recording process (FIG. 6) by the recording device 11. It shall be.

  For example, when the user performs a predetermined operation for playing back the content recorded on the recording medium 51, the decryption control circuit 61 causes each unit to execute the processing shown in the flowchart of FIG.

  In step S31, the recording / reproducing circuit 62 reads the recording medium ID code as the individual ID code from the loaded recording medium 51, and supplies the recording medium ID code to the decoding control circuit 61.

  In step S <b> 32, the decoding control circuit 61 reads the first code to the third code as the identification ID code stored in the memory 63. As a result, the recording medium ID code and the first to third codes are supplied to the decoding control circuit 61.

  In step S33, the key generation circuit 61a generates a decryption key by combining the first to third codes and the recording medium ID code, and supplies the key to the decryption processing circuit 64. Specifically, as shown in FIG. 2, the key generation circuit 61a generates a 128-bit AES decryption key by combining the first to third codes and the recording medium ID code.

  In step S 34, the recording / reproducing circuit 62 reads the encrypted content recorded on the recording medium 51 and supplies the content to the decryption processing circuit 64.

  In step S 35, the decryption processing circuit 64 decrypts the encrypted content supplied from the recording / reproducing circuit 62 using the decryption key from the decryption control circuit 61. Specifically, the decryption processing circuit 64 performs AES decryption processing on the content from the recording / playback circuit 62 using the 128-bit AES decryption key shown in FIG.

  In step S36, the decryption processing circuit 64 determines whether or not the decrypted content has been successfully decrypted. Specifically, for example, the decryption processing circuit 64 puts data for confirming whether or not the decryption has been normally performed at the head of the content to be decrypted, and depending on whether or not the data is correctly decrypted, Alternatively, it is determined whether or not the decoding is successful depending on whether the image corresponding to the decrypted content is normal.

  If it is determined in step S36 that the decryption has succeeded, in step S37, the decryption processing circuit 64 outputs the normally decrypted content.

  At this time, for example, when the content recorded on the recording medium 51 is the level 3 content recorded by the recording device 11A (FIG. 1), the playback device 11A (FIG. 1) capable of decrypting the level 3 content. The decryption processing circuit 64 uses the level 3 key from the decryption control circuit 61 to perform AES decryption processing on the content encrypted with the level 3 key from the recording / playback circuit 62. The decrypted content is output.

  In step S38, the decryption processing circuit 64 determines whether or not the content read from the recording medium 51 has ended.

  If it is determined in step S38 that the content read from the recording medium 51 has not ended, the process returns to step S34 and the above-described processing is repeated. That is, until it is determined in step S38 that the content read from the recording medium 51 has been completed, the processes in steps S34 to S38 are repeated, so that the encrypted content recorded in the recording medium 51 is recorded. The data is read out by the reproduction circuit 62, and AES decrypted by the decryption processing circuit 64, for example, using the 128-bit AES decryption key shown in FIG.

  On the other hand, if it is determined in step S36 that the decryption of the content has failed, in step S39, the decryption control circuit 61 identifies that forms the decryption key used when the decryption of the content has failed. It is determined whether or not the ID code hierarchy is the last hierarchy.

  If it is determined in step S39 that the layer of the identification ID code is not the last layer, the decoding control circuit 61 drops one layer of the identification ID code in step S40.

  At this time, for example, the playback device 12B (FIG. 1) capable of decrypting level 1 content has a first code in which a code used for decryption is written and a first code in which a known code such as a fixed value is written. A level 1 key is generated by combining the second code and the third code. In the playback device 12B (FIG. 1), when the level 3 content is decrypted using the level 1 key, the decryption fails, so in step S39, the decryption control circuit 61 Since the key is generated by combining the code to the third code, it is determined that the layer of the identification ID code is not the last layer, and in step S40, the decryption control circuit 61 drops the layer of the identification ID code by one, Of the first code to the third code, the key is generated from the identification ID code which is the first code and the second code.

  Thereafter, the process returns to step S33, and the key generation circuit 61a generates, for example, a second key by combining the first code, the second code, and the recording medium ID code, and decrypts the second key. This is supplied to the circuit 64. As described above, in steps S34 to S36, the recording / reproducing circuit 34 reads the encrypted content recorded in the recording medium 51, and the decryption processing circuit 64 uses the second key. Then, the encrypted content is decrypted to determine whether or not the decryption is successful.

  If it is determined in step S36 that the encrypted content has been successfully decrypted by using the second key, the decryption process is performed by repeating the processes in steps S34 to S38 as described above. The circuit 64 outputs the normally decrypted content.

  On the other hand, if it is determined in step S36 that decryption of the encrypted content has failed even using the second key, as described above, the processing in step S39 and step S40 is repeated to decrypt the content. When the layer of the identification ID code that forms the key used when the conversion to the network fails, the layer of the identification ID code is dropped by one.

  At this time, for example, in the playback device 12B (FIG. 1) capable of decrypting level 1 content, the decryption control circuit 61 generates a key by combining the first code and the second code. It is determined that the hierarchy is not the last hierarchy, and the hierarchy of the identification ID code is lowered by one, and the key is generated from the identification code which is the first code among the first code to the third code.

  Thereafter, the processing returns to step S33 again, and the key generation circuit 61a generates the third key by combining the first code and the recording medium ID code, and supplies the third key to the decryption processing circuit 64. To do. Then, as described above, in steps S34 to S36, the recording / reproducing circuit 62 reads the encrypted content recorded in the recording medium 51 again, and the decryption processing circuit 64 uses the key for the third time. And decrypting the encrypted content to determine whether or not the decryption was successful.

  When it is determined in step S36 that the encrypted content has been successfully decrypted by using the third key, the decryption process is performed by repeating the processes in steps S34 to S38 as described above. The circuit 64 outputs the normally decrypted content.

  On the other hand, if it is determined in step S36 that decryption of the encrypted content has failed even using the third key, as described above, the processing in step S39 and step S40 is repeated again, and the content When the layer of the identification ID code that forms the key used when decryption fails, the layer of the identification ID code is dropped by one.

  On the other hand, when it is determined in step S39 that the layer of the identification ID code is the last layer, the decoding / playback process by the playback device 12 of FIG. 4 ends.

  At this time, for example, in the playback device 12B (FIG. 1) capable of decrypting level 1 content, the decryption control circuit 61 generates a key by combining the first codes, so the hierarchy of the identification ID code is the last. It is determined that the current layer is a hierarchy of the above, and the decoding reproduction process ends. That is, the playback device 12B (FIG. 1) capable of decrypting level 1 content cannot decrypt level 3 content recorded on the recording medium 51.

  As described above, the playback device 12 sequentially generates a decryption key according to the security level of the content recorded on the recording medium 51, and decrypts and plays back the content using the key.

  Next, device registration processing by the key management server 14 of FIG. 5 will be described with reference to the flowchart of FIG.

  In step S51, the key management control circuit 81 determines whether a new device is connected to the network 15 by monitoring the state of the reception circuit 83.

  If it is determined in step S51 that a new device is not connected, the process returns to step S51, and it is determined again whether a new device is connected. That is, until the new device is connected to the network 15, the determination process in step S51 is repeated, so that the key management server 14 enters a standby state. Thereafter, when a new device is connected to the network 15, it is determined in step S51 that a new device has been connected, and the process proceeds to step S52.

  In step S <b> 52, the transmission circuit 82 issues a device ID read request to a new device connected to the network 15 based on the control of the key management control circuit 81. For example, when a recording device 11C (not shown) is connected to the network 15 as a new device, the transmission circuit 83 connects to the newly connected recording device 11C based on the control of the key management control circuit 81. A device read request is issued to the device. Then, as shown in the processing of steps S71 to S73 of FIG. 11 to be described later, for example, the recording apparatus 11C receives the device ID reading request and sends the device ID “223” to the key management server 14. I will send it.

  In step S <b> 53, the receiving circuit 83 receives the device ID based on the control of the key management control circuit 81 to acquire the device ID of the new device.

  In step S54, the registration control circuit 81a registers the device ID acquired from the new device in the device database. Specifically, the registration control circuit 81a registers, for example, the device ID “223” acquired from the recording device 11C in the device database.

  In step S55, the key management control circuit 81 determines whether an instruction to set a security level for a new device has been made based on an operation by the user.

  If it is determined in step S55 that a security level setting instruction for a new device has not been issued, the process returns to step S55 to determine again whether or not a security level setting instruction for a new device has been issued. That is, for example, since it is necessary to set a security level such as level 1 to level 3 for the recording apparatus 11C newly connected to the network 15, the user issues a security level setting instruction to the recording apparatus 11C. In step S55, the process of step S55 is repeated until it is determined that an instruction to set a security level for a new device has been issued.

  Thereafter, if it is determined in step S55 that a security level setting instruction has been given to the new device, in step S56, the registration control circuit 81a responds to the security level setting instruction to the new device. Assign an identification ID code. Specifically, for example, when the setting of the security level of level 2 is instructed to the newly connected recording apparatus 11C by the user's operation, the registration control circuit 81a performs the first code and the second code. Is assigned to the recording apparatus 11C. Actually, at this time, the registration control circuit 81a includes, among the first code to the third code, codes up to the level required at level 2, that is, the first code and the second code, respectively. For example, codes necessary for encryption such as “a4-3f-dd-9e” and “fe-f0-9a-90” are assigned, and other unnecessary hierarchical codes are assigned, for example, “00-00 Assign a known code, such as -00-00 ”.

  In step S 57, the transmission circuit 82 transmits the identification ID code assigned to the new device to the new device via the network 15 based on the control of the key management control circuit 81. Specifically, the transmission circuit 82, for example, an identification ID code consisting of a first code and a second code assigned to the recording device 11C, that is, a first code “a4-3f-dd-9e”, “fe The identification ID code including the second code “−f0-9a-90” and the third code “00-00-00-00” is transmitted to the recording device 11C via the network 15.

  In step S58, the key management control circuit 81 monitors the state of the reception circuit 83, thereby registering the identification ID code in the new device based on the notification transmitted from the new device assigned the identification ID code. It is determined whether or not successful.

  If it is determined in step S58 that the identification ID code has been successfully registered in the new device, in step S59, the registration control circuit 81a registers the identification ID code assigned to the new device in the device database. 5 ends the device registration processing by the key management server 14. Specifically, the registration control circuit 81a associates with the device ID “223” of the recording apparatus 11C as shown in FIG. 9 when the setting of the security level of level 2 is instructed to the recording apparatus 11C. The identification ID code consisting of the first code and the second code assigned to the recording device 11C, that is, the first code “a4-3f-dd-9e”, for example, “fe-f0-9a-90”. An identification ID code including a second code and a third code “00-00-00-00” is registered.

  That is, FIG. 9 is an example of a device database managed by the key management server 14. In the device database of the example of FIG. 9, a predetermined row includes a predetermined one device whose key is managed by the key management server 14, that is, a predetermined one device connected to the network 15. Information is described. Here, in the example of FIG. 9, the information related to a predetermined device is “device ID”, “device name”, “first code”, “second code”, and “third code”. The information is described in the item of “identification ID code”.

  The item “device ID” in a predetermined line describes the device ID of the device corresponding to the predetermined line. The device ID is information embedded in advance in a content encryption (decryption) compatible device, for example, information stored in the memory 33 in the recording device 11 of FIG. The device ID is not particularly limited as long as it is information prohibited to be rewritten by the user. For example, a device name, a serial number, version information, and the like can be adopted.

  In the item “device name” in a predetermined line, the name of the device corresponding to the predetermined line is described. The device name is a name of a device corresponding to a predetermined one line of device ID.

  In each item of “first code”, “second code”, and “third code” constituting “identification ID code” of a predetermined line, the item corresponding to the predetermined one line Each setting content of 1 code, 2nd code, and 3rd code is described. The setting content is “○” indicating that a code required for encryption or decryption is assigned, and indicates that a code required for encryption or decryption is not assigned. There is a “−” indicating that a known code is assigned.

  FIG. 10 shows an example of a key database for “first code”, “second code”, and “third code” managed by the key management server 14.

  That is, the identification ID code generation circuit 81b generates each value of the first code, the second code, and the third code, and registers them in the key database as shown in FIG. In the example of FIG. 10, the identification ID code generation circuit 81b uses “a4-3f-dd-9e” and “fe-f0-9a-90” as the values of the first code, the second code, and the third code. , “E8-ac-c7-3c” are generated and supplied to the registration control circuit 81a. The registration control circuit 81a registers the values of the first code, the second code, and the third code from the identification ID code generation circuit 81b in the key database of FIG.

  That is, in the example of FIG. 1, the key management server 14 includes a first code “a4-3f-dd-9e”, a second code “fe-f0-9a-90” in the recording device 11A, A third code “e8-ac-c7-3c” is assigned, and the playback device 12A has a first code “a4-3f-dd-9e” and a first code “fe-f0-9a-90”. A second code, a third code “e8-ac-c7-3c” is assigned, and the recording device 11B has a first code “a4-3f-dd-9e”, “fe-f0-9a-90”. And a third code “00-00-00-00” is assigned. In addition, in the example of FIG. 1, the key management server 14 includes a first code “a4-3f-dd-9e”, a second code “fe-f0-9a-90”, A third code “e8-ac-c7-3c” is assigned, and the first code “a4-3f-dd-9e”, “ff-ff-ff-ff” is assigned to the playback device 12B. A second code, a third code “00-00-00-00”, is assigned, and the key management server 14 in the example of FIG. Are assigned a first code “a4-3f-dd-9e”, a second code “fe-f0-9a-90”, and a third code “00-00-00-00”. At this time, the key management server 14 uses “ff-ff-ff-ff” or “00-00-00-00” as a known code indicated by “−” in the example of FIG. Assigned.

  In other words, the key management server 14 distributes the device database of FIG. 9 and the identification ID code corresponding to the key database of FIG. 10 to the device having the device ID corresponding to the identification ID code. As an example, the key management server 14 may, for example, include a first code “a4-3f-dd-9e”, a second code “fe-f0-9a-90”, “00-00-00-00”. Is distributed to the recording device 11C (not shown) via the network 15.

  On the other hand, if it is determined in step S58 that registration of the identification ID code to the new device has failed, the assigned identification ID code is not registered in the device database of FIG. 9, and the process of step S59 is skipped. Then, the device registration process by the key management server 14 of FIG. As a result, the key management server 14 could not distribute the identification ID code to the newly connected recording device 11C. For example, the key management server 14 executes the device registration process of FIG. The ID code is distributed to the recording device 11C.

  As described above, the key management server 14 distributes an identification ID code corresponding to a predetermined level to a new device connected to the network 15, and manages the identification ID code corresponding to the device ID of the device. To do.

  Next, as a new device in which the identification ID code is registered by the processing of the key management server 14 described above, the recording with the key management server 14 when the recording device 11C (not shown) is connected to the network 15 is performed. An example of the relationship of processing with the device 11C will be described.

  FIG. 11 is a flowchart for explaining processing on the device side (for example, the recording device 11C) with respect to the processing of the key management server 14 in FIG.

  In the flowchart of FIG. 11, when a device ID read request is transmitted from the key management server 14 in the process of step S52 as described above, in the recording device 11C, in step S71, the receiving circuit 35 sends the device ID read request. In step S72, the memory 33 reads the device ID of the recording device 11C in response to the request. In step S73, the transmission circuit 36 transmits the device ID of the recording device 11C to the key management server via the network 15. 14 to send.

  Thereafter, as described above, when the identification ID code assigned in step S57 is transmitted from the key management server 14, in the recording device 11C, in step S74, the receiving circuit 35 receives the identification ID code. In the recording device 11C, in step S75, the memory 33 stores and registers the identification ID code received from the key management server 15 via the network 15 and supplied from the receiving circuit 35. In step S76, the transmission circuit 36 transmits a notification indicating that the identification ID code has been registered to the key management server 14 via the network 15.

  As a result, in the recording device 11C, the memory 33 is assigned by the key management server 14, for example, the first code “fe-f0-9a-90” that is “a4-3f-dd-9e”. Two codes and a third code “00-00-00-00” are stored.

  By the way, as described above, the key management server 14 appropriately sets, for example, the first code value, the second code value, and the third code value registered in the key database of FIG. The update is performed and the update history is left in the key database of FIG. Therefore, the key update processing by the key management server 14 in FIG. 5 will be described next with reference to the flowchart in FIG.

  In step S91, the key management control circuit 81 updates the identification ID code that is stored in each device connected to the network 15 and for generating an encryption or decryption key. It is determined whether or not a predetermined date and time has been counted.

  If it is determined in step S91 that the predetermined date and time has not been counted, the process returns to step S91 and the process of step S91 is repeated. That is, for example, when it is desired to update the key every week, until 7 days have passed since the last time the identification ID code was updated, until it is determined in step S91 that the predetermined date and time has been counted, The process is repeated.

  Thereafter, when it is determined in step S91 that the predetermined date and time has been measured, in step S92, the identification ID code generation circuit 81b generates a random value by, for example, a random number generator or the like, thereby generating the first code, An identification ID code composed of two codes and a third code is generated, and the identification ID code is supplied to the transmission circuit 82.

  In step S <b> 93, the transmission circuit 82 transmits the identification ID circuit from the identification ID code generation circuit 81 b to the device connected to the network 15 via the network 15 based on the control of the key management control circuit 81.

  Specifically, the identification ID code generation circuit 81b includes, for example, a first code “d7-0b-f3-91”, a second code “b4-cb-66-e8”, and “df-93”. An identification ID code consisting of a third code of −49-34 ″ is generated and supplied to the transmission circuit 82. In the example of FIG. 1, the transmission circuit 82 transmits the identification ID code to each of the recording device 11A, the recording device 11B, the reproduction device 12A, the reproduction device 12B, and the recording / reproduction device 13 via the network 15. To do.

  In step S94, the key management control circuit 81 monitors the state of the receiving circuit 83, and based on the notification transmitted from the device that transmitted the identification ID code, whether the identification ID code has been successfully registered in the device. Determine whether or not.

  If it is determined in step S94 that registration of the identification ID code to the device has failed, the information does not need to be registered in the key database, so the processing in step S95 is skipped and the key management server 14 in FIG. Thus, the key update process ends. In this case, for example, the key management server 14 updates the identification ID code stored in the device connected to the network 15 by executing the key update process in FIG. 12 again.

  On the other hand, if it is determined in step S94 that the registration of the identification ID code to the device is successful, in step S95, the registration control circuit 81a stores the identification ID code generated by the identification ID code generation circuit 81b in the key database. The key update processing by the key management server 14 in FIG. 5 is completed. Specifically, as shown in FIG. 13, the registration control circuit 81a, for example, a first code “d7-0b-f3-91”, a second code “b4-cb-66-e8”, And the identification ID code which consists of the 3rd code which is "df-93-49-34" is registered into a key database with the information regarding the updated date.

  In the example of FIG. 13, the key database records the value of the identification ID code consisting of “first code”, “second code”, and “third code”, similar to the key database of FIG. The “update date and time” that is the date when the identification ID code is updated is also recorded.

  That is, in the key database of FIG. 13, the first code “fe4-0f-9a-” updated to the date and time “2006/5/11 1:00”, “a4-3f-dd-9e”. The value of the identification ID code consisting of the second code of 90 ”and the third code of“ e8-ac-c7-3c ”(hereinafter, the key consisting of this identification ID code is also referred to as“ first generation key ”) And the first code “d7-0b-f3-91”, “b4-cb-66-e8”, updated one day later, “2006/5/18 1:00” A value of an identification ID code consisting of a second code and a third code “df-93-49-34” (hereinafter, a key consisting of this identification ID code is also referred to as a “second generation key”). It is recorded.

  At this time, the key management server 14 makes the first generation for the devices connected to the network 15 for one week from “2006/5/11 1:00” to “2006/5/18 0:59”. Keys will be distributed, and the second generation key will be distributed for one week after “2006/5/18 1:00”.

  Specifically, in the example of FIG. 13, the key management server 14 distributes the second generation key for one week after “2006/5/18 1:00”. A playback apparatus that assigns a first code “d7-0b-f3-91”, a second code “b4-cb-66-e8”, and a third code “df-93-49-34” 12A includes a first code “d7-0b-f3-91”, a second code “b4-cb-66-e8”, and a third code “df-93-49-34”. The allocation and recording device 11B has a first code “d7-0b-f3-91”, a second code “b4-cb-66-e8”, and “11-11-11-11”. A third code is assigned. In addition, the key management server 14 sends the recording / playback device 13 the first code “d7-0b-f3-91”, the second code “b4-cb-66-e8”, and “df-93”. -49-34 "is assigned, and the playback device 12B is assigned a first code" d7-0b-f3-91 ", a second code" ee-ee-ee-ee ", and A third code “11-11-11-11” is assigned, and the recording device 11C (not shown) has a first code “d4-0b-f3-91”, “b4-cb-66-”. A second code that is “e8” and a third code that is “11-11-11-11” are assigned.

  At this time, the key management server 14 assigns “ee-ee-ee-ee” or “11-11-11-11” as a known code of the second generation key. Thereby, since a known code is changed for each generation, the strength of encryption can be increased. Of course, the key management server 14 adds “ff-ff-ff-ff” or “00-00-00-00” to the known code of the second generation key, similar to the first generation key. A certain known code may be assigned.

  As described above, the key management server 14 updates the key by distributing an identification ID code corresponding to a predetermined level to devices connected to the network 15.

  By the way, the identification ID code stored in the device connected to the network 15 is updated by the key update process of FIG. For this reason, the playback device 12 may not be able to decrypt the content recorded on the recording medium 51. Therefore, the playback device 12 needs to match the generation of the key that has encrypted the content with the generation of the key that it stores. Therefore, next, a key generation management method in the recording / reproducing system 1 will be described with reference to the flowcharts of FIGS. 14 and 15.

  First, with reference to the flowchart of FIG. 14, a description will be given of the decryption / reproduction process when the key is updated by the reproduction apparatus 12 of FIG.

  For example, when the user performs a predetermined operation for reproducing the content recorded on the recording medium 51, the decryption control circuit 61 causes each unit to execute the processing shown in the flowchart of FIG.

  In step S <b> 111, the recording / reproducing circuit 62 reads information related to the date on which the content is recorded from the recording medium 51, and supplies the date information to the decoding control circuit 61. Specifically, for example, when a certain content is recorded on the recording medium 51 at 10:00 am on May 14, 2006, the date when the content was recorded on the recording medium 51 together with the certain content. Since “2006/5/14 10:00” is recorded as the information, the recording / reproducing circuit 62 reads the information related to the recorded date of the content “2006/5/14 10:00”.

  In step S <b> 112, the decryption control circuit 61 reads the identification ID code stored in the memory 63. Specifically, the decryption control circuit 61 stores the first code “b7-0b-f3-91”, which is the second generation key stored in the memory 63, “b4-cb-66-”. An identification ID code consisting of the second code “e8” and the third code “df-93-49-34” is read.

  In step S113, the decryption control circuit 61 receives information related to the recorded date of the content such as “2006/5/14 10:00” from the recording / playback circuit 62 and the second generation from the memory 63, for example. A request for confirming the key generation is generated based on the identification ID code that is the key of the key, and the request is supplied to the transmission circuit 66.

  In step S <b> 114, the transmission circuit 66 issues a request for confirming the key generation from the decryption control circuit 61 to the key management server 14 via the network 15.

  In step S <b> 115, the receiving circuit 65 determines whether an identification ID code has been received from the key management server 14 via the network 15.

  If it is determined in step S115 that the identification ID code has been received, that is, for example, based on the encryption key used when recording the content on the recording medium 51 and the identification ID code stored in the memory 63. Since the generation of the formed decryption key does not match, the memory 63 is an identification ID code transmitted from the key management server 14 via the network 15 and supplied from the receiving circuit 65 in step S116. The identification ID code to be stored is stored. At this time, for example, the memory 63 storing the second generation key stores the first generation key transmitted from the key management server 14 via the network 15. That is, the playback apparatus 12 has acquired the key of the previous generation from the key management server 14 in correspondence with the key obtained by encrypting the content stored in the recording medium 51.

  In step S117, the decryption control circuit 61, the recording / reproducing circuit 62, the memory 63, and the decryption processing circuit 64 use the first generation key that is one generation before acquired from the key management server 14 via the network 15. Then, the decryption / reproduction process is performed, and the decryption / reproduction process when the key is updated by the reproduction apparatus 12 of FIG. 4 is terminated.

  That is, the decoding / reproduction process in step S117 is the same as the decoding / reproduction process performed by the reproduction apparatus 12 in FIG. 4 described with reference to the flowchart in FIG. 7, and thus detailed description thereof is omitted. In step S32 of FIG. 7, the decryption control circuit 61, for example, a first code “d7-0b-f3-91” that forms a second generation key stored in advance in the memory 63, Instead of the second code “b4-cb-66-e8” and the third code “df-93-49-34”, the first generation key acquired one generation before from the key management server 14 The first code that is a4-3f-dd-9e, the second code that is “fe-f0-9a-90”, and the third code that is “e8-ac-c7-3c” are read out.

  Accordingly, the key generated by combining the first code to the third code and the recording medium ID code by the key generation circuit 61a in step S33 becomes the first generation key, and in step S35, the decryption processing circuit 64 decrypts the content supplied from the recording / reproducing circuit 62 using the first generation key.

  On the other hand, if it is determined in step S115 that the identification ID code has not been received, that is, for example, the encryption key generation used when recording the content on the recording medium 51 and the memory 63 are stored. Since the generation of the key formed by the identification ID code is the same, the process of step S116 is skipped.

  In step S117, the decryption control circuit 61, the recording / playback circuit 62, the memory 63, and the decryption processing circuit 64 perform decryption / playback processing using the second generation key stored in the memory 63. Then, the decryption / reproduction process when the key is updated by the reproduction apparatus 12 of FIG. 4 is terminated.

  That is, the decoding reproduction process in step S117 is the same as the decoding reproduction process performed by the reproduction apparatus 12 in FIG. 4 described with reference to the flowchart in FIG. 7, in step S32 in FIG. The circuit 61 is, for example, a first code “b4-cb-66-e8”, which is a first code “d7-0b-f3-91” that forms a second generation key stored in the memory 63. The second code and the third code “df-93-49-34” are read out.

  Thereby, the key generated by combining the first code to the third code and the recording medium ID code by the key generation circuit 61a in step S33 becomes the second generation key, and in step S35, the decryption processing circuit 64 decrypts the content supplied from the recording / reproducing circuit 62 using the second generation key.

  As described above, the playback device 12 includes the generation of the encryption key used when recording the content on the recording medium 51, and the decryption key formed by the identification ID code stored in the memory 63. When the generations do not match, a key of a predetermined generation that matches the generation of the encryption key is acquired from the key management server 14 via the network 15, and the content is decrypted using the key.

  Next, the encryption key used when the content is recorded on the recording medium 51 and the decryption key formed by the identification ID code stored in the memory 63 by the processing of the playback device 12 described above. An example of the processing relationship between the playback device 12 and the key management server 14 when the generations do not match will be described.

  FIG. 15 is a flowchart for explaining processing of the key management server 14 of FIG. 5 with respect to processing of the playback device 12 of FIG.

  In the flowchart of FIG. 15, when the request for confirming the key generation is transmitted from the playback device 12 in the process of step S114 as described above, in the key management server 14, in step S131, the receiving circuit 82 The request is received, and in step S132, the key generation specifying circuit 81c specifies the key generation from the key database based on the received request.

  Specifically, for example, the key generation specifying circuit 81c indicates that the received request is information relating to the recorded date of content such as “2006/5/14 10:00” and the second generation key. Information is stored in the memory 84 and the content recorded in “2006/5/14 10:00” is inquired of the key database of FIG. Therefore, it is specified that it does not match the current second generation key. The key generation specifying circuit 81c then forms an identification ID code forming a first generation key obtained by encrypting the content, that is, a first code “a4-3f-dd-9e”, “fe-f0-9a-90”. The second code “” and the third code “e8-ac-c7-3c” are read from the key database of FIG. 13 and supplied to the transmission circuit 82.

  In step S133, the transmission circuit 82 transmits the identification ID code supplied from the key generation specifying circuit 81c to the playback apparatus 12 that has transmitted a request for confirming the key generation via the network 15. The process of the key management server 14 in FIG.

  Thus, for example, the first code is a4-3f-dd-9e, the second code is “fe-f0-9a-90”, and the third code is “e8-ac-c7-3c”. The playback device 12 that has received the identification ID code forming the first generation key generates a key by combining the identification ID code forming the first generation and the recording medium ID code, and uses the key to generate the content. Can be decrypted.

  As described above, an appropriate level of security can be defined and content can be protected appropriately.

  In addition, by associating a key to be encrypted or decrypted with a recording medium or device, it becomes difficult to decrypt the content on a device used by a third party, and a key consisting of a code that forms a hierarchical structure, Since decryption can be easily performed in the same group, work efficiency such as content editing can be maintained.

  The series of processes described above can be executed by hardware or can be executed by software. When a series of processing is executed by software, a program constituting the software may execute various functions by installing a computer incorporated in dedicated hardware or various programs. For example, it is installed from a program recording medium in a general-purpose personal computer or the like.

  FIG. 16 is a block diagram showing an example of the configuration of a personal computer that executes the above-described series of processing by a program. The CPU 211 executes various processes according to a program recorded in a ROM (Read Only Memory) 212 or a recording unit 218. A RAM (Random Access Memory) 213 appropriately stores programs executed by the CPU 211 and data. These CPU 211, ROM 212, and RAM 213 are connected to each other by a bus 214.

  An input / output interface 215 is also connected to the CPU 211 via the bus 214. The input / output interface 215 is connected to an input unit 216 made up of a microphone or the like and an output unit 217 made up of a display, a speaker or the like. The CPU 211 executes various processes in response to commands input from the input unit 216. Then, the CPU 211 outputs the processing result to the output unit 217.

  The recording unit 218 connected to the input / output interface 215 includes, for example, a hard disk, and records programs executed by the CPU 211 and various data. The communication unit 219 communicates with an external device via a network such as the Internet or a local area network.

  Further, the program may be acquired via the communication unit 219 and recorded in the recording unit 218.

  A drive 220 connected to the input / output interface 215 drives a removable medium 221 such as a magnetic disk, an optical disk, a magneto-optical disk, or a semiconductor memory, and drives the programs and data recorded therein. Get etc. The acquired program and data are transferred to the recording unit 218 and recorded as necessary.

  As shown in FIG. 16, a program recording medium for storing a program that is installed in a computer and is ready to be executed by the computer includes a magnetic disk (including a flexible disk), an optical disk (CD-ROM (Compact Disc-Read Only). Memory, DVD (Digital Versatile Disk), a magneto-optical disk, a removable medium 221 which is a package medium made of a semiconductor memory, a ROM 212 where a program is temporarily or permanently stored, and a recording unit 218 It is comprised by the hard disk etc. which comprise. The program is stored in the program recording medium using a wired or wireless communication medium such as a local area network, the Internet, or digital satellite broadcasting via a communication unit 219 which is an interface such as a router or a modem as necessary. Done.

  In the present specification, the step of describing the program stored in the recording medium is not limited to the processing performed in chronological order according to the described order, but is not necessarily performed in chronological order. It also includes processes that are executed individually.

  Further, in this specification, the system represents the entire apparatus constituted by a plurality of apparatuses.

  Furthermore, the embodiments of the present invention are not limited to the above-described embodiments, and various modifications can be made without departing from the gist of the present invention.

It is a block diagram which shows the structure of one Embodiment of the recording / reproducing system to which this invention is applied. It is a figure which shows the example of the structure of a key. It is a block diagram which shows the example of a functional structure of a recording device. It is a block diagram which shows the example of a functional structure of a reproducing | regenerating apparatus. It is a block diagram which shows the example of a functional structure of a key management server. 4 is a flowchart for explaining encryption recording processing by the recording apparatus of FIG. 3. Fig. 5 is a flowchart for explaining decoding and reproduction processing by the reproduction device of Fig. 4. 6 is a flowchart for explaining device registration processing by the key management server of FIG. 5. It is a figure which shows the example of an apparatus database. It is a figure which shows the example of a key database. It is a flowchart explaining the process by the side of the apparatus with respect to the process of the key management server of FIG. 6 is a flowchart illustrating key update processing by the key management server in FIG. 5. It is a figure which shows the example of a key database. 6 is a flowchart for explaining decryption reproduction processing when a key is updated by the reproduction apparatus of FIG. 15 is a flowchart for describing processing on the key management server side in FIG. 5 with respect to processing of the playback device in FIG. It is a block diagram which shows the structure of a personal computer.

Explanation of symbols

  DESCRIPTION OF SYMBOLS 1 Recording / reproducing system, 11 Recording apparatus, 12 Reproducing apparatus, 13 Recording / reproducing apparatus, 14 Key management server, 15 Network, 31 Encryption control circuit, 31a Key generation circuit, 32 Recording / reproducing circuit, 33 Memory, 34 Encryption processing circuit , 35 reception circuit, 36 transmission circuit, 51 recording medium, 61 decryption control circuit, 61a key generation circuit, 62 recording / reproduction circuit, 63 memory, 64 decryption processing circuit, 65 reception circuit, 66 transmission circuit, 81 key management control Circuit, 81a registration control circuit, 81b identification ID code generation circuit, 81c key generation identification circuit, 82 transmission circuit, 83 reception circuit, 84 memory

Claims (20)

In an information processing system comprising an encryption device, a decryption device, and an information processing device,
The information processing apparatus includes:
A first memory for storing a value uniquely identifying a device and a code composed of a plurality of layers for forming a key for encryption or decryption;
A first control circuit for managing the use of the stored code;
A transmission circuit that transmits the stored code to the encryption device or the decryption device through a network when the code is used by the encryption device or the decryption device;
The code is a plurality of layers from the lowest layer indispensable for encryption to the upper layer for increasing the strength of the encryption, and more preferably from the lowest layer indispensable for decryption. It consists of multiple layers up to the upper layer for decrypting strong ciphers,
The encryption device is:
A first receiving circuit for receiving the code transmitted from the information processing apparatus via the network;
A second memory for storing the received code;
A first generation circuit for generating a first key for encrypting protection information, which is information to be protected, from the stored code;
An encryption circuit for encrypting the protection information using the generated first key;
A second control circuit for controlling recording of the encrypted protected information on a recording medium,
The decoding device
A second receiving circuit for receiving the code transmitted from the information processing apparatus via the network;
A third memory for storing the received code;
A second generation circuit for generating a second key for decrypting the protection information from the stored code;
A third control circuit for controlling reading of the encrypted protection information recorded on the recording medium;
An information processing system comprising: a decryption circuit that decrypts the read protection information using the generated second key. In an encryption device for encrypting protection information, which is information to be protected, recorded on a recording medium,
A memory for storing a first code composed of a plurality of layers from a lowest layer indispensable for encryption to a higher layer for increasing the strength of encryption;
A generating circuit for generating a key for encrypting the protection information from the stored first code;
An encryption circuit for encrypting the protection information using the generated key;
And a control circuit that controls recording of the encrypted protection information on the recording medium. A receiving circuit that receives the first code transmitted from the information processing apparatus that provides the first code;
The encryption device according to claim 2, wherein the memory stores the received first code. The encryption apparatus according to claim 2, wherein the generation circuit generates the key by combining the first code and a second code that uniquely identifies the recording medium. The first code is composed of a code used for encryption in a layer required for encryption, and is composed of a known code in a layer unnecessary for other encryption. Encryption device. In an encryption method of an encryption device for encrypting protection information, which is information to be protected, recorded on a recording medium,
Storing a first code consisting of a plurality of layers from the lowest layer indispensable for encryption to a higher layer for increasing the strength of encryption;
Generating a key for encrypting the protection information from the stored first code;
Encrypt the protection information using the generated key,
An encryption method comprising a step of controlling recording of the encrypted protection information on the recording medium. In a program for causing a computer to execute encryption processing for encrypting protection information, which is information to be protected, recorded on a recording medium,
Stores codes consisting of multiple layers from the lowest layer, which is indispensable for encryption, to a higher layer to increase the strength of encryption,
Generate a key for encrypting the protection information from the stored code,
Encrypt the protection information using the generated key,
A program comprising a step of controlling recording of the protected information on the recording medium. In a decryption device for decrypting protection information that is encrypted information to be protected recorded on a recording medium,
A memory for storing codes consisting of a plurality of layers from the lowest layer indispensable for decryption to a higher layer for decrypting higher-strength ciphers;
A generating circuit for generating a key for decrypting the protection information from the stored code;
A control circuit for controlling reading of the encrypted protection information recorded on the recording medium;
A decryption device comprising: a decryption circuit that decrypts the read protection information using the generated key. A receiving circuit that receives the first code transmitted from the information processing apparatus that provides the first code;
The decoding device according to claim 8, wherein the memory stores the received first code. When the generation circuit fails to decrypt the protection information, the generation circuit is a layer lower than the layer that generated the key used when the decryption failed among the plurality of layers constituting the first code The decryption device according to claim 8, wherein the key is generated from the key. The decryption apparatus according to claim 8, wherein the generation circuit generates the key by combining the first code and a second code that uniquely identifies the recording medium. The first code is composed of a code used for decoding in a layer required for decoding, and is composed of a known code in a layer unnecessary for other decoding. Decryption device. In a decryption method of a decryption apparatus for decrypting protection information that is encrypted information to be protected recorded on a recording medium,
Storing a code composed of a plurality of layers from the lowest layer indispensable for decryption to a higher layer for decrypting higher-strength ciphers;
Generating a key for decrypting the protection information from the stored code;
Control reading of the encrypted protection information recorded on the recording medium,
A decryption method, comprising: decrypting the read protection information using the generated key. In a program for causing a computer to execute a decryption process for decrypting protection information that is encrypted information to be protected recorded on a recording medium,
Storing a code composed of a plurality of layers from the lowest layer indispensable for decryption to a higher layer for decrypting higher-strength ciphers;
Generating a key for decrypting the protection information from the stored code;
Control reading of the encrypted protection information recorded on the recording medium,
A program comprising the step of decrypting the read protection information using the generated key. When recording the protection information, which is information to be protected, in a plurality of devices each having a common key set, the protection information is encrypted using the key and recorded on the recording medium. When reproducing the encrypted protected information, the information processing device connected via the network with the device that decrypts the protected information using the key,
A memory that stores a value that uniquely identifies the device and a code that includes a plurality of hierarchies for forming the key;
A control circuit for managing the use of the stored code;
A transmission circuit that transmits the stored code to the device via the network when the code is used by the device;
The code is a plurality of layers from the lowest layer indispensable for encryption to the upper layer for increasing the strength of the encryption, and more preferably from the lowest layer indispensable for decryption. An information processing apparatus comprising a plurality of hierarchies up to a higher hierarchy for decrypting a strong cipher. When a new device is connected to the network, the control circuit assigns the code composed of a designated predetermined layer to the connected new device,
The information processing apparatus according to claim 15, wherein the transmission circuit transmits the assigned code to the new device via the network. The control circuit generates a code having a random value when a predetermined time for updating the key has elapsed,
The information processing apparatus according to claim 15, wherein the transmission circuit transmits the generated code to the plurality of devices via the network. A reception circuit for receiving encryption key information related to a key obtained by encrypting the protection information transmitted from the device via the network;
The control circuit identifies a generation of a key obtained by encrypting the protection information from the stored code based on the received encryption key information,
The information processing apparatus according to claim 15, wherein the transmission circuit transmits a code corresponding to the identified generation of the key to the device via the network. When a plurality of devices each set with a common key and recording protection information, which is information to be protected, on the recording medium, the protection information is encrypted using the key and recorded on the recording medium. In the information processing method of the information processing apparatus connected via the network with the device that decrypts the protection information using the key when reproducing the encrypted protection information that has been performed,
A value that uniquely identifies the device and a code composed of a plurality of layers for forming the key are stored in association with each other,
Manage the use of the stored code,
Controlling the transmission of the stored code to the device via the network when the code is used by the device;
The code is a plurality of layers from the lowest layer indispensable for encryption to the upper layer for increasing the strength of the encryption, and more preferably from the lowest layer indispensable for decryption. An information processing method comprising a plurality of hierarchies up to a higher hierarchy for decrypting a strong cipher. When a plurality of devices each set with a common key and recording protection information, which is information to be protected, on the recording medium, the protection information is encrypted using the key and recorded on the recording medium. When reproducing the encrypted protected information, the computer executes information processing of the information processing apparatus connected via the network with the device that decrypts the protected information using the key In the program
A value that uniquely identifies the device and a code composed of a plurality of layers for forming the key are stored in association with each other,
Manage the use of the stored code,
Controlling the transmission of the stored code to the device via the network when the code is used by the device;
The code is a plurality of layers from the lowest layer indispensable for encryption to the upper layer for increasing the strength of the encryption, and more preferably from the lowest layer indispensable for decryption. A program consisting of multiple layers up to the upper layer for decrypting strong ciphers.

Images