JP2013118427A - Encryption device, encryption method, encryption program, decryption device, decryption method, decryption program, and information distribution system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To prevent contents from leaking out from a mediation server.SOLUTION: An encryption device comprises: a content acquisition unit 335 for acquiring an encrypted content which is pre-encrypted by a common key to be used for encryption and decryption in common; a common key encryption key 334 for encrypting at least the common key on the basis of unique information that is unique to each user; and a transmission unit 322 for transmitting the encrypted common key encrypted by the common key encryption unit and the encrypted content acquired by the content acquisition unit 335 to a decryption device holding the unique information.

Description

The present invention relates to an encryption device, an encryption method, an encryption program, a decryption device, a decryption method, a decryption program, and an information distribution system.

  In recent years, electronic data contents (music, books, apps, videos, etc.) are handled as commodities in a sales system composed of three parties: a plurality of stores, customers, and sales brokers. Since these contents are subject to copyright protection, a mechanism for preventing illegal use such as illegal copying and tampering has been introduced in the sales system. In particular, a method called individual encryption that encrypts content so that it can be decrypted only by the customer's terminal device based on the unique information of the customer is one typical mechanism for preventing unauthorized use.

  For example, in Patent Document 1, an intermediary server (a computer device that mediates a store content distribution server and a customer's user terminal) generates a key based on the serial number of the user terminal for each purchase request from the user terminal. The mediation server encrypts the content with the key, and transmits the key and the encrypted content to the user terminal of the customer to prevent unauthorized use of the content.

JP 2003-50888 A

 However, in the system of Patent Document 1, since the mediation server encrypts and distributes the content, the unencrypted content is held. For this reason, there is a problem that unencrypted content may be leaked when the mediation server is attacked.

  Therefore, the present invention has been made in view of the above problems, and an encryption device, an encryption method, an encryption program, a decryption device, a decryption method, and an encryption device capable of preventing content from flowing out from the mediation server, It is an object to provide a decryption program and an information distribution system.

  (1) The present invention has been made in view of the above circumstances, and one aspect of the present invention is content that acquires encrypted content in which content is pre-encrypted with a common key that is commonly used for encryption and decryption. An acquisition unit, a common key encryption unit that encrypts at least the common key based on unique information unique to each user, and an encrypted common key obtained by encrypting the common key encryption unit And a transmission unit that transmits the encrypted content acquired by the content acquisition unit to a decryption device that retains the unique information.

  (2) In the encryption device described above, according to one aspect of the present invention, the common key encryption unit is configured to decrypt the common key and a restriction when the common key is decrypted based on the unique information. The restriction information is encrypted, and the transmission unit transmits the encrypted information encrypted by the common key encryption unit to the decryption device.

(3) In the encryption device described above, one aspect of the present invention is characterized in that the decryption restriction information is information indicating a restriction on a time during which the common key can be decrypted.

(4) In the encryption device described above, one aspect of the present invention is characterized in that the decryption restriction information is information indicating a restriction on a number of times that the common key can be decrypted.

(5) In the encryption apparatus described above, one aspect of the present invention is information indicating a restriction on a place where the common key can be decrypted.

(6) In the encryption apparatus described above, one aspect of the present invention is characterized in that the common key is unique for each content.

  (7) In the encryption device described above, one aspect of the present invention includes an encrypted content storage unit in which the encrypted content is stored in advance, and the content acquisition unit includes the encrypted content Is read out from the encrypted content storage unit to obtain the encrypted content.

(8) In the encryption device described above, one aspect of the present invention includes a unique information acquisition unit that acquires the unique information transmitted from the decryption device.

  (9) One aspect of the present invention is an encryption method executed by an encryption device, and content acquisition that acquires encrypted content in which content is encrypted with a common key that is commonly used for encryption and decryption A common key encryption procedure for encrypting at least the common key based on unique information unique to each user, and an encrypted common key obtained by being encrypted in the common key encryption procedure And a transmission procedure for transmitting the encrypted content acquired by the content acquisition procedure to a decryption device holding the unique information.

  (10) According to one aspect of the present invention, a content acquisition step for acquiring encrypted content in which content is encrypted with a common key that is commonly used for encryption and decryption in a computer, and unique to each user Based on the information, at least the common key encryption step for encrypting the common key, the encrypted common key obtained by the encryption in the common key encryption step, and the encryption acquired by the content acquisition step And a transmission step of transmitting the converted content to a decryption device that retains the unique information.

  (11) According to one aspect of the present invention, the reception unit receives the encrypted common key and the encrypted content transmitted from the encryption device, and the reception unit is based on unique information unique to each user. A common key decryption unit for decrypting the received encrypted common key; and a content decryption unit for decrypting the encrypted content received by the reception unit with the common key obtained by decrypting the common key decryption unit; , A decoding device comprising:

  (12) One aspect of the present invention is a decryption method executed by a decryption device, and includes a reception procedure for receiving an encrypted common key and an encrypted content transmitted from the encryption device, and is specific to each user. A common key decryption procedure for decrypting the encrypted common key received by the reception procedure based on the unique information, and a common key obtained by decrypting in the common key decryption procedure. And a content decryption procedure for decrypting the received encrypted content.

  (13) According to one aspect of the present invention, a computer including a receiving unit that receives an encrypted common key and an encrypted content transmitted from an encryption device is based on unique information unique to each user. A common key decryption step for decrypting the encrypted common key received by the reception unit, and a decryption of the encrypted content received by the reception unit with the common key obtained by decryption in the common key decryption step A decryption program for executing the content decryption step.

  (14) One aspect of the present invention is an information distribution system including an encryption device and a decryption device, and the encryption device encrypts content in advance with a common key used in common for encryption and decryption. A content acquisition unit that acquires the encrypted content that has been encrypted, a common key encryption unit that encrypts at least a common key based on unique information unique to each user, and the common key encryption unit encrypts And a transmission unit that transmits the encrypted common key obtained by the content acquisition unit and the encrypted content acquired by the content acquisition unit to the decryption device, wherein the decryption device is transmitted from the encryption device. A receiving unit that receives the encrypted common key and the encrypted content; a common key decrypting unit that decrypts the encrypted common key received by the receiving unit based on the unique information; and the common key Decryption unit A common key obtained by a information distribution system characterized by comprising, a content decryption unit for decrypting the encrypted contents received by the receiving unit.

  According to the present invention, since it is not necessary for the mediation server to hold unencrypted content, it is possible to prevent content from flowing out from the mediation server even if the mediation server is attacked.

It is a schematic block diagram of the information provision system in this embodiment. It is a schematic diagram which shows the outline | summary of the process of the information provision system in this embodiment. It is the sequence diagram which showed an example of the process in which the user of a terminal device newly registers a user. It is an example of the WEB page of the integration site in this embodiment. It is the sequence diagram which showed an example of the process from purchase to delivery. It is the figure which showed an example of the data which each apparatus with which the information provision apparatus of this embodiment is provided is hold | maintained. It is a schematic block diagram of the terminal device in this embodiment. It is a flowchart which shows an example of the flow of a process of the terminal device in this embodiment. It is a schematic block diagram of the mediation apparatus in this embodiment. It is a flowchart which shows an example of the flow of a process of the mediation apparatus in this embodiment. It is a schematic block diagram of the information provision apparatus in this embodiment. It is a flowchart which shows an example of the flow of a process of the information provision apparatus in this embodiment. It is a schematic diagram which shows the outline | summary of the process of the conventional content delivery system.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings. FIG. 1 is a schematic block diagram of an information providing system 1 in the present embodiment. The information providing system 1 includes M (M is a positive integer) terminal devices (sometimes referred to as “decoding devices”) 100-i (i Is an integer from 1 to M), an intermediary device 200, and information providing devices 300-1, 300-2,..., 300-N (N is a positive integer) information providing devices (“encryption”) 300-j (where j is an integer from 1 to N).

  Each terminal device 100-i is connected to the mediation device 200 via the communication network 410. Each terminal device 100-i is connected to each information providing device 300-j via the communication network 410 and the communication network 420. Each information providing device 300-j is connected to the mediation device 200 via the communication network 420.

  Hereinafter, one terminal device 100-i from the terminal device 100-1 to the terminal device 100-M is also referred to as a terminal device 100. One information providing device 300-j from the information providing device 300-1 to the information providing device 300-N is also referred to as an information providing device 300.

  Next, differences between the conventional content distribution system and the information providing system 1 in this embodiment will be described with reference to FIGS. 2 and 13.

  FIG. 13 is a schematic diagram showing an outline of processing of a conventional content distribution system. In the figure, as a schematic configuration of the content distribution system, a user terminal 500, a mediation server 600, and a content distribution server 700 are shown. The content distribution server 700 transmits unencrypted plain text content to the mediation server 600. The user terminal 500 transmits the serial number of the user terminal to the mediation server 600.

In the mediation server 600, the serial number information of the user terminal 500 and the decryption key are stored in advance in a one-to-one relationship.
The mediation server 600 extracts a common key corresponding to the serial number received from the user terminal 500, and transmits the extracted common key to the user terminal 500. Further, the mediation server 600 encrypts the plain text content received from the content distribution server 700 with the extracted common key, and transmits the encrypted content obtained by the encryption to the user terminal 500.
Here, the common key is the same (common) key used for encryption and decryption. That is, the common key here refers to a common key used in the common key cryptosystem. The common key encryption includes, for example, DES (Data Encryption Standard) and AES (Advanced Encryption Standard).

  The user terminal 500 generates plaintext content by decrypting the encrypted content received from the mediation server 600 with the decryption key received from the mediation server 600. Thereby, since the user terminal 500 can decrypt the encrypted content with the decryption key, the user of the user terminal 500 can browse the content. However, if the decryption key and the encrypted content are leaked to a third party in the course of communication from the mediation server 600 to the user terminal 500, the third party has already encrypted the decryption key with the decryption key. Content can be decrypted. As a result, the conventional technology has a problem that a third party may be able to browse, view or use the content illegally.

Subsequently, FIG. 2 is a schematic diagram illustrating an outline of processing of the information providing system 1 in the present embodiment. In the figure, as a schematic configuration example of the information providing system 1, a terminal device 100, an intermediary device 200, and an information providing device 300 are shown.
The intermediary device 200 generates unique information that is unique to the user of the terminal device 100, and transmits the generated unique information to the terminal device 100.
The terminal device 100 stores the unique information received from the mediation device 200 and transmits the stored unique information to the information providing device 300.

  The information providing apparatus 300 encrypts content in advance with a common key and holds the encrypted content obtained by encrypting the content. Here, the content is, for example, information indicating an electronic book, music data, moving image data, or an application. As an example, the common key is a key used for all encryption processing regardless of the user or content when encrypting plaintext content in one information providing apparatus 300.

  Then, the information providing apparatus 300 encrypts the common key with the unique information received from the terminal apparatus 100 and transmits the encrypted common key obtained by the encryption to the terminal apparatus 100. The information providing apparatus 300 transmits the stored encrypted content to the terminal apparatus 100.

  The terminal apparatus 100 generates a common key by decrypting the encrypted common key received from the information providing apparatus 300 with the unique information held. Then, the terminal device 100 can generate the content by decrypting the encrypted content received from the information providing device 300 with the generated common key. Thereby, the user of the terminal device 100 can browse or view the content.

  In the information providing system 1 of the present embodiment, even if the encrypted common key and the encrypted content are leaked to a third party in the process of communication from the information providing device 300 to the terminal device 100, the third The person does not have the unique information and cannot decrypt the encrypted common key. Therefore, since the third party cannot decrypt the encrypted content, the information providing system 1 can prevent the third party from illegally browsing, viewing or using the content.

Subsequently, an example of processing of the information providing system 1 will be described with reference to FIGS. 3 and 5. FIG. 3 is a sequence diagram illustrating an example of a process in which the user of the terminal device 100 newly registers a user.
First, the terminal device 100 transmits the desired ID and password desired by the customer to the mediation device 200 and requests the mediation device 200 to register a new user (T101). Next, the intermediary device 200 issues a new customer ID based on the desired ID received from the terminal device 100 and sets a password with the password received from the terminal device 100. Further, the intermediary device 200 issues unique information that is information unique to the customer ID (T102).

  Here, the unique information has a one-to-one correspondence with the customer ID, and is unique information for each user. As a result, even if the user logs in to the integrated store site, which is the top page after login, using another terminal device, the mediation device 200 is currently using the unique information associated with the login ID. To the terminal device 100. As a result, the user can decrypt the encrypted common key using the unique information transmitted from the mediation device 200, regardless of which terminal device 100 logs in to the integrated store site. Therefore, the user can decrypt the encrypted content regardless of which terminal device 100 logs in to the integrated store site.

  Here, the integrated store site is provided from the intermediary device 200, and a link to each store and a recommendation / advertisement are displayed. When a link to each store is opened, a store page provided by each store is displayed on the terminal device 100. On the store page provided by each store, this week's new arrivals, rankings, and links to each product are displayed on the terminal device 100. When the user selects a product on the store page provided by each store, a product detail page provided by each store is displayed on the terminal device 100. When the “Add to Cart” button displayed on the terminal device 100 is pressed on the product detail page provided by each store, the selected product is placed in the cart, and the purchase / settlement procedure page provided by the intermediary device 200 is displayed on the terminal. Displayed on the device 100. Then, the user performs a settlement procedure on the purchase / settlement procedure page, and completes the purchase of the selected product.

  Next, the mediation device 200 transmits the customer ID and the unique information to the terminal device 100 (T103). Next, the terminal device 100 stores the unique information received from the mediation device 200 (T104). Next, the terminal device 100 transmits the customer ID and password to the mediation device 200 and transmits a login request to the mediation device 200 (T105).

Next, the intermediary device 200 collates the customer ID with the password in response to the login request received from the terminal device 100 (T106). As a result of the collation, when the password received from the terminal device 100 matches the password of the same customer ID stored in the mediation device 200, the mediation device 200 transmits information indicating the integrated store top page to the terminal device 100. (T107).
Next, the terminal device 100 transmits a store page browsing request to the information providing device 300 (T108). In response to the store page browsing request received from the terminal device 100, the information providing device 300 transmits store page information to the terminal device 100 (T109). Thus, this sequence is completed.

  Note that the unique information may be generated by the terminal device 100 without being issued by the mediation device 200. In that case, in T103, the intermediary device 200 may request the terminal device 100 to generate unique information. In T105, the terminal device 100 may transmit the unique information together with the login request to the mediation device 200.

  In this embodiment, information corresponding to the customer ID on a one-to-one basis is used as the unique information. However, the present invention is not limited to this, and the unique information may be unique information unique to each user. For example, the unique information may be a login ID unique to each user.

  FIG. 4 is an example of the WEB page of the integrated site in the present embodiment. In the integrated store top page 430 of the figure, a link 431 to the top page, a link 432 to the page of the store 1 and a link 433 to the page of the store 2 are arranged at the top. In the lower row, an area R434 for displaying a recommendation or an advertisement is shown. In the lower row, an area R435 for displaying information is shown. Further, in the lower row, an area R436 indicating information on the store 1 is shown. Further, in the lower row, an area R437 indicating information of the store 2 is shown.

In the area R436 indicating the information of the store 1, a link to the new music list and a link to the ranking are displayed. The new music list shows that 30 music pieces were added on June 11th. Also, it is shown that the ranking was updated on June 14.
Further, in the area R437 indicating the information of the store 2, a link to a new video list and a link to ranking are displayed. In the new video list, it is shown that five videos have been added on June 14. In addition, it is shown that the ranking was updated on June 16.

  FIG. 5 is a sequence diagram illustrating an example of processing from purchase to distribution. First, the terminal device 100 accepts content selection on the store page (T201). Next, the terminal device 100 transmits the customer ID and password to the information providing device 300, and transmits a content purchase request for the selected content to the information providing device 300 (T202).

  Here, since the information providing apparatus 300 is not associated with the customer ID and does not store the password and cannot authenticate the user, the mediating apparatus 200 needs to authenticate the user. Therefore, the information providing apparatus 300 transmits the customer ID and password received from the terminal apparatus 100 to the mediation apparatus 200 (T203). As a result, the information providing apparatus 300 requests the mediation apparatus 200 for password authentication.

Next, the intermediary device 200 collates the password received from the information providing device 300 with a password that has the same customer ID as the customer ID received from the information providing device 300 and is held in advance (T204).
Next, the mediation apparatus 200 transmits the authentication result obtained by collation to the information providing apparatus 300 (T205).

  Next, when the authentication result indicates that the authentication is correctly performed, the information providing apparatus 300 transmits the product information indicating the customer ID and the name of the selected product and the price to the mediation apparatus 200, and the mediation apparatus 200. A settlement request is transmitted to (T206). Next, the mediation device 200 transmits a payment page to the terminal device 100 in response to the payment request received from the information providing device 300 (T207).

  Next, the terminal device 100 transmits response information in response to the settlement page to the mediation device 200 (T208). Next, the intermediary device 200 performs a payment process based on the response information received from the terminal device 100, and sets the result as payment information (for example, a payment ID for identifying payment, a product ID for identifying a product, and a store). Stored as the store ID or settlement status to be identified (T209). Next, the intermediary device 200 transmits the settlement ID to the information providing device 300 and notifies the information providing device 300 of the completion of the settlement process (T210). Thereby, the information providing apparatus 300 can know that the payment is completed.

  Next, the mediating apparatus 200 transmits distribution destination information indicating the distribution destination of the product to the information providing apparatus 300 and transmits a distribution request to the information providing apparatus 300 (T211). The information providing apparatus 300 transmits the customer ID and the settlement ID to the terminal apparatus 100 in response to the distribution request received from the mediation apparatus 200, and transmits a unique information request to the terminal apparatus 100 (T212). Next, the terminal device 100 determines whether or not the payment ID received from the information providing device 300 is stored in the own terminal. When the payment ID is stored in the own terminal, the terminal device 100 transmits the unique information to the information providing device 300 in response to the request to the information providing device 300 (T213). Note that if the payment ID is not stored in the terminal itself, the terminal device 100 may transmit an error message to the information providing device 300.

  Next, the information providing apparatus 300 encrypts the common key received from the terminal apparatus 100 with the unique information (T214). Next, the information providing apparatus 300 transmits the encrypted common key obtained by encryption to the terminal apparatus 100 (T215). Next, the information providing apparatus 300 transmits the encrypted content previously encrypted with the common key to the terminal apparatus 100 (T216). Next, the terminal device 100 decrypts the encrypted common key received from the information providing device 300 (T217). Next, the terminal device 100 decrypts the encrypted content received from the information providing device 300 (T218). Thus, this sequence is completed.

As described above, the terminal device 100 can prevent impersonation of another person by determining whether or not the payment ID received from the information providing device 300 is stored in the terminal.
In T211, the mediation device 200 may also transmit the customer ID and the settlement ID to the information providing device 300 when the product is downloaded again.
In T212, the information providing apparatus 300 may request specific information from the mediation apparatus 200.

FIG. 6 is a diagram illustrating an example of data held by each device included in the information providing device 1 according to the present embodiment. In the figure, the terminal device 100, the intermediary device 200, and the information providing device 300 commonly hold a customer ID for identifying the customer.
The terminal device 100 stores, for example, a customer ID, unique information, and purchased product information (for example, store ID, product ID, settlement ID, content).

In the intermediary device 200, for example, a customer ID, a password, unique information, and payment information (for example, a store ID, a product ID, a payment ID, and a payment status) are stored. Here, the payment information is information related to payment.
The information providing apparatus 300 stores, for example, a customer ID, a store ID, and product information (for example, a product ID, a product name, a price, and content). Here, the store ID is information for identifying the store, and the product information is information about the product.

  FIG. 7 is a schematic block diagram of the terminal device 100 in the present embodiment. The terminal device 100 includes a storage unit 110, a communication unit 120, and a control unit 130. As described above, for example, customer ID, unique information, and purchased product information (for example, store ID, product ID, settlement ID, content) are stored in the storage unit 110.

The communication unit 120 communicates various information with the mediation device 200 or the information providing device 300. Here, the communication unit 120 includes a reception unit 121 and a transmission unit 122.
The receiving unit 121 receives information transmitted from the mediation device 200 or the information providing device 300, and outputs the received information to an information determination unit 131 (to be described later) of the control unit 130. Specifically, for example, the reception unit 121 receives a unique information request transmitted from the information providing apparatus 300 and outputs the received unique information request to an information determination unit 131 (to be described later) of the control unit 130. The receiving unit 121 receives the encrypted common key transmitted from the information providing apparatus 300 and outputs the received encrypted common key to the information determining unit 131 (to be described later) of the control unit 130. In addition, the reception unit 121 receives the encrypted content transmitted from the information providing apparatus 300 and outputs the received encrypted content to the information determination unit 131 described later of the control unit 130.
The transmission unit 122 transmits the information input from the control unit 130 to the mediation device 200 or the information providing device 300.

The control unit 130 performs various processes based on information input from the communication unit 120. Here, the control unit 130 includes an information determination unit 131, a settlement information determination unit 132, a common key decryption unit 133, a content decryption unit 134, and a content reproduction unit 135.
The information determination unit 131 determines whether the information input from the reception unit 121 is a unique information request, an encrypted common key, or an encrypted content. Then, when the information input from the receiving unit 121 is a unique information request, the information determining unit 131 outputs the customer ID and the payment ID to the settlement information determining unit 132 together with the unique information request.

On the other hand, when the information input from the reception unit 121 is an encrypted common key, the information determination unit 131 outputs the encrypted common key to the common key decryption unit 133.
On the other hand, when the information input from the reception unit 121 is encrypted content, the information determination unit 131 outputs the encrypted content to the content decryption unit 134.

The settlement information determination unit 132 determines whether the storage ID is stored in the storage unit 110 in association with the customer ID input from the information determination unit 131 and input from the information determination unit 131. Then, when the payment ID is stored in the storage unit 110, the payment information determination unit 132 reads the unique information from the storage unit 110 and causes the transmission unit 122 to transmit the read unique information to the information providing apparatus 300.
On the other hand, when the payment ID is not stored in the storage unit 110, the payment information determination unit 132 transmits an error message from the transmission unit 122 to the information providing apparatus 300.

  The common key decryption unit 133 decrypts the encrypted common key received by the reception unit 121 based on the unique information. More specifically, the common key decryption unit 133 reads unique information from the storage unit 110. Then, the common key decryption unit 133 decrypts the encrypted common key input from the reception unit 121 with the read unique information. Then, the common key decryption unit 133 outputs the common key obtained by the decryption to the content decryption unit 134.

The content decrypting unit 134 decrypts the encrypted content received by the receiving unit 121 with the common key obtained by decrypting by the common key decrypting unit 133. More specifically, the content decryption unit 134 decrypts the encrypted content input from the reception unit 121 with the common key input from the common key decryption unit 133. Then, the content decryption unit 134 outputs the content obtained by decryption to the content reproduction unit 135.
The content playback unit 135 plays back the content input from the content decryption unit 134.

  FIG. 8 is a flowchart illustrating an example of a processing flow of the terminal device 100 according to the present embodiment. First, the receiving unit 121 receives information from the information providing apparatus 300 (step S101). Next, when the information received by the receiving unit 121 is a unique information request (YES in step S102), the information determining unit 131 determines whether or not the payment ID is stored in the storage unit 110. (Step S103).

  When the payment ID is stored in the storage unit 110 (YES in step S103), the payment information determination unit 132 reads the unique information from the storage unit 110 and causes the transmission unit 122 to transmit the read unique information to the information providing apparatus 300. (Step S104). On the other hand, when the payment ID is not stored in the storage unit 110 (NO in step S103), the payment information determination unit 132 causes an error message to be transmitted from the transmission unit 122 to the information providing apparatus 300 (step S105).

  In step S102, when the information received by the reception unit 121 is not a unique information request (NO in step S102), the information determination unit 131 determines whether the information received by the reception unit 121 is an encrypted common key ( Step S106). When the information received by the receiving unit 121 is an encrypted common key (step S106 YES), the content decrypting unit 134 decrypts the common key with the unique information (step S107).

  If the information received by the receiving unit 121 is not an encrypted common key (NO in step S106), it is determined whether the information received by the receiving unit 121 is encrypted content (step S108). When the information received by the receiving unit 121 is encrypted content (YES in step S108), the content decrypting unit 134 decrypts the encrypted content with the common key (step S109). If the information received by the receiving unit 121 is not encrypted content (NO in step S108), the settlement information determining unit 132 causes the transmitting unit 122 to transmit an error message to the information providing apparatus 300 (step S110). Above, the process of this flowchart is complete | finished.

  As described above, the terminal device 100 according to the present embodiment decrypts the encrypted common key with the unique information unique to each user. Thereby, since only the user can decrypt the encrypted common key, it is possible to prevent the common key from being decrypted by other users. Accordingly, the terminal device 100 can prevent the encrypted content from being decrypted by other users, and can prevent the content from being illegally viewed, viewed, or used.

FIG. 9 is a schematic block diagram of the intermediary device 200 in the present embodiment. The mediation apparatus 200 includes a storage unit 210, a communication unit 220, and a control unit 230. The control unit 230 includes an information determination unit 231, a payment information processing unit 232, a payment processing unit 233, and a registration unit 240.
The storage unit 210 stores, for example, a customer ID, a password, unique information, payment information for each customer (for example, store ID, product ID, payment ID, payment status) and payment page information.
The communication unit 220 communicates various information with the terminal device 100 or the information providing device 300. The communication unit 220 outputs information received from the terminal device 100 or the information providing device 300 to the information determination unit 231 described later of the control unit 230.

The information determination unit 231 determines whether the information input from the communication unit 220 is a payment request, a payment inquiry, response information indicating a response to the payment page, or a new user registration request. When the information input from the communication unit 220 is a payment request or a payment inquiry, the information determination unit 231 outputs the payment request or the payment inquiry to the payment information processing unit 232.
On the other hand, when the information input from the communication unit 220 is the payment information transmitted from the terminal device 100, the information determination unit 231 outputs the payment information to the payment processing unit 233.
On the other hand, when the information input from the communication unit 220 is a new user registration request, the information determination unit 231 outputs a new user registration request to the unique information generation unit 241 described later of the registration unit 240.

When the information input from the information determination unit 231 is a payment request, the payment information processing unit 232 reads the payment page information from the storage unit 210 and causes the communication unit 220 to transmit the read payment page information to the terminal device 100. .
When the information input from the information determination unit 231 is a payment inquiry, the payment information processing unit 232 reads the payment information from the storage unit 210 and transmits the read payment information from the communication unit 220 to the information providing apparatus 300.

  The settlement processing unit 233 performs settlement processing based on the response information input from the information determination unit 231 and updates the settlement information in the storage unit 210 with the result. Then, the payment processing unit 233 transmits a payment completion notification from the communication unit 220 to the information providing apparatus 300. Then, the settlement processing unit 233 transmits a distribution request from the communication unit 220 to the information providing apparatus 300.

  When a new user registration request is input from the information determination unit 231, the registration unit 240 generates a customer ID, a password, and unique information, and stores the generated password in the storage unit 210. Also, the registration unit 240 transmits the generated customer ID and unique information from the communication unit 220 to the terminal device 100. Here, the registration unit 240 includes a unique information generation unit 241.

  For example, the unique information generation unit 241 generates a random number using a customer ID as a seed of random numbers, and uses the generated random number as unique information. Then, the unique information generation unit 241 stores the generated unique information in the storage unit 210 in association with the customer ID. The unique information generation unit 241 transmits the generated unique information from the communication unit 220 to the terminal device 100.

The unique information generation unit 241 may generate unique information by using, for example, a GUID (Globally Unique IDentifier) mechanism.
In addition, the unique information generation unit 241 may generate a hash value using an md5 (Message Digest 5) function, and may use the generated hash value as unique information. In addition, the unique information generation unit 241 may generate a hash value with an SHA-1 (Secure Hash Algorithm 1) function and use the generated hash value as unique information.

  FIG. 10 is a flowchart illustrating an example of a processing flow of the mediation apparatus 200 in the present embodiment. First, the communication unit 220 receives information from the terminal device 100 or the information providing device 300 (step S201). Next, the information determination unit 231 determines whether the information received by the communication unit 220 is a payment request (step S202). If the information received by the communication unit 220 is a payment request (YES in step S202), the payment processing unit 233 performs a payment process (step S203).

Next, the payment processing unit 233 transmits a payment processing completion notification from the communication unit 220 to the information providing apparatus 300 (step S204). Next, the settlement processing unit 233 transmits a distribution request from the communication unit 220 to the information providing apparatus 300 (step S205).
In step S202, when the information received by the communication unit 220 is not a payment request (NO in step S202), the information determination unit 231 determines whether the information received by the communication unit 220 is a payment inquiry (step S206). When the information received by the communication unit 220 is a payment inquiry (YES in step S206), the information determination unit 231 transmits the payment status from the communication unit 220 to the information providing apparatus 300 (step S207).

Next, when the information received by the communication unit 220 is not a settlement inquiry (NO in step S206), the information determination unit 231 determines whether the information received by the communication unit 220 is a new user registration request (step S208). . If the information received by the communication unit 220 is a new user registration request (YES in step S208), the registration unit 240 generates a customer ID, a password, and unique information (step S209). Then, the registration unit 240 transmits the customer ID and unique information from the communication unit 220 to the terminal device 100.
On the other hand, when the information received by the communication unit 220 is not a new user registration request (NO in step S208), the information determination unit 231 directly receives the information received by the communication unit 220 from the communication unit 220 to the terminal device 100 or the information providing device 300. (Step S210). Above, the process of this flowchart is complete | finished.

  As described above, when the communication unit 220 receives a new user registration request, the mediation device 200 according to the present embodiment generates unique information based on the customer ID, and thus generates unique information unique to the user of the terminal device 100. be able to. Further, the intermediary device 200 transmits the generated unique information to the terminal device 100, and the terminal device 100 holds the unique information. Thereby, the terminal device 100 can transmit the unique information to the information providing device 300 in response to a request from the information providing device 300.

  FIG. 11 is a schematic block diagram of the information providing apparatus 300 in the present embodiment. The information providing apparatus 300 includes a storage unit 310, a communication unit 320, and a control unit 330. In addition, the control unit 330 includes an information determination unit (unique information acquisition unit), a settlement request unit 332, a unique information request unit 333, a common key encryption unit 334, and a content acquisition unit 335.

The storage unit 310 stores, for example, a customer ID, a store ID, product information (for example, product ID, product name, price, content), a common key, and encrypted content. The storage unit 310 includes a common key storage unit 311, an encrypted content storage unit 312, and a customer store product storage unit 313.
The common key storage unit 311 stores a common key. In addition, the encrypted content storage unit 312 stores in advance encrypted content encrypted with a common key. The customer store product storage unit 313 stores a customer ID, a store ID, and product information.

The communication unit 320 communicates various information with the terminal device 100 or the mediation device 200. The communication unit 320 includes a reception unit 321 and a transmission unit 322.
The reception unit 321 receives information transmitted from the terminal device 100 or the mediation device 200 and outputs the received information to an information determination unit 331 described later of the control unit 330.

The transmission unit 322 transmits information input from the control unit 330 to the terminal device 100 or the mediation device 200. Specifically, the transmission unit 322 transmits the encrypted common key obtained by the encryption by the common key encryption unit 334 to the terminal device 100 that decrypts the encrypted common key based on the unique information. To do.
Also, the transmission unit 322 transmits the encrypted content acquired by the content acquisition unit 335 to the terminal device 100 that decrypts the encrypted content with the decrypted common key.

The control unit 330 performs various controls based on information input from the communication unit 320.
The information determination unit 331 determines information input from the reception unit 321. Specifically, the information determination unit 331 outputs a purchase request to the settlement request unit 332 when the information input from the reception unit 321 is a purchase request.
In addition, when one of the information input from the receiving unit 321 is a payment process completion notification, the information determining unit 331 stores the payment ID input together from the receiving unit 321 in the customer store product storage unit 313.

In addition, when the information input from the reception unit 321 is a distribution request, the information determination unit 331 outputs a unique information request to the unique information request unit 333.
Further, if the information input from the receiving unit 321 is unique information, the information determining unit 331 outputs the unique information to the common key encryption unit 334.

When a purchase request is input from the information determination unit 331, the settlement request unit 332 reads the customer ID and product information from the customer store product storage unit 313, and transmits the read customer ID, product information, and settlement request from the transmission unit 322. It is transmitted to the mediation apparatus 200.
When the distribution request is input from the information determination unit 331, the unique information request unit 333 reads the customer ID and the settlement ID from the customer store product storage unit 313, and transmits the read customer ID and the settlement ID and the unique information request. The transmission is performed from 322 to the terminal device 100. Thereby, the information determination unit 331 (unique information acquisition unit) acquires the unique information transmitted from the terminal device 100 in response to the unique information request.

The common key encryption unit 334 encrypts the common key based on unique information unique to each user of the terminal device 100. Specifically, the common key encryption unit 334 encrypts the common key based on the unique information input from the information determination unit 331. The common key encryption unit 334 causes the transmission unit 322 to transmit the encrypted common key obtained by the encryption to the terminal device 100.
Further, the common key encryption unit 334 outputs to the content acquisition unit 335 that the encrypted common key has been transmitted.

  The content acquisition unit 335 acquires encrypted content in which content is encrypted in advance with a common key. Specifically, the content acquisition unit 335 reads the encrypted content from the encrypted content storage unit 312 when receiving the notification that the encrypted common key has been transmitted from the common key encryption unit 334. Then, the content acquisition unit 335 transmits the read encrypted content from the transmission unit 322 to the terminal device 100.

  FIG. 12 is a flowchart illustrating an example of a processing flow of the information providing apparatus according to the present embodiment. First, the receiving unit 321 receives information from the terminal device 100 or the mediation device 200 (step S301). Next, the information determination unit 331 determines whether the information received by the reception unit 321 is a purchase request (step S302). If the information received by the receiving unit 321 is a purchase request (YES in step S302), the settlement request unit 332 requests settlement from the mediation apparatus 200 (step S303).

  If the information received by the receiving unit 321 is not a purchase request (NO in step S302), the information determining unit 331 determines whether the information received by the receiving unit 321 is a distribution request (step S304). If the information received by the receiving unit 321 is a distribution request (step S304 YES), the terminal device 100 is requested for specific information (step S305). When the information received by the receiving unit 321 is not a distribution request (NO in step S304), the information determining unit 331 determines whether the information received by the receiving unit 321 is unique information (step S306).

  When the information received by the receiving unit 321 is unique information (YES in Step S306), the common key encryption unit 334 encrypts the common key with the unique information (Step S307). The control unit 330 transmits the encrypted common key and the encrypted content separately from the transmission unit 322 to the terminal device 100 (step S308). When the information received by the receiving unit 321 is not unique information (NO in step S306), the control unit 330 ends the process.

<Effect>
As described above, according to the present embodiment, since the mediation device 200 does not have to hold content, the information providing system 1 can prevent content from leaking from the mediation device 200.
Further, the information providing apparatus 300 of this embodiment encrypts the common key with unique information unique to each user. Thereby, since only the user can decrypt the encrypted common key, the common key can be prevented from being decrypted by other users. That is, the other terminal device cannot generate the common key from the encrypted common key, and therefore cannot decrypt the content. Therefore, the information providing apparatus 300 can prevent unauthorized use of content even if the encrypted common key and the encrypted content leak.

Further, in Patent Document 1, in order to prevent unauthorized use of content, it is necessary for the mediation server to individually encrypt content for each purchase request from a customer. Therefore, when purchase requests from customers are concentrated, there is a problem that the load of individual content encryption processing in the mediation server increases, making it difficult for the mediation server to distribute content to customers.
In the information providing apparatus 300 according to the present embodiment, the content is previously encrypted with the common key, and only the common key is encrypted for each distribution request. Therefore, the processing load on the information providing apparatus 300 can be reduced. . As a result, even if purchase requests from customers are concentrated, the information providing apparatus 300 can perform content distribution to the customers.

In Patent Document 1, since the mediation server 600 performs encryption processing, when purchase requests from the user terminal 500 are concentrated, the load of encryption processing of the mediation server 600 increases, and the mediation server 600 There is a problem that it is difficult to distribute content to the user terminal 500.
In the information distribution system 1 according to the present embodiment, since the information providing device 300 encrypts the common key, not the mediation device 200 corresponding to the mediation server 600, the load on encryption can be distributed. As a result, even if purchase requests from customers are concentrated, the information providing apparatus 300 can perform content distribution to the customers.

  Further, one information providing apparatus 300 may be composed of a plurality of servers, and may be divided into a server that performs encryption and a server that performs transmission processing of encrypted content and an encrypted common key. Thereby, the information providing apparatus 300 can distribute the processing load.

In the information distribution system 1 according to the present embodiment, the information providing apparatus 300 directly transmits the encrypted content and the encrypted common key to the terminal apparatus 100 without using the mediation apparatus 200. As a result, the information distribution system 1 prevents the mediation apparatus 200 from holding the encrypted content and the encrypted common key, thereby preventing data leakage.
Further, the information distribution system 1 can realize distribution even when the content cannot be deposited in the mediation apparatus 200 due to a right problem.

  In this embodiment, the common key is unique to each information providing apparatus 300. However, the present invention is not limited to this, and the common key may be unique to each content. As a result, even if the user of the terminal device 100 purchases content provided by a certain information providing device 300 and obtains a common key, another encrypted content provided by the same information providing device 300 can be obtained with the common key. It cannot be decrypted. As a result, the information providing apparatus 300 can prevent unauthorized use of content rather than making the common key unique to each information providing apparatus 300.

  Further, the information providing apparatus 300 may change the common key every predetermined time. Thereby, even if the user of the terminal device 100 purchases content provided by a certain information providing device 300 and obtains a common key, the same information providing device 300 uses the common key after the predetermined time has elapsed. Another encrypted content to be provided cannot be decrypted. As a result, the information providing apparatus 300 can prevent unauthorized use of content rather than making the common key unique to each information providing apparatus 300.

  Further, an apparatus other than the information providing apparatus 300 (for example, the mediation apparatus 200) may hold the encrypted content instead of the information providing apparatus 300. For example, even if the mediation device 200 holds the encrypted content, the administrator of the mediation device 200 does not have the encrypted common key, so the encrypted content cannot be decrypted and the contents are confirmed. Can not do it. Therefore, the information distribution system 1 can prevent an administrator of the mediation apparatus 200 from using content illegally.

  Further, even if the administrator of the mediation device 200 obtains the encrypted common key illegally, the administrator of the mediation device 200 cannot decrypt the encrypted common key, so I can't confirm. Therefore, the information distribution system 1 can prevent an administrator of the mediation apparatus 200 from using content illegally.

  Further, unique information associated with the user of the terminal device 100 may be cached in the information providing device 300. As a result, the information providing apparatus 300 can eliminate the need to request unique information for each distribution request, and the processing load on the information providing apparatus 300 can be reduced.

  Further, when the information providing apparatus 300 receives the purchase request, the customer ID may be transmitted to the mediation apparatus 200 instead of the settlement request, and the settlement status may be requested to the mediation apparatus 200. In that case, the mediation apparatus 200 may transmit the customer ID and the payment ID to the information providing apparatus 300 when a certain user has settled a certain content. As a result, the information providing apparatus 300 can permit the customer to re-download the contents when a certain user has already settled a certain content.

Further, the information providing apparatus 300 may change the encryption method for each content. As a result, the information providing apparatus 300 makes it difficult for the third party to illegally decrypt the content, thereby preventing unauthorized use of the content by the third party.
Further, the information providing apparatus 300 may change the method at each time when purchase is requested. As a result, the information providing apparatus 300 makes it difficult for the third party to illegally decrypt the content, thereby preventing unauthorized use of the content by the third party.

  Further, the information providing apparatus 300 may encrypt the common key based on the unique information and the time when the purchase is requested. As a result, the information providing apparatus 300 makes it difficult for the third party to illegally decrypt the content, thereby preventing unauthorized use of the content by the third party.

  In the present embodiment, the mediation device 200 generates unique information. However, the present invention is not limited to this, and the terminal device 100 may generate unique information. The terminal device 100 may generate a random number using the customer ID as a seed of random numbers, and may use the generated random number as unique information.

  Also, the terminal device 100 may use the serial number, MAC (Media Access Control) address, IMEI (International Mobile Equipment Identity) number, etc. of the terminal device 100 owned by the customer as the unique information. In other words, the unique information may be information unique to the terminal device 100, and may be a serial number, a MAC address, an IMEI number, or the like of the terminal device 100. In this case, every time the terminal device 100 used by the user is changed so that the unique information becomes information unique to the user, for example, every time the user logs in, the terminal device 100 mediates the customer ID and the unique information. You may transmit to the apparatus 200. Then, the intermediary device 200 may update the unique information stored in association with the same customer ID as the customer ID received from the terminal device 100 with the unique information received from the terminal device 100. As a result, even if the terminal device 100 used by the user is changed, the unique information held by the mediation device 200 is updated with the information unique to the changed terminal device 100. Therefore, the terminal device 100 always has the unique information. The information can be unique to the user.

<Modification>
Moreover, although the common key encryption part 334 of this embodiment encrypted only the common key with terminal information, it is not restricted to this. The common key encryption unit 334 may encrypt the deadline information indicating the deadline for decrypting the common key and the content with the terminal information, and transmit the encrypted information obtained by the encryption to the terminal device 100. Here, the time limit information may be a period during which the content can be decoded, or may be a time at which the content can be finally decoded.

In this case, the terminal device 100 decrypts the encrypted information with the unique information. Then, the terminal device 100 refers to the time limit indicated by the time limit information obtained by decoding. Here, the terminal device 100 is obtained by inquiring about the current time to the information providing device 300 and inquiring about the time of the terminal device 100 before decrypting the encrypted content in order to prevent the terminal device 100 from spoofing time. Update at the correct time. Then, the terminal device 100 may be able to decrypt the encrypted content until the referred time limit. Accordingly, the common key encryption unit 334 can limit the time that can be decrypted.
Note that the terminal device 100 may make a time inquiry to a third party server such as the mediation device 200 or an NTP (Network Time Protocol) server.

In addition, the common key encryption unit 334 may encrypt the common information and the number of times information indicating the number of times of decryption with the terminal information, and transmit the encrypted information obtained by the encryption to the terminal device 100.
In this case, the terminal device 100 decrypts the encrypted information with the unique information. And the terminal device 100 refers to the frequency | count which the frequency | count information obtained by decoding shows. The terminal device 100 may be able to decrypt the encrypted content up to the number of times. Accordingly, the common key encryption unit 334 can limit the number of times that the decryption can be performed.

  Note that the terminal device 100 may hold the number-of-times information obtained by the decryption after the decryption of the encrypted key so that the terminal device 100 is not falsified. Thereby, the terminal device 100 can prevent a large number of encrypted contents from being decrypted illegally.

Further, the common key encryption unit 334 may encrypt the common information and the region information indicating the region that can be decrypted with the terminal information, and transmit the encrypted information obtained by the encryption to the terminal device 100.
In this case, the terminal device 100 decrypts the encrypted information with the unique information. Then, the terminal device 100 refers to the area indicated by the area information obtained by decoding. Then, the terminal device 100 may be configured to be able to decrypt the encrypted content when the terminal device 100 exists in the area. As a result, the common key encryption unit 334 can limit the areas that can be decrypted.

At that time, the terminal device 100 includes a GPS (Global Positioning System), and the GPS may detect the position of the device itself. Thereby, the terminal device 100 can determine whether the position of the own device detected by the GPS exists in the region indicated by the region information.
Further, the terminal device 100 may acquire the position of the own device from a wireless communication base station such as a third generation mobile communication system (3G) or a wireless LAN access point. Thereby, the terminal device 100 can determine whether or not the acquired position of the own device exists in the area indicated by the area information.

As described above, the common key encryption unit 334 according to the modification may encrypt the common key and the decryption restriction information indicating the restriction when the common key is decrypted based on the unique information. The transmission unit 322 may transmit the encryption information encrypted by the common key encryption unit to the terminal device 100 that decrypts the encryption information based on the common information.
Here, the decryption restriction information may be information indicating a time limit during which the common key can be decrypted. The decryption restriction information may be information indicating a restriction on the number of times that the common key can be decrypted. Further, the decryption restriction information may be information indicating a restriction on a place where the common key can be decrypted.

  Further, a program for executing each process of the terminal device 100, the mediation device 200, or the information providing device 300 of the present embodiment is recorded on a computer-readable recording medium, and the program recorded on the recording medium is stored in a computer system. The above-described various processes related to the terminal device 100, the intermediary device 200, or the information providing device 300 may be performed by being read and executed.

  Here, the “computer system” may include hardware such as an OS (Operating System) and peripheral devices. Further, the “computer system” includes a homepage providing environment (or display environment) if a WWW (World Wide Web) system is used. The “computer-readable recording medium” refers to a flexible disk, a magneto-optical disk, a ROM (Read Only Memory), a writable nonvolatile memory such as a flash memory, a CD-ROM (Compact Disc Read Only Memory), etc. A storage device such as a portable medium or a hard disk built in a computer system.

  Further, the “computer-readable recording medium” refers to a volatile memory (for example, DRAM (Dynamic) in a computer system serving as a server or a client when a program is transmitted via a network such as the Internet or a communication line such as a telephone line. Random Access Memory)) that holds a program for a certain period of time is also included. The program may be transmitted from a computer system storing the program in a storage device or the like to another computer system via a transmission medium or by a transmission wave in the transmission medium. Here, the “transmission medium” for transmitting the program refers to a medium having a function of transmitting information, such as a network (communication network) such as the Internet or a communication line (communication line) such as a telephone line. The program may be for realizing a part of the functions described above. Furthermore, what can implement | achieve the function mentioned above in combination with the program already recorded on the computer system, what is called a difference file (difference program) may be sufficient.

  As mentioned above, although embodiment of this invention was explained in full detail with reference to drawings, the concrete structure is not restricted to this embodiment, The design etc. of the range which does not deviate from the summary of this invention are included.

1 Information distribution system 100, 100-1, 100-2, ..., 100-M terminal device (decoding device)
110 storage unit 120 communication unit 121 reception unit 122 transmission unit 130 control unit 131 information determination unit 132 settlement information determination unit 133 common key decryption unit 134 content decryption unit 135 content reproduction unit 200 mediation device 210 storage unit 220 communication unit 230 control unit 231 Information determination unit 232 Settlement information processing unit 233 Settlement processing unit 240 Registration unit 241 Specific information generation unit 300, 300-1, 300-2, ..., 300-N Information providing device (encryption device)
310 storage unit 311 common key storage unit 312 encrypted content storage unit 320 communication unit 321 reception unit 322 transmission unit 330 control unit 331 information determination unit (unique information acquisition unit)
332 Payment request unit 333 Unique information request unit 334 Common key encryption unit 335 Content acquisition unit

Claims (14)

A content acquisition unit that acquires encrypted content in which content is pre-encrypted with a common key that is commonly used for encryption and decryption;
A common key encryption unit that encrypts at least the common key based on unique information unique to each user;
A transmission unit that transmits the encrypted common key obtained by the encryption by the common key encryption unit and the encrypted content acquired by the content acquisition unit to a decryption device that holds the unique information;
An encryption device comprising: The common key encryption unit encrypts the common key and decryption restriction information indicating a restriction when decrypting the common key based on the unique information,
The encryption apparatus according to claim 1, wherein the transmission unit transmits the encrypted information encrypted by the common key encryption unit to the decryption device.   3. The encryption apparatus according to claim 2, wherein the decryption restriction information is information indicating a restriction on a time during which the common key can be decrypted.   The encryption apparatus according to claim 2, wherein the decryption restriction information is information indicating a restriction on a number of times that the common key can be decrypted.   3. The encryption apparatus according to claim 2, wherein the decryption restriction information is information indicating a restriction on a place where the common key can be decrypted.   6. The encryption apparatus according to claim 1, wherein the common key is unique for each content. An encrypted content storage unit in which the encrypted content is stored in advance;
The said content acquisition part acquires the said encrypted content by reading the said encrypted content from the said encrypted content storage part, The Claim 1 characterized by the above-mentioned. The encryption device described.   The encryption device according to any one of claims 1 to 7, further comprising a unique information acquisition unit that acquires the unique information transmitted from the decryption device. An encryption method executed by an encryption device,
A content acquisition procedure for acquiring encrypted content in which content is encrypted with a common key used in common for encryption and decryption;
A common key encryption procedure for encrypting at least the common key based on unique information unique to each user;
Transmission procedure for transmitting the encrypted common key obtained by encryption in the common key encryption procedure and the encrypted content acquired by the content acquisition procedure to a decryption device holding the unique information When,
An encryption method comprising: On the computer,
A content acquisition step of acquiring encrypted content in which the content is encrypted with a common key used in common for encryption and decryption;
A common key encryption step for encrypting at least the common key based on unique information unique to each user;
A transmission step of transmitting the encrypted common key obtained by the encryption in the common key encryption step and the encrypted content acquired by the content acquisition step to a decryption device holding the unique information; ,
An encryption program for executing A receiving unit for receiving the encrypted common key and the encrypted content transmitted from the encryption device;
A common key decryption unit for decrypting the encrypted common key received by the reception unit based on unique information unique to each user;
A content decrypting unit for decrypting the encrypted content received by the receiving unit with a common key obtained by decrypting by the common key decrypting unit;
A decoding apparatus comprising: A decoding method executed by a decoding device,
A reception procedure for receiving the encrypted common key and the encrypted content transmitted from the encryption device;
A common key decryption procedure for decrypting the encrypted common key received by the reception procedure based on unique information unique to each user;
A content decrypting procedure for decrypting the encrypted content received by the receiving procedure with the common key obtained by decrypting in the common key decrypting procedure;
A decoding method characterized by comprising: A computer including a receiving unit that receives the encrypted common key and the encrypted content transmitted from the encryption device,
A common key decryption step for decrypting the encrypted common key received by the receiver based on unique information unique to each user;
A content decrypting step for decrypting the encrypted content received by the receiving unit with the common key obtained by decrypting in the common key decrypting step;
Decryption program for executing An information distribution system comprising an encryption device and a decryption device,
The encryption device is:
A content acquisition unit that acquires encrypted content in which content is pre-encrypted with a common key that is commonly used for encryption and decryption;
A common key encryption unit that encrypts at least the common key based on unique information unique to each user;
A transmission unit that transmits the encrypted common key obtained by the encryption by the common key encryption unit and the encrypted content acquired by the content acquisition unit to the decryption device;
With
The decoding device
A receiving unit for receiving the encrypted common key and the encrypted content transmitted from the encryption device;
A common key decryption unit for decrypting the encrypted common key received by the reception unit based on the unique information;
A content decrypting unit for decrypting the encrypted content received by the receiving unit with a common key obtained by decrypting by the common key decrypting unit;
An information distribution system comprising:

Images