JP2009296667A - Content receiving apparatus, content receiving program and restrictive receiving system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide: a content receiving apparatus in which efficiency is improved in descrambling scrambled contents, an encryption key in descrambling is easily managed, and the copyright of the contents can be protected; a program therefor; and a restrictive receiving system. <P>SOLUTION: A restrictive receiving system comprises a content transmitting apparatus 3 for encrypting and transmitting contents and a content receiving apparatus 5. The content transmitting apparatus 3 includes: a content scrambler 7 for encrypting contents using a scramble key Ks, a content key Kc, a work key Kw and a master key Km; and a multiplexer 9 for multiplexing the contents and sending them as multiplexed encrypted contents. The content receiving apparatus 5 includes: a demultiplexer 13 for receiving and demultiplexing the multiplexed encrypted contents; and a content descrambler 15 for obtaining contents by decrypting encrypted information demultiplexed by the demultiplexer 13. <P>COPYRIGHT: (C)2010,JPO&INPIT

Description

  The present invention relates to a content receiving apparatus, a content receiving program, and a conditional access system for encrypting content in digital broadcasting, transmitting it to a limited recipient, and decrypting and viewing the content on the receiver side.

  Conventionally, encrypted content that is broadcast in real time in a so-called limited reception system in which a program (content) in digital broadcasting is encrypted on the broadcast station side (transmission side) and viewed by a limited receiver (reception side). It is common to own a device (receiving device) that enables decoding.

  Here, the basic configuration of the conventional conditional access system will be described with reference to FIG. As a method for scrambling a program (content) signal, a block cipher system is adopted in Japanese satellite digital broadcasting. As shown in FIG. 12, this block cipher method uses a scramble key (Ks) that is changed in a short time (about one second), scrambles (encrypts) the content, and is extended over a long period (about six months to one year). Using the work key (Kw) changed in step 1, the content information relating to the scramble key and the content is encrypted to be ECM (encryption related information), and further, a common master held in the broadcasting device on the transmitting side and the receiving device on the receiving side In this system, a key (Km) is used to encrypt work information and information indicating contract contents with each receiving apparatus into EMM (individual related information), and multiplex and broadcast (transmit) the information.

  On the receiving side that receives the multiplexed broadcast, the multiplexed broadcast is converted into EMM (including individual related information and encrypted work key), ECM (encrypted related information, encrypted scrambled). (Including the key), and separate into encrypted content. Then, the EMM is decrypted by using the common master key held by the broadcasting apparatus on the transmission side, and a work key is obtained. The ECM is decrypted by using this work key, and the scramble key is obtained. The scramble key is used for encryption. The decoded content is decrypted to obtain the content. In some cases, the decrypted content is stored in a storage device.

  In other words, when scrambling the content, the above-mentioned scramble key is used, and only a limited receiver who owns a specific receiving device that can obtain this scramble key (a person who has signed a contract with a broadcasting station (broadcasting company)) Scrambled content can be descrambled and viewed. For this reason, unauthorized receivers who do not own a specific receiving device (who have not signed a contract with a broadcasting station (broadcasting company)) cannot easily scramble the scrambled key and are scrambled. The content cannot be viewed. That is, the content cannot be viewed illegally, and the safety against unauthorized viewing is improved.

  The outline of the principle of the conditional access system has been described above with reference to FIG. 12. Specifically, for example, the standard “Radially Received System for Digital Broadcasting” (ARIB STD-B25) of the Radio Industries Association (ARIB), for example. There is a method based on.

  In recent years, as the capacity of the storage device provided in the receiving device has increased and the operability has improved, content in digital broadcasting is not selected and stored, that is, recording reservations are made for each content as in the past. For example, the content of tens of hours broadcasted by a certain broadcasting station is uniformly stored, and after the storage, the content to be viewed is selected. Is spreading.

  In this case, when paid content is included in the stored content, the scramble (encryption) applied to the paid content (content signal) is descrambled (decrypted) until it is viewed. )There is a need to. Then, there is a request for a viewer who views the pay content to want to charge appropriately (appropriately charge) when the pay content is viewed. That is, the viewer may not view the broadcast paid content even if it is stored, and is charged when the paid content is viewed. However, in the conventional method, if the data is stored in a descrambled state (a state in which the scramble is unscrambled), there is a situation in which the user is charged while the user is not actually viewing. Therefore, a method of descrambling has been devised when viewing, that is, when reading from a storage medium or the like.

  However, on the receiving side, when storing content that is generated and encrypted with a digital signal, it is generally stored in content units and file units. As a matter of course, when descrambling the encrypted content, file, etc., it is efficient to carry out this content unit or file unit. However, the conventional general descrambling process is performed in units of streams. For this reason, there exists a problem that the efficiency of a descrambling process is bad.

  Furthermore, when descrambling is performed in units of content and files, the number of keys used for encryption and decryption is extremely large compared to when descrambling is performed in units of streams, and these keys are managed. There is a problem that it becomes difficult to do. Furthermore, there is a problem that the copyright of the content is not protected when the content is stored in the receiving device.

  The object of the present invention is to solve the problems of the prior art described above, improve the efficiency when descrambling the scrambled content, facilitate the management of the encryption key when descrambling, and protect the copyright of the content. An object of the present invention is to provide a content receiving apparatus, a content receiving program, and a conditional access system that can be protected.

  In order to achieve the above object, the conditional access system according to claim 1 stores a content transmission device that transmits encrypted content obtained by encrypting content in digital broadcasting, and the encrypted content received from the content transmission device. And a content reception device that decrypts and reproduces the encrypted content, wherein the content transmission device includes a scramble key that changes with elapsed time, and a content key provided for each content. And a storage means for storing a work key held for a longer time than the duration of the content and a master key provided in common on the receiving side, and the content is encrypted using the scramble key The content encryption means and the content key Related information encryption means for encrypting related information related to the content including at least the scramble key to be encrypted related information, and related information related to the content key including at least the content key by using the work key and encrypted content Content key related information encryption means for key related information, and work key related information encryption means for encrypting related information about the work key including at least the work key by using the master key to obtain encrypted work key related information; A multiplexing means for multiplexing the encrypted content, the encryption related information, the encrypted content key related information, and the encrypted work key related information to obtain a multiplexed encrypted content, and a multiplexed cipher multiplexed by the multiplexing means Multiple encrypted content transmission means for transmitting content, The content receiving apparatus includes: an encrypted content obtained by encrypting the content with a scramble key that is changed along with an elapsed time on the transmission side; and the content including at least the scramble key with a content key provided for each content Encrypted content in which the related information related to the content including at least the content key is encrypted by the encryption related information in which the related information related to the content is encrypted and the work key held for a longer time than the duration of the content Multi-encrypted content in which key-related information and encrypted work key-related information in which related information related to the work key including at least the work key is encrypted are multiplexed by a master key provided in common on the transmission side Is sent and this multi-encrypted content is received The multi-encrypted content receiving means and the multi-encrypted content received by the multi-encrypted content receiving means are separated into the encrypted content, the encryption-related information, the encrypted content key-related information, and the encrypted work key-related information. Multiple encrypted content separation means, encrypted content storage means for storing at least the encrypted content separated by the multiple encrypted content separation means, and decrypting the encrypted work key related information with the master key, The content key included in the encrypted content key related information is decrypted with a key, the scramble key included in the encrypted related information is decrypted with the decrypted content key, and the encrypted content storage means is decrypted with the decrypted scramble key The encrypted content stored in the Characterized in that it comprises a content decryption means.

  According to such a configuration, first, the content to be transmitted is encrypted with the scramble key that is changed along with the elapsed time to obtain the encrypted content. Then, the scramble key is encrypted together with the related information related to the content by the content key provided for each content, and becomes the encryption related information. Also, the content key is encrypted together with related information related to the content key by the work key held for a longer time than the duration of the content, and becomes encrypted content key related information. Furthermore, the work key is also encrypted together with related information related to the work key by the master key provided in common on the receiving side, and becomes encrypted work key related information. Thereafter, the encrypted information is multiplexed and transmitted.

  In addition, the related information regarding content is an authentication number (provider ID) of the transmission side (broadcasting company), a content identifier (content ID) for identifying the content, and the like. The related information related to the content key includes an authentication number (operator ID) of the transmission side (broadcasting company), a content identifier (content ID) for identifying content, and a work key identifier (work key ID) for identifying a work key. Etc.

  The related information related to the work key includes an authentication number (operator ID) on the transmission side (broadcasting company), a security module identifier (card ID) for identifying a security module in the form of an IC card provided on the receiving side, An update number, an expiration date, a work key identifier (work key ID) for identifying a work key, and the like.

  The content receiving device according to claim 2 is a content receiving device that receives encrypted content obtained by encrypting content in digital broadcasting, stores the encrypted content, and decrypts and reproduces the encrypted content. Further, on the transmission side, the content related to the content including at least the scramble key by the encrypted content obtained by encrypting the content with the scramble key changed with the elapsed time and the content key provided for each content. Related to encrypted content key in which related information related to the content including at least the content key is encrypted by encryption-related information in which information is encrypted and a work key held for a longer time than the duration of the content Information and common to the sender Multiplexed content that is multiplexed with encrypted work key related information in which related information related to the work key including at least the work key is encrypted is transmitted by the master key received, and the multiplexed key content is received. Multiplex for separating encrypted content received by the encrypted content receiving means and the multiple encrypted content received by the multiple encrypted content receiving means into the encrypted content, the encryption related information, the encrypted content key related information, and the encrypted work key related information An encrypted content separation means, an encrypted content storage means for storing at least the encrypted content separated by the multiple encrypted content separation means, and the encrypted work key related information is decrypted with the master key, and the decrypted work key is used. Decrypting the content key included in the encrypted content key related information; Multi-encrypted content that obtains the content by decrypting the scramble key included in the encryption-related information with the decrypted content key, decrypting the encrypted content stored in the encrypted content storage means with the decrypted scramble key And a decoding means.

  According to such a configuration, first, the multiple encrypted content multiplexed on the transmission side is received by the multiple encrypted content receiving means. The received multiple encrypted content is separated by the multiple encrypted content separation means into encrypted content, encryption related information, encrypted content key related information, and encrypted work key related information.

  Thereafter, the encrypted work key related information is decrypted with the master key by the multi-encrypted content decrypting means to obtain a work key, and the encrypted content key related information is decrypted with the work key to obtain the content key. Thus, the encryption-related information is decrypted to obtain a scramble key, and the encrypted content is decrypted with the scramble key to obtain the content.

  Further, the content receiving device according to claim 3 requests the encrypted content key related information from the transmission side in the content receiving device according to claim 2 when the encrypted content key related information is not obtained. Encrypted content key related information requesting means is provided.

  According to such a configuration, the encrypted content key related information is not multiplexed with the multiplexed encrypted content, that is, the encrypted content key related information is separately transmitted, and the encrypted content key related information is also transmitted. When the information is not obtained, the encrypted content key related information requesting means requests the encrypted content key related information including the content key on the transmission side.

  According to a fourth aspect of the present invention, there is provided the content receiving apparatus according to the second or third aspect, further comprising a security module in which the master key is set and cannot be read from the outside. Content key related information, and a content identifier related to the content key related information and a content identifier for identifying the content are stored in the security module.

  According to such a configuration, the content key related information storage unit stores the decrypted content key related information and the content identifier for identifying the content in the security module in which the master key is set.

  Further, the content receiving device according to claim 5 is the content receiving device according to claim 2 or claim 3, wherein the master key and a unique key for encrypting information to be output are set inside and read out from the outside. And a content key related information storage means for storing the decrypted content key related information and a content identifier related to the content key related information and identifying the content in the security module. And

  According to such a configuration, the content key related information storage unit stores the decrypted content key related information and the content identifier for identifying the content in the security module in which the master key and the unique key are set.

  The content receiving device according to claim 6 is the content receiving device according to claim 5, wherein at least one of the unique keys is set in common with other security modules.

  According to such a configuration, in the security module in which the master key and the unique key are set, at least one unique key is set in common with other security modules, and if this common unique key is used, The information stored in the security module (for example, the content key related information) can be output by the other security module.

  A content receiving device according to claim 7 is the content receiving device according to any one of claims 4 to 6, wherein a plurality of the unique keys are provided, and on the transmitting side, the master key is used. These unique keys are encrypted and used as encryption unique key setting related information, and the encrypted unique key setting related information receiving means for receiving the encrypted unique key setting related information, and the encrypted unique key And an encryption unique key setting related information decrypting means for decrypting the encryption unique key setting related information received by the setting related information receiving means with the master key.

  According to such a configuration, when the unique key is set inside the security module, the encrypted unique key setting related information encrypted with the master key on the transmission side by the encrypted unique key setting related information receiving unit. And the encrypted unique key setting related information decrypting means decrypts the encrypted unique key setting related information to obtain the unique key.

  Further, in the content receiving device according to any one of claims 4 to 7, the content receiving device according to claim 8 stores the decrypted content key related information when the content key related information is stored. A content key that deletes the decrypted content key related information based on the time when the decrypted content key related information is stored and the setting information set by the transmitting side or the receiving side when the memory capacity is exceeded A related information deleting unit is provided.

  According to such a configuration, when the memory capacity of the security module is exceeded, the content key related information deleting unit stores the content key related information based on the setting information set by the transmitting side or the receiving side, The content key related information is deleted. For example, even when content key related information is stored several tens of hours ago and a long time has passed, priority is given to setting information set on the receiving side (the content key related information is not deleted until the content is viewed) In this case, the content key related information having a lower priority is deleted more quickly.

  A content receiving device according to claim 9 outputs the content key related information after decryption stored in the security module in the content receiving device according to any one of claims 4 to 8, Content key related information storage means for storing is provided.

  According to such a configuration, the decrypted content key related information stored in the security module is output and stored by the content key related information output storage means.

  Further, in the content receiving device according to claim 9, when the content key related information after the decryption is stored in the content receiving device according to claim 9, when the memory capacity of the storage means is exceeded, Content key related information deleting means for deleting the decrypted content key related information based on the time when the decrypted content key related information is stored and the setting information set by the transmitting side or the receiving side. And

  According to such a configuration, when the memory capacity of the storage unit is exceeded, the content key related information deleting unit stores the content key related information based on the setting information set by the transmitting side or the receiving side, The content key related information is deleted.

  The content receiving device according to claim 11 is the content receiving device according to any one of claims 4 to 10, wherein the decrypted content key related information stored in the security module is stored in the master. Content key-related information re-encryption storage means for encrypting with a key, outputting as re-encrypted content key-related information, and storing the information is provided.

  According to this configuration, the decrypted content key related information stored in the security module is re-encrypted with the master key and output and stored by the content key related information re-encryption storage unit.

  The content receiving device according to claim 12 is the content receiving device according to claim 11, wherein the re-encrypted content key related information and the content identifier for identifying the content are stored in the storage unit, Re-encryption that deletes the re-encrypted content key related information based on the setting time set by the sending side or the receiving side when the re-encrypted content key related information is stored when the memory capacity is exceeded Characterized in that it comprises a content key related information deletion means.

  According to such a configuration, when the memory capacity of the storage unit is exceeded, the time when the re-encrypted content key related information is stored by the re-encrypted content key related information deletion unit is set by the transmitting side or the receiving side Based on the setting information, the re-encrypted content key related information is deleted.

  The content receiving device according to claim 13 is the content receiving device according to any one of claims 4 to 9, wherein the decrypted content key related information stored in the security module is stored in the unique information. Content key related information unique encryption storage means for encrypting with a key, outputting as unique encrypted content key related information, and storing it is provided.

  According to such a configuration, the content key related information after decryption stored in the security module is re-encrypted with the unique key by the content key related information unique encryption storage means, and is used as the unique encrypted content key related information. Output and stored.

  The content receiving device according to claim 14 is the content receiving device according to claim 13, wherein the unique encrypted content key related information and the content identifier for identifying the content are stored in the storage means, When the memory capacity is exceeded, the unique encryption that deletes the unique encrypted content key related information based on the time when the unique encrypted content key related information is stored and the setting information set by the transmitting side or the receiving side Characterized in that it comprises a content key related information deletion means.

  According to such a configuration, when the memory capacity of the storage unit is exceeded, the time when the unique encrypted content key related information is stored by the unique encrypted content key related information deleting unit is set by the transmitting side or the receiving side. The unique encrypted content key related information is deleted based on the setting information.

  The content receiving device according to claim 15 is the content receiving device according to any one of claims 2 to 8, wherein the decrypted content key related information is re-encrypted with the master key. Storage medium handling means for storing the information in the storage medium together with the encrypted content corresponding to the re-encrypted content key-related information is provided.

  According to this configuration, the decrypted content key related information stored in the security module is encrypted with the master key by the storage medium handling means to be re-encrypted content key related information. Is remembered.

  Further, the content receiving device according to claim 16 is the content receiving device according to any one of claims 6 to 8, wherein the decrypted content key related information is re-encrypted with the unique key. The unique encrypted content key related information includes a storage medium handling means for storing in the storage medium together with the encrypted content corresponding to the unique encrypted content key related information.

  According to such a configuration, the decrypted content key related information stored in the security module is encrypted with the unique key by the storage medium handling means to become the unique encrypted content key related information, and the encrypted content is stored together with the encrypted content. Is remembered.

  The content receiving device according to claim 17 is the content receiving device according to any one of claims 4 to 9, and 12, 13, 13, and 16. Further stores, in a storage medium handled by the storage medium handling means, encryption related information relating to the content including a content identifier for identifying the encrypted content, and reproduces the encrypted content stored in the storage medium When the re-encrypted content key related information corresponding to the encrypted content is stored in at least one of the storage unit and the storage medium, the re-encrypted content related information is stored in the storage unit or the storage. Read from the medium, input to the security module, and the encryption related information The related information input means for input and the master key decrypt the re-encrypted content key related information to obtain a content key, and the content key decrypts the encrypted related information to obtain a scramble key. And a scramble key output means for outputting a scramble key, and an encrypted content decryption means for decrypting the encrypted content of the storage medium using the scramble key output by the scramble key output means.

  According to this configuration, the encrypted content storage unit stores the encrypted content and the encryption related information corresponding to the encrypted content, and the related information input unit stores the encrypted content in the storage unit or the storage medium. The re-encrypted content key related information is input to the security module, and the scramble key output means decrypts the re-encrypted content key related information to obtain a content key. It is decrypted to obtain a scramble key, and the encrypted content is decrypted by the encrypted content decrypting means.

  The content receiving device according to claim 18 is the content receiving device according to any one of claims 5 to 9, and 14, 15, and 17, wherein the encrypted content storage means is provided. Further stores, in a storage medium handled by the storage medium handling means, encryption related information relating to the content including a content identifier for identifying the encrypted content, and reproduces the encrypted content stored in the storage medium When the unique encrypted content key related information corresponding to the encrypted content is stored in at least one of the storage means and the storage medium, the unique encrypted content related information is stored in the storage means or the storage. Read from the medium, input to the security module, and the encryption related The related information input means for inputting information and the unique key decrypt the unique encrypted content key related information to obtain a content key. The content key decrypts the encrypted related information to obtain a scramble key. Scramble key output means for outputting the scramble key, and encrypted content decryption means for decrypting the encrypted content of the storage medium using the scramble key output by the scramble key output means. .

  According to this configuration, the encrypted content storage unit stores the encrypted content and the encryption related information corresponding to the encrypted content, and the related information input unit stores the encrypted content in the storage unit or the storage medium. The unique encrypted content key related information is input to the security module, and the scramble key output means decrypts the unique encrypted content key related information to obtain a content key. It is decrypted to obtain a scramble key, and the encrypted content is decrypted by the encrypted content decrypting means.

  The content receiving device according to claim 19 is the content receiving device according to any one of claims 2 to 18, wherein the encrypted content was not stored during transmission of the encrypted content. In this case, a content key non-storage unit that does not store a content key corresponding to the encrypted content is provided.

  According to such a configuration, when the encrypted content is not stored by the content key non-storage unit, the content key corresponding to the encrypted content, that is, the encrypted content key related information is not stored.

  The content receiving device according to claim 20 is the content receiving device according to any one of claims 2 to 19, wherein the encryption related information is decrypted with a content key. Content key switching means for switching the content key based on the transmission start time and end time of the content corresponding to the related information is provided.

  According to this configuration, the content key switching means switches the timing for decrypting the encryption related information with the content key based on the content transmission start time and end time.

  The content receiving program according to claim 21 includes encrypted content storage means for receiving encrypted content obtained by encrypting content in digital broadcasting, and storing the encrypted content, and decrypting the encrypted content. The content receiving device to be played back is at least the scramble key by the encrypted content obtained by encrypting the content with a scramble key that changes with the elapsed time and the content key provided for each content on the transmission side. The related information related to the content including at least the content key is encrypted by the encryption related information obtained by encrypting the related information related to the content including the content key and the work key held for a longer time than the duration of the content. Encryption controller Multiplex encryption in which key-related information and encrypted work key-related information in which related information on the work key including at least the work key is encrypted are multiplexed by a master key commonly provided on the transmission side Multiple encrypted content receiving means for transmitting the content and receiving the multiple encrypted content, the multiple encrypted content received by the multiple encrypted content receiving means, the encrypted content, the encryption related information, the encrypted content key related information Multiple encrypted content separation means for separating the work key related information, decrypting the encrypted work key related information with the master key, and decrypting the content key included in the encrypted content key related information with the decrypted work key And decrypting the scramble key included in the encryption-related information with the decrypted content key. Characterized in that to function multiplexed encrypted content decryption means for decrypting the encrypted content stored in the encrypted content storage unit in the scramble key decrypted to obtain the content as.

  According to such a configuration, first, the multiple encrypted content multiplexed on the transmission side is received by the multiple encrypted content receiving means. The received multiple encrypted content is separated by the multiple encrypted content separation means into encrypted content, encryption related information, encrypted content key related information, and encrypted work key related information. Thereafter, the encrypted work key related information is decrypted with the master key by the multi-encrypted content decrypting means to obtain a work key, and the encrypted content key related information is decrypted with the work key to obtain the content key. Thus, the encryption-related information is decrypted to obtain a scramble key, and the encrypted content is decrypted with the scramble key to obtain the content.

  According to the first aspect of the present invention, when descrambling the multi-encrypted content on the receiving side, it is performed in units of contents, so that the descrambling efficiency is improved as compared with the case where it is performed in units of conventional streams.

  According to the first and second aspects of the invention, first, the multiple encrypted content multiplexed on the transmission side is received by the multiple encrypted content receiving means, and the received multiple encrypted content is encrypted by the multiple encrypted content separating means. It is separated into encrypted content, encryption related information, encrypted content key related information, and encrypted work key related information. Thereafter, the encrypted work key related information is decrypted with the master key by the multi-encrypted content decrypting means to obtain a work key, and the encrypted content key related information is decrypted with the work key to obtain the content key. Thus, the encryption-related information is decrypted to obtain a scramble key, and the encrypted content is decrypted with the scramble key to obtain the content. For this reason, when descrambling the multi-encrypted content, it is done in units of content, so that the descrambling efficiency is improved as compared with the case where it is performed in units of conventional streams.

  According to the third aspect of the present invention, when the encrypted content key related information is not obtained, the encrypted content key related information in which the content key is included on the transmission side by the encrypted content key related information requesting means. Therefore, when reproducing content on the receiving side, a content key can be obtained as necessary.

  According to the fourth aspect of the present invention, the content key related information storage means stores the decrypted content key related information and the content identifier for identifying the content in the security module in which the master key is set. The key is protected, and as a result, the copyright of the content can be protected.

  According to the invention described in claim 5, the content key related information storage means stores the decrypted content key related information and the content identifier for identifying the content in the security module in which the master key and the unique key are set. Therefore, the content key is protected, and thus the copyright of the content can be protected.

  According to the invention described in claim 6, in the security module in which the master key and the unique key are set, at least one unique key is set in common with the other security modules, and this common unique key can be used. For example, information stored in one security module (for example, content key related information) can be output by the other security module. For this reason, for example, when the identifier of the security module can be shared among a plurality of receiving devices, mutual use such as exchanging the receiving device and the security module being used becomes possible as a private use range.

  According to the seventh aspect of the present invention, when a unique key is set inside the security module, the encrypted unique key encrypted with the master key on the transmitting side by the encrypted unique key setting related information receiving means The setting related information is received, and the encrypted unique key setting related information decrypting means decrypts the encrypted unique key setting related information to obtain the unique key. For this reason, the unique key set in the security module is freely changed on the transmission side, so that the copyright of the content can be protected.

  According to the eighth aspect of the present invention, when the memory capacity of the security module is exceeded, the content key related information is deleted by the content key related information deleting means, and the setting information set by the transmitting side or the receiving side Since the content key related information is deleted based on the above, the content key can be easily managed.

  According to the ninth aspect of the invention, since the decrypted content key related information stored in the security module is output and stored by the content key related information output storage means, the content key can be easily managed.

  According to the invention described in claim 10, when the memory capacity of the storage means is exceeded, the content key related information deleting means sets the time when the content key related information is stored, the setting information set by the transmission side or the reception side Since the content key related information is deleted based on the above, the content key can be easily managed.

  According to the eleventh aspect of the invention, the content key-related information re-encryption storage means re-encrypts the content key-related information stored in the security module with the master key, and outputs and stores it. Therefore, the content key is protected, and thus the copyright of the content can be protected.

  According to the twelfth aspect of the present invention, when the memory capacity of the storage unit is exceeded, the time when the re-encrypted content key related information is stored by the re-encrypted content key related information deleting unit, the transmitting side or the receiving side Since the re-encrypted content key related information is deleted based on the setting information set by the above, the content key can be easily managed.

  According to the thirteenth aspect of the present invention, the content key-related information unique encryption storage means re-encrypts the decrypted content key-related information stored in the security module with the unique key, and the unique encrypted content. Since it is output and stored as key-related information, the content key is protected, and thus the copyright of the content can be protected.

  According to the fourteenth aspect of the present invention, when the memory capacity of the storage unit is exceeded, the time when the unique encrypted content key related information is stored by the unique encrypted content key related information deleting unit, the transmission side or the reception side Since the unique encrypted content key related information is deleted based on the setting information set by the above, the content key can be easily managed.

  According to the fifteenth aspect of the invention, the decrypted content key related information stored in the security module is encrypted with the master key by the storage medium handling means to be re-encrypted content key related information. At the same time, since it is stored in the storage medium, the content key is protected, and as a result, the copyright of the content can be protected.

  According to the sixteenth aspect of the invention, the decrypted content key related information stored in the security module is encrypted with the unique key by the storage medium handling means to be the unique encrypted content key related information, and the encrypted content At the same time, since it is stored in the storage medium, the content key is protected, and as a result, the copyright of the content can be protected.

  According to the seventeenth aspect of the present invention, the encrypted content and the encryption related information corresponding to the encrypted content are stored in the storage medium by the encrypted content storage unit, and the storage unit or the storage is stored by the related information input unit. The re-encrypted content key related information stored in the medium is input to the security module, the re-encrypted content key related information is decrypted by the scramble key output means, and the content key is obtained. The encryption related information is decrypted to obtain a scramble key, and the encrypted content is decrypted by the encrypted content decrypting means. For this reason, when reproducing encrypted content, the content key cannot be obtained unless the content key undergoes a complicated process, so that the copyright of the content can be protected.

  According to the invention described in claim 18, the encrypted content storage means stores the encrypted content and the encryption related information corresponding to the encrypted content in the storage medium, and the related information input means stores the storage means or the storage. The unique encrypted content key related information stored in the medium is input to the security module, the unique encrypted content key related information is decrypted by the scramble key output means, and the content key is obtained. The encryption related information is decrypted to obtain a scramble key, and the encrypted content is decrypted by the encrypted content decrypting means. For this reason, when reproducing encrypted content, the content key cannot be obtained unless the content key undergoes a complicated process, so that the copyright of the content can be protected.

  According to the nineteenth aspect of the present invention, when the encrypted content is not stored by the content key non-storage means, the content key corresponding to the encrypted content, that is, the encrypted content key related information is not stored. Even if the content is stored separately, it cannot be played back, and the copyright of the content can be protected.

  According to the twentieth aspect, the content key switching means can switch the timing for decrypting the encryption related information with the content key based on the content transmission start time and end time. Is obtained, the encryption-related information can be decrypted from the content transmission start time to the end time.

  According to the twenty-first aspect of the invention, first, the multiple encrypted content multiplexed on the transmission side is received by the multiple encrypted content receiving means, and the received multiple encrypted content is encrypted by the multiple encrypted content separating means. The information is separated into encryption related information, encrypted content key related information, and encrypted work key related information. Thereafter, the encrypted work key related information is decrypted with the master key by the multi-encrypted content decrypting means to obtain a work key, and the encrypted content key related information is decrypted with the work key to obtain the content key. Thus, the encryption-related information is decrypted to obtain a scramble key, and the encrypted content is decrypted with the scramble key to obtain the content. For this reason, when descrambling the multi-encrypted content, it is done in units of content, so that the descrambling efficiency is improved as compared with the case where it is performed in units of conventional streams.

1 is a block diagram of a conditional access system (content transmission device, content reception device) according to an embodiment of the present invention. FIG. It is a figure explaining the file format at the time of packetizing the scramble key Ks, the content key Kc, and the work key Kw. It is a block diagram of a content receiving device and a security module in a conditional access system. It is the figure explaining the time change of a scramble key, a content key, and a work key with respect to the stream (multi-encrypted content) input into a content receiver. It is the block diagram explaining the content receiver when a group key is used. It is a figure explaining file formats, such as content key related information and work key related information. It is a figure explaining the storage format of a non-volatile memory. It is a sequence chart at the time of acquiring a content key. It is a block diagram in the case of viewing and listening to an existing BS digital broadcast using a content receiving device and a security module. It is a block diagram in the case of using a content receiver and a security module to view an existing BS digital broadcast using a work key after storing it. It is a sequence chart at the time of acquiring a group key. It is a block diagram of the conventional conditional access system.

Hereinafter, an embodiment of the present invention will be described in detail with reference to the drawings.
(Configuration of conditional access system, when sending content key and content together)
FIG. 1 illustrates the overall configuration of a conditional access system. As shown in FIG. 1, the conditional access system 1 includes a content transmission device 3 and a content reception device 5, and the content transmission device 3 includes a content scramble unit 7, a multiplexing unit 9, a storage unit 11, and the like. It is configured with. The content receiving device 5 includes a separation unit 13, a content descrambling unit 15, and a storage unit 17.

  The conditional access system 1 is a system for transmitting encrypted content (broadcast program) in digital broadcasting, decrypting the encrypted content on the receiving side, and viewing it, and decrypting the encrypted content. , Requiring a special limited receiving device (hence the term conditional access system).

  The content transmission device 3 encrypts the content and transmits it to the content reception device 5 on the reception side, and uses the master key provided in common with the reception side for the content that is video / audio data (hence (Which is referred to as a common key encryption method) and transmitted.

  The content scramble unit 7 first encrypts the content to be transmitted using the scramble key Ks generated by an encryption key generation device (described later) (not shown) to obtain an encrypted content (encryptor 7a). Next, by using the content key Kc stored in the storage unit 11, the related information relating to the content including at least the scramble key is encrypted and used as the encryption related information (encryptor 7 b). Further, by using the work key Kw stored in the storage unit 11, related information related to the content key including at least the content key is encrypted to be encrypted content key related information (encryptor 7 c). Further, by using the master key Km0 stored in the storage unit 11, the related information about the work key including at least the work key is encrypted to be encrypted work key related information (encryptor 7d).

  Here, supplementing the correspondence between the content scrambler 7 of the content transmitting apparatus 3 and the requirements described in the claims, the encryptor 7a is the content encrypting means, the encryptor 7b is the related information encrypting means, The encryptor 7c corresponds (corresponds) to the content key related information encrypting means, and the encryptor 7d corresponds to (or corresponds to) the work key related information encrypting means.

  The multiplexing unit 9 multiplexes the encrypted content, the encryption related information, the encrypted content key related information, and the encrypted work key related information encrypted by the content scramble unit 7 to generate a multiplexed encrypted content And sent to the receiving side. The multiplexing unit 9 corresponds to the multiplexing unit and the multiple encrypted content transmission unit described in the claims.

  The storage unit 11 includes a scramble key Ks that is changed along with the elapsed time, a content key Kc that is provided for each content, a work key Kw that is held for a longer time than the duration of the content, and transmission / reception that is provided in the content receiving device 5. A common master key Km is stored.

  Although not shown in FIG. 1, an encryption key generation device that generates each encryption key stored in the storage unit 11 is provided. The content transmitting apparatus 3 includes an encrypted content key related information transmitting unit (not shown), a content key related information storage specifying unit, a content key related information use specifying unit, and a unique key setting related information encryption. Means.

  The encrypted content key related information transmitting means transmits the encrypted content key related information for a predetermined time after the transmission start time of the multiplexed encrypted content or a predetermined time before the transmission start time for starting the transmission of the multiplexed encrypted content. Repeatedly transmit at predetermined time intervals until a predetermined time after the transmission end time, or transmit or communicate based on a request from the receiving side when encrypted content key related information is not received on the receiving side The encrypted content key related information is transmitted by at least one means of transmission via a circuit network.

  The content key related information storage designating means decrypts the encrypted content key related information in the content receiving device 5 to obtain the content key related information, and then stores the content key related information as it is or separately encrypted. When the content receiver 5 on the receiving side includes at least one of storage means and storage medium handling means for handling the storage medium, it is specified to be held in any one of the security module, storage means, and storage medium to be described later. is there.

  When the content key related information use specifying means includes a storage medium handling means for handling the storage medium on the receiving side, the encrypted content is stored in the storage medium, and the encrypted content is reproduced when the encrypted content is reproduced. When the encrypted content key related information corresponding to the content is transmitted, the stored content key related information is specified to be used without using the encrypted content key related information.

  The unique key setting related information encryption means encrypts information input to the security module for each security module provided in the content receiving device 5 (corresponding to a group key Kg described later). Is set in the security module, and these unique keys are encrypted with the master key Km and used as related information for setting the encrypted unique key.

  On the other hand, the content receiving device 5 receives the multiplexed encrypted content that has been encrypted and multiplexed by the content transmitting device 3 on the transmission side, decrypts the multiplexed encrypted content, and enables viewing. The separation unit 13 receives the multiplexed encrypted content transmitted from the content transmission device 3 on the transmission side, and also transmits the multiplexed encrypted content to the encrypted content, the encryption related information, the encrypted content key related information, the encrypted work key. It separates into related information. The separating unit 13 corresponds to the multiple encrypted content receiving means and the multiple encrypted content separating means described in the claims.

  The content descrambling unit 15 includes four decoders (security module SM described later), and the encrypted content, the encryption related information, the encrypted content key related information, and the encryption separated by the separation unit 13. The encrypted work key-related information is decrypted. First, the encrypted work key-related information is decrypted with the master key to obtain a work key (decryptor 15a), and the encrypted content key-related information is decrypted with this work key. Thus, a content key is obtained (decryptor 15b), the encryption-related information is decrypted with this content key to obtain a scramble key (decryptor 15c), and the encrypted content is decrypted with this scramble key to obtain content ( Decoder 15d). The content descrambling unit 15 corresponds to the multiple encrypted content decrypting means described in the claims.

  The storage unit 17 includes a memory unit 17a (corresponding to the storage unit described in the claims) integrally provided in the main body of the content receiving device 5, and a storage medium handling unit 17b for storing information in the storage medium. Configured. Further, the content receiving device 5 is provided with a security module SM not shown in FIG. This security module SM includes at least the decoders 15a to 15c, holds the master key Km, and includes an IC card or the like that cannot be read from the outside.

  Further, the content receiving apparatus 5 includes an encrypted content key related information requesting unit (not shown), a content key related information storage unit, an encrypted unique key setting related information receiving unit, and an encrypted unique key setting related information. Decryption means, content key related information output storage means, content key related information re-encryption storage means, content key related information unique encryption storage means, content key non-storage means, and content key switching means Yes. These are programs developed in the main control unit of the content receiving device 5 (not shown).

  The encrypted content key related information request means requests the encrypted content key related information from the content transmitting device 3 on the transmission side when the content receiving device 5 does not obtain the encrypted content key related information. . The content key related information storage means stores the content key related information after decryption and the content identifier for identifying the content in the security module SM in relation to the key related information.

  The related information receiving means for setting the encrypted unique key is provided with a plurality of unique keys in the security module SM, and these unique keys are encrypted by the master key Km in the content transmitting apparatus 3 on the transmission side and encrypted. This is related information for setting a unique key, and this related information for setting an encrypted unique key is received. The encryption unique key setting related information decrypting means decrypts the encryption unique key setting related information received by the encryption unique key setting related information receiving means with the master key Km.

  The content key related information output means outputs the decrypted content key related information stored in the security module SM and stores it in the storage unit 17. The content key related information re-encryption storage means encrypts the decrypted content key related information stored in the security module SM with the master key Km set in the security module SM, and re-encrypts the content key related information. The data is output and stored in the storage unit 17.

  The content key related information unique encryption storage means encrypts the decrypted content key related information stored in the security module SM with a unique key (corresponding to a group key Kg described later) set in the security module SM. The unique encrypted content key related information is output and stored in the storage unit 17. The content key non-storage means does not store the content key (encrypted content key related information) corresponding to the encrypted content when the encrypted content is not stored in the storage unit 17 during transmission of the encrypted content. Is.

  The content key switching means switches the content key based on the transmission start time and end time of the content corresponding to the encryption related information at the timing of decrypting the encryption related information with the content key.

  Here, a description will be given along the flow of content encryption and decryption. The content is scrambled by using the common key encryption method in the content scrambler 7 of the content transmission device 3, and multiplexed with the encrypted related information including each of the scramble key Ks, content key Kc, and work key Kw. And sent out. The transmitted content is separated into related information including each key and scrambled content in the separation unit 13 of the content receiving device 5, and the scrambled content is descrambled in the content descrambling unit 15, Plain text (decrypted content) is obtained.

  Further, in the content receiving device 5, the content is stored in the storage unit 17, descrambled by the content descrambling unit 15 and used at the time of use (content playback). The master key Km is a unique key assigned to the content receiving device 5 or the security module SM, and this master key Km is written in the content receiving device 5 or the security module SM in advance.

  Here, a case where the plurality of content receiving apparatuses 5 share the work key Kw will be described. First, the transmission-side content transmission device 3 reads the master key Km of the corresponding content reception device 5 from a master key database (not shown) held in the storage unit 11. Then, the work key Kw is encrypted with the read master key Km by the common key encryption method. Further, the related information including the encrypted work key is packetized, for example, in the section format of the MPEG-2 multiplexing method, and is multiplexed as a transport stream together with the content by the multiplexing unit 9 as individual information.

  As an example of packetization, an EMM (Entitlement Management Message) format described in the ARIB conditional access system standard (STD-B25) can be used. In the content receiver 5, the separator 13 extracts the EMM from the received MPEG2 transport stream, decrypts it using the master key Km, and obtains the work key Kw. And this operation | movement is repeatedly performed with respect to each content receiver 5, and the work key Kw is shared in the some content receiver 5. FIG.

  In the content receiving device 5, the obtained work key Kw is stored and held in the security module SM. Note that the work key Kw shared among the plurality of content receiving apparatuses 5 is updated in a period of, for example, one month or one year in order to ensure the security of the work key Kw itself. Further, the work key Kw can be sequentially transmitted using an empty band of the broadcast band independently of the content. In some cases, the work key Kw can be written in the security module SM and distributed.

  Further, supplementary explanation will be given here regarding the scramble key and the content key. The scramble key Ks is a key for scrambled content, and is set to be changed in a time of about 1 second in order to increase security against unauthorized reception. The scramble key Ks is encrypted by the common key encryption method with the content key Kc. The encrypted scramble key Ks is packetized in the section format of the MPEG-2 multiplexing method and multiplexed as a transport stream together with the content by the multiplexing unit 9 as common information.

  As an example of a specific method of packetization, an ECM (Entitlement Control Message) format described in the ARIB conditional access method standard (STD-B25) can be used. The transmission time of the scramble key Ks will be described later.

  The content key Kc is a content-specific key assigned to each content, and the content key Kc is encrypted by the common key encryption method with the work key Kw. The encrypted content key Kc is packetized in the MPEG-2 multiplexing section format and multiplexed as a transport stream together with the content by the multiplexing unit 9 as common information (encrypted content key related information). .

  Further, a supplementary description will be given of the case where the broadcast content is viewed in real time using the conditional access system 1. When viewing content in real time, for example, transmission of a content key (encrypted content key related information) is started from a predetermined time before content (multi-encrypted content) is transmitted from the content transmission device 3 on the transmission side, and the content is transmitted. During this period, the content key is repeatedly transmitted at a predetermined time interval, and after the content transmission ends (after the broadcast ends), the content key transmission is also terminated. On the other hand, in the content receiving device 5 on the receiving side, when the content transmitted to the storage unit 17 is stored and then the stored content is reproduced and viewed, the storage unit of the content receiving device 5 until the content is viewed The content is stored while being scrambled to 17 and a content key is transmitted when the content is viewed.

  Next, a file format when packetizing the scramble key Ks, the content key Kc, and the work key Kw will be described with reference to FIG. The related information S (common information S) is program information used for sending a scramble key, and is composed of an operator ID, a content ID, a scramble key Ks, and the like. The broadcaster ID is an identifier assigned to the broadcaster, and the content ID is unique for each content, or a predetermined condition (for example, whether the rebroadcast program is the same ID or a different ID, etc. Is an identifier assigned based on (condition). The scramble key Ks is encrypted with the content key Kc corresponding to the content ID.

  The content key related information C (common information C) is common information used for sending the content key Kc, and is composed of an operator ID, a work key ID, a content ID, a content key, and the like. The provider ID is an identifier assigned to the broadcaster, the work key ID is an identifier for identifying the work key, and the content ID is an identifier uniquely assigned to each content. Of these, at least the content key is encrypted with the work key corresponding to the work key ID.

  The work key related information W (individual information W) is individual information used for sending the work key Kw, and is composed of an operator ID, a card ID, an update number, an expiration date, a work key ID, a work key, and the like. . The operator ID is an identifier assigned to the broadcaster or a specific set (group) thereof, the card ID is an identifier assigned to each security module SM, and the update number is the version of the work key Kw. The expiration date indicates the expiration date of the work key Kw. The work key Kw is encrypted with the master key Km corresponding to the card ID.

(Relationship between content receiving device and security module (configuration))
Next, the relationship between the content receiving device 5 and the security module SM1 in the conditional access system 1 will be described with reference to FIG. The content receiving device 5 includes a Kw / Kc related information separating unit 13a that separates related information including the work key Kw and the content key Kc from the received stream (multi-encrypted content), a storage unit 17a that stores encrypted content, A Ks related information separating unit 13b that separates related information including the scramble key Ks, a content descrambling unit 15 that descrambles content, an interface (not shown) that performs communication between the content receiving device 5 and the security module SM1, etc. It is composed of

  The security module SM1 includes a master key Km, four decryptors (19a to 19d), one encryptor 21, and a software switch S / W that controls a plurality of pieces of information input according to the situation. It is prepared for. The software switch S / W has three pieces of information to be input, and switches a1 to a3 are provided corresponding to the number of pieces of information. When the switch a1 views content in real time, the switch a2 Corresponds to the case where the switch a3 is viewing an existing broadcast.

  The Kw / Kc related information separating unit 13a extracts the encrypted work key related information from the multiple encrypted content, and the card ID described in the encrypted work key related information and the security module SM1 (IC in this embodiment). If the card ID matches, the encrypted work key related information including the work key Kw, the work key ID, the update number, the expiration date, and the operator ID is input to the security module SM1. In the security module SM1, the input encrypted work key Kw is decrypted with the master key Km to obtain the work key Kw (decryptor 19a). The work key Kw is the business ID, update number, valid Corresponding to the time limit and the work key ID, it is held in the security module SM1.

  On the other hand, the Kw / Kc related information separating unit 13a extracts the encrypted content key related information, and includes the work key ID, the encrypted content key Kc, the provider ID, the expiration date, and the content ID. The encrypted content key related information is input to the security module SM1. The security module SM1 decrypts the encrypted content key related information using the work key Kw corresponding to the work key ID to obtain the content key Kc (decryptor 19b).

(Example of playback of encrypted content (real-time viewing))
Next, a case where content (real time) being transmitted is viewed using the content receiving device 5 and the security module SM1 illustrated in FIG. 3 will be described. Since the content is viewed in real time, the software switch S / W of the security module SM1 is switched to a1 in advance.

  The output of the Kw / Kc related information separating unit 13a is input to the Ks related information separating unit 13b. The Ks related information separation unit 13b extracts the related information S and inputs the related information S including the content ID and the encrypted scramble key Ks to the security module SM1. In the security module SM1, the related information S is decrypted using the content key Kc corresponding to the content ID to obtain a scramble key Ks (decryptor 19d). Then, the obtained scramble key Ks is output to the content receiver 5, and the content receiver 5 uses the input scramble key Ks to decrypt the encrypted content and output the content. .

(Example of playback of encrypted content (stored playback))
Next, a case where the content stored in the storage unit 17a is viewed using the content receiving device 5 and the security module SM1 illustrated in FIG. 3 will be described. Since the content stored in the storage unit 17a is viewed, the software switch S / W of the security module SM1 is switched to a2 in advance.

  The encrypted content is stored in the storage unit 17a in correspondence with the content ID together with the encryption related information (related information S) including the encrypted scramble key as it is (scrambled). On the other hand, the Kw / Kc related information separating unit 13a extracts the encrypted content key related information (content key related information C), and the extracted encrypted content key related information including the encrypted content key is the security module SM1. To enter. Then, the content key decrypted by the decryptor 19b is encrypted using the master key (encryptor 21). The encrypted content key Kc is output to the content receiving device 5 and stored in association with the encrypted content stored in the storage unit 17a.

  When reproducing the content stored in the storage unit 17a, the encrypted content key corresponding to the descrambled content is read from the storage unit 17a and input to the security module SM1. The security module SM1 decrypts the input encrypted content key with the master key Km to obtain the content key Kc (decryptor 19c). On the other hand, the reproduced content is input to the Ks related information separation unit 13b to extract the encryption related information (related information S), and the extracted encrypted related information including the encrypted scramble key Ks ( The related information S) is input to the security module SM1.

  The security module SM1 decrypts the input encrypted scramble key with the content key decrypted by the decoder 19c, obtains the scramble key Ks (decryptor 19d), and uses this scramble key Ks as the content receiving device. 5 is output. The encrypted content is decrypted with the scramble key Ks input to the content descrambling unit 15 (15d) of the content receiver 5, and the content is output.

  In addition, when a storage device (not shown) is connected to the content receiving device 5 via a home network or the like, before being input to the Ks related information separating unit 13b, Are stored in a storage device other than the content receiving device 5 via a home network or the like. At this time, the re-encrypted content key encrypted with the master key Km is stored in the storage device together with the encrypted content and the encryption-related information. When playing back the encrypted content, the signal played back in the storage device (the content signal that remains scrambled) is input to the Ks-related information separating unit 13b of the content receiving device 5 via the home network, and the content receiving device 5 The re-encrypted content key is input to the security module SM1 via the scrambler, the re-encrypted content key is decrypted by the decryptor 19c, the scramble key Ks is obtained by the decryptor 19d, and the content is descrambled.

(Example of playback of existing BS digital broadcasting (encrypted content) (real-time viewing))
Next, a case where an existing BS digital broadcast (encrypted content) is viewed in real time using the content receiving device 5 and the security module SM1 illustrated in FIG. 3 will be described. Since it is a case of viewing an existing BS digital broadcast (encrypted content), the software switch S / W of the security module SM1 is switched to a3 in advance.

  First, the encrypted work key related information multiplexed with the encrypted content will be described with reference to the file format shown in FIG. As shown in FIG. 6, the encrypted work key related information ECM-Kw is composed of a provider ID, a work key ID, a scramble key Ks, and the like. The scramble key Ks is encrypted with a work key ID corresponding to the work key ID.

  At this time, if the decryption device 19a, the decryption device 19d, and the content descrambling unit 15d are made the same method as the encryption method used in the BS digital broadcast, the related information including the encrypted scramble key Ks. (ECM-Kw) is input to the decoder 19d, decrypted using the work key Kw obtained by the decoder 19a, and the obtained scramble key Ks is output to the content receiver 5, the content receiver 5 It is possible to descramble encrypted content of BS digital broadcasting.

(Example of playback of existing BS digital broadcasting (encrypted content) (storage playback viewing))
Next, a case where the existing BS digital broadcast (encrypted content) is stored and viewed using the content receiving device 5 and the security module SM1 illustrated in FIG. 9 will be described. Since it is a case of viewing an existing BS digital broadcast (encrypted content), the software switch S / W of the security module SM1 is switched to a3 in advance.

  (Method Using Local Encryption) FIG. 9 shows the content receiving device 5 'and the security module SM1 used in the method using local encryption. The encrypted content received by the existing BS digital broadcast is once decrypted by the content descrambling unit 15, encrypted by the local encryption unit 23, and stored in the storage unit 17a. Note that local encryption means that a common key is uniquely generated by using a common key encryption method or the like, content is encrypted, and the encrypted content is stored in the storage unit in correspondence with the common key. Say.

  When the content encrypted by the local encryption unit 23 is decrypted, the local decryption unit 25 decrypts the content using the common key obtained by encrypting the content. When this decrypted content is distributed via a home network to a storage device (not shown) other than the content receiving device 5 ', the decrypted content is stored as a content such as DTCP (Digital Transmission Content Protection). It is delivered after encryption by the protection technology to protect. In a storage device (not shown) as a distribution destination, a method is used in which local encryption is performed and stored when content is stored.

  (Method Using Work Key Kw) FIG. 10 shows the content receiving device 5 and the security module SM2 used in the method using the work key Kw. The software switch S / W of the security module SM2 is switched to a3 in advance.

  The encrypted content received by the existing BS digital broadcast is stored in the storage unit 17a together with the encryption related information ECM-Kw (see FIG. 6) including the encrypted scramble key while being scrambled. On the other hand, in the Kw / Kc related information separating unit 13a, the encrypted work key related information EMM (for Kw distribution, see FIG. 6) including the encrypted work key Kw is input to the security module SM2, and is mastered by the decryptor 19a. The work key Kw is obtained by decrypting with the key Km, and this work key Kw (stored in the security module SM2 before the broadcast start time of the content) is input to the encryptor 21 and used with the master key Km. Encrypt. The encrypted work key Kw is output to the content receiving device 5. In the content receiver 5, the encrypted content stored in the storage unit 17a, the encrypted work key Kw, and the work key ID are stored in association with each other.

  Next, when reproducing the encrypted content stored in the storage unit 17a, the encrypted work key Kw corresponding to the encrypted content to be descrambled is read from the storage unit 17a and input to the security module SM2. In the security module SM2, the encrypted work key Kw is decrypted using the master key Km by the decryptor 19c to obtain the work key Kw. On the other hand, the reproduced encrypted content separates the encryption related information ECM-Kw including the scramble key Ks encrypted by the Ks related information separation unit 13b and inputs it to the security module SM2. In the security module SM2, the software switch S / W is switched to a2, the input encryption related information ECM-Kw is input to the decoder 19d, decrypted with the work key Kw, and a scramble key Ks is obtained. The key Ks is output to the content receiving device 5. In the content receiving device 5, the input scramble key Ks is input to the content descrambling unit 15 to descramble the encrypted content.

(Example of time change of each key for a stream (encrypted content) input to the content receiving device)
Next, with reference to FIG. 4, time changes of the scramble key Ks, the content key Kc, and the work key Kw for the stream (multi-encrypted content) input to the content receiving device 5 will be described. Here, it is assumed that content is viewed in real time, and the case where content A, content B, and content C are broadcast continuously will be described. While the content A is being broadcast, the content ID is sent as 000A, when the content B is broadcast, the content ID is switched to 000B, and when the content C is broadcast, the content ID is switched to 000C. Sent out.

  The scramble keys KsA1, KsA2,... KsAn are changed from KsA1 to KsAn in a unit time of about several seconds during the broadcast of the content A, and scramble the content A. The scramble keys KsA1... KsAn are distributed several seconds before the broadcast of the content A is started. That is, the scramble key Ks used for scrambling any content is distributed prior to transmission of the encrypted content scrambled using this scramble key Ks.

  Next, the scramble key KsB1 is transmitted a few seconds before switching to the content B, and when the content B is broadcast, the scramble keys KsB1 to KsBn are changed from KsB1 to KsBn in a unit time of about several seconds. Similarly, the scramble keys KsC1, KsC2,... KsCn are changed in unit time of about several seconds while the content C is being broadcast.

  The content key KcA is a key that encrypts scramble keys KsA1 to KsAn, the content key KcB is a key that encrypts scramble keys KsB1 to KsBn, and the content key KcC is a key that encrypts scramble keys KsC1 to KsCn. As shown in FIG. 4, while the content A is being broadcast, the same content key KcA is used, and when the content A is finished and the content B is broadcast, the content key KcB is changed. Similarly, when the content C is broadcast, it is changed to the content key KcC. The content keys KcA, KcB, and KcC are sent out several seconds before the target content is broadcast. If the target content is being broadcast, the corresponding content key Kc is repeatedly sent out in a unit time of about several seconds. After the target content is broadcast, the transmission of the corresponding content key Kc is also stopped. Although the content key Kc is described here, it is actually received by the content receiving apparatus 5 as an encrypted content key in a format included in the encrypted content key related information.

  Next, the handling of each key when the scrambled content is temporarily stored and reproduced will be supplemented. Regarding the transmission of the content ID and the scramble key Ks, the content is distributed in the same manner as when viewing the content in real time. On the other hand, the content key Kc does not need to be transmitted in synchronization (multiplexing) with the content, content ID, and scramble key Ks, and may be distributed before the time when the user of the content receiving device 5 reproduces the content. For example, when the scrambled content and the scramble key Ks are stored in the storage unit 17a in advance and the broadcaster of the content transmission device 3 on the transmission side permits viewing of the stored content, By distributing the content key corresponding to the content, pseudo video on demand is realized.

(Relationship (configuration) of content receiver, security module, and nonvolatile memory)
Next, with reference to FIG. 5, the relationship among the content receiving device 5, the security module SM3, and the nonvolatile memory FM in the conditional access system 1 will be described. The content receiving device 5 includes a Kw / Kc related information separating unit 13a for separating the work key Kw and the content key Kc from the received stream (multi-encrypted content), a storage unit 17a for storing the encrypted content, and a scramble key Ks. A Ks-related information separating unit 13b that separates related information, a content descrambling unit 15 that descrambles content, an interface (not shown) that performs communication between the content receiving device 5 and the security module SM3, and a storage medium ( The nonvolatile memory FM includes a storage medium handling means 17b (not shown in FIG. 5) that handles something separate from the nonvolatile memory FM.

  The security module SM3 includes a master key Km, four decryptors (19a to 19d), one encryptor 21, and three software switches S that control a plurality of pieces of information input according to the situation. / W. The software switch S / W1 has three pieces of information to be input, and switches a1 to a3 are provided corresponding to the number of pieces of information. When the switch a1 views content in real time, the switch a2 In the case of storage / playback viewing, the switch a3 corresponds to the case of viewing an existing broadcast. The number of information input to the software switch S / W2 is two (b1, b2), and the number of information input to the software switch S / W3 is also two (c1, c2).

  The nonvolatile memory FM stores and holds the content key Kc re-encrypted with the master key of the security module SM3 together with the content ID. The nonvolatile memory FM corresponds to the storage medium described in the claims.

  The content receiving apparatus 5 shown in FIG. 5 includes an encrypted content storage unit (not shown), a related information input unit, a scramble key output unit, and an encrypted content decryption unit. Note that these are programs that are developed (running) in the main control unit (not shown) of the content receiving device 5.

  The encrypted content storage means includes an encrypted content encrypted with a scramble key Ks on a storage medium (a storage medium provided separately from the nonvolatile memory FM) handled by the storage medium handling means 17b (see FIG. 1). The encryption related information regarding the content including the content identifier for identifying the encrypted content is stored.

  When the related information input means reproduces the encrypted content, the related information input means is encrypted with the re-encrypted content key related information (specific encrypted content key related information: unique key (group key Kg)) corresponding to the encrypted content. Is stored in at least one of the storage unit 17a and the non-volatile memory FM, the re-encrypted content related information (unique encrypted content key related information) is read from the storage unit 17a or the non-volatile memory FM, The information is input to the security module SM3 and the encryption related information is input.

  The scramble key output means decrypts the re-encrypted content key related information (unique encrypted content key related information) with the master key Km set in the security module SM3, obtains the content key Kc, and uses this content key Kc. The encryption related information is decrypted to obtain the scramble key Ks, and the scramble key Ks is output to the content receiving device 5.

  The encrypted content decrypting means decrypts the encrypted content with the scramble key Ks output by the scramble key output means.

(Reproduction of encrypted content when content key is stored in non-volatile memory)
By switching the software switch S / W3, the re-encrypted content key Kc encrypted by the encryptor 21 is stored in the storage unit 17a in the case of c1, and together with the corresponding content ID in the case of c2. It is stored in a non-volatile memory FM provided outside the security module SM3.

  When reproducing the encrypted content stored in the storage unit 17a, if the content key Kc is stored together with the encrypted content in the storage unit 17a, the software switch S / W2 is switched to b1, and the storage unit 17a The re-encrypted content key Kc read out is input to the security module SM3 and decrypted by the decryptor 19c to obtain the content key Kc. Using this content key Kc, the encrypted scramble key Ks obtained by the Ks-related information separation unit 13b is decrypted by the decoder 19d to obtain the scramble key Ks. Using this scramble key Ks, the content descrambler 15 descrambles the encrypted content to obtain the content.

  When the re-encrypted content key Kc is not stored together with the encrypted content stored in the storage unit 17a but is stored in the nonvolatile memory FM, the software switch S / W2 is switched to b2 to be reproduced. The content ID of the encrypted content is extracted by the Ks related information separation unit 13b and input to the nonvolatile memory FM.

  In the nonvolatile memory FM, the re-encrypted content key Kc corresponding to the input content ID is selected, and this re-encrypted content key Kc is input to the security module SM3. In the security module SM3, the input re-encrypted content key Kc is decrypted by the decryptor 19c using the master key Km, and the content key Kc is obtained. Using this content key Kc, the encryption related information ECM-Kc obtained by the Ks related information separation unit 13b is decrypted by the decryptor 19d, the scramble key Ks is obtained, and the content is obtained by the content descrambling unit 15. .

  Next, the file format of the related information when the nonvolatile memory FM is attached to the content receiving device 5 will be described with reference to FIG. The content key related information includes a business operator ID, a work key ID, a content ID, a content key Kc, an expiration date, storage location designation information, and the like. The storage location designation information indicates whether the re-encrypted content key Kc is stored in the storage unit 17a together with the encrypted content on the transmission side (broadcasting station side) of the encrypted content, or is stored in the nonvolatile memory FM, etc. Control information for making a selection. The content key related information is input to the security module SM3 by the Kw / Kc related information separating unit 13a of the content receiving device 5, and based on the storage location designation information described in the content key related information, the security module SM3 The software switch S / W3 is switched to control the storage location of the content key Kc.

  The expiration date described in the content key related information indicates the expiration date of the content key Kc, and the content key Kc is valid within this expiration date. Note that the content key Kc after the expiration date becomes invalid. The expiration date information is stored in the storage unit 17a and the nonvolatile memory FM together with the re-encrypted content key. That is, when the re-encrypted content key Kc is decrypted by the decryptor 19c of the security module SM3, the decryptor 19c is controlled based on the expiration date, and if it is within the expiration date, the re-encrypted content key Kc Is decrypted.

  FIG. 7 shows a storage format of the nonvolatile memory FM. In the nonvolatile memory FM, a content ID, a content key Kc (re-encrypted content key Kc), a storage date / time when the content key Kc is stored, an expiration date (expiration date information) of the content key Kc, and the like are stored in association with each other. Being managed.

  When storing the re-encrypted content key Kc in the non-volatile memory FM, if the storage capacity of the non-volatile memory FM is exceeded, the storage date / time is referred to, and the re-encrypted content key Kc, The content ID, the storage date / time, and the expiration date corresponding to the encrypted content key Kc are deleted by the re-encrypted content key related information deleting unit. Further, referring to the expiration date in the nonvolatile memory FM, regardless of the storage capacity, the re-encrypted content key Kc whose expiration date has passed, the content ID corresponding to the re-encrypted content key Kc, the storage date and time, There is a method of deleting the expiration date by a re-encrypted content key related information deleting unit.

(Sequence chart when obtaining the content key)
FIG. 8 shows a sequence chart when the content key Kc is obtained. First, it is determined whether or not the re-encrypted content key Kc is stored in the storage unit 17a together with the encrypted content to be reproduced (S1). If it is determined that it is stored in the storage unit 17a, the re-encrypted content key Kc is used. If it is determined that there is no re-encrypted content key Kc, the content ID of the encrypted content is input to the security module SM3, and the target content key Kc (re-encrypted) is stored in the security module SM3 or the nonvolatile memory FM. It is confirmed whether the encrypted content key Kc) is stored. When the target content key Kc (re-encrypted content key Kc) is confirmed in the security module SM3 or the nonvolatile memory FM, the confirmed held content key Kc is used.

  If the target content key Kc does not exist in any of the content receiving device 5, the security module SM3, and the nonvolatile memory FM, the content key Kc is sent to the content transmitting device 3 provided on the transmission side (broadcast station). Sending Kc is requested via the Internet or a public communication network. In this case, the card ID and the content ID are transmitted to the content transmission device 3 (S2). If the content ID is encrypted with the master key Km when the delivery of the content key Kc is requested, the transmission source can be confirmed on the content transmission device 3 side.

  The content transmitting apparatus 3 that has received the request for sending the content key Kc associates the master key Km with the card ID, and associates the master key database that manages the master key Km with the content key Kc and the content ID. And a content key database managing the content key Kc. Then, the master key Km corresponding to the received card ID is selected from the master key database (S3). Using the selected master key Km, the received encrypted content ID is decrypted to obtain the content ID (S4).

  A content key Kc corresponding to the obtained content ID is selected from the content key database (S5). When the content key Kc is distributed via the communication network, the content key Kc is encrypted using the selected master key Km, and is sent to the content receiving device 5 as the encrypted content key Kc. (S6). The content receiving device 5 decrypts the received encrypted content key Kc with the master key Km and uses it for reproduction of the encrypted content (S7).

  After S5, even when the content key Kc is distributed using broadcast waves, the content key Kc is encrypted using the selected master key Km and distributed as EMM (for Kc distribution, see FIG. 6). (Broadcast). The EMM (for Kc distribution) includes a provider ID, a card ID, a content ID, a content key Kc, an expiration date, and storage location designation information.

(Conditional reception system using group key)
So far, the case has been described in which the content key Kc is encrypted by the master key Km in the security modules SM1 to SM3 and the encrypted content is stored in the storage unit 17a or the nonvolatile memory FM (storage medium). Next, a case where encryption is performed using the group key Kg instead of encryption using the master key Km provided in the security module will be described.

  The group key Kg is a key shared among the plurality of content receiving apparatuses 5 and is stored in advance in the security module in association with the group key ID that is an identifier of the group key when distributing the security module. Is. The group key Kg corresponds to the work key after grouping described in the claims.

  With reference to FIG. 5, the content receiving device 5 when the group key Kg is used will be described. When storing the encrypted content, the content key related information is extracted by the Kw / Kc related information separating unit 13a, and this content key related information (including the encrypted content key Kc) is input to the security module SM3. . In the security module SM3, the input encrypted content key is decrypted by the decryptor 19c using the work key Kw, and the decrypted content key Kc is input to the encryptor 21. The encryptor 21 And re-encrypt using the group key Kg, and stored in the storage unit 17a or the nonvolatile memory FM in association with the content ID. The content key Kc re-encrypted using the group key Kg corresponds to the unique encrypted content key related information described in the claims.

  When reproducing the encrypted content, the content key Kc encrypted with the group key Kg is extracted from the storage unit 17a or the nonvolatile memory FM and input to the security module SM3. In the security module SM3, the input encrypted content key Kc is input to the decryptor 19c, decrypted with the group key Kg, the content key Kc is obtained, and this content key Kc is used to decrypt the scramble key Ks. Used when.

  Supplementing here, the master key Km is a key assigned to each security module SM and is a key that cannot be rewritten. On the other hand, the group key Kg is a rewritable key.

(Handling encrypted content between multiple content receivers)
Next, after the encrypted content received by one content receiving device 5B is stored in a removable medium such as a DVD among a plurality (two) of content receiving devices 5 (5A, 5B, not shown), A case of reproduction by the other content receiving apparatus 5A will be described.

  The encrypted content stored using the group key Kgb (group key assigned to the security module SM3B (not shown) of the content receiving device 5B) in the content receiving device 5B is stored in a removable medium or the like, and this removable media is stored. Is assumed to be played back by the content receiving device 5A and the stored encrypted content is reproduced.

  In the security module SM3A (not shown) of the content receiving device 5A, there is a group key Kga (a group key assigned to the security module SM3A (not shown) of the content receiving device 5A). However, the content key Kc encrypted with the group key Kgb cannot be decrypted with the group key Kgb even if an attempt is made to reproduce the encrypted content stored in the content receiver 5B with the content receiver 5A. Encrypted content cannot be played back. Therefore, a method of storing the group key Kgb set in the security module SM3B (not shown) of the content receiving device 5B in the security module SM3A of the content receiving device 5A will be described with reference to FIG.

  First, the content receiving device 5B is operated to check the card IDb of the content receiving device 5B using an interface (not shown) that displays the card ID of the security module SM3B on the display means (not shown) (S11). ). Next, by operating the content receiving device 5A, the examined card IDb is input to the security module SM3A of the content receiving device 5A, and the input card IDb and the card IDa of the security module SM3A of the content receiving device 5A are entered. Then, the content is transmitted to the content transmission device 3 on the transmission side (broadcaster) (S12).

  The content transmitting apparatus 3 includes a master key / group key database that manages the master key Km and the group key Kg in association with the card ID in the storage unit 17a. Then, in the content transmission device 3, the master key Kma corresponding to the received card IDa is selected from the master key / group key database (S13). Then, the group key Kgb corresponding to the received card IDb is selected from the master key / group key database (S14).

  When distributing the group key Kgb using the communication line, the group key Kgb is encrypted using the master key Kma and sent to the content receiving apparatus 5A (S15). In the content receiving device 5A, decryption is performed using the master key Kma in the security module SM3A, and the group key Kgb is obtained and held (S16).

  When distributing the group key Kgb using a broadcast wave, the group key Kgb is encrypted using the master key Kma and distributed as EMM (for Kg distribution) shown in FIG. The EMM (for Kg distribution) is composed of a provider ID, a card ID, an update number, an expiration date, a group key ID, and a group key Kg. Then, the content transmission device 3 stores the group key Kgb in the master key / group key database in association with the card IDa (S17).

  This embodiment has the following effects. First, in the content transmission device 3, the content to be transmitted is encrypted with the scramble key Ks that is changed along with the elapsed time, and the encrypted content is obtained. The scramble key Ks is also encrypted together with the related information related to the content by the content key Kc provided for each content, and becomes the encryption related information. Also, the content key Kc is encrypted together with related information related to the content key by the work key Kw held for a longer time than the duration of the content, and becomes encrypted content key related information. Further, the work key is encrypted together with the related information related to the work key Kw by the master key Km provided in common on the receiving side, and becomes the encrypted work key related information. Thereafter, the encrypted information is multiplexed and transmitted.

  Then, in the content receiving device 5, first, the multiplex encrypted content multiplexed on the transmission side is received by the separation unit 13. The received multiple encrypted content is separated by the separation unit 13 into encrypted content, encryption related information, encrypted content key related information, and encrypted work key related information. Thereafter, the content descrambling unit 15 (15a to 15d) decrypts the encrypted work key related information with the master key, obtains a work key, decrypts the encrypted content key related information with the work key, and stores the content key. Thus, the encryption-related information is decrypted with this content, and a scramble key is obtained. The encrypted content is decrypted with this scramble key, and the content is obtained.

  For this reason, each content unit is scrambled and descrambled using the scramble key Ks, and the scramble key Ks is encrypted with the content key Kc, so that the efficiency in descrambling the scrambled content is improved. The content key Kc is improved, and the encryption key can be easily managed when descrambling with the work key Kw. Furthermore, it is possible to easily and reliably collect a reception fee when viewing paid content.

  The location where the content key related information is held on the receiving side is specified by the content key related information storage specifying unit as one of the security module SM, the storage unit 17a, and the nonvolatile memory FM. Since the content key is encrypted and held, the encrypted content cannot be easily decrypted, and the copyright of the content can be protected.

  In order to control encryption and decryption in units of content, the key structure of the conventional three layers (scramble key Ks, work key Kw, master key Km) is controlled by the key structure of four layers (content key Kc is added). Accordingly, it is possible to secure safety against illegal reception of encrypted content by using a key (scramble key Ks, work key Kw) that changes with the elapsed time instead of a fixed encryption key such as a file.

  By encrypting and decrypting in units of content, the content receiving device 5 greatly increases the number of encryption keys (encryption keys) to be held, that is, the number of content keys Kc. Instead, the content key Kc can be stored without sacrificing safety because the storage unit 17a of the content receiving device 5 is configured to be re-encrypted and stored.

  A large amount of key information (encryption-related information, content key-related information, work key-related information) obtained by encrypting in units of content is not individually transmitted to the content receiving device 5, and the key (master) By encrypting and transmitting with the key Km), the burden of data transmission capacity can be reduced.

  When stored in the storage medium (nonvolatile memory FM), the content is encrypted, and the content can be viewed unless the combination of the regular security module SM and the content receiving device 5 is owned. Therefore, it is possible to ensure safety against unauthorized reception.

  Even if the storage medium (nonvolatile memory FM) is copied, the security module SM cannot be copied. Therefore, if the combination of the storage medium and the security module SM is not owned, the content cannot be descrambled and the copyright of the content is protected. can do.

  When the card ID of the security module SM can be shared between the content receiving devices 5, it is possible to use the content receiving device 5 and the security module SM for mutual use as a private use range. . Since the content receiving device 5 and the storage device (the storage unit 17a or the external storage device) that stores the encrypted content are configured without any specific ID or private part, the content receiving device 5 A manufacturer that manufactures a receiving device such as the above can be freely manufactured.

  As mentioned above, although this invention was demonstrated based on one Embodiment, this invention is not limited to this. The processing of each component of the content transmission device 3 and the content reception device 5 can be regarded as a content transmission program and a content reception program described in a general program language. Also in this case, the same effect as that obtained by the content transmission device 3 and the content reception device 5 can be obtained. Further, this program can be stored in a storage medium (flexible disk, CD-ROM, etc.) and distributed.

DESCRIPTION OF SYMBOLS 1 Conditional reception system 3 Content transmission apparatus 5 Content reception apparatus 7 Content scrambling part 9 Multiplexing part 11 Storage part 13 Separation part 15 Content descrambling part 17 Storage part 15a, 15b, 15c, 15d, 19a, 19b, 19c, 19d Decoding 7a, 7b, 7c, 7d, 21 Encryptor Ks Scramble key Kc Content key Kw Work key Km Master key Kg Group key (unique key)
SM, SM1, SM2, SM3 Security module FM Non-volatile memory

Claims (21)

A content transmission device that transmits encrypted content obtained by encrypting content in digital broadcasting, and a content reception device that stores the encrypted content received from the content transmission device and decrypts and reproduces the encrypted content. A conditional access system,
The content transmission device includes:
A scramble key that is changed with the elapsed time, a content key provided for each content, a work key that is held for a longer time than the duration of the content, and a master key that is commonly provided on the receiving side Storage means for storing;
Content encryption means for encrypting the content with the scramble key to obtain encrypted content;
Related information encryption means for encrypting related information related to the content including at least the scramble key and using the content key as encryption related information;
Content key related information encryption means for encrypting related information related to the content key including at least the content key and using the work key as encrypted content key related information;
Work key related information encryption means for encrypting related information related to the work key including at least the work key and using the master key as encrypted work key related information;
Multiplexing means for multiplexing the encrypted content, the encryption-related information, the encrypted content key-related information, and the encrypted work key-related information to obtain multiplexed encrypted content;
Multiplex encrypted content transmitting means for transmitting the multiplexed encrypted content multiplexed by the multiplexing means,
The content receiving device is:
On the transmitting side, the content related to the content including at least the scramble key is encrypted by the encrypted content obtained by encrypting the content using a scramble key that changes with the elapsed time and the content key provided for each content. Encrypted content key related information obtained by encrypting related information related to the content including at least the content key by the encrypted encryption related information and a work key held for a longer time than the duration of the content; Multi-encrypted content in which encrypted work key related information in which related information related to the work key including at least the work key is encrypted is multiplexed is transmitted by the master key provided in common on the transmission side, Multi-encrypted content that receives multi-encrypted content And signal means,
Multiple encrypted content separating means for separating the multiple encrypted content received by the multiple encrypted content receiving means into the encrypted content, the encryption related information, the encrypted content key related information, and the encrypted work key related information;
Encrypted content storage means for storing at least encrypted content separated by the multiple encrypted content separation means;
The encrypted work key-related information is decrypted with the master key, the content key included in the encrypted content key-related information is decrypted with the decrypted work key, and the decrypted content key is included in the encryption-related information Multi-encrypted content decrypting means for decrypting the encrypted scramble key, decrypting the encrypted content stored in the encrypted content storage means with the decrypted scramble key, and obtaining the content;
A conditional access system comprising: A content receiving device that receives encrypted content obtained by encrypting content in digital broadcasting, stores the encrypted content, and decrypts and reproduces the encrypted content,
On the transmitting side, the content related to the content including at least the scramble key is encrypted by the encrypted content obtained by encrypting the content using a scramble key that changes with the elapsed time and the content key provided for each content. Encrypted content key related information obtained by encrypting related information related to the content including at least the content key by the encrypted encryption related information and a work key held for a longer time than the duration of the content; Multi-encrypted content in which encrypted work key related information in which related information related to the work key including at least the work key is encrypted is multiplexed is transmitted by the master key provided in common on the transmission side, Multi-encrypted content that receives multi-encrypted content And signal means,
Multiple encrypted content separating means for separating the multiple encrypted content received by the multiple encrypted content receiving means into the encrypted content, the encryption related information, the encrypted content key related information, and the encrypted work key related information;
Encrypted content storage means for storing at least encrypted content separated by the multiple encrypted content separation means;
The encrypted work key-related information is decrypted with the master key, the content key included in the encrypted content key-related information is decrypted with the decrypted work key, and the decrypted content key is included in the encryption-related information Multi-encrypted content decrypting means for decrypting the encrypted scramble key, decrypting the encrypted content stored in the encrypted content storage means with the decrypted scramble key, and obtaining the content;
A content receiving apparatus comprising:   3. The content reception according to claim 2, further comprising: encrypted content key related information requesting means for requesting the encrypted content key related information on the transmission side when the encrypted content key related information is not obtained. apparatus. A security module in which the master key is set inside and cannot be read from the outside;
3. The content key related information storage means for storing the content key related information after decryption and the content identifier for identifying the content related to the content key related information in the security module. 4. The content receiving device according to 3. The master key and a unique key that encrypts information to be output are set inside, and includes a security module that cannot be read from the outside,
3. The content key related information storage means for storing the content key related information after decryption and the content identifier for identifying the content related to the content key related information in the security module. 4. The content receiving device according to 3.   6. The content receiving apparatus according to claim 5, wherein at least one of the unique keys is set in common with other security modules.   A plurality of the unique keys are provided, and on the transmitting side, these unique keys are encrypted by the master key to be related information for setting the encrypted unique key, and the related information for setting the encrypted unique key is received. Related information receiving means for setting the encrypted unique key and related information for setting the encrypted unique key for decrypting the related information for setting the encrypted unique key received by the related information receiving means for setting the encrypted unique key with the master key. The content receiving apparatus according to claim 4, further comprising a decrypting unit.   When storing the decrypted content key related information, when the memory capacity of the security module is exceeded, the time when the decrypted content key related information is stored, the setting set by the transmitting side or the receiving side 8. The content receiving apparatus according to claim 4, further comprising: a content key related information deleting unit that deletes the decrypted content key related information based on the information. 9.   The content according to any one of claims 4 to 8, further comprising content key related information output storage means for outputting and storing the decrypted content key related information stored in the security module. Receiver device.   When storing the decrypted content key related information, if the memory capacity of the storage means is exceeded, the time when the decrypted content key related information is stored, setting information set by the transmitting side or the receiving side The content receiving apparatus according to claim 9, further comprising: a content key related information deleting unit that deletes the decrypted content key related information based on the content key.   Content key-related information re-encryption storage means for encrypting the decrypted content key-related information stored in the security module with the master key, outputting it as re-encrypted content key-related information, and storing it. The content receiving device according to any one of claims 4 to 10, wherein the content receiving device is characterized in that:   The re-encrypted content key related information and the content identifier for identifying the content are stored in the storage means, and when the memory capacity of the storage means is exceeded, the time when the re-encrypted content key related information is stored is transmitted 12. The content receiving apparatus according to claim 11, further comprising a re-encrypted content key related information deleting unit that deletes the re-encrypted content key related information based on setting information set by the receiving side or the receiving side. .   Content key related information unique encryption storage means for encrypting the decrypted content key related information stored in the security module with the unique key, outputting the encrypted information as unique encrypted content key related information, and storing the content key related information. The content receiving device according to any one of claims 4 to 9, wherein the content receiving device is characterized in that:   The unique encrypted content key related information and the content identifier for identifying the content are stored in the storage means, and when the memory capacity of the storage means is exceeded, the transmission time for which the unique encrypted content key related information is stored 14. The content receiving apparatus according to claim 13, further comprising unique encrypted content key related information deleting means for deleting the unique encrypted content key related information based on setting information set by the receiving side or the receiving side. .   A storage medium that stores the decrypted content key-related information as re-encrypted content key-related information re-encrypted with the master key and stores it in a storage medium together with the encrypted content corresponding to the re-encrypted content key-related information The content receiving apparatus according to claim 2, further comprising a handling unit.   A storage medium for storing the decrypted content key related information as a unique encrypted content key related information re-encrypted with the unique key together with an encrypted content corresponding to the unique encrypted content key related information in a storage medium The content receiving apparatus according to claim 6, further comprising a handling unit. The encrypted content storage means further stores, in a storage medium handled by the storage medium handling means, encryption related information related to the content including a content identifier for identifying the encrypted content,
When reproducing the encrypted content stored in the storage medium, if re-encrypted content key related information corresponding to the encrypted content is stored in at least one of the storage means and the storage medium, Re-encrypted content-related information is read from the storage means or the storage medium, input to the security module, and related information input means for inputting the encryption-related information;
A scramble key output that decrypts the re-encrypted content key related information with the master key, obtains a content key, decrypts the encryption related information with the content key, obtains a scramble key, and outputs the scramble key Means,
Encrypted content decrypting means for decrypting the encrypted content of the storage medium with the scramble key output by the scramble key output means;
The content receiving device according to any one of claims 4 to 9, and 12, 13, and 16. The encrypted content storage means further stores, in a storage medium handled by the storage medium handling means, encryption related information related to the content including a content identifier for identifying the encrypted content,
When reproducing the encrypted content stored in the storage medium, if the unique encrypted content key related information corresponding to the encrypted content is stored in at least one of the storage means and the storage medium, Retrieving unique encrypted content related information from the storage means or the storage medium and inputting it to the security module, and related information input means for inputting the encryption related information;
Decrypt the unique encrypted content key related information with the unique key, obtain a content key, decrypt the encrypted related information with the content key, obtain a scramble key, and output the scramble key Means,
Encrypted content decrypting means for decrypting the encrypted content of the storage medium with the scramble key output by the scramble key output means;
The content receiving apparatus according to any one of claims 5 to 9, 14, 14, 15, and 17.   3. A content key non-storage unit that does not store a content key corresponding to the encrypted content when the encrypted content is not stored during transmission of the encrypted content. The content receiving device according to any one of 18.   It comprises a content key switching means for switching the content key based on the transmission start time and end time of the content corresponding to the encryption related information when the encryption related information is decrypted with the content key. The content receiving device according to any one of claims 2 to 19. A content receiving device that receives encrypted content obtained by encrypting content in digital broadcasting, stores encrypted content, and decrypts and reproduces the encrypted content.
On the transmitting side, the content related to the content including at least the scramble key is encrypted by the encrypted content obtained by encrypting the content using a scramble key that changes with the elapsed time and the content key provided for each content. Encrypted content key related information obtained by encrypting related information related to the content including at least the content key by the encrypted encryption related information and a work key held for a longer time than the duration of the content; Multi-encrypted content in which encrypted work key related information in which related information related to the work key including at least the work key is encrypted is multiplexed is transmitted by the master key provided in common on the transmission side, Multi-encrypted content that receives multi-encrypted content Shin means,
Multiple encrypted content separating means for separating the multiple encrypted content received by the multiple encrypted content receiving means into the encrypted content, the encryption related information, the encrypted content key related information, and the work key related information;
The encrypted work key-related information is decrypted with the master key, the content key included in the encrypted content key-related information is decrypted with the decrypted work key, and the decrypted content key is included in the encryption-related information Multi-encrypted content decrypting means for decrypting the encrypted scramble key, decrypting the encrypted content stored in the encrypted content storage means with the decrypted scramble key, and obtaining the content,
A content receiving program that is made to function as:

Images