JP3631186B2 - Data reproducing apparatus and data recording apparatus - Google Patents

Description

[0001]
BACKGROUND OF THE INVENTION
The present invention relates to a data recording apparatus for recording encrypted content data acquired using a data distribution system that enables copyright protection for copied information, and to reproduce encrypted content data recorded in the data recording apparatus The present invention relates to a data reproducing apparatus.
[0002]
[Prior art]
In recent years, with the progress of digital information communication networks such as the Internet, it has become possible for each user to easily access network information using a personal terminal using a mobile phone or the like.
[0003]
In such a digital information communication network, information is transmitted by digital signals. Therefore, for example, even when each individual user copies music or video data transmitted in the digital information communication network as described above, the data can be copied with almost no deterioration in sound quality and image quality due to such copying. It is possible to do.
[0004]
Therefore, when content data having the copyright of the author such as music data and image data is transmitted on such a digital information communication network, unless appropriate measures for copyright protection are taken, remarkably The copyright holder's rights may be infringed.
[0005]
On the other hand, assuming that the purpose of copyright protection is given top priority and content data cannot be distributed via the rapidly expanding digital information communication network, basically, when copying content data, certain copyrights are used. Even for copyright holders who can collect the fee, it is disadvantageous.
[0006]
Here, instead of distribution through the digital information communication network as described above, taking a recording medium on which digital data is recorded as an example, a CD (compact disc) on which music data that is usually sold is recorded. In principle, music data can be copied from a CD to a magneto-optical disk (MD or the like) as long as the copied music is stopped for personal use. However, an individual user who performs digital recording or the like indirectly pays a certain amount of money for a digital recording device itself or a medium such as an MD as a deposit to the copyright holder.
[0007]
In addition, when music data, which is a digital signal, is copied from a CD to an MD, the music information is converted into digital data from a recordable MD to another MD in view of the fact that these pieces of information are digital data with almost no copy deterioration. Copying is not possible due to the configuration of the device for copyright protection.
[0008]
For these reasons, the distribution of music data and image data to the public through a digital information communication network is an act that is restricted by the copyright holder's public transmission rights. Sufficient measures need to be taken.
[0009]
[Problems to be solved by the invention]
However, even if measures are taken to protect the copyright against the act of distributing content data such as music data, there is a problem that the content data received once is further copied without permission.
[0010]
Accordingly, the present invention has been made to solve such a problem, and an object of the present invention is to provide a data reproducing apparatus capable of protecting content data distributed via a digital communication network. .
[0011]
Another object of the present invention is to provide a data recording apparatus capable of protecting content data distributed via a digital communication network.
[0012]
[Means for Solving the Problems]
According to the present invention, the data reproduction device acquires the encrypted content data and the license from the data recording device that records the encrypted content data and the license for decrypting and reproducing the encrypted content data, and obtains the encrypted content data. A data reproducing device for reproducing, an interface for controlling data exchange with a data recording device, an operation unit for inputting instructions, and decrypting encrypted content data with a license key included in a license Content reproduction circuit for reproducing content data, public key holding unit for holding an individual public encryption key set for each content reproduction circuit, and an individual secret decryption key for decrypting data encrypted by the individual public encryption key Encrypted by a private key holding unit that holds A first decryption processing unit for decrypting the received data with the individual secret decryption key, a session key generation unit for generating a session key for specifying communication with the data recording device, and decrypting the data encrypted with the session key A second decryption processing unit and a control unit. The control unit is sequentially encrypted with the individual public encryption key and the session key in response to the reproduction request of the encrypted content data input via the operation unit. The encrypted license is received via the interface, the received encrypted license is given to the second decryption processing unit, and the second decryption processing unit transmits the data decrypted with the session key to the first decryption processing unit. The first decryption processing unit provides the content reproduction circuit with the license key included in the license decrypted with the individual secret decryption key.
[0013]
Preferably, the encryption license is composed of encrypted data obtained by sequentially encrypting reproduction control information for restricting reproduction in the content reproduction circuit and a license key with an individual public encryption key and a session key. When reproduction of the encrypted content data in the content reproduction circuit is permitted by the reproduction control information decrypted by the processing unit, the encrypted content data is acquired from the data recording device via the interface and is provided to the content reproduction circuit.
[0014]
More preferably, the data reproducing device further includes an encryption processing unit that encrypts data using the session key, and the control unit receives another session key generated in the data recording device via the interface and receives the received session key. Another session key is given to the encryption processing unit, and the encryption processing unit transmits the session key encrypted by the other session key and the individual public encryption key to the data recording device via the interface. The individual public encryption key from the public key holding unit and the session key from the session key generation unit are encrypted with another session key and output to the control unit.
[0015]
More preferably, the data reproducing device decrypts the data included in the authentication data and encrypted with the class public encryption key unique to the content reproducing circuit, and an authentication data holding unit that holds authentication data for the data recording device A class secret decryption key holding unit for holding a class secret decryption key for performing the processing, and a third decryption processing unit for decrypting the data encrypted with the class public encryption key with the class secret decryption key. Authentication data is transmitted to the data recording device via the interface, and when the authentication data is authenticated by the data recording device, the other session key encrypted by the class public encryption key is recorded via the interface. Receives from the device another encrypted session key received and supplies it to the third decryption processing unit Third decoding processor provides another session key by decrypting the another session key encrypted by the class public encryption key by the class secret decryption key to the encryption processing unit.
[0016]
More preferably, the content reproduction circuit includes a fourth decryption processing unit that decrypts the encrypted content data with the license key, and a reproduction unit that reproduces the content data decrypted by the fourth decryption processing unit.
[0017]
According to the invention, the data recording device is a data recording device for recording a license for decrypting and reproducing the encrypted content data, and the data recording device stores data between the data reproducing device for reproducing the encrypted content data. Set for each data reproduction device, an interface for controlling transmission / reception, a storage unit for storing encrypted content data and the license, a session key generation unit for generating a session key for specifying communication with the data reproduction device, A first encryption processing unit that encrypts data using the individual public encryption key, a second encryption processing unit that encrypts data using the session key, and a control unit. The control unit is input via an interface. Included in the license based on the access control information included in the license Whether or not the license key can be output to the data reproduction device. When the license key can be output, the license is read from the storage unit and given to the first encryption processing unit, and the individual public encryption key and the data reproduction device are generated. The encrypted license sequentially encrypted with the first session key is transmitted to the data reproducing device via the interface, and the first encryption processing unit encrypts the license with the individual public encryption key and performs the second encryption process. The second encryption processing unit further encrypts the license encrypted with the individual public encryption key with the first session key and gives the license to the control unit.
[0018]
Preferably, the encryption license is composed of encrypted data obtained by sequentially encrypting reproduction control information for restricting reproduction of the encrypted content data in the data reproducing apparatus and the license key with the individual public encryption key and the first session key.
[0019]
More preferably, the data recording device further includes a decryption processing unit that decrypts the data with the second session key generated by the session key generation unit, and the control unit includes the first encrypted with the second session key. The session key and the individual public encryption key are received from the data reproducing apparatus via the interface, and the received encrypted first session key and individual public encryption key are given to the decryption processing unit. The decryption processing unit The decrypted first session key and individual public encryption key are decrypted with the second session key, the decrypted individual public encryption key is given to the first encryption processing unit, and the decrypted first session key is sent to the second Give to the cryptographic processing section.
[0020]
More preferably, the data recording device includes another decryption processing unit that decrypts the data with the public authentication key, and a third encryption processing unit that encrypts the data with the class public encryption key unique to the type of the data reproduction device, The control unit receives the authentication data obtained by encrypting the class public encryption key and the class certificate specific to the type of the data reproduction device with the public authentication key from the data reproduction device via the interface, and receives the received data. The authentication data is given to another decryption processing unit, and it is determined whether or not the data reproducing apparatus is legitimate based on the class public encryption key and the class certificate decrypted by the public authentication key in the other decryption processing unit. When the playback device is authentic, the session key generation unit is controlled to generate the second session key, and the third encryption processing unit The second session key encrypted with the public encryption key is transmitted to the data reproducing device via the interface, and the other decryption processing unit decrypts the authentication data with the public authentication key, and the decrypted class public encryption key To the third encryption processing unit, the decrypted class certificate is provided to the control unit, and the third encryption processing unit encrypts the second session key with the class public encryption key and provides the control unit with the second session key.
[0021]
More preferably, when the control unit confirms that the class public encryption key is accepted in the other decryption processing unit and the class public encryption key is not leaked based on the class certificate, the control unit authenticates the data reproduction device. Is determined.
[0022]
More preferably, the control unit stores the license for reproduction of the encrypted content data based on another reproduction control information stored in the storage unit together with the license and for controlling the output of the license from the storage unit. When output is permitted, the license is read from the storage unit, and the encrypted license is transmitted to the data reproducing apparatus via the interface.
[0023]
More preferably, the storage unit includes a first storage unit that stores the encrypted content data and a second storage unit that stores the license, and the second storage unit has a highly confidential tamper-resistant structure. Composed.
[0024]
DETAILED DESCRIPTION OF THE INVENTION
Embodiments of the present invention will be described in detail with reference to the drawings. In the drawings, the same or corresponding parts are denoted by the same reference numerals and description thereof will not be repeated.
[0025]
[Embodiment 1]
FIG. 1 is a schematic diagram for conceptually explaining the overall configuration of a data distribution system according to Embodiment 1 in which a data recording device (memory card) according to the present invention acquires encrypted content data.
[0026]
In the following description, an example of the configuration of a data distribution system that distributes digital music data to the memory card 110 attached to the user's mobile phone 100 via the mobile phone network will be described. As will be apparent from the following description. The present invention is not limited to such a case, and can also be applied to the distribution of content data as other copyrighted works, for example, image data, moving image data, and the like.
[0027]
Referring to FIG. 1, distribution carrier 20 relays a distribution request (distribution request) from a user obtained through its mobile phone network to distribution server 10. The distribution server 10 that manages copyrighted music data determines whether the memory card 110 attached to the cellular phone 100 of the cellular phone user who has accessed for data distribution has valid authentication data, That is, to authenticate whether or not the memory card is legitimate, to encrypt the music data (hereinafter also referred to as content data) with a predetermined encryption method and distribute the data to the legitimate memory card A license including a license key for decrypting the encrypted content data as information necessary for reproducing the encrypted content data and the encrypted content data is given to the mobile phone company which is the distribution carrier 20 of the mobile phone.
[0028]
The distribution carrier 20 distributes the encrypted content data and the license via the mobile phone network and the mobile phone 100 to the memory card 110 attached to the mobile phone 100 that has transmitted a distribution request through its own mobile phone network. .
[0029]
In FIG. 1, for example, a mobile phone 100 of a mobile phone user has a configuration in which a removable memory card 110 is mounted. The memory card 110 receives the encrypted content data received by the mobile phone 100, decrypts the encryption performed in the distribution, and gives it to a content reproduction circuit (not shown) in the mobile phone 100.
[0030]
Further, for example, a mobile phone user can “play” such content data through the headphones 130 connected to the mobile phone 100 and listen to the content data.
[0031]
By adopting such a configuration, first, if the memory card 110 is not used, it becomes difficult to receive music data from the distribution server 10 and reproduce music.
[0032]
Moreover, the distribution carrier 20 distributes the copyright fee generated each time the mobile phone user receives (downloads) the content data by counting the frequency each time content data for one song is distributed, for example. If the carrier 20 collects the call charge for the mobile phone, the copyright holder can easily secure the copyright charge.
[0033]
In the configuration as shown in FIG. 1, in order to be able to reproduce the content data that is encrypted and distributed on the user side of the mobile phone, first, what is required on the system is an encryption key for communication. The second method is to encrypt the content data to be distributed, and the third is to prevent unauthorized copying of the license distributed in this way. This configuration realizes license protection.
[0034]
In the embodiment of the present invention, particularly at the time of each of the distribution and playback sessions, the recording and recording device in which the authentication and check functions for the destination of the content data are enhanced and the authentication or decryption key is broken. And content data copyright protection by preventing output of content data to a content playback circuit (a circuit for decrypting and playing back encrypted content data built in the mobile phone 100 in FIG. 1). The structure to strengthen is demonstrated.
[0035]
In the following description, processing for transmitting content data from the distribution server 10 to each mobile phone is referred to as “distribution”.
[0036]
FIG. 2 is a diagram for explaining characteristics of data, information, etc. used in the data distribution system shown in FIG.
[0037]
First, data distributed from the distribution server 10 will be described. Dc is content data such as music data. The content data Dc is encrypted so that it can be decrypted with the license key Kc. Encrypted content data {Dc} Kc that has been decrypted by the license key Kc is distributed from the distribution server 10 to the user in this format.
[0038]
In the following, the notation {Y} X indicates that the data Y has been encrypted with the decryption key X.
[0039]
Further, additional information Dc-inf as plaintext information such as copyrights related to the content data or access to the server is distributed together with the encrypted content data {Dc} Kc. In addition, it is a management code for specifying the distribution of the license key Kc, license key, etc. as a license, and a code for identifying the transaction ID and content data Dc, which are the management codes for specifying the license. There are a content ID, access control information ACm that is information relating to restrictions on access to a license in the recording device (memory card), reproduction control information ACp that is control information relating to reproduction in the content reproduction circuit, and the like. Specifically, the access control information ACm is control information for outputting a license or a license key from the memory card to the outside. -Restriction information on duplication and license security level. The reproduction control information ACp is information for restricting reproduction after the content reproduction circuit receives the license key for reproducing the encrypted content data, such as reproduction time limit, reproduction speed change restriction, reproduction range designation (partial license), etc. There is.
[0040]
Hereinafter, the transaction ID and the content ID are collectively referred to as a license ID, and the license key Kc, the license ID, access control information ACm, and reproduction control information ACp are collectively referred to as a license.
[0041]
In the following, for simplification, the access control information ACm is control information for limiting the number of reproductions. The number of reproductions (0: reproduction impossible, 1-254: reproduction possible number, 255: no restriction), license transfer and The reproduction / control flag AC0 is a reproduction deadline that is a control information that defines a deadline for reproduction. The movement / duplication flag (0: movement duplication prohibited, 1: movement only allowed, 2: movement duplication allowed) is limited. Only (UTCtime code) shall be restricted.
[0042]
In the embodiment of the present invention, a certificate revocation list CRL (CRL) is provided so that distribution and reproduction of content data can be prohibited for each class of a recording device (memory card) and a content reproduction circuit that reproduces content data. Operates the Certificate Revocation List. In the following, the data in the certificate revocation list may be represented by the symbol CRL as necessary.
[0043]
The certificate revocation list related information includes a content replay circuit that is prohibited from distributing and replaying licenses, and certificate revocation list data CRL that lists memory card classes. All devices that manage, store, and replay licenses related to content data protection are listed.
[0044]
The certificate revocation list data CRL is managed in the distribution server 10 and is also recorded and held in the memory card. Such a certificate revocation list needs to be updated at any time to update the data. However, with regard to data changes, the distribution server 10 basically uses encrypted content data and / or license keys, etc. When the license is distributed, the update date / time of the certificate revocation list held in the memory card 110 received from the mobile phone is determined, and compared with the update date / time of the certificate revocation list CRL held, it is not updated to the latest. When it is determined, the latest certificate revocation list is distributed to the mobile phone 100. As for the certificate revocation list, a CRL that is differential data reflecting only the changed point is generated from the distribution server 10 and added to the certificate revocation list CRL in the memory card 110 accordingly. It is also possible. Also, it is assumed that the certificate revocation list update date / time CRLdate is also recorded at the time of update so that the certificate revocation list CRL managed in the memo card 110 can be judged as new or old.
[0045]
In this way, by holding and operating the certificate revocation list CRL not only in the distribution server but also in the recording device (memory card) that records and manages the license, it is class-specific in reproduction, license transfer / duplication, etc. , Supply of license keys or licenses to content playback circuits (mobile phones) or recording devices (memory cards) that have leaked a decryption key specific to the type of content playback circuit (mobile phone) or recording device (memory card) is prohibited. The For this reason, the content reproduction circuit cannot reproduce the content data, and the recording apparatus cannot acquire the license.
[0046]
As described above, the certificate revocation list CRL in the recording apparatus is configured to sequentially update data at the time of distribution. Also, the certificate revocation list CRL in the recording device is managed by recording it in a high level tamper resistant module (Tamper Resistant Module) that guarantees confidentiality in hardware in the recording device independently of the upper level. Do. As a result, the copyright protection regarding the data can be further strengthened.
[0047]
FIG. 3 is a diagram for explaining characteristics of data, information, and the like for encryption processing used in the data distribution system shown in FIG.
[0048]
The content reproduction circuit and the memory card are provided with unique public encryption keys KPpy and KPmw, respectively, and the public encryption key KPpy can be decrypted with a secret decryption key Kpy unique to the content reproduction circuit. The public encryption key KPmw can be decrypted with a secret decryption key Kmw unique to the memory card. These public encryption key and secret decryption key have different values for each type of content reproduction circuit and memory card. These public encryption keys and secret decryption keys are collectively referred to as class keys, these public encryption keys are referred to as class public encryption keys, secret decryption keys are referred to as class secret decryption keys, and units shared by the class keys are referred to as classes. Classes differ depending on the manufacturer, product type, production lot, and the like.
[0049]
Also, Cpy is provided as the class certificate for the content reproduction circuit, and Cmw is provided as the class certificate for the memory card. These class certificates have different information for each class of the content reproduction circuit and the recording device. A class whose tamper-resistant module is broken or whose encryption with a class key is broken, that is, a class whose secret decryption key is leaked, is listed in the certificate revocation list CRL and is subject to license acquisition prohibition.
[0050]
The class public encryption key and class certificate of the content reproduction circuit are recorded in the content reproduction circuit at the time of shipment in the format of authentication data {KPpy // Cpy} KPa. The class public encryption key and class certificate of the memory card are recorded in the recording device at the time of shipment in the format of authentication data {KPmw // Cmw} KPa. As will be described in detail later, KPa is a public authentication key common to the entire distribution system.
[0051]
The recording device also has a public encryption key KPmcx set for each recording device and a secret decryption key Kmcx unique to the memory card that can decrypt data encrypted with the public encryption key KPmcx. Furthermore, as a key for managing the data processing in the content reproduction circuit, the content reproduction capable of decrypting the public encryption key KPpcz set for each content reproduction circuit and the data encrypted with the public encryption key KPpcz A secret decryption key Kpcz unique to the circuit exists.
[0052]
The individual public encryption key and secret decryption key for each memory card or content reproduction circuit are collectively referred to as an individual key, the public encryption key KPmcx is referred to as an individual public encryption key, and the secret decryption key Kmcx is referred to as an individual secret decryption key.
[0053]
A common key generated in the distribution server 10, the content reproduction circuit, and the recording device every time content data is distributed and reproduced as an encryption key for maintaining confidentiality in data exchange between the outside of the recording device and the recording device Ks1 to Ks3 are used.
[0054]
Here, the common keys Ks1 to Ks3 are unique common keys generated for each “session” which is a unit of communication or access between the distribution server 10, the content reproduction circuit or the recording device. The common keys Ks1 to Ks3 are also called “session keys”.
[0055]
These session keys Ks1 to Ks3 are managed by the distribution server 10, the content reproduction circuit, and the recording device by having a unique value for each session. Specifically, the session key Ks1 is generated for each distribution session by the distribution server 10. The session key Ks2 is generated for each distribution session and reproduction session by the recording device, and the session key Ks3 is generated for each reproduction session in the content reproduction circuit. In each session, these session keys are exchanged, the session keys generated by other devices are received, the encryption with this session key is performed, and then the license key etc. is transmitted to ensure the security strength in the session. Can be improved.
[0056]
FIG. 4 is a schematic block diagram showing the configuration of the distribution server 10 shown in FIG. The distribution server 10 includes an information database 304 for storing distribution information such as data and content IDs obtained by encrypting content data according to a predetermined method, and charging according to the start of access to the content data for each user of the mobile phone A charging database 302 for holding information, a CRL database 306 for managing a certificate revocation list CRL, a menu database 307 for holding a menu of content data held in the information database 304, and content data for each license distribution A distribution record database 308 that holds a log relating to distribution of transaction IDs that specify distribution of license keys and the like, an information database 304, a charging database 302, a CRL database 306, and a menu database 3 7 and data processing unit 310 for receiving data from distribution record database 308 via bus BS1 and performing predetermined processing, and data between distribution carrier 20 and data processing unit 310 via a communication network And a communication device 350 for sending and receiving.
[0057]
The data processing unit 310 is controlled by the distribution control unit 315 for controlling the operation of the data processing unit 310 and the distribution control unit 315 according to the data on the bus BS1, and generates a session key Ks1 during the distribution session. A session key generation unit 316 for authentication, an authentication key holding unit 313 that holds a public authentication key KPa for decrypting authentication data {KPmw // Cmw} KPa sent from the memory card 110, and a memory The authentication data {KPmw // Cmw} KPa sent from the card 110 is received via the communication device 350 and the bus BS1, and decryption is performed using the public authentication key KPa from the authentication key holding unit 313. The session key Ks1 generated by the processing unit 312 and the session key generation unit 316 is decrypted. Is encrypted using the class public encryption key KPmw obtained by the above, and received from the bus BS1 is the encryption processing unit 318 for outputting to the bus BS1 and the data transmitted after being encrypted by the session key Ks1, And a decryption processing unit 320 that performs decryption processing.
[0058]
The data processing unit 310 further encrypts the license key Kc and the access control information ACm given from the distribution control unit 315 with the individual public encryption key KPmcx for each memory card 110 obtained by the decryption processing unit 320. An encryption processing unit 326 and an encryption processing unit 328 for further encrypting the output of the encryption processing unit 326 with the session key Ks2 given from the decryption processing unit 320 and outputting the result to the bus BS1 are included.
[0059]
The operation in the distribution session of the distribution server 10 will be described in detail later using a flowchart.
[0060]
FIG. 5 is a schematic block diagram for explaining the configuration of the mobile phone 100 shown in FIG.
[0061]
The cellular phone 100 receives an antenna 1102 for receiving a signal wirelessly transmitted by the cellular phone network, receives the signal from the antenna 1102 and converts it into a baseband signal, or modulates data from the cellular phone 100 to modulate the antenna. A transmission / reception unit 1104 for giving to 1102.
[0062]
The mobile phone 100 further includes a bus BS2 for transferring data of each part of the mobile phone 100, a controller 1106 for controlling the operation of the mobile phone 100 via the bus BS2, and an instruction from the outside. And a display 1110 for giving information output from the controller 1106 and the like as visual information to the user.
[0063]
The cellular phone 100 further stores content data (music data) from the distribution server 10 and a removable memory card 110 for performing decryption processing, and data between the memory card 110 and the bus BS2. And a memory card interface 1200 for controlling transfer.
[0064]
The cellular phone 100 further includes an audio reproduction unit 1112 for decoding and reproducing audio data received from another cellular phone, and a DA converter for converting the audio signal from the audio reproduction unit 1112 from a digital signal to an analog signal. 1113 and a speaker 1114 for outputting audio data from the DA converter 1113 to the outside.
[0065]
The mobile phone 100 further includes a microphone 1115 for inputting voice data of the user of the mobile phone 100, an AD converter 1116 for converting voice data from the microphone 1115 from an analog signal to a digital signal, and an AD converter 1116. And an audio encoding unit 1117 that encodes the audio signal in a predetermined format.
[0066]
The cellular phone 100 further holds the authentication data {KPp1 // Cp1} KPa that is encrypted in such a state that its authenticity can be authenticated by decrypting the class public encryption key KPp1 and the class certificate Cp1 with the public authentication key KPa. An authentication data holding unit 1500 is included. Here, it is assumed that the class y of the mobile phone 100 is y = 1.
[0067]
The mobile phone 100 further decrypts the data received from the bus BS2 with the Kp holding unit 1502 that holds Kp1 that is a class-specific decryption key, and the session key Ks2 generated by the memory card 110 by using the decryption key Kp1. A decryption processing unit 1504.
[0068]
The cellular phone 100 further uses a random number or the like as a session key Ks3 for encrypting data on the bus BS2 exchanged with the memory card 110 in a reproduction session for reproducing content data stored in the memory card 110. The session key generator 1508 generated by the above and the session key Ks3 and KPpc generated by the session key generator 1508 when receiving the license key Kc and the playback control information ACp from the memory card 110 in the playback session of the encrypted content data An encryption processing unit 1506 that encrypts the individual public encryption key KPpc2 from the unit 1507 with the session key Ks2 obtained by the decryption processing unit 1504 and outputs it to the bus BS2.
[0069]
The mobile phone 100 further includes a KPpc holding unit 1507 that holds a public encryption key KPpc2 that is different for each mobile phone 100 (content reproduction circuit 1550). In the mobile phone 100 (content reproduction circuit 1550), the natural number z is assumed to be z = 2.
[0070]
The cellular phone 100 further decrypts the data on the bus BS2 with the session key Ks3 and outputs the encrypted data {Kc // ACp} Kpc2 and the cellular phone 100 (content reproduction circuit 1550). Includes a Kpc holding unit 1512 that holds a secret decryption key Kpc2 paired with a different public encryption key KPpc2.
[0071]
The cellular phone 100 further decrypts the encrypted data {Kc // ACp} Kpc2 from the decryption processing unit 1510 with the secret decryption key Kpc2 from the Kpc holding unit 1512 and outputs the license key Kc and the reproduction control information ACp. Decryption processing unit 1514, decryption processing unit 1516 that receives encrypted content data {Dc} Kc from bus BS2, decrypts it with license key Kc acquired from decryption processing unit 1514, and outputs content data, and decryption processing unit 1516 Is a music playback unit 1518 for playing back content data, a DA converter 1520 for converting the output of the music playback unit 1518 from a digital signal to an analog signal, and an output of the DA converter 1113 or 1520 as an operation mode. Depending on the output and output to the terminal 1530 And 択器 1525, and a terminal 1530 for outputting the output of the selector 1525 external output device such as headphones to the (not shown).
[0072]
In FIG. 5, a region surrounded by a dotted line constitutes a content reproduction circuit 1550 that decrypts encrypted content data and reproduces music data.
[0073]
The operation of each component of the mobile phone 100 in each session will be described in detail later using a flowchart.
[0074]
FIG. 6 is a schematic block diagram for explaining the configuration of the memory card 110 shown in FIG.
[0075]
As already described, KPmw and Kmw are provided as the class public encryption key and class secret decryption key of the memory card, and the memory card class certificate Cmw is provided. In the memory card 110, the natural number w = 3. Shall be represented. The natural number x for identifying the memory card is represented by x = 4.
[0076]
Therefore, the memory card 110 has an authentication data holding unit 1400 that holds authentication data {KPm3 // Cm3} KPa, and a Kmc holding unit that holds an individual secret decryption key Kmc4 that is a unique decryption key set for each memory card. 1402, a Km holding unit 1421 that holds the class secret decryption key Km3, and a KPmc holding unit 1416 that holds the public encryption key KPmc4 that can be decrypted by the individual secret decryption key Kmc4.
[0077]
As described above, by providing an encryption key for a recording device called a memory card, management of distributed content data and encrypted license keys can be executed in units of memory cards, as will be apparent from the following description. It becomes possible.
[0078]
The memory card 110 is further supplied from the interface 1424 to the interface 1424 that exchanges signals with the memory card interface 1200 via the terminal 1426, the bus BS3 that exchanges signals with the interface 1424, and the bus BS3. The data is decrypted by receiving the class secret decryption key Km3 from the Km holding unit 1421, and the decryption processing unit 1422 that outputs the session key Ks1 generated by the distribution server 10 in the distribution session to the contact Pa. The decryption result obtained by executing the decryption process using the public authentication key KPa from the data given to the bus BS3 upon receipt of the key KPa and the obtained class certificate are output to the controller 1420, and the obtained class public key is output. The decryption data output to the encryption processing unit A processing unit 1408, by selectively given key by switch 1442 includes encrypted data that is selectively applied by switch 1446 and a cryptographic processing unit 1406 to be output to the bus BS3.
[0079]
The memory card 110 further includes a session key generation unit 1418 that generates a session key Ks2 in each of the distribution and reproduction sessions, and a class public encryption that is obtained by the decryption processing unit 1408 from the session key Ks2 output by the session key generation unit 1418. An encryption processor 1410 that encrypts the data with the key KPpy or KPmw and sends it to the bus BS3, and a decryption process that receives the data encrypted with the session key Ks2 from the bus BS3 and decrypts it with the session key Ks2 obtained from the session key generator 1418 1412 and the individual public encryption key of mobile phone 100 decrypted by decryption processing unit 1412 with license key Kc and playback control information ACp read from memory 1415 in the playback session of the encrypted content data Ppc2 and a cryptographic processing unit 1417 for encrypting at.
[0080]
The memory card 110 further includes a decryption processing unit 1404 for decrypting the data on the bus BS3 with the individual secret decryption key Kmc4 of the memory card 110 paired with the individual public encryption key KPmc4, and version update of the certificate revocation list. Certificate revocation list data CRL, which is sequentially updated by the data CRLdate, encrypted content data {Dc} Kc, and licenses for reproducing the encrypted content data {Dc} Kc (Kc, ACp, ACm, license ID) ), Additional information Dc-inf, a reproduction list of encrypted content data, and a memory 1415 for receiving and storing a license management file for managing licenses from the bus BS3. The memory 1415 is configured by a semiconductor memory, for example. The memory 1415 includes a CRL area 1415A, a license area 1415B, and a data area 1415C. The CRL area 1415A is an area for recording a certificate revocation list CRL. The license area 1415B is an area for recording a license. The data area 1415C includes encrypted content data {Dc} Kc, related information Dc-inf of the encrypted content data, a license management file that records information necessary for managing the license for each encrypted content data, and a memory card. This is an area for recording a playlist file for recording basic information for accessing the encrypted content data and license recorded in 110. The data area 1415C can be directly accessed from the outside.
[0081]
The license area 1415B stores a license in a license-specific recording unit called an entry in order to record a license (license key Kc, reproduction control information ACp, access restriction information ACm, license ID). When accessing a license, the license is stored or an entry for which the license is to be recorded is designated by an entry number.
[0082]
The memory card 110 further includes a controller 1420 for exchanging data with the outside via the bus BS3, receiving playback information and the like with the bus BS3, and controlling the operation of the memory card 110.
[0083]
All configurations except the data region 1415C are configured in a tamper resistant module region.
[0084]
The operation of each session in the data distribution system shown in FIG. 1 will be described below.
[0085]
[Delivery]
First, an operation for distributing encrypted content data and a license from the distribution server 10 to the memory card 110 attached to the mobile phone 100 in the data distribution system shown in FIG. 1 will be described. This operation is called “distribution”.
[0086]
7 to 10 are for explaining a distribution operation (hereinafter also referred to as a distribution session) to the memory card 110 attached to the mobile phone 100, which occurs when the encrypted content data is purchased in the data distribution system shown in FIG. It is the 1st-4th flowchart.
[0087]
Prior to the processing in FIG. 7, it is assumed that the user of the mobile phone 100 has connected to the distribution server 10 via the mobile phone network and has acquired the content ID for the content desired to be purchased.
[0088]
Referring to FIG. 7, a distribution request is made by the user of mobile phone 100 by designating a content ID via key operation unit 1108 (step S100). Then, purchase conditions AC for purchasing a license of the encrypted content data are input via the key operation unit 1108 (step S102). That is, in order to purchase the license key Kc for decrypting the selected encrypted content data, the access control information ACm and the reproduction control information ACp for the encrypted content data are set and the purchase condition AC is input.
[0089]
When the purchase condition AC for the encrypted content data is input, the controller 1106 inputs an authentication data output instruction to the memory card 110 via the bus BS2 and the memory card interface 1200 (step S104). The controller 1420 of the memory card 110 receives an authentication data output instruction via the terminal 1426, the interface 1424, and the bus BS3. Then, the controller 1420 reads the authentication data {KPm3 // Cm3} KPa from the authentication data holding unit 1400 via the bus BS3, and uses the read authentication data {KPm3 // Cm3} KPa as the bus BS3, the interface 1424, and the terminal 1426. (Step S106).
[0090]
In addition to the authentication data {KPm3 // Cm3} KPa from the memory card 110, the controller 1106 of the mobile phone 100 transmits a content ID, license purchase condition data AC, and a distribution request to the distribution server 10 (step S108).
[0091]
Distribution server 10 receives a distribution request, content ID, authentication data {KPm3 // Cm3} KPa, and license purchase condition data AC from mobile phone 100 (step S110), and decryption processing unit 312 receives from memory card 110. The output authentication data {KPm3 // Cm3} KPa is decrypted with the public authentication key KPa (step S112).
[0092]
The distribution control unit 315 performs an authentication process for determining whether or not the authentication data encrypted for verifying its legitimacy has been received from the decryption processing result in the decryption processing unit 312 (Step S312). S114). If it is determined that the authentication data is valid, the distribution control unit 315 approves and accepts the class public encryption key KPm3 and the class certificate Cm3. Then, the process proceeds to the next process (step S116). If it is not valid authentication data, it is rejected and the distribution session is terminated without accepting the class public encryption key KPm3 and the class certificate Cm3 (step S198).
[0093]
If the class public encryption key KPm3 and the class certificate Cm3 are received as a result of the authentication, the distribution control unit 315 next determines whether the class certificate Cm3 of the memory card 110 is listed in the certificate revocation list CRL. The database 306 is inquired, and when these class certificates are the subject of the certificate revocation list CRL, the distribution session is ended here (step S198).
[0094]
On the other hand, if the class certificate of the memory card 110 is not subject to the certificate revocation list CRL, the process proceeds to the next process (step S116).
[0095]
As a result of the authentication, when it is confirmed that the access is from the mobile phone 100 including the memory card 110 having valid authentication data and the class is not included in the certificate revocation list CRL, the distribution server 10 performs distribution control. The unit 315 generates a transaction ID that is a management code for specifying distribution (step S118). In addition, the session key generation unit 316 generates a session key Ks1 for distribution (step S120). Session key Ks1 is encrypted by encryption processing unit 318 using class public encryption key KPm3 corresponding to memory card 110 obtained by decryption processing unit 312 (step S122).
[0096]
The transaction ID and the encrypted session key Ks1 are output to the outside as the transaction ID // {Ks1} Km3 via the bus BS1 and the communication device 350 (step S124).
[0097]
Referring to FIG. 8, when mobile phone 100 receives transaction ID // {Ks1} Km3 (step S126), controller 1106 transmits transaction ID // {Ks1} Km3 via bus BS2 and memory card interface 1200. Is input to the memory card 110 (step S128). Then, in the memory card 110, the decryption processing unit 1422 uses the terminal 1426 and the interface 1424 to receive the received data given to the bus BS3, and the class secret decryption unique to the memory card 110 held in the Km holding unit 1421. By decrypting with the key Km3, the session key Ks1 is decrypted and the session key Ks1 is accepted (step S130).
[0098]
When the controller 1420 confirms acceptance of the session key Ks1 generated by the distribution server 10, the controller 1420 instructs the session key generation unit 1418 to generate the session key Ks2 generated during the distribution operation in the memory card 110. Session key generation unit 1418 generates session key Ks2 (step S132).
[0099]
In the distribution session, the controller 1420 extracts the update date / time CRLdate from the certificate revocation list CRL recorded in the memory 1415 in the memory card 110 and outputs it to the changeover switch 1446 (step S134).
[0100]
The encryption processing unit 1406 uses the session key Ks1 given from the decryption processing unit 1422 via the contact Pa of the changeover switch 1442 to sequentially switch the contacts of the changeover switch 1446, the session key Ks2, the individual public encryption key KPmc4, and the proof. The update date / time CRLdate of the revocation list CRL is encrypted as one data string, and the encrypted data {Ks2 // KPmc4 // CRLdate} Ks1 is output to the bus BS3 (step S136).
[0101]
The encrypted data {Ks2 // KPmc4 // CRLdate} Ks1 output to the bus BS3 is output from the bus BS3 to the mobile phone 100 via the interface 1424 and the terminal 1426. Then, the controller 1106 of the mobile phone 100 receives the encrypted data {Ks2 // KPmc4 // CRLdate} Ks1 via the memory card interface 1200 and the bus BS2, and receives the received encrypted data {Ks2 // KPmc4 // CRLdate. } The transaction ID is added to Ks1, and the transaction ID // {Ks2 // KPmc4 // CRLdate} Ks1 is transmitted to the distribution server 10 (step S138).
[0102]
The distribution server 10 receives the transaction ID // {Ks2 // KPmc4 // CRLdate} Ks1 and executes the decryption processing with the session key Ks1 in the decryption processing unit 320, and the session key Ks2 generated by the memory card 110, The public encryption key KPmc4 unique to the memory card 110 and the update date / time CRLdate of the certificate revocation list CRL in the memory card 110 are received (step S142).
[0103]
The distribution control unit 315 generates access control information ACm and reproduction control information ACp according to the content ID and license purchase condition data AC acquired in step S110 (step S144). Further, the distribution control unit 315 acquires a license key Kc for decrypting the encrypted content data from the information database 304 (step S146).
[0104]
The distribution control unit 315 gives the generated license, that is, the transaction ID, content ID, license key Kc, reproduction control information ACp, and access control information ACm to the encryption processing unit 326. The encryption processing unit 326 encrypts the license with the public encryption key KPmc4 unique to the memory card 110 obtained by the decryption processing unit 320, and encrypts the data {transaction ID // content ID // Kc // ACm // ACp}. Kmc4 is generated (step S148).
[0105]
Referring to FIG. 9, in distribution server 10, update date / time CRLdate of certificate revocation list CRL transmitted from memory card 110 is the update date / time of certificate revocation list CRL of distribution server 10 held in CRL database 306. By comparing, it is determined whether or not the certificate revocation list CRL held by the memory card 110 is the latest. When it is determined that the certificate revocation list CRL held by the memory card 110 is the latest, the process proceeds to step S152. If the certificate revocation list CRL held by the memory card 110 is not the latest, the process proceeds to step S160 (step S150).
[0106]
When determined to be the latest, the encryption processing unit 328 generated the encrypted data {transaction ID // content ID // Kc // ACm // ACp} Kmc4 output from the encryption processing unit 326 in the memory card 110. Encryption is performed using the session key Ks2, and the encrypted data {{transaction ID // content ID // Kc // ACm // ACp} Kmc4} Ks2 is output to the bus BS1. Then, the distribution control unit 315 transmits the encrypted data {{transaction ID // content ID // Kc // ACm // ACp} Kmc4} Ks2 on the bus BS1 to the mobile phone 100 via the communication device 350 ( Step S152).
[0107]
Then, the controller 1106 of the mobile phone 100 receives the encrypted data {{transaction ID // content ID // Kc // ACm // ACp} Kmc4} Ks2 (step S154), and uses the bus BS2 and the memory card interface 1200. The encrypted data {{transaction ID // content ID // Kc // ACm // ACp} Kmc4} Ks2 is input to the memory card 110. The decryption processing unit 1412 of the memory card 110 receives the encrypted data {{transaction ID // content ID // Kc // ACm // ACp} Kmc4} Ks2 via the terminal 1426 and the interface 1424, and a session key generation unit 1418. And the encrypted data {transaction ID // content ID // Kc // ACm // ACp} Kmc4 is received (step S158). Thereafter, the process proceeds to step S172.
[0108]
On the other hand, when the distribution server 10 determines that the certificate revocation list CRL held by the memory card 110 is not the latest, the distribution control unit 315 obtains the latest certificate revocation list CRL from the CRL database 306 via the bus BS1. Obtain (step S160).
[0109]
The encryption processing unit 328 receives the output of the encryption processing unit 326 and the CRL of the certificate revocation list supplied from the distribution control unit 315 via the bus BS1, and encrypts it with the session key Ks2 generated in the memory card 110. To do. The encrypted data {CRL // {transaction ID // content ID // Kc // ACm // ACp} Kmc4} Ks2 output from the encryption processing unit 328 is sent to the personal computer 50 via the bus BS1 and the communication device 350. It is transmitted (step S162).
[0110]
The cellular phone 100 receives the encrypted data {CRL // {transaction ID // content ID // Kc // ACm // ACp} Kmc4} Ks2 (step S164), and via the bus BS2 and the memory card interface 1200. The encrypted data {CRL // {transaction ID // content ID // Kc // ACm // ACp} Kmc4} Ks2 is input to the memory card 110 (step S166). In the memory card 110, the decoding processing unit 1412 decodes the reception data given to the bus BS3 via the terminal 1426 and the interface 1424. The decryption processing unit 1412 decrypts the received data on the bus BS3 using the session key Ks2 given from the session key generation unit 1418 and outputs the decrypted data to the bus BS3 (step S168).
[0111]
At this stage, the bus BS3 has an encryption license {transaction ID // content ID // Kc // ACm // ACp} Kmc4 that can be decrypted with the secret decryption key Kmc4 held in the Kmc holding unit 1402, CRL, Is output (step S168). In response to an instruction from the controller 1420, the CRL in the CRL area 1415A in the memory 1415 is rewritten by the received CRL and updated to the latest CRL (step S170).
[0112]
Steps S152, S154, S156, and S158 are operations for distributing licenses to the memory card 110 when the certificate revocation list CRL of the memory card 110 is the latest. Steps S160, S162, S164, S166, S168, and S170 are: This is an operation of distributing a license to the memory card 110 when the certificate revocation list CRL of the memory card 110 is not the latest. In this way, it is confirmed one by one whether the certificate revocation list CRL of the memory card 110 that has been requested for distribution is the latest by the certificate revocation list update date / time CRLdate sent from the memory card 110, and is not up-to-date. When the latest certificate revocation list CRL is obtained from the CRL database 306 and the CRL is distributed to the memory card 110, a license is issued from the memory card 110 to another memory card or content reproduction circuit whose security is broken. Can be prevented from being output.
[0113]
After step S158 or step S170, the encryption license {transaction ID // content ID // Kc // ACm // ACp} Kmc4 is decrypted by the individual secret decryption key Kmc4 in the decryption processing unit 1404 according to the instruction of the controller 1420. Then, the license (license key Kc, transaction ID, content ID, access control information ACm and reproduction control information ACp) is accepted (step S172).
[0114]
Referring to FIG. 10, controller 1106 of mobile phone 100 inputs an entry number for indicating an entry for storing a license received by memory card 110 into memory card 110 (step S174). Then, the controller 1420 of the memory card 110 receives the entry number via the terminal 1426 and the interface 1424, and stores the license (license key Kc) acquired in step S172 in the license area 1415B of the memory 1415 specified by the received entry number. , Transaction ID, content ID, access control information ACm, and reproduction control information ACp) are stored (step S176).
[0115]
The controller 1106 of the mobile phone 100 transmits the transaction ID sent from the distribution server 10 and the distribution request for the encrypted content data to the distribution server 10 (step S178).
[0116]
The distribution server 10 receives the transaction ID and the encrypted content data distribution request (step S180), acquires the encrypted content data {Dc} Kc and the additional information Dc-inf from the information database 304, and receives these data. Is output via the bus BS1 and the communication device 350 (step S182).
[0117]
The mobile phone 100 receives {Dc} Kc // Dc-inf and accepts the encrypted content data {Dc} Kc and the additional information Dc-inf (step S184). Then, controller 1106 inputs encrypted content data {Dc} Kc and additional information Dc-inf to memory card 110 via bus BS2 and memory card interface 1200 (step S186). The controller 1420 of the memory card 110 receives {Dc} Kc // Dc-inf via the terminal 1426, the interface 1424, and the bus BS3 (step S188), and encrypts it in the data area 1415C of the memory 1415 via the bus BS3. Content data {Dc} Kc and additional information Dc-inf are recorded (step S190).
[0118]
Then, the controller 1106 of the mobile phone 100 transmits the transaction ID and distribution acceptance to the distribution server 10 (step S192).
[0119]
Upon receiving the transaction ID // delivery acceptance (step S194), the distribution server 10 stores the charging data in the charging database 302 and records the transaction ID in the distribution record database 308, and executes the distribution end process. (Step S196). Then, the entire process ends (step S198).
[0120]
In this way, the memory card 110 attached to the mobile phone 100 is a device that holds regular authentication data, and at the same time, the public encryption key KPm3 encrypted and transmitted together with the class certificate Cm3 is valid. , The class certificate Cm3 is content data only for a distribution request from a memory card not listed in the certificate revocation list, that is, the class certificate list whose encryption with the public encryption key KPm3 is broken. Can be distributed, and distribution to an unauthorized memory card and distribution using a decrypted class key can be prohibited.
[0121]
Further, the encryption keys generated by the distribution server 10 and the memory card 110 are exchanged, the encryption using the encryption keys received by each other is executed, and the encrypted data is transmitted to the other party. Effective mutual authentication can also be performed in transmission / reception of encrypted data, and the security of the data distribution system can be improved.
[0122]
FIG. 11 shows a license area 1415B and a data area 1415C in the memory 1415 of the memory card 110. In the data area 1415C, a reproduction list file 160, entry management information 165, content files 1611 to 161n, and license management files 1621 to 162n are recorded. The content files 1611 to 161n record the received encrypted content data {Dc} Kc and additional information Dc-inf as one file. The license management files 1621 to 162n are recorded corresponding to the content files 1611 to 161n, respectively.
[0123]
When the memory card 110 receives the encrypted content data and license from the distribution server 10, the memory card 110 records the encrypted content data and license in the memory 1415.
[0124]
Therefore, the license of the encrypted content data transmitted to the memory card 110 by the distribution session is recorded in the area designated by the entry number of the license area 1415B of the memory 1415, and the reproduction list recorded in the data area 1415C of the memory 1415 By reading the license management file of the file 160, the entry number can be acquired, and the corresponding license can be read from the license area 1415B by the acquired entry number.
[0125]
The license management file 1622 is indicated by a dotted line, but indicates that it is not actually recorded. Although the content file 1612 exists but does not have a license and cannot be reproduced, this corresponds to, for example, the case where the mobile phone 100 receives only encrypted content data from another mobile phone.
[0126]
The content file 1613 is indicated by a dotted line. For example, the mobile phone 100 receives encrypted content data and a license from the distribution server 10 and receives only the received encrypted content data from another mobile phone. This corresponds to the case where the license is transmitted to the telephone, which means that the license exists in the memory 1415 but there is no encrypted content data.
[0127]
[Regeneration]
Next, the reproduction operation in the mobile phone 100 of the encrypted content data {Dc} Kc received from the distribution server 10 and recorded in the memory card 110 will be described.
[0128]
FIGS. 12 and 13 are first and second diagrams for explaining operations in a playback session for reading encrypted content data from the memory card 110 attached to the mobile phone 100 and playing back the read encrypted content data. It is a flowchart.
[0129]
Before the processing in FIG. 12, the user of the mobile phone 100 specifies the content (music) to be played back, specifies the content file, and manages the license according to the play list recorded in the data area 1415C of the memory card 110. The explanation is based on the assumption that the file has been acquired.
[0130]
Referring to FIG. 12, along with the start of the playback operation (step S200), a playback request is input to mobile phone 100 from the user of mobile phone 100 via key operation unit 1108 (step S202). Then, the controller 1106 makes an output request for authentication data to the content reproduction circuit 1550 via the bus BS2, and the authentication data holding unit 1500 of the content reproduction circuit 1550 outputs the authentication data {KPp1 // Cp1} KPa (step In step S204, the controller 1106 inputs the authentication data {KPp1 // Cp1} KPa to the memory card 110 via the memory card interface 1200 (step S206).
[0131]
Then, the memory card 110 receives the authentication data {KPp1 // Cp1} KPa, and the decryption processing unit 1408 receives the received authentication data {KPp1 // Cp1} KPa in the public authentication key held in the KPa holding unit 1414. Decryption is performed using KPa (step S208), and the controller 1420 performs authentication processing based on the decryption processing result in the decryption processing unit 1408. That is, an authentication process for determining whether or not the authentication data {KPp1 // Cp1} KPa is regular authentication data is performed (step S210). If decryption has failed, the process proceeds to step S250, and the reproduction operation ends.
[0132]
If the authentication data can be decrypted, the controller 1420 determines whether or not the acquired certificate Cp1 is included in the prohibited class list CRL read from the memory 1415 (step S212). In this case, an ID is assigned to the certificate Cp1, and the controller 1420 determines whether the ID of the accepted certificate Cp1 exists in the prohibited class list CRL. If it is determined that the certificate Cp1 is included in the prohibited class list CRL, the process proceeds to step S250, and the reproduction operation ends.
[0133]
If it is determined in step S212 that the certificate Cp1 is not included in the prohibited class list data, the controller 1420 controls the session key generation unit 1418, and the session key generation unit 1418 uses the session key Ks2 for the reproduction session. Is generated (step S214). Then, encryption processing unit 1410 encrypts session key Ks2 from session key generation unit 1418 with public encryption key KPp1 decrypted by decryption processing unit 1408, and outputs encrypted data {Ks2} Kp1 to bus BS3. Then, controller 1420 outputs encrypted data {Ks2} Kp1 to memory card interface 1200 via interface 1424 and terminal 1426 (step S218). The controller 1106 of the mobile phone 100 acquires the encrypted data {Ks2} Kp1 via the memory card interface 1200. Then, the controller 1106 gives the encrypted data {Ks2} Kp1 to the decryption processing unit 1504 of the content reproduction circuit 1550 via the bus BS2, and the decryption processing unit 1504 outputs the public encryption key KPp1 output from the Kp holding unit 1502 The encrypted data {Ks2} Kp1 is decrypted with the secret decryption key Kp1 paired with and the session key Ks2 is accepted (step S220).
[0134]
Then, session key generation unit 1508 of content reproduction circuit 1550 generates session key Ks3 (step S222). The encryption processing unit 1506 encrypts the session key Ks3 from the session key generation unit 1508 and the public encryption key KPpc2 from the KPpc holding unit 1507 with the session key Ks2 from the decryption processing unit 1504 to encrypt the encrypted data {Ks3 // KPpc2 } Ks2 is output (step S224), and the controller 1106 of the mobile phone 100 inputs the encrypted data {Ks3 // KPpc2} Ks2 to the memory card 110 via the bus BS2 and the memory card interface 1200 (step S226).
[0135]
Referring to FIG. 13, decryption processing unit 1412 of memory card 110 receives encrypted data {Ks3 // KPpc2} Ks2 via terminal 1426, interface 1424, and bus BS3. The decryption processing unit 1412 decrypts the encrypted data {Ks3 // KPpc2} Ks2 using the session key Ks2 generated by the session key generation unit 1418, and the session key Ks3 generated by the mobile phone 100 and the mobile phone 100 The public encryption key KPpc2 set for each is accepted (step S228).
[0136]
The controller 1106 of the mobile phone 100 acquires the entry number stored in the license from the license management file of the reproduction request song acquired in advance from the memory card 110, and sends the acquired entry number and the license output request to the memory card. Input to the memory card 110 via the interface 1200.
[0137]
The controller 1420 of the memory card 110 receives the entry number and the license output request, and acquires the license stored in the area designated by the entry number.
[0138]
Then, the controller 1420 confirms the access restriction information ACm (step S230).
[0139]
In step S230, by confirming the access restriction information ACm, which is information relating to restrictions on access to the memory 1415, specifically, by confirming the number of reproductions, the reproduction operation is performed if reproduction is not possible. When the number of reproductions of the access restriction information ACm is limited, the number of reproductions of the access restriction information ACm is changed (step S232), and the process proceeds to the next step (step S234). On the other hand, when the reproduction is not restricted by the number of times of access restriction information ACm, step S232 is skipped, and the process proceeds to the next step (step S234) without changing the number of times of reproduction of access restriction information ACm. Is done.
[0140]
If it is determined in step S230 that playback is possible in the playback operation, the license key Kc and playback control information ACp of the playback request song recorded in the license area 1415B of the memory 1415 are output onto the bus BS3. The
[0141]
The obtained license key Kc and reproduction control information ACp are sent to the encryption processing unit 1417 via the bus BS3. The encryption processing unit 1417 encrypts the license key Kc and the reproduction control information ACp input via the bus BS3 with the public encryption key KPpc2 received by the decryption processing unit 1412, and encrypts the data {Kc // ACp} KPpc2 Is output to the contact Pb of the changeover switch 1442 (step S234). Then, the encryption processing unit 1406 uses the session key Ks3 received from the decryption processing unit 1412 via the contact Pb of the changeover switch 1442, and the encrypted data {Kc // ACp} KPpc2 received via the contact Pb of the changeover switch 1442 Is encrypted and the encrypted data {{Kc // ACp} KPpc2} Ks3 is output to the bus BS3. The encrypted data {{Kc // ACp} KPpc2} Ks3 output to the bus BS3 is transmitted to the mobile phone 100 via the interface 1424, the terminal 1426, and the memory card interface 1200 (step S236).
[0142]
In the cellular phone 100, the encrypted data {{Kc // ACp} KPpc2} Ks3 transmitted to the bus BS2 via the memory card interface 1200 is decrypted by the decryption processing unit 1510, and the encrypted data {Kc // ACp} KPpc2 is accepted (step S238). Then, the decryption processing unit 1514 decrypts the encrypted data {Kc // ACp} KPpc2 obtained by the decryption processing unit 1510 with the secret decryption key Kpc2 from the Kpc holding unit 1512, and the license key Kc and the reproduction control information ACp. Is received (step S240). Decryption processing unit 1514 transmits license key Kc to decryption processing unit 1516 and outputs reproduction control information ACp to bus BS2.
[0143]
The controller 1106 receives the reproduction control information ACp via the bus BS2 and confirms whether reproduction is possible (step S242).
[0144]
If it is determined in step S242 that reproduction cannot be performed based on the reproduction control information ACp, the reproduction operation ends after the controller 1106 performs error processing (step S250).
[0145]
If it is determined in step S242 that playback is possible, the controller 1106 requests the encrypted content data {Dc} Kc from the memory card 110 via the memory card interface 1200. Then, the controller 1420 of the memory card 110 acquires the encrypted content data {Dc} Kc from the memory 1415 and outputs it to the memory card interface 1200 via the bus BS3, the interface 1424, and the terminal 1426 (step S244).
[0146]
The controller 1106 of the mobile phone 100 acquires the encrypted content data {Dc} Kc via the memory card interface 1200, and provides the encrypted content data {Dc} Kc to the content reproduction circuit 1550 via the bus BS2.
[0147]
Then, the decryption processing unit 1516 of the content reproduction circuit 1550 decrypts the encrypted content data {Dc} Kc with the license key Kc output from the decryption processing unit 1510 to obtain the content data Dc (step S246).
[0148]
The decrypted content data Dc is output to the music playback unit 1518. The music playback unit 1518 plays back the content data (step S248), and the DA converter 1520 converts the digital signal into an analog signal and selects the selector 1525. The selector 1525 selects the data from the DA converter 1520 and outputs it to the terminal 1530. The music data is output from the terminal 1530 to the headphones 130 via an external output device and reproduced. As a result, the reproduction operation ends (step S250).
[0149]
Thus, in the playback session of the encrypted content data {Dc} Kc, the public encryption key KPpc2 set for each mobile phone 100 (content playback circuit 1550) and the mobile phone 100 (content playback circuit 1550) are generated. Session key Ks3 is encrypted with session key Ks2 generated in memory card 110 and transmitted to memory card 110 (see step S224 in FIG. 12), and decrypted and reproduced encrypted content data {Dc} Kc When the license key Kc and the reproduction control information ACp are sequentially encrypted and received by the public encryption key KPpc2 and the session key Ks3 (see steps S236 and S238 in FIG. 13), the mobile phone 100 (content reproduction circuit 1550) Is a license key Kc and reproduction control information ACp can be acquired from the memory card 110 by increasing the confidentiality.
[0150]
As a result, it is possible to prevent the leakage of the license key Kc and the reproduction control information ACp necessary for reproducing the encrypted content data {Dc} Kc, and to reproduce the encrypted content data while protecting the copyright of the content data.
[0151]
[Embodiment 2]
FIG. 14 is a schematic block diagram showing the configuration of the data distribution system according to the second embodiment. In FIG. 14, the distribution server 10 receives a distribution request from the user of the personal computer 50 obtained through a modem (not shown) and the Internet network 30. Then, the distribution server 10 determines whether or not the personal computer 50 that has been accessed for data distribution is accessing using software including a content protection module having legitimate authentication data, that is, regular content. An authentication process is performed to determine whether or not it is a protection module, and music data is encrypted by a predetermined encryption method for a personal computer equipped with a valid content protection module. It transmits via the Internet network 30 and a modem. The content protection module of the personal computer 50 records the received encrypted content data and license as they are on a hard disk (HDD) or the like.
[0152]
In FIG. 14, the personal computer 50 includes encrypted content data limited to local use from music data acquired from a music CD (Compact Disk) 60 on which music data is recorded using the content protection module, and encryption. And a license for reproducing the content data. This process is called ripping and corresponds to an act of acquiring encrypted content data and a license from the music CD 60. Details of ripping will be described later.
[0153]
Furthermore, the personal computer 50 acquires the encrypted content data and license from the music CD 70.
[0154]
The music CD 70 need not record both the encrypted content data and the license, and may record only the encrypted content data. In this case, the personal computer 50 acquires encrypted content data from the music CD 70, and distributes a license for decrypting and reproducing the acquired encrypted content data via a modem (not shown) and the Internet network 30. 10 may be received.
[0155]
Further, the personal computer 50 is connected to the mobile phone 105 via a USB (Universal Serial Bus) cable 430, and can transmit / receive encrypted content data and a license to / from the memory cards 110 and 115 attached to the mobile phone 105. .
[0156]
Therefore, in the data distribution system shown in FIG. 14, the personal computer 50 receives the encrypted content data and the license from the distribution server 10 via the modem and the Internet network 30, and also encrypts the content data from the music CDs 60 and 70. And get a license. In addition, the memory cards 110 and 115 attached to the mobile phone 105 receive the encrypted content data and license acquired by the personal computer 50 from the distribution server 10 or the music CDs 60 and 70. The user of the mobile phone 105 can obtain encrypted content data and a license from the music CDs 60 and 70 via the personal computer 50.
[0157]
As described above, the cellular phone 105 can acquire the encrypted content data and the license from the distribution server 10 and the music CDs 60 and 70 without having a communication function. Then, the user of the mobile phone 105 can play back the encrypted content data recorded in the memory cards 110 and 115 by the mobile phone 105 and listen to it through the headphones 135.
[0158]
FIG. 15 is a schematic block diagram for explaining the configuration of the personal computer 50 shown in FIG. The personal computer 50 is connected to the bus BS4 for exchanging data of each part of the personal computer 50, the controller (CPU) 510 for controlling the inside of the personal computer and executing various programs, and the bus BS4. A hard disk (HDD) 530 that is a large-capacity recording device for recording and storing programs and data, a CD-ROM drive 540, a keyboard 560 for inputting instructions from the user, and various types of information. And a display 570 for visually giving the user.
[0159]
The personal computer 50 further connects a USB interface 550 for controlling data exchange between the controller 510 and the terminal 580 and the USB cable 430 when communicating the encrypted content data and license to the mobile phone 105 or the like. And a serial interface 555 for controlling data exchange between the controller 510 and the terminal 585 when communicating with the distribution server 10 via the Internet network 30 and a modem (not shown), And a terminal 585 for connecting to the modem with a cable.
[0160]
The controller 510 controls the exchange of data with the distribution server 10 and the CD-ROM drive 540 in order to receive encrypted content data and the like from the distribution server 10 to the content protection module 511 via the Internet network 30. The encrypted content data and the license are acquired by ripping from the music CD 60 via the CD. The controller 510 also performs control when acquiring encrypted content data and a license from the music CD 70 via the CD-ROM drive 540. Furthermore, the personal computer 50 is a program executed by the controller 510 and includes a content protection module 511 that receives distribution of encrypted content data and a license from the distribution server 10.
[0161]
The content protection module 511 performs software transmission and reception of data when receiving encrypted content data and a license from the distribution server 10 by using a program executed by the controller 510, and is used locally by ripping from the music CD 60. The encrypted content data and the license are generated, and the acquired license is protected by performing encryption processing and the like, stored in the HDD 530, and managed.
[0162]
The content protection module 511 transmits the encrypted content data and license acquired from the distribution server 10 and the music CDs 60 and 70 to the memory cards 110 and 115 attached to the mobile phone 105 via the USB cable 430.
[0163]
As described above, the personal computer 50 acquires the encrypted content data and the license by ripping from the music CD 60 and the content protection module 511 for receiving the encrypted content data and the license from the distribution server 10 via the Internet network 30. Or a CD-ROM drive 540 for directly acquiring encrypted content data and a license from a music CD 70.
[0164]
FIG. 16 is a schematic block diagram of the mobile phone 105 shown in FIG. The cellular phone 105 includes the antenna 1102, the transmission / reception unit 1104, the audio reproduction unit 1112, the DA converter 1113, the speaker 1114, the microphone 1115, the AD converter 1116, the audio encoding unit 1117, and the selector from the cellular phone 100 in the first embodiment. 1525 is deleted and a serial interface 1540 and a terminal 1541 are added, and the rest is the same as the mobile phone 100. In the second embodiment, the memory card interface 1200 controls data exchange between the memory cards 110 and 115 and the bus BS5.
[0165]
The serial interface 1540 controls data exchange between the bus BS5 and the terminal 1541 when receiving encrypted content data and a license from the personal computer 50. A terminal 1541 is a terminal for connecting the USB cable 430.
[0166]
The content reproduction circuit 1550 of the mobile phone 105 holds authentication data {KPp6 // Cp1} KPa obtained by encrypting the public encryption key KPp6 and the certificate Cp1 unique to the mobile phone 105 with the public authentication key KPa. Assume that the public encryption key KPpc7 set for each telephone 105 and the public encryption key KPpc7 and the asymmetric secret decryption key Kpc7 are stored.
[0167]
The operation in which the personal computer 50 acquires the encrypted content data and the license from the distribution server 10 is performed according to the flowcharts shown in FIGS. In this case, the cellular phone (controller) shown in FIGS. 7 to 10 may be read as the controller 510 of the personal computer 50, and the memory card may be read as the content protection module 511. Then, the content protection module 511 holds the authentication data {KPm5 // Cm5} KPa, and transmits the authentication data {KPm5 // Cm5} KPa to the distribution server 10 together with the content data distribution request. The content protection module 511 records the encrypted content data and license received from the distribution server 10 via the Internet network 30, the modem, the terminal 585, the serial interface 555, and the bus BS4 on the hard disk 530 via the bus BS4. .
[0168]
Furthermore, the controller 510 records the encrypted content data and license acquired by the CD-ROM drive 540 from the music CD 70 on the hard disk 530 via the bus BS4.
[0169]
[Ripping]
In addition to acquiring encrypted content data and a license by distribution, the user of the personal computer 50 can acquire and use music data from the music CD 60 owned. From the standpoint of copyright protection, the digital copy of the music CD 60 may not be freely performed. However, for the purpose of personal use, the music CD 60 is copied using a tool equipped with a copyright protection function, and the music is copied. Is allowed to enjoy. Therefore, the content protection module 511 also includes a program that realizes a ripping function for acquiring music data from the music CD 60 and generating encrypted content data and a license that can be managed by the content protection module 511.
[0170]
Some recent music CDs have a digital watermark called a watermark inserted into the music data. In the watermark, the range of use by the user is written as a use rule by the copyright holder. When ripping from music data in which usage rules are written, it is necessary to follow these usage rules from the viewpoint of copyright protection. After that, as usage rules, duplication conditions (duplication prohibited / duplicatable generations / duplicatable), valid period of duplication, maximum number of checkouts, editing, playback speed, reproducible area code, reproduction count limit for duplication, available Suppose the time is listed. There are also conventional music CDs in which no watermark is detected, that is, usage rules are not written.
[0171]
For ripping, in addition to acquiring music data directly from a music CD, a music signal input as an analog signal may be digitized and acquired as music data. Furthermore, in ripping, music data that has been compression-encoded to reduce the amount of data can be input. Furthermore, content data distributed by a distribution system other than the data distribution system according to the second embodiment can be input as an input.
[0172]
With reference to FIGS. 17 and 18, the acquisition of encrypted content data and a license by ripping from a music CD 60 on which music data is recorded will be described.
[0173]
FIG. 17 is a functional block diagram showing functions of software for ripping music data read from the music CD 60 by the CD-ROM drive 540 included in the personal computer 50 shown in FIG. The software for ripping music data includes a watermark detection unit 5400, a watermark determination unit 5401, a remark unit 5402, a license generation unit 5403, a music encoder 5404, and an encryption unit 5405.
[0174]
The watermark detection unit 5400 detects the watermark from the music data acquired from the music CD 60 and extracts the usage rule described. The watermark determination means 5401 detects the ripping based on the detection result of the watermark detection means 5400, that is, whether or not the watermark has been detected, and if further detected, based on the usage rules described in the watermark. Judgment is made. When ripping is possible, this means that there is no usage rule for watermarks, or that usage rules that permit copying and moving of music data recorded on the music CD 60 have been recorded by the watermarks. In this case, it means that the usage rule that the music data recorded on the music CD 60 should not be copied and moved is recorded by the watermark.
[0175]
The remark unit 5402 can rip the determination result in the watermark determination unit 5401 and if there is a copy generation instruction, that is, if the music data can be copied / moved, the watermark included in the music data is converted to the music data. Change the replication conditions to the changed watermark. However, when ripping by inputting an analog signal or when inputting encoded music data, or when inputting music data distributed by another distribution system, use if ripping is possible. Regardless of the rules, be sure to change the watermark. In this case, when there is an instruction for a replication generation, the contents of the usage rule are changed, and in other cases, the acquired usage rule is used as it is.
[0176]
The license generation unit 5403 generates a license based on the determination result of the watermark determination unit 5401. The music encoder 5404 encodes the music data whose watermark has been remarked by the remarking unit 5402 in a predetermined format. The encryption unit 5405 encrypts the music data from the music encoder 5404 with the license key Kc included in the license generated by the license generation unit 5403.
[0177]
A ripping operation in the controller 510 of the personal computer 50 will be described with reference to FIG. When the ripping operation is started, the watermark detection means 5400 detects the usage rule of the watermark based on the data detected from the music CD 60 (step S800). The watermark determination unit 5401 determines whether or not copying is possible based on the detection result of the watermark detection unit 5400 and the usage rule recorded as the watermark (step S802). If the watermark is detected, copying is permitted by the usage rule, and the content of the usage rule can be handled by the access control information ACm and the reproduction control information ACp in the license, it is determined that ripping is possible, and the process proceeds to step S804. . If a watermark is detected and copying is prohibited by the usage rule, or a usage rule that cannot be handled by the access control information ACm or the reproduction control information ACp in the license is determined, it is determined that ripping is prohibited, and step S828 is performed. The ripping operation is terminated after moving to. If the mounted music CD 60 does not include a watermark, the process proceeds to step S810.
[0178]
If it is determined in step S802 that ripping is possible, music data is taken in from the music CD 60, and the remarking unit 5402 replaces the watermark included in the music data with a watermark whose duplication conditions have been changed (step S804). In other words, if the watermark usage rule permits copying up to three generations, the data is replaced with a watermark with two generations of replication. Then, the license generation unit 5403 generates a license that reflects the usage rules. In other words, the license generation unit 5403 generates a license whose copy count is two generations (step S806). Thereafter, the license generation unit 5403 generates checkout information including the number of possible checkouts reflecting the usage rules (step S808). The number of checkouts that can be checked out is “3” if not stated.
[0179]
On the other hand, if no watermark is detected in step S802, the license generation unit 5403 generates a license that prohibits copying and moving of the license (step S810). Thereafter, the license generation unit 5403 generates checkout information including the number of possible checkouts whose initial value is 3 (step S812).
[0180]
After step S808 or S812, the music encoder 5404 encodes the music data with the watermark remarked into a predetermined format to generate content data {Dc} (step S814). Then, the encryption means 5405 encrypts the music data from the music encoder 5404 with the license key Kc included in the license generated by the license generation means 5403, and generates encrypted content data {Dc} Kc (step S816). ). Thereafter, the additional information Dc-inf of the content data {Dc} is generated by information included in the music CD 60 or user input input from the keyboard 560 of the personal computer 50 (step S818).
[0181]
Then, controller 510 of personal computer 50 acquires encrypted content data {Dc} Kc and additional information Dc-inf via bus BS2, and records them in HDD 530 (step S820). Then, the controller 510 generates an encrypted extended license in which the generated license (transaction ID, content ID, license key Kc, access restriction information ACm, reproduction control information ACp) and checkout information are uniquely encrypted. (Step S822). Thereafter, the controller 510 generates a license management file for the encrypted content data {Dc} Kc and the additional information Dc-inf recorded in the HDD, including the encrypted extended license, the plain text transaction ID, and the content ID. Then, it is recorded in the HDD 530 (step S824). Finally, the controller 510 adds the file name of the received content to the content list file recorded in the HDD 530 (step S826), and the ripping operation ends (step S828).
[0182]
As described above, the encrypted content data and the license can also be acquired from the music CD by ripping, and the acquired license is protected and managed together with the content distributed from the distribution server 10.
[0183]
As described above, the personal computer 50 acquires the encrypted content data and the license from the distribution server 10 and the music CDs 60 and 70 by various methods, and records the acquired encrypted content data and the license on the hard disk 530.
[0184]
Then, the personal computer 50 stores the encrypted content data and license recorded in the hard disk 530 by the content protection module 511 through the USB interface 550, the terminal 580, and the USB cable 430 to the memory card 110, 115 can be transmitted. In this case, the content protection module 511 has the same function as the data processing unit 310 shown in FIG.
[0185]
Therefore, the operation of transmitting the encrypted content data and the license from the personal computer 50 to the memory cards 110 and 115 attached to the mobile phone 105 is performed according to the flowcharts shown in FIGS. In this case, what is necessary is just to replace a delivery server with a content protection module in FIGS.
[0186]
The cellular phone 105 receives the encrypted content data and the license from the personal computer 50 via the USB cable 430 and records them in the memory cards 110 and 115. Then, the mobile phone 105 reproduces the encrypted content data recorded in the memory cards 110 and 115 according to the flowcharts shown in FIGS.
[0187]
The data distribution system according to the second embodiment may be the data distribution system shown in FIG. In the data distribution system shown in FIG. 19, the encrypted content data and license acquired by the personal computer 50 from the distribution server 10 and the music CDs 60 and 70 are written into the memory card 110 by the memory card writer 440. Then, the user of the mobile phone 105 removes the memory card 110 in which the encrypted content data and the license are written from the memory card writer 440 and inserts it into the mobile phone 105, whereby the memory card is followed according to the flowcharts shown in FIGS. The encrypted content data recorded in 110 can be reproduced and listened through the headphones 135.
[0188]
According to the embodiment of the present invention, a public encryption key set for each mobile phone, and a license key and playback control information sequentially encrypted by a session key generated in the mobile phone are transmitted from the memory card to the mobile phone. Since the encrypted content data is reproduced on the mobile phone, it is possible to protect the encrypted content data acquired from the distribution server or the like by prohibiting copying of the license for decrypting and reproducing the encrypted content data.
[0189]
The embodiment disclosed this time should be considered as illustrative in all points and not restrictive. The scope of the present invention is shown not by the above description of the embodiments but by the scope of claims for patent, and is intended to include meanings equivalent to the scope of claims for patent and all modifications within the scope.
[Brief description of the drawings]
FIG. 1 is a schematic diagram conceptually illustrating a data distribution system according to a first embodiment.
2 is a diagram showing characteristics of data, information, etc. for communication in the data distribution system shown in FIG.
3 is a diagram showing characteristics of data, information, etc. for communication in the data distribution system shown in FIG.
4 is a schematic block diagram showing a configuration of a distribution server in the data distribution system shown in FIG.
5 is a schematic block diagram showing a configuration of a mobile phone in the data distribution system shown in FIG.
6 is a schematic block diagram showing a configuration of a memory card in the data distribution system shown in FIG. 1. FIG.
7 is a first flowchart for explaining the distribution operation of encrypted content data in the data distribution system shown in FIG. 1; FIG.
FIG. 8 is a second flowchart for explaining the distribution operation of encrypted content data in the data distribution system shown in FIG. 1;
FIG. 9 is a third flowchart for explaining the encrypted content data distribution operation in the data distribution system shown in FIG. 1;
FIG. 10 is a fourth flowchart for explaining the distribution operation of the encrypted content data in the data distribution system shown in FIG.
FIG. 11 is a diagram illustrating a configuration of a playlist file in a memory card.
FIG. 12 is a first flowchart for explaining a reproduction operation in the mobile phone.
FIG. 13 is a second flowchart for explaining the reproduction operation in the mobile phone.
FIG. 14 is a schematic diagram conceptually illustrating a data distribution system according to a second embodiment.
15 is a schematic block diagram showing the configuration of the personal computer shown in FIG.
16 is a schematic block diagram showing a configuration of the mobile phone shown in FIG.
FIG. 17 is a functional block diagram for explaining a function of software for executing ripping;
FIG. 18 is a flowchart for explaining a ripping operation in the data distribution system shown in FIG. 1;
FIG. 19 is a schematic diagram conceptually illustrating another data distribution system in the second embodiment.
[Explanation of symbols]
10 distribution server, 20 distribution carrier, 30 Internet network, 50 personal computer, 60, 70 music CD, 100, 105 mobile phone, 110, 115 memory card, 130, 135 headphones, 160 playlist file, 165 entry management information, 302 charging database, 304 information database, 306 CRL database, 307 menu database, 308 delivery record database, 310 data processing unit, 312, 320, 1404, 1408, 1412, 1422, 1504, 1510, 1514, 1516 decoding processing unit, 313 , 1414 Authentication key holding unit, 315 Distribution control unit, 316, 1418, 1508 Session key generation unit, 318, 326, 328, 1406, 1410, 1417, 1506 405 Encryption processing unit, 350 communication device, 430 USB cable, 440 memory card writer, 510, 1106, 1420 controller, 511 content protection module, 530 hard disk, 540 CD-ROM drive, 550 USB interface, 555, 1540 serial interface, 580 , 585, 1426, 1530, 1541 terminals, 560 keyboard, 570 display, 1102 antenna, 1104 transmission / reception unit, 1108 key operation unit, 1110 display, 1112 audio playback unit, 1113, 1520 DA converter, 1114 speaker, 1115 microphone, 1116 AD converter, 1117 speech encoding unit, 1200 memory card interface, 1400, 1500 authentication data holding unit, 1402 Km Holding unit, 1415 memory, 1415A CRL storage unit, 1415B license area, 1415C data area, 1416 KPmc holding unit, 1421 Km holding unit, 1424 interface, 1442, 1446 changeover switch, 1502 Kp holding unit, 1507 KPpc holding unit, 1512 Kpc Holding unit, 1518 music playback unit, 1525 selector, 1550 content playback circuit, 1611 to 161n content file, 1621 to 162n license management file, 5400 watermark detection unit, 5401 watermark determination unit, 5402 remark unit, 5403 license generation unit 5404 Music encoder.

Claims (8)

A data reproducing apparatus for license data recording data recording apparatus or found before Symbol licensed data to reproduce the encrypted content data for decoding and reproducing the encryption content data,
An interface for controlling the exchange of data with the data recording device ;
A content reproduction unit that reproduces the content data by decrypting the license key included pre Symbol encrypted content data to the license data,
A first public key holding unit for holding an individual public encryption key set for each content reproduction unit ;
A first secret key holding unit holding an individual secret decryption key for decrypting data encrypted by the individual public encryption key;
A session key generation unit that generates a first session key for each communication with the data recording device;
A first decryption processing unit for decrypting data encrypted with the individual public encryption key and the first session key with the individual secret decryption key and the first session key;
A second public key holding unit holding a class public encryption key unique to the type of the content reproduction unit;
A second secret key holding unit holding a class secret decryption key for decrypting data encrypted with the class public encryption key;
A second decryption processing unit for decrypting data encrypted with the class public encryption key with the class secret decryption key ;
An encryption processing unit that encrypts data with a second session key generated in the data recording device ,
The class public encryption key is transmitted to the data recording device via the interface in response to a reproduction request for the encrypted content data.
The second session key encrypted with the class public encryption key is received by the data reproduction device via the interface,
The second session key decrypted by the second decryption processing unit is input to the encryption processing unit,
The individual public encryption key and the first session key encrypted with the second session key are transmitted to the data recording device via the interface,
The encrypted license data encrypted with the individual public encryption key and the first session key is received by the data reproduction device via the interface and is input to the first decryption processing unit,
The second decryption processing unit decrypts the encrypted second session key with the class secret decryption key received from the second secret key holding unit;
The encryption processing unit encrypts the individual public encryption key from the first public key holding unit and the first session key from the session key generation unit with the second session key,
The first decoding processing unit, the encrypted license data decoded by said individual private decryption key and the first session key, give Lula license key included in the license data that decoded the content reproducing unit Data reproduction device. Before Kira license data, and reproduction control information for limiting reproduction in the content reproduction unit, and a said license key,
The data reproduction device further includes a control unit that determines whether or not reproduction of the encrypted content data in the content reproduction unit is possible based on the reproduction control information,
Wherein, when it is determined that disables reproduction of the encrypted content data, you stop processing, data reproducing apparatus according to claim 1. The content playback unit
A third decryption processing unit for decrypting the encrypted content data with the license key ;
The data reproducing apparatus according to claim 1 , further comprising: a reproducing unit that reproduces the content data decrypted by the third decryption processing unit . A data recording device for recording license data for decrypting and reproducing encrypted content data,
An interface for controlling transmission / reception of data to / from a data reproducing device for reproducing the encrypted content data;
A storage unit for storing the license data;
A first encryption processing unit that encrypts data using an individual public encryption key set for each data reproduction device and a first session key generated by the data reproduction device;
A second encryption processing unit for encrypting data with a class public encryption key unique to the type of the data reproducing device;
A session key generation unit that generates a second session key for each communication with the data reproduction device;
A decryption processing unit for decrypting data with the second session key generated by the session key generation unit;
Whether or not the license key included in the license data can be output to the data reproduction device based on the access control information included in the license data in response to an output request for the license data input via the interface. A control unit for determining,
When the license key can be output to the data reproduction device,
The second session key encrypted by the class public encryption key received from the data reproduction device and generated by the session key generation unit is transmitted to the data reproduction device via the interface,
The first session key and the individual public encryption key encrypted with the second session key are transmitted to the data recording device via the interface and input to the decryption processing unit,
The license data read from the storage unit is input to the first encryption processing unit,
The encrypted license data encrypted with the individual public encryption key and the first session key is transmitted to the data reproduction device via the interface,
The second encryption processing unit encrypts the second session key with the class public encryption key,
The decryption processing unit decrypts the encrypted first session key and the individual public encryption key with the second session key, and uses the decrypted first session key and the individual public encryption key. Giving to the first cryptographic processing unit,
The data recording device , wherein the first encryption processing unit encrypts the license data with the first session key and the individual public encryption key . The data recording apparatus according to claim 4, wherein when the control unit determines that the license key cannot be output to the data reproduction apparatus, transmission of the license data to the data reproduction apparatus is prohibited . And further comprising another decryption processing unit for decrypting the data with the public authentication key,
The control unit receives authentication data that includes the class public encryption key and can be authenticated by the public authentication key from the data reproduction device via the interface, and the public authentication key in the other decryption processing unit Determining whether or not the data reproduction device is authentic based on the result of decryption of the authentication data by, and stopping the output of the license data stored in the storage unit when the data reproduction device is determined to be invalid,
The data recording apparatus according to claim 5 , wherein the another decryption processing unit decrypts the authentication data with the public authentication key, and provides the decryption result to the control unit . The authentication data further includes a class certificate paired with the class public encryption key ,
The control unit determines whether the content reproduction device is a license data acquisition prohibition target based on the class certificate, and when the content reproduction device is a license data acquisition prohibition target, the storage unit The data recording apparatus according to claim 6, wherein transmission of license data stored in is prohibited . The storage unit
A first storage unit that is directly accessible from the outside and stores the encrypted content data;
8. The data recording apparatus according to claim 4, wherein the data recording apparatus is configured by a tamper structure having high confidentiality and includes a second storage unit that stores the license data . 9.

Images