JP3767434B2 - AUTHORING SYSTEM, AUTHORING KEY GENERATION DEVICE, AUTHORING DEVICE, AUTHORING METHOD, COMPUTER PROGRAM, AND STORAGE MEDIUM - Google Patents

Description

[0001]
BACKGROUND OF THE INVENTION
The present invention relates to an information distribution system for securely distributing contents such as music, and in particular, an information providing apparatus, an information distribution terminal, an information providing method, and a computer capable of securely downloading contents to a storage medium such as a memory stick. An authoring system for authoring content data distributed via a program and a storage medium with copyright protection encryption, an authoring key generating device for generating an authoring key, and an authoring device for encrypting and authoring content , An authoring method, a computer program, and a storage medium.
[0002]
[Prior art]
In recent years, with the spread of networks such as the Internet, information that distributes various information (hereinafter referred to as contents) such as music data, image (including still images and moving images) data, and game programs to users via the network. Construction of a distribution system has been proposed. In order to construct such an information distribution system, it is an important premise how to protect the copyright accompanying each content. In other words, a large amount of digital copy of each content becomes possible through the network. Therefore, several copyright protection technologies have been developed to prevent illegal copying of content.
[0003]
[Problems to be solved by the invention]
In general, it is said that two encryption stages are required to protect the distributed content from illegal copying. The first encryption stage is a stage in which content is encrypted when authoring the content, and illegal copying at the time of content distribution is protected. The second encryption stage is a stage for encrypting the content and preventing subsequent illegal copying when the content is written to a storage device owned by the user via an information distribution terminal such as a kiosk terminal.
[0004]
In this regard, in the conventional content distribution service, the encryption method at the time of authoring is different from the encryption method at the time of writing. For this reason, when the content is written to the storage device owned by the user, it is necessary to take steps of decrypting the content and then encrypting it again, which requires extra time. In addition, there is a security problem because the content is temporarily in a raw state during decryption at the time of writing.
[0005]
In the conventional information distribution system, since the content writing module does not have a use authorization authentication function, the writing module itself is vulnerable to theft. In other words, the stolen writing module has caused a problem that a large amount of content can be illegally copied digitally.
[0006]
Furthermore, the conventional information distribution system has a problem that the authoring process itself is poorly protected, and if the authoring specification is obtained, anyone can author content.
[0007]
Furthermore, in the conventional information distribution system, for example, when the content is music data, when the user wants to move the content to another medium after downloading the content once to the storage device owned by the user, There is also a problem that even a legitimate user who has acquired the content cannot freely move the content without deteriorating the sound quality.
[0008]
Furthermore, in the conventional information distribution system, for example, when the content is music data, only music and titles can be recorded on media such as MD, and accompanying data such as jacket photos and lyrics data (so-called fringe data). There was also a problem that had to be obtained by printing out with a printer.
[0009]
An object of the present invention is to solve various problems as mentioned above and below in a conventional information distribution system.
[0010]
[Means for Solving the Problems]
In order to solve the above-described problem, according to an aspect of the present invention, an authoring system is provided that authors content data (Content) distributed via an information distribution terminal by performing copyright protection encryption. . This authoring system is composed of an authoring key generation device and an authoring device.
[0011]
The authoring key generation device encrypts a content identifier (CID) uniquely assigned to each content data (Content), an authoring key use key (CEK) uniquely assigned to each authoring device, and the content data (Content). The content key (Kc) to be encrypted and the second content key (EKc) obtained by encrypting the content key with the root key (Kroot) are encrypted using the content identifier (CID) and the authoring key use key (CEK) Generated authoring key (CED).
[0012]
The authoring device decrypts the content key (Kc) and the second content key (EKc) from the authoring key (CED) using the content identifier (CID) and the authoring key use key (CEK). Decrypting means for encrypting, and encrypting means for encrypting the content data (Content) using the decrypted content key (Kc) to generate authored encrypted content data (E (Kc, Content)) And.
[0013]
The authoring device packages the encrypted content data (E (Kc, Content)) obtained by the encryption means, the content identifier (CID), and the second content key (EKc) as one package data. There may be further provided packaging means.
[0014]
In order to solve the above problem, according to another aspect of the present invention, an authoring key is generated for authoring content data (Content) distributed via an information distribution terminal by performing copyright protection encryption. An authoring key generation device that performs: a content identifier (CID) uniquely assigned to each content data (Content), an authoring key use key (CEK) uniquely assigned to each authoring device, and the content data (Content) ) Using a content key (Kc) and a second content key (EKc) obtained by encrypting the content key with a root key (Kroot), using the content identifier (CID) and the authoring key use key (CEK) Encrypted authoring key (CED) And generating bets, authoring key generating apparatus is provided.
[0015]
Further, according to another aspect of the present invention, in an authoring apparatus that authors content data (Content) distributed via an information distribution terminal by performing copyright protection encryption: storing the content data (Content) Content storage means for executing; a content identifier (CID) uniquely assigned to each content data (Content), an authoring key use key (CEK) uniquely assigned to each authoring device, and the content data (Content) A content key (Kc) to be encrypted and a second content key (EKc) obtained by encrypting the content key with a root key (Kroot) are encrypted using the content identifier (CID) and the authoring key use key (CEK). Turned into A key information storage unit for storing key information including a saling key (CED); and the content key using the content identifier (CID) and the authoring key use key (CEK) from the authoring key (CED). Decrypting means for decrypting (Kc) and the second content key (EKc); encrypting the content data (Content) using the content key (Kc) and encrypting content data (E (Kc) , Content)) is provided, and an authoring device is provided.
[0016]
The authoring apparatus further includes encrypted content data (E (Kc, Content)) obtained by the encryption means, the content identifier (CID), and the second content key (EKc) in one package. A packaging means for packaging as data may be provided.
[0017]
The authoring key (CED) may be encrypted in an authorized authoring key generation device configured separately from the package data creation device.
[0018]
Further, the packaging unit may be configured to further package fringe data that is additional information related to the content data (Content).
[0019]
Further, according to another aspect of the present invention, there is provided a computer program that causes a computer to function as the authoring key generation device or the authoring device, and a computer-readable storage medium storing the computer program Is done.
[0020]
In the authoring system, the authoring key generation device, and the authoring device, the content key (Kc) is a key obtained from the second content key (EKc) and the root key (Kroot), and the encrypted content data (E (Kc, Content)) can be decrypted, and the content data (Content) can be played back in a playback device that securely holds the root key (Kroot).
[0021]
The root key (Kroot) is embedded and held in a content enabling key (EKB) encrypted by a device key (Kdevice) related to the playback device, and the authoring key (CEK) includes: In addition to the content key (Kc) and the second content key (EKc), the content enabling key (EKB) may be encrypted.
[0022]
The authoring key (CEK) may be configured to encrypt checksum information in addition to the content key (Kc) and the second content key (EKc).
[0023]
Further, when the authoring key (CEK) has been updated, a discarding unit for discarding the authoring key (CEK) before the update may be further provided.
[0024]
The content data (Content) that is the information distribution target of the information distribution system includes main content data and additional information of the main content data.
[0025]
Further, according to another aspect of the present invention, there is provided an authoring method for authoring content data (Content) distributed via an information distribution terminal by performing copyright protection encryption: the content data (Content) A content identifier (CID) uniquely assigned to each authoring key, an authoring key use key (CEK) uniquely assigned to each authoring device, a content key (Kc) for encrypting the content data (Content), and the content key An authoring key for generating an authoring key (CED) obtained by encrypting a second content key (EKc) encrypted with a root key (Kroot) using the content identifier (CID) and the authoring key use key (CEK) A production stage; A decryption step of decrypting the content key (Kc) and the second content key (EKc) from the key (CED) using the content identifier (CID) and the authoring key use key (CEK); Encrypting the content data (Content) using the decrypted content key (Kc) to generate authored encrypted content data (E (Kc, Content)); A featured authoring method is provided.
[0026]
In the authoring method, the encrypted content data (E (Kc, Content)) obtained by the encryption device, the content identifier (CID), and the second content key (EKc) are further combined into one package. It may include a packaging step that packages as data.
[0027]
The root key (Kroot) is incorporated and held in a content enabling key (EKB) encrypted by a device key (Kdevice) related to a playback device capable of generating the content data (Content). In the authoring key (CEK), the content enabling key (EKB) may be encrypted in addition to the content key (Kc) and the second content key (EKc). .
[0028]
In the authoring key (CEK), checksum information may be encrypted in addition to the content key (Kc) and the second content key (EKc).
[0029]
When the authoring key (CEK) has been updated, the authoring key (CEK) may be further discarded.
[0030]
Other objects, features, and effects of the present invention will become apparent from the embodiments of the present invention described below and the accompanying drawings.
[0031]
DETAILED DESCRIPTION OF THE INVENTION
A case where the system is applied to an information distribution system that distributes music data as contents will be described below as a preferred embodiment of the information distribution system according to the present invention with reference to the accompanying drawings. In the following description and accompanying drawings, members having substantially the same functional configuration are denoted by the same reference numerals, and redundant description will be omitted.
[0032]
(1. Information to be distributed)
First, in order to facilitate understanding of the information distribution system according to the present embodiment, information to be distributed by the information distribution system will be described.
[0033]
Information to be distributed in the information distribution system according to the present embodiment is “content for distribution”. The distribution content includes main content and additional information. It should be noted that in the present specification, when simply referred to as “content (data)”, it includes both main content and additional information described later.
[0034]
“Main content (data)” is information that is a main distribution target in the information distribution system according to the present embodiment. More specifically, music data, image data (including still image data and moving image data) produced by a content holder, game programs, and the like.
[0035]
“Additional information” is data accompanying the main content. For example, if the main data is music data, the accompanying fringe data (Fringe Data) such as a jacket photo and lyrics, metadata such as the title and artist name of the music (Metadata), and other devices It includes usage condition information such as the number of possible check-outs and the number of possible movements to the computer.
[0036]
"Package (data)" (package data) is obtained by applying copyright protection encryption to content data for distribution distributed from an information distribution terminal in the information distribution system according to the present embodiment. Packaged. Package data is generated by the package information generation unit 316 of the authoring studio 300. The package includes a second content key (EKc) and a content enabling key (EKB), which will be described later, in addition to the encrypted content data (E (Kc, Content)) obtained by encrypting the main content and additional information. It is.
[0037]
(2. Overview of information distribution system)
FIG. 1 shows a schematic configuration of an information distribution system 100 according to the present embodiment. As shown in FIG. 1, the information distribution system 100 mainly includes a content holder unit 120, a content distribution unit 140, a key management device 160, and a user unit 180. Each component will be described below.
[0038]
(2.1 Content Holder section 120)
The content holder unit 120 is an information processing apparatus group such as a server belonging to a record company. The content holder unit is composed of a plurality of content holders 120a to 120n having the same function. Each of the content holders 120a to 120n is a server device such as a computer provided with a content management unit 122, a content creation unit 124, a content output unit 126, and a content database 128 as shown in FIG.
[0039]
(Content Manager 122)
The content management unit 122 manages content such as music data produced by a record company or the like related to the content holder 120a. In the content managed here, if the content is music-related information, in addition to the main content such as music data, fringe data such as jacket photos and lyrics data, metadata such as music titles and artist names, and usage condition information Additional information such as is included.
[0040]
(Content creation unit 124)
The content creation unit 124 creates content related to the content holder 120a. In the content created here, if the content is music-related information, in addition to the main content such as music data, fringe data such as jacket photos and lyrics data, metadata such as music titles and artist names, and usage condition information Additional information such as is included.
[0041]
(Content output unit 126)
The content output unit 126 delivers the content created and managed in the content holder 120a to the content aggregator 200 of the content distribution unit 140 as will be described later. The delivery of content may be performed via a network such as the Internet, or may be performed via a storage medium such as a CD-R or a DVD-RAM.
[0042]
(Content database 128)
The content database 128 is a mass storage medium that stores the content created by the content creation unit 124. The content stored and managed here includes, in the case of music-related information, in addition to main content such as song data, fringe data such as jacket photos and lyrics data, metadata such as song titles and artist names, and usage. Additional information such as condition information is included.
[0043]
(2.2 Content Distribution Department)
The content distribution unit 140 is a core part of the information distribution system according to the present embodiment. In this content distribution unit 140, the content for distribution is encrypted for copyright protection and packaged as package data. The packaged package data is sent to the information distribution terminal 400 such as a kiosk terminal via the network 600, and is provided from the information distribution terminal 400 to the storage device 182 owned by the user.
[0044]
The content distribution unit 140 mainly includes a content aggregator unit 200, an authoring studio unit 300, an information distribution unit (kiosk terminal unit) 400, an authentication server unit 500, and a network 600.
[0045]
(2.2.1 Content Aggregator 200)
The content aggregator 200 collects content such as music from the content holder 120 and performs a task of planning and organizing. If the content is music related information, in addition to the main content such as song data, the content collected here includes fringe data such as jacket photos and lyrics data, metadata such as song titles and artist names, and usage condition information. Additional information such as is included.
[0046]
The content aggregator 200 mainly includes a content management unit 210, a content collection unit 220, a content output unit 230, and a content database 240.
[0047]
(Content management unit 210)
The content management unit 210 selects attractive and valuable content to be distributed using the information distribution system 100 from the content held by the content holders 120a to 120n. Further, the content management unit 210 instructs the content collection unit 220 to directly access the predetermined content holder 120a or access the media distributed from the predetermined content holder 120a to collect the content. . The content management unit 210 also plans and organizes the content collected from the content holder 120 at the same time.
[0048]
(Content collection unit 220)
In response to a command from the content management unit 210, the content collection unit 220 directly accesses the predetermined content holder 120a or accesses the media distributed from the predetermined content holder 120a to take in the content, and the content database 240 To remember.
[0049]
(Content database 240)
The content database 240 temporarily stores and manages the content captured by the content collection unit 220. The content database 240 stores and manages various histories related to the operation of the content aggregator 200.
[0050]
(Content output unit 230)
The content output unit 230 reads the content collected by the content collection unit 220 from the content database 240 and outputs it to the authoring studio 300 in response to a request from the authoring studio 300 described later. The content output to the authoring studio 300 may be performed via a public line network such as the Internet, or may be performed via a more secure dedicated line network. Furthermore, it may be performed via a storage medium such as a CD-R or a DVD-RAM.
[0051]
(2.2.2 Authoring Studio 300)
The authoring studio 300 has a function of processing content to be distributed so as to be compatible with the information distribution system according to the present embodiment. More specifically, the processing of content data is performed through a first stage of compressing content for easy distribution and a second stage of authoring, encrypting, and packaging.
[0052]
As shown in FIG. 4, the authoring studio 300 mainly includes an authoring unit 310, a product management unit 330, and a database server 340.
[0053]
(Authoring section 310)
The authoring unit 310 is a computer program that runs on, for example, a computer device. As shown in FIG. 5, the content management unit 312, the data compression unit 314, the package generation module 316, the GUI production unit 318, and the distribution unit 320.
[0054]
(Content Manager 312)
The content management unit 312 manages the content received from the content aggregator 200. In the content managed here, if the content is music-related information, in addition to the main content such as music data, fringe data such as jacket photos and lyrics data, metadata such as music titles and artist names, and usage condition information Additional information such as is included.
[0055]
(Data compression unit 312)
The data compression unit 312 is software that compresses the content transferred from the content management unit 312, for example. As the compression method, for example, when the content is music data, the ATRAC3 method can be adopted to compress the original data to about 1/10. Of course, the compression method is not limited to the ATRAC3 (Adaptive Transform Acoustic Coding3) method, the MP3 (MPEG-1 Audio Layer3) method, the AAC (Advanced Audio Coordinating Method, WMA (Windows MediaTinVinQ method). It goes without saying that a voice compression method such as a weighted interleave vector quantization method or a QDX method can be adopted.
[0056]
(Package generation unit (authoring device) 316)
The package generation unit (authoring device) 316 is configured, for example, as software having a function of encrypting and packaging the content data compressed by the data compression unit 314 for authoring. That is, the package generation unit 316 functions as an authoring device that authors content data.
[0057]
The configuration of the authoring device 316 and the details of some keys used in the authoring device will be described later in connection with the authoring key generation device 160, and only a brief description will be given here.
[0058]
As shown in FIG. 6, the authoring device 316 mainly includes content key (Kc) decrypting means 3162, content encrypting means 3164, and packaging means 3166.
[0059]
(Content key (Kc) decryption means 3162)
The content key (Kc) decryption means 3162 receives an authoring key (CED), the content identifier (CID), and the authoring key use key (CEK) from an authoring key generation device 160 described later. Then, the content key (Kc) and the second content key (EKc) are decrypted from the authoring key (CED) using the content identifier (CID) and the authoring key use key (CEK).
[0060]
(Content encryption means 3164)
The content encryption unit 3164 encrypts content data using the content key (Kc) decrypted by the content key (Kc) decryption unit 3162, and generates encrypted content data (E (Kc, Content)). To do. In the information distribution system according to the present embodiment, the encrypted content data (E (Kc, Content)) is packaged together with predetermined information and transmitted to the information distribution terminal 400.
[0061]
(Packaging means 3166)
The package unit 3166 packages the encrypted content data (E (Kc, Content)) obtained by the content encryption unit 3164, the content identifier (CID), and the second content key (EKc) as one package data. Turn into. In addition to the main contents such as music data, the package includes additional information such as fringe data such as jacket photos and lyrics data, metadata such as music titles and artist names, and usage condition information.
[0062]
(Functional configuration diagram of package generation unit 316)
FIG. 7 is a block diagram showing the functions of the package generation unit 316 more specifically. As illustrated, the package generation unit 316 is configured as an authoring application 310b that runs on an OS 310a such as Windows 2000. In the authoring application 310b, a data compression unit 314, a package generation unit 316, and the like are incorporated as a DLL (Dynamic Link Library). Note that other applications such as the content management unit 312 incorporated in the authoring application 310b are not shown for convenience of explanation.
[0063]
As shown in the figure, music data before compression configured in a predetermined audio format, for example, WAV format is sent to the data compression unit 314 and compressed in a predetermined compression format, for example, ATRAC3 format. The main content such as music data compressed by the data compression unit 314 is sent to the package generation unit 316, and is encrypted and packaged together with additional information including fringe data, metadata, usage condition information, and the like.
[0064]
As described above, according to the authoring device (package generation device) 316 according to the present embodiment, it is possible to perform processing such as data compression, encryption, and packaging at the time of authoring. As a result, it is possible to reduce computation addition and communication load at the time of content distribution or content sales. In particular, the download time at the information distribution terminal can be greatly reduced, and the user can download the authored content in a time that is almost the same as the content copy time.
[0065]
(GUI production department 318)
Referring to FIG. 5 again, the GUI production unit 318 of the authoring unit 310 displays a GUI (Graphical) displayed on a kiosk terminal which is an information distribution terminal described later.
User Interface). The GUI produced here is distributed to each kiosk terminal via the distribution unit 320. A user who wants to download content purchases the content and downloads it to a predetermined storage medium while navigating to a screen displayed on the kiosk terminal based on this GUI, or downloads the downloaded content to a computer device, etc. In It is possible to move (Import) or check out from the computer device to another playback device or storage medium.
[0066]
(Distribution unit 320)
The distribution unit 320 compresses the packaged content including the data compression unit 314 and the package generation unit 316 as described above, and distributes the packaged content and the GUI produced by the GUI production unit 318 to an information distribution device such as a kiosk terminal. It has a function of delivering to the terminal 400.
[0067]
(Product Management Unit 330)
Referring to FIG. 4 again, the product management unit 330 manages the content processed for distribution in the authoring unit 310 as a package product. Specifically, the merchandise management unit 330 monitors the distribution of the packaged contents, and performs merchandise sales and price collection operations in cooperation with the sales management unit of the kiosk management center. In addition, the product management unit 330 statistically grasps and manages the sales history and the like at the kiosk terminal 400 that is an information distribution terminal, and uses it as a material for future product development. The business history of the product management unit 330 is stored in the database server 340.
[0068]
(Database server 340)
The database server 340 stores and manages various data related to the authoring studio 300. Specifically, the database server 340 stores the content processed for distribution in the authoring 310. In the content managed here, if the content is music-related information, in addition to the main content such as music data, fringe data such as jacket photos and lyrics data, metadata such as music titles and artist names, and usage condition information Additional information such as is included.
[0069]
In addition, the database server 340 stores and manages the business history of the product management unit 330, that is, the sales information and price collection information of packaged products, the sales history at the kiosk terminal that is an information distribution terminal, and the like.
[0070]
(2.2.3 Information distribution terminal 400)
The information distribution terminal 400 is also referred to as a kiosk terminal, stores the packaged content distributed from the authoring studio 300, and stores the corresponding content in response to a request from the user 180. It has a function to download. The kiosk terminal 400 may be installed in a place where people can easily gather, such as a convenience store or a gas station, or a personal computer device installed in a place used by each individual may be used as an information distribution terminal.
[0071]
As shown in FIG. 8, the information distribution terminal 400 includes an information distribution terminal management unit 410, an information provision unit 420, a reader / writer (R / W) 430, a sales management unit 440, a charge control unit 450, and a database 460. Consists mainly of.
[0072]
(Information distribution terminal management unit 410)
The information distribution terminal management unit 410 is software that manages various tasks in the information distribution terminal 400, for example. The information distribution terminal management unit 410 manages external authentication and internal authentication of the information distribution terminal device in cooperation with the information providing unit 420 and the reader / writer (R / W) 430, and after the authentication is completed, the reader / writer (R / W) The content writing to the storage device 182 such as a memory stick is permitted via the 430.
[0073]
The information distribution terminal management unit 410 also has a function of managing content sales operations and charging operations for the user unit 180 in cooperation with the sales management unit 440 and the charging control unit 450. The information distribution management unit 410 further manages a database 460 that stores packaged contents or stores history related to sales operations and billing operations.
[0074]
(Information provider 420)
The information providing unit 420 performs a verification operation or an authentication operation such as whether the package is created by a regular authoring system, and if the authentication is affirmative, the content is read by a reader / writer (R / W) 430. And has a function of performing writing to the storage device 182 such as a memory stick.
[0075]
As shown in FIG. 9, the information providing unit 420 can be configured as software mainly including an external authentication unit 422, an internal authentication unit 424, and a reproduction control unit 428.
[0076]
The information providing unit 420 is configured as a DLL (Dynamic Link Library) incorporated in the information distribution terminal 400, for example. An example in which the information providing unit 420 is incorporated as an application operating on a predetermined OS, for example, Windows 2000 is shown in FIG. The information providing unit 420 shown in FIG. 12 includes a GUI application unit 423, a secure module unit 425, and an interface unit 427 for easy understanding.
[0077]
(External authentication unit 422)
Referring to FIG. 9 again, the external authentication unit 422 determines whether the information providing unit 420 is authorized, that is, whether the information distributing terminal 400 has the authority to provide the content stored outside. The providing unit 420 has a function of performing comparative authentication using the first external authentication key (Kauth (1)) stored in advance and the second external authentication key (Kauth (2)) stored in the authentication server 500. is doing.
[0078]
The external authentication must be performed every time the information providing unit 420 is activated. However, once authentication is successful, there is no need to perform it again while the information providing unit 420 is activated.
[0079]
As shown in FIG. 10, the external authentication unit 422 includes an external authentication management unit 4221, a key holding unit 4222, a random number generation unit 4223, a first encryption unit 4224, a second encryption unit 4225, The comparison unit 4226 and the transmission / reception unit 4227 are mainly configured.
[0080]
(External authentication management unit 4221)
The external authentication management unit 4221 manages the authentication operation in the external authentication unit 422 as a whole. The external authentication management unit 4221 performs external authentication to be described later when the information providing unit 420 is activated, and operates so as to pass the processing to the internal authentication unit 424 when the external authentication is successful.
[0081]
(Key holding means 4222)
The key holding unit 4222 securely holds the first external authentication key (Kauth (1)). The first external authentication key (Kauth (1)) is distributed in advance from the authentication server unit 500 to the information providing unit 420. The first external authentication key (Kauth (1)) is distributed to the information providing unit. Since the authentication unit (secure module) 420 is concealed by a tamper resistant, it is difficult to check the value even if reverse engineering is performed.
[0082]
(Random number generator 4223)
The random number generator 4223 generates a random number for external authentication. On the other hand, the random number generated by the random number generation means 4223 is sent to the first encryption means 4224 and encrypted by the first external authentication key (Kauth (1)) to generate first encrypted data. On the other hand, the random number generated by the random number generation means 4223 is the second encryption means 422. 5 And is encrypted with the second external authentication key (Kauth (2)) to generate second encrypted data.
[0083]
(First encryption means 4224)
The first encryption unit 4224 is basically software incorporated in the information providing unit 420. The first encryption unit 4224 encrypts the random number generated by the random number generation unit 4223 using the first external authentication key (Kauth (1)) securely held in the key holding unit 4222, and performs the first encryption. Generate data.
[0084]
(Second encryption means 4225)
The second encryption unit 4225 uses the second random number generated by the random number generation unit 4223 to be the same as the first external authentication key (Kauth (1)) in a different route from the first encryption unit 4224. The second encrypted data is obtained by encryption using the external authentication key (Kauth (2)).
[0085]
Various configurations can be adopted as the configuration for acquiring the second encrypted data by the second encryption unit 4225 depending on the required security level.
[0086]
(Local external authentication)
In the embodiment with the lowest security level, as shown in FIG. 13, external authentication is performed locally, that is, in the information providing unit 420. In this embodiment, the second encryption unit 4225 is also incorporated in the information providing unit 420, and a random number is generated using the second external authentication key (Kauth (2)) incorporated in advance in the information providing unit 420. To obtain second encrypted data.
[0087]
However, in such a local external authentication mode, there is a possibility that the second external authentication key (Kauth (2)) may be stolen by a person who maliciously operates the information distribution terminal 400. Further, when the information distribution terminal 400 itself is stolen, the package stored in the information distribution terminal 400 can be downloaded. Therefore, local external authentication as described above is effective when the information distribution terminal itself is designed not to be stolen or when it is designed so that data is destroyed when stolen. The external authentication operation in the embodiment shown in FIG. 13 will be described later.
[0088]
(Remote external authentication)
On the other hand, in the embodiment with the highest security level, external authentication is performed remotely, that is, using an authentication server 500 outside the information providing unit 420 as shown in FIG. In this embodiment, the authentication server unit 500 takes the random number into the authentication server unit 500 and generates the second encrypted data using the second external authentication key (Kauth (2)).
[0089]
Therefore, even if the second external authentication key (Kauth (2)) is not stolen and the information distribution terminal 400 itself is stolen, the package stored in the information distribution terminal 400 is downloaded. Can't do it. The external authentication operation in the embodiment shown in FIG. 14 will be described later.
[0090]
(Semi-local external authentication)
Further, FIG. 15 shows an embodiment having an intermediate security level between the embodiment shown in FIG. 13 and the embodiment shown in FIG. In this embodiment, the authentication server unit 500 temporarily passes the second external authentication key (Kauth (2)) to the information providing unit 420 as necessary, for example, when downloading. The information providing unit 420 encrypts the random number using the second external authentication key (Kauth (2)) passed from the authentication server unit 500, and generates second encrypted data. The second external authentication key (Kauth (2)) is deleted from the information providing unit 420 after the second encrypted data is generated or each time the power to the information distribution terminal 400 is turned off.
[0091]
According to this embodiment, the second external authentication key (Kauth (2)) is temporarily delivered to the information distribution terminal 400 only when downloading or the like is necessary, so that the second external authentication key (Kauth ( 2)) Risk of damage due to theft itself is significantly reduced. Even if the information distribution terminal 400 itself is stolen, the second external authentication key (Kauth (2)) can be deleted when the information distribution terminal 400 is powered off. The package stored in the information distribution terminal 400 cannot be downloaded. The external authentication operation in the embodiment shown in FIG. 15 will be described later.
[0092]
(Comparison means 4226)
The comparison unit 4226 compares the first encrypted data generated by the first encryption unit 4224 and the second encrypted data generated by the second encryption unit 4225. As a result of the comparison, when the first encrypted data matches the second encrypted data, the external authentication is completed.
[0093]
(Transmitting / receiving means 4227)
The transmission / reception means 4227 performs transmission / reception of information in the external authentication unit 422. For example, the transmission / reception unit 4227 transmits the random number generated by the random number generation unit 4223 to the outside, or takes in the second encrypted data acquired by the second encryption unit 4225 from the authentication server 500 or the like.
[0094]
(Internal authentication unit 424)
The internal authentication unit 424 has a function of performing internal authentication performed after the external authentication of the information providing unit 420 is completed. As shown in FIG. 11, the internal authentication unit 424 includes a first authentication unit 4242 and a second authentication unit 4244.
[0095]
(First authentication means 4242)
The first authentication means 4242 provides means for authenticating whether the content data to be distributed is content created by a regular authoring system (authoring studio 300). Specifically, the first authentication is performed by verifying a MAC (Message Authentication Code) value written in the content data by the authorized authoring system.
[0096]
The MAC value is calculated by using the usage condition information among the accompanying data accompanying the main content using the content key (Kc). Therefore, since the MAC value cannot be calculated without knowing the content key (Kc) and the root key (Kroot), package data cannot be created unless the information provider 420 and the authoring key (CED) are supplied. .
[0097]
(Second authentication means 4244)
The second authentication unit 4244 provides a unit for performing mutual authentication between the reader / writer 430 as a recording unit and the information providing apparatus 420 as an information recording management unit. First, the second authentication unit 4244 uses a content enabling key (EKB) obtained by encrypting the root key (Kroot) with the device key (Kdevice) by the authorized authoring system 300, and the reader / writer 430 and the information providing device 420. And hand it over to both. The reader / writer 430 and the information providing apparatus 420 decrypt the root key (Kroot) using the device key (Kdevice) that is securely held by each. Then, when the decrypted root keys (Kroot) match each other, positive authentication is performed.
[0098]
(Reproduction control unit 428)
The playback control unit 428 enables playback of content data on a predetermined storage medium such as a memory stick that has been authenticated to share a root key (Kroot) as a result of internal authentication. When the reader / writer 430 records a plurality of content data on the storage medium at once, the playback control unit 428 enables the playback of the plurality of contents after the recording of all of the plurality of contents is completed. It is configured.
[0099]
(Reader / Writer (R / W) 430)
The reader / writer (R / W) 430 is hardware for downloading content to a storage medium such as a memory stick, a memory card, or smart media. As described above, before downloading, internal authentication is performed between the information providing unit 420 and the reader / writer (R / W) 430, and it is confirmed that the devices are authorized devices. Do.
[0100]
(Sales Manager 440)
The sales management unit 440 manages various operations that occur when selling packaged content. The sales management unit 440 further manages sales history and collects sales information. For example, the sales management unit 440 performs statistical analysis on what time of day, what age group of men or women, what price, what genre, and how much quantity is sold. Information can be collected and used for future product development.
[0101]
(Billing control unit 450)
The charge control unit 450 manages a charge-based operation that occurs when selling packaged content. For example, when the user pays with cash, the charge control unit 450 manages a settlement operation such as change. For example, when the user pays with a credit card or the like, the charge control unit 450 manages operations such as identity verification and credit inquiry.
[0102]
The database 460 stores and manages various information related to the information distribution terminal 400. The database 460 stores, for example, packaged contents to be distributed by the information distribution system 100 according to the present embodiment, various history information such as sales history and billing history.
[0103]
(2.2.4 Authentication server unit 500)
The authentication server unit 500 has a function of performing external authentication to determine whether a certain information distribution terminal 400 is a legitimate information distribution terminal authorized to download contents. In the information distribution system 100 according to the present embodiment, the information distribution terminal 400 is configured such that the information providing unit 420 having a download permission authority to a predetermined storage medium is a legitimate device before downloading a predetermined packaged content. It is necessary to externally authenticate whether or not.
[0104]
The authentication server unit 500 has a function of performing external authentication of the information providing unit 420. On the other hand, as will be described later, in the external authentication, a random number generated by the random number generating unit 423 is securely stored in the key holding unit 422 in the information providing unit 420. The first external authentication key (Kauth (1 )) To generate first encrypted data. The first external authentication key (Kauth (1)) is distributed in advance from the authentication server unit 500 to the information providing unit 420. The first external authentication key (Kauth (1)) is distributed to the information providing unit. Since the authentication unit (secure module) 420 is hidden by a tamper resistant, it is difficult to check the value even if reverse engineering is performed.
[0105]
On the other hand, the second encrypted data is encrypted by encrypting the same random number using the same second external authentication key (Kauth (2)) as the first external authentication key (Kauth (1)) in another route. To get. Then, the first encrypted data generated in the information providing unit 420 is compared with the second encrypted data generated by a different route from the first encrypted data. , The information providing unit 420 is configured to authenticate externally.
[0106]
The authentication server unit 500 basically manages the second external authentication key (Kauth (2)) in the external authentication process. As will be described later, in an embodiment, the authentication server unit 500 takes the random number into the authentication server unit 500 and uses the second external authentication key (Kauth (2)) to store the second encrypted data. Generate. In another embodiment, the authentication server unit 500 passes the second external authentication key (Kauth (2)) to the information providing unit 420 and generates second encrypted data. In another embodiment in which the second external authentication key (Kauth (2)) is securely held in the information providing unit 420, the authentication server unit 500 preliminarily stores the second external authentication key (Kauth (2)). ).
[0107]
It should be noted that the issuance and management of the first and second external authentication keys (Kauth (1)) (2) managed by the authentication server unit 500 can be entrusted to an authorized key management device 160. The key management device 160 not only issues the first and second external authentication keys (Kauth (1)) (2), but also, for example, when the information distribution terminal 400 is stolen, It is also possible to update the contents of the second external authentication key (Kauth (1)) (2) and invalidate the information providing unit 420 of the stolen information distribution terminal 400.
[0108]
(2.2.5 Network unit 600)
The network unit 600 is a communication network that distributes content packaged in the authoring studio 300 to the information distribution terminal 400. The network unit 600 includes both a wireless communication network 600a such as a satellite communication network and a dedicated line network 600b. In order to ensure security, the network unit 600 is preferably configured from a closed dedicated network 600b, but may of course be configured as an open network such as the Internet. In addition, if simultaneous distribution to a large number of information distribution terminals 400 is performed, it is preferable to use a wireless communication network 600a such as a satellite communication network.
[0109]
(2.3 Key management device)
The key management device 160 is an administrator who has authority to manage keys used in each stage of the information distribution system according to the present embodiment. The key management device 160 functions as an authoring key generation device for the authoring device 316. The keys and key-related information managed here are as follows. In addition, the key information is updated regularly or as necessary to cope with environmental changes and improve security.
[0110]
(2.3.1 Key information used in authoring studio 300)
The “content key (Kc)” is a key used when the content is encrypted in the authoring studio 300. The content key (Kc) is encrypted with the root key (Kroot) and processed into the second content key (EKc) encrypted with the root key.
[0111]
The “content identifier (CID)” is an identifier assigned to each content. The content ID (CID) is an identifier unique to each content and is not set redundantly. Since the generation of the content identifier (CID) is managed not by the authoring work site but by the authoring key generation device 160, the uniqueness of the content identifier (CID) can be completely guaranteed.
[0112]
The “root key (Kroot)” is a key used when encrypting the content key (Kc). The root key (Kroot) may also be referred to as a “content key encryption key”. The root key (Kroot) used in common is a very important key, but according to the present system, the content key (Kc) and the root key are not directly passed to the authoring device 316. By passing the set of the second content key (EKc) encrypted in (2) to the authoring device 316 as the authoring key (CED), security can be improved and a combination error can be prevented.
[0113]
The “second content key (EKc) encrypted with the root key” is obtained by encrypting the content key (Kc) with the root key (Kroot). It can be expressed as EKc = E (Kroot, Kc). By generating a set of the content key (Kc) and the second content key (EKc) encrypted with the root key as an authoring key (CED), it is possible to avoid a combination error.
[0114]
“Device key (Kdevice)” is key information relating to a playback apparatus that can use packaged content. The device key is key information securely held by each playback device in hardware or by tamper resistant software.
[0115]
The “content enabling key (EKB)” is an encryption of a root key (Kroot) with a device key (Kdevice). The content enabling key (EKB) includes E (KdeviceA, Kroot). ) And E (KdeviceB, Kroot) are stored, and the playback device A (Device A) can know Kroot by solving E (KdeviceA, Kroot). DeviceB) can know Kroot by solving E (KdeviceB, Kroot).
[0116]
“Authoring key use key (CEK (Content Enabling Key)) is shared secret information (key) shared between the content authoring company and the manager. It is used together with an authoring key (CED) when authoring.
[0117]
"Authoring Key (CED (Content Enabling Data)) " Is a key used when authoring content. Issued and managed by an authorized administrator. It is associated with a content ID (CID), and authoring is performed on one content using one authoring key (CED). The authoring key is obtained by encrypting the content key (Kc) and the second content key (EKc) encrypted with the root key with the content ID (CID) and the authoring key use key (CEK).
[0118]
The “redundant content key block (RKcB)” is to be included in the authoring key (CED), the content key (Kc), the second content key (EKc) encrypted with the root key, the content This is a data block to which version information (EKB-Version) of the enabling key is connected and redundant random number information is added to make unauthorized decryption difficult. When an authoring key (CED) is generated, it is generated during the generation process. This data is used in the process of generating an authoring key (CED) and is not conscious of users or application developers.
[0119]
The “redundant content key block with checksum (CRKcB)” is a data block obtained by calculating the checksum (CS) of the redundant content key block (RKcB) and connecting it to the redundant content key block (RKcB).
[0120]
“Final encryption key (Kcid)” is key data used for the last encryption in the authoring key (CED) creation flow. It is generated from the content ID (CID) and the authoring key use key (CEK). Since the final encryption key (Kcid) itself is data used in the process of generating the authoring key (CED), it is not conscious of the user or application developer. When using the authoring key (CED), if the content ID (CID) and the authoring key usage key (CEK) are known, the content key (CED) included in the authoring key (CED) is generated by generating Kcid inside the module. Kc), the second content key (EKc) encrypted with the root key, and the version information (EKB-Version) of the content enabling key can be acquired.
[0121]
(2.3.2 Key information and key related information used in the information distribution terminal 400)
In the information distribution terminal 400, the key information and the key related information are used at the time of (E (Kc, Content)) decryption, external authentication, and internal authentication of the encrypted content data.
[0122]
(Information used during decryption)
“Encrypted content data (E (Kc, Content))” uses a device key (Kdevice), a content enabling key (EKB), and a content key (Kc) acquired from the second content key (EKc). And decrypted.
[0123]
“Device key (Kdevice)” is key information relating to a playback apparatus that can use packaged content. The device key is key information securely held by each playback device in hardware or by tamper resistant software.
[0124]
The “content enabling key (EKB)” is obtained by encrypting a root key (Kroot) with a device key (Kdevice). The content enabling key (EKB) stores data such as E (KdeviceA, Kroot) and E (KdeviceB, Kroot), and the playback device A (DeviceA) solves E (KdeviceA, Kroot) by It is possible to know Kroot. Similarly, the playback apparatus B (Device B) can know Kroot by solving E (KdeviceB, Kroot).
[0125]
(Key information used during external authentication)
During external authentication of the information providing unit 420, the first external authentication key (Kauth (1)) and the second external authentication key (Kauth (2)) are used.
[0126]
The “first external authentication key (Kauth (1))” is an external authentication key distributed from the authentication server unit 500 to the information providing unit 420 in advance. Since this first external authentication key (Kauth (1)) is concealed in the authentication unit (secure module) of the information providing unit 420 by the tamper resistant (Tamper Resistant), the value is checked even if reverse engineering is performed. It is difficult. The first external authentication key (Kauth (1)) is used when the first encryption unit 4224 encrypts the random number and generates the first encrypted data.
[0127]
The “second external authentication key (Kauth (2))” is the same key as the first external authentication key (Kauth (1)) issued by the authentication server unit 500. The second external authentication key (Kauth (2)) is used when the second encryption unit 4225 encrypts the random number and generates the second encrypted data.
[0128]
(Key information used during internal authentication)
At the time of internal authentication of the information providing unit 420, the root key (Kroot) obtained by decrypting the content enabling key (EKB) with the device keys (Kdevice) respectively held by the information providing unit 420 and the reader / writer 430 is referred to Is done.
[0129]
(2.4 User section)
The user unit 180 is an information processing terminal such as a computer device having a function of accessing the information distribution terminal 400 such as a kiosk terminal and downloading a favorite content.
[0130]
As shown in FIG. 1, the user unit 180 includes a storage medium 182 such as a memory stick and a playback device 184 as main components. Furthermore, the user unit 180 may include other storage media and / or playback devices 186, and the content downloaded to the storage media 182 within the permitted number of times is stored in the other storage media and / or playback devices 186. On the other hand, it is possible to check out or move.
[0131]
(3 Authoring operation)
Next, the authoring operation in the authoring studio 300 will be described. In the information distribution system 100 according to the present embodiment, the content is encrypted and packaged at the time of authoring, and the content is encrypted using the authoring key generation device 160 that generates the authoring key and the actual authoring key. It is characterized in that the authoring device 316 to be performed is configured separately, and the content can be encrypted without passing the root key directly to the authoring device 316.
[0132]
Further, since it is not necessary to know the contents of the authoring key when authoring, it is possible to completely separate the authoring key generation and the authoring work. Furthermore, by separating the authoring work and the authoring key generation, the number of packages that can be correctly generated by the authoring work can be controlled outside the authoring work.
[0133]
In addition to the content identifier (CID), the authoring key usage key (CEK) that can be arbitrarily specified at the time of authoring key generation is added as the encryption key used when generating the authoring key, so that the generated authoring key is used correctly. Those who can do so can be limited to those who know the authoring key usage key (CEK).
[0134]
Further, by adding a MAC value using a key that can be known only to the correct system to the contents such as usage conditions set at the time of authoring, it is possible to prevent the package from being tampered with.
[0135]
(3.1 Authoring key generation operation)
An authoring key generation operation in the authoring key generation apparatus (key management apparatus) 160 will be described.
[0136]
The authoring key (CED) basically includes the content key (Kc) and the information of the second content key (EKc) encrypted with the root key. Note that EKc can be expressed as E (Kroot, Kc). The root key (Kroot) is a key used for encrypting the content key (Kc), and is a very important key for security. As will be described later, according to the present system, the content key (Kc) and the second content key (EKc) encrypted with the root key are directly passed to the authoring device 316 without directly passing the commonly used root key (Kroot). ) As an authoring key (CED) to the authoring device 316 can improve security and prevent errors in combination.
[0137]
As shown in FIG. 17 (1), the authoring key (CED) includes a content key (Kc) for encrypting content data and a second content key (EKc) encrypted with the root key for each content data. The content identifier (CID) uniquely assigned to each and the authoring key use key (CEK) uniquely assigned to each authoring device 316 are encrypted.
[0138]
In the authoring key generation means 166 shown in FIG. 6, the contents necessary for generating the authoring key (CED) are the content identifier (CID) generated by the content identifier generation means 162, the content key (Kc), and the root key. The content key (EKc) encrypted with (Kroot) and the authoring key use key (CEK) by the authoring key use key generation means 164.
[0139]
FIG. 16 shows a detailed flow of an authoring key (CED) generation process performed by the authoring key generation means 166.
[0140]
First, in step S1602, the content key (Kc) to be included in the authoring key (CED), the second content key (EKc) encrypted with the root key, and the version information (EKB- Version) and a redundant content key block (RKcB (Redundant), which is a data block to which redundant random number information is added in order to make unauthorized decryption difficult.
Kc Block)).
[0141]
The content enabling key (EKB) is obtained by encrypting the root key (Kroot) with the device key (Kdevice), and the version information (EKB-Version) of the content enabling key is used for enabling the content. This is key version information. As described above, the information indicating the version (Version) of the root key (Kroot) to be specified with respect to a certain content key (Kc) is also set, and encrypted with the content key (Kc) and the root key. An error in the combination of the second content key (EKc) and the root key (Kroot) can be prevented.
[0142]
Next, in step S1604, a checksum (CS) of the redundant content key block (RKcB) is calculated, and for example, the checksum (CS) is connected to the back of the redundant content key block (RKcB) to add a redundant content key with a checksum. Acquire a block (CRKcB).
[0143]
In the process of generating the authoring key (CED) in this way, checksum information other than the content key (Kc) and the second content key (EKc) encrypted with the root key is stored. Addition By doing so, the use by the authoring key (CED) by the incorrect content identifier (CID) can be prevented with a very high probability.
[0144]
In step S1606, a final encryption key (Kcid) is generated from the content identifier (CID) and the authoring key use key (CEK). As will be described later with reference to FIG. 17B, when the authoring key (CED) is used, if the content ID (CID) and the authoring key use key (CEK) are known, a Kcid is generated inside the module. Accordingly, the content key (Kc) included in the authoring key (CED), the second content key (EKc) encrypted with the root key, and the version information (EKB-Version) of the content enabling key can be acquired. it can.
[0145]
Here, in the process of generating the final encryption key (Kcid), by using a unique content identifier (CID) for each content, the correct content identifier (CID) is used in the encryption work with the authoring key. In this case, correct authoring work can be performed, so that the authoring accuracy can be improved. Further, by managing the generation of the content identifier (CID) by the authoring key generation device 160, the uniqueness of the content identifier (CID) can be completely guaranteed.
[0146]
Finally, in step S1608, the authoring key (CED) is generated by encrypting the redundant content key block with checksum (CRKcB) with the final encryption key (Kcid).
[0147]
(3.2 Encryption operation using authoring key)
Next, the content encryption operation using the authoring key generated by the authoring key generation device (key management device) 160 will be described with reference to FIG.
[0148]
First, as shown in step S1902, the content key decryption unit 3162 of the authoring device 316 acquires an authoring key use key (CEK) that is a shared secret key from the authoring key generation device (key management device) 160. In the following description, an authoring key generation device that generates an authoring key and a key management device that manages key information such as an authoring key are described as the same device, but the authoring key generation device and the key management device are configured separately. It doesn't matter.
[0149]
Next, in step S1904, the content key decryption unit 3162 obtains a content identifier (CID) and authoring key (CED) pair for the content to be authored from the authoring key generation device (key management device) 160.
[0150]
With regard to steps S1902 and S1904, the authoring key (CED) does not need to be acquired at the same timing as the content identifier (CID) and authoring key (CED) pair. Although the pair of content identifier (CID) and authoring key (CED) differs for each content, the authoring key use key (CEK) is a unique value for the authoring device 316, so it may be acquired once prior to authoring processing.
[0151]
Also, it is not necessary to acquire a content identifier (CID) and authoring key (CED) pair each time each content is authored. When authoring a plurality of contents, they may be configured to be acquired collectively.
[0152]
Next, in step S1906, the content key decryption unit 3162 uses the content identifier (CID) and the authoring key use key (CEK) from the authoring key (CED) as shown in FIG. (Kc) and the second content key (EKc) encrypted with the root key are decrypted.
[0153]
Next, in step S1908, the content encryption unit 3164 of the authoring device 316 encrypts the content data using the content key (Kc) decrypted by the content key decryption unit 3162 and encrypts the content data E (Kc, Content). ) Is generated.
[0154]
Next, in step S1910, the packaging means 3166 packages the encrypted content data E (Kc, Content) together with the content identifier (CID) and the second content key (EKc) encrypted with the root key, and a series of packages. End authoring work.
[0155]
(4 Information distribution operation)
The content for which the authoring process has been completed as described above is transmitted to an information distribution terminal 400 such as a kiosk terminal via a predetermined network 600 as shown in FIG. As shown in FIG. 19, encrypted content (E (Kc, Content)), a content key (EKc) encrypted with a root key, and a content enabling key (EKB) are sent to the information distribution terminal 400. . Note that the MAC value calculated using the content key Kc is added to the header portion of the encrypted content E (Kc, Content) to prevent tampering.
[0156]
In the information distribution terminal 400, after a predetermined authentication operation including external authentication and internal authentication is completed, decryption processing is performed and downloading to a predetermined storage medium 182 is performed. The details of the information distribution operation will be described below along the flow shown in FIG.
[0157]
(4.1 External authentication operation)
As described above, the external authentication unit 422 of the information distribution terminal 400 determines whether the information providing unit 420 is authorized, that is, whether it has the authority to provide the content stored in the information distribution terminal 400 to the outside. Are compared and authenticated using the first external authentication key (Kauth (1)) stored in advance by the information providing unit 420 and the second external authentication key (Kauth (2)) stored by the authentication server 500. (Step S2102). If the external authentication is successful in step S2102, the process proceeds to the internal authentication performed in step S2104 and subsequent steps. If the external authentication fails, the content information distribution (DL) operation is rejected (step S2112).
[0158]
The external authentication must be performed every time the information providing unit 420 is activated. However, once authentication is successful, there is no need to perform it again while the information providing unit 420 is activated.
[0159]
In addition, various embodiments can be adopted for external authentication by changing the second encrypted data acquisition mode by the second encryption unit 4225 according to the required security level.
[0160]
(4.1.1 Local external authentication operation)
In the embodiment with the lowest security level, as shown in FIG. 13, external authentication is performed locally, that is, in the information providing unit 420. In this embodiment, the second external authentication key (Kauth (2)) is incorporated in the application in the information providing unit 420.
[0161]
First, the secure module 425 that securely holds the first external authentication key (Kauth (1)) encrypts the random number generated by the random number generation means 4223 with the first external authentication key (Kauth (1)), and Get the encrypted data.
[0162]
The random number generated by the random number generator 4223 is sent to the application 421 via the application interface 423. The application 421 encrypts a random number using a second external authentication key (Kauth (2)) stored in advance, and obtains second encrypted data.
[0163]
The second encrypted data is returned to the secure module 425 via the application interface 423. In the secure module 425, the first encrypted data and the second encrypted data are compared, and when the two match, the external authentication work according to the present embodiment ends.
[0164]
However, in this local external authentication mode, there is a possibility that the second external authentication key (Kauth (2)) may be stolen by a person who maliciously operates the information distribution terminal 400. Further, when the information distribution terminal 400 itself is stolen, the package stored in the information distribution terminal 400 can be downloaded.
[0165]
(4.1.2 Remote external authentication operation)
On the other hand, in the embodiment with the highest security level, external authentication is performed remotely, that is, using an authentication server 500 outside the information providing unit 420 as shown in FIG.
[0166]
First, the secure module 425 that securely holds the first external authentication key (Kauth (1)) encrypts the random number generated by the random number generation means 4223 with the first external authentication key (Kauth (1)), Get the encrypted data.
[0167]
The random number generated by the random number generation unit 4223 is sent to the authentication server unit 500 via the application interface 423 and the application 421. The authentication server unit 500 takes the random number into the authentication server unit 500 and generates second encrypted data using the second external authentication key (Kauth (2)).
[0168]
The second encrypted data is returned to the secure module 425 via the application interface 423. In the secure module 425, the first encrypted data and the second encrypted data are compared, and when the two match, the external authentication work according to the present embodiment ends.
[0169]
As described above, according to the external authentication operation according to the present embodiment, the second external authentication key (Kauth (2)) is not stolen, and even if the information distribution terminal 400 itself is stolen. The package stored in the information distribution terminal 400 cannot be downloaded.
[0170]
(4.1.3 Semi-local external authentication operation)
Further, FIG. 15 shows an embodiment having an intermediate security level between the embodiment shown in FIG. 13 and the embodiment shown in FIG. In this embodiment, the authentication server unit 500 temporarily passes the second external authentication key (Kauth (2)) to the information providing unit 420 as necessary, for example, when downloading.
[0171]
First, the secure module 425 that securely holds the first external authentication key (Kauth (1)) encrypts the random number generated by the random number generation means 4223 with the first external authentication key (Kauth (1)), and 1 encrypted data is obtained.
[0172]
The random number generated by the random number generator 4223 is sent to the application 421 via the application interface 423. The application 421 encrypts a random number using a second external authentication key (Kauth (2)) stored in advance, and obtains second encrypted data.
[0173]
Here, the second external authentication key (Kauth (2)) is managed by the authentication server unit 500, and each time the information providing unit 420 is activated, the application 421 receives a second external authentication key from the authentication server unit 500. (Kauth (2)) is received and encryption processing is performed on the random number. The second external authentication key (Kauth (2)) is deleted from the information providing unit 420 after the second encrypted data is generated or each time the power to the information distribution terminal 400 is turned off.
[0174]
The second encrypted data is returned to the secure module 425 via the application interface 423. In the secure module 425, the first encrypted data and the second encrypted data are compared, and when the two match, the external authentication work according to the present embodiment ends.
[0175]
According to this embodiment, the second external authentication key (Kauth (2)) is temporarily delivered to the information distribution terminal 400 only when downloading or the like is necessary, so that the second external authentication key (Kauth ( 2)) The possibility of theft itself is significantly reduced. Further, even if the information distribution terminal 400 itself is stolen, if a configuration is adopted in which the second external authentication key (Kauth (2)) is deleted when the information distribution terminal 400 is powered off, The package stored in the information distribution terminal 400 cannot be downloaded.
[0176]
(4.2 Internal authentication operation)
The internal authentication operation by the internal authentication unit 424 is performed after the external authentication of the information providing apparatus 420 is completed. The internal authentication operation includes a content verification operation (first authentication operation) performed by the first authentication unit 4242 and a second authentication operation performed by the second authentication unit 4244.
[0177]
The content verification operation shown in step S2104 in FIG. 20 provides a means for verifying whether the content data to be distributed is content created by a regular authoring system (authoring studio 300). Specifically, the first authentication is performed with reference to a MAC (Message Authentication Code) written in the content data by the authorized authoring system. If the content verification is successful in step S2104, the process proceeds to the second internal authentication performed in step S2106. If the content verification fails, the content information distribution (DL) operation is rejected (step S2112). .
[0178]
In step S2106, the second authentication unit 4244 provides a unit for performing mutual authentication between the reader / writer 430 as a recording unit and the information providing apparatus 420 as an information recording management unit. First, the second authentication unit 4244 is configured such that the authoring system 300 authenticates the content enabling key (EKB) obtained by encrypting the root key (Kroot) with the device key (Kdevice), the reader / writer 430 and the information providing device. 420 is transferred to both. The reader / writer 430 and the information providing apparatus 420 decrypt the root key (Kroot) using the device key (Kdevice) that is securely held by each. Then, when the decrypted root keys (Kroot) match each other, positive authentication is performed. If the second internal authentication is successful in step S2106, the download is permitted in step S2108, but if the second internal authentication fails, the content information distribution (DL) operation is rejected (step S2112). .
[0179]
(4.3 Download operation)
As described above, after the internal authentication is completed in step S2106 shown in FIG. 20, the content is downloaded to a predetermined storage medium such as a memory stick in step S2206.
[0180]
Hereinafter, with reference to FIG. 22, a detailed description will be given of the cooperation relationship between internal authentication, decryption processing, and download processing.
[0181]
First, the information providing apparatus 420 that securely holds the device key (KdeviceA) checks the MAC value of the download target package, and the download target package is created by a legitimate authoring system and has been tampered with. Make sure there is no.
[0182]
The information providing apparatus 420 acquires the root key (KrootA) by decrypting the content enabling key (EKB) included in the package with the device key (KdeviceA). The information providing apparatus 420 transmits a content enabling key (EKB) to the reader / writer 430. Similar to the information providing apparatus 420, the reader / writer 430 also securely holds the device key (KdeviceB). The reader / writer 430 decrypts the content enabling key (EKB) received from the information providing apparatus 420 with the device key (KdeviceB), and acquires the root key (KrootB).
[0183]
The information providing apparatus 420 and the reader / writer 430 compare both root keys (KrootA, KrootB) and perform second internal authentication.
[0184]
If the internal authentication is successful, the content is further checked for validity, and then the content is copied to a storage medium such as a memory stick by the reader / writer 430.
[0185]
At this stage, the content is still encrypted with the content key (Kc) and cannot be reproduced. Therefore, by using the content key (Kc) to make the copied content reproducible by the reproduction control device, the user can enjoy the content with the self-owned reproduction device 184.
[0186]
(4.4 Batch download of multiple contents)
In the example shown in FIG. 22, an example in which one content is copied is shown. However, in the information distribution system according to the present embodiment, a plurality of contents can be downloaded simultaneously.
[0187]
With reference to FIG. 23, a batch download operation of a plurality of contents will be described. After the predetermined authentication operation is successful, the information providing apparatus 420 copies the first package to the predetermined storage medium 182 via the reader / writer 430. At this stage, the content related to the first package cannot be played back. Next, the information providing apparatus 420 copies the second and third packages to a predetermined storage medium 182 via the reader / writer 430. In this way, when the batch download of a plurality of contents is completed, the playback control device collectively puts the plurality of downloaded contents into a reproducible state.
[0188]
In this way, instead of making it possible to play one piece of music each time a download is made, for example, by writing three songs in response to a download request for three songs and then making it possible to play three songs at a time, a plurality of contents can be reproduced. It is possible to greatly reduce the time and effort required for batch downloading.
[0189]
(4.5 Flow of content after downloading)
Next, the subsequent flow of the content downloaded by the information distribution system according to the present embodiment will be described with reference to FIG.
[0190]
As shown in FIG. 24, according to the present system, content once packaged in a storage medium such as a memory stick is downloaded from a kiosk terminal (information distribution device) 400. The package also includes information on the usage conditions of the content, and the processing method of the content after downloading is determined according to the conditions.
[0191]
Normally, content is imported from a storage medium 182 such as a memory stick to a terminal device 190 such as a personal computer. Then, the content can be checked out again from the terminal device 190 to the portable devices 192, 194, and 196 having the reproduction function. The number of checkouts is limited for copyright protection, and three checkouts are permitted in the illustrated example. Therefore, it is possible to copy the downloaded content to the three types of portable devices 192, 194, and 196.
[0192]
When the content is to be copied to a playback device other than the portable devices 192, 194, 196 beyond the number of checkouts, the content is temporarily checked into the personal computer 190 from any of the portable devices 192, 194, 196. , It is possible to copy within the permitted number of checkouts.
[0193]
As described above, according to the information distribution system according to the present embodiment, since the content is encrypted at the time of authoring, the download time on the information distribution terminal side is shortened, and the load on the information distribution terminal side is reduced. can do.
[0194]
According to the information distribution system according to the present embodiment, since the information distribution terminal is restricted so that only content created by a regular authoring device can be downloaded, the contents are partially rewritten by hand after authoring. Can prevent illegal acts. Also, even if illegally authored content is brought to the information distribution terminal, the content cannot be downloaded.
[0195]
According to the information distribution system according to the present embodiment, even legitimate content cannot be reproduced simply by copying it to a storage medium. To enable reproduction, external authentication and internal authentication are required on the information providing device side, so that unauthorized copying can be prevented.
[0196]
According to the information distribution system according to the present embodiment, a content file that has been properly purchased can be downloaded any number of times, and the content file that has been properly downloaded can be moved to a PC and checked between the PC and another device. Can check out / in.
[0197]
According to the information distribution system according to the present embodiment, in addition to the main content such as a music file, accompanying data such as a jacket photo can be processed in association with the main content.
[0198]
The preferred embodiments of the information distribution system and the like according to the present invention have been described above with reference to the accompanying drawings, but it goes without saying that the present invention is not limited to such examples. It will be apparent to those skilled in the art that various changes and modifications can be made within the scope of the technical idea described in the claims. It is understood that it belongs to the range.
[0199]
For example, in the above embodiment, the case where the system is applied to a system that distributes music data as distribution content has been described as a preferred embodiment of the information distribution system according to the present invention. It is not limited to. For example, the system can be applied to an information distribution system that distributes various content data such as image (including still images and moving images) data and game programs to users over a network in addition to music data. Needless to say.
[0200]
【The invention's effect】
As described above, according to the present invention, it is possible to construct an information distribution system capable of effectively preventing unauthorized copying and distributing music data and the like. That is, according to the present invention, it is possible to effectively prevent unauthorized operations during authoring, unauthorized operations during distribution, unauthorized operations at the information distribution terminal, and unauthorized operations during download. Furthermore, according to the present invention, since compression and encryption are performed at the time of authoring, it is possible to construct an information distribution system that does not take time to download.
[Brief description of the drawings]
FIG. 1 is a block diagram showing a schematic configuration of an information distribution system 100 according to an embodiment of the present invention.
FIG. 2 is a block diagram showing a schematic configuration of a content holder 120 of the information distribution system 100 according to the embodiment of the present invention.
FIG. 3 is a block diagram showing a schematic configuration of a content aggregator 200 of the information distribution system 100 according to the embodiment of the present invention.
FIG. 4 is a block diagram showing a schematic configuration of an authoring studio 300 of the information distribution system 100 according to the embodiment of the present invention.
FIG. 5 is a block diagram showing a schematic configuration of an authoring unit 310 of the authoring studio 300 in the information distribution system 100 according to the embodiment of the present invention.
FIG. 6 is a block diagram showing a schematic configuration of a relationship between an authoring device 316 and an authoring key generation device 160 in the authoring system of the information distribution system 100 according to the embodiment of the present invention.
FIG. 7 is a block diagram showing a construction example of an authoring system of the information distribution system 100 according to the embodiment of the present invention.
FIG. 8 is a block diagram showing a schematic configuration of an information distribution terminal 400 of the information distribution system 100 according to the embodiment of the present invention.
FIG. 9 is a block diagram showing a schematic configuration of an information providing unit 420 of the information distribution system 100 according to the embodiment of the present invention.
FIG. 10 is a block diagram showing a schematic configuration of an external authentication unit 422 of the information providing unit 420 of the information distribution system 100 according to the embodiment of the present invention.
FIG. 11 is a block diagram showing a schematic configuration of an internal authentication unit 424 of the information providing unit 420 of the information distribution system 100 according to the embodiment of the present invention.
FIG. 12 is a block diagram showing a system configuration example of the information distribution terminal 400 of the information distribution system 100 according to the embodiment of the present invention.
FIG. 13 is a block diagram showing an example of external authentication (local) performed in the information distribution terminal 400 of the information distribution system 100 according to the embodiment of the present invention.
FIG. 14 is a block diagram showing an example of external authentication (remote) performed in the information distribution terminal 400 of the information distribution system 100 according to the embodiment of the present invention.
FIG. 15 is a block diagram showing an example of external authentication (semi-local) performed in the information distribution terminal 400 of the information distribution system 100 according to the embodiment of the present invention.
FIG. 16 is a flowchart showing an authoring key generation process of the information distribution system 100 according to the embodiment of the present invention.
FIG. 17 is an explanatory diagram showing an authoring key generation process of the information distribution system 100 according to the embodiment of the present invention.
FIG. 18 is a flowchart showing an authoring process of the information distribution system 100 according to the embodiment of the present invention.
FIG. 19 is an encrypted content (E (Kc, Content)) to be distributed by the information distribution system 100 according to the embodiment of the present invention, a content key encrypted with a root key (EKc), and a usable content It is explanatory drawing which shows the structure of a key (EKB).
FIG. 20 is a flowchart showing an information distribution process in the information distribution terminal 400 of the information distribution system 100 according to the embodiment of the present invention.
FIG. 21 is a flowchart showing a content decrypting step in the information distribution terminal 400 of the information distribution system 100 according to the embodiment of the present invention.
FIG. 22 is a flowchart showing a package download process in the information distribution terminal 400 of the information distribution system 100 according to the embodiment of the present invention.
FIG. 23 is a flowchart showing a download process for collectively downloading a plurality of packages in the information distribution terminal 400 of the information distribution system 100 according to the embodiment of the present invention.
FIG. 24 is an explanatory diagram showing subsequent processing of content once downloaded by the information distribution terminal 400 of the information distribution system 100 according to the embodiment of the present invention.
[Explanation of symbols]
100 Information distribution system
120 Content holder
140 Content Distribution Department
160 Key management device (authoring key generation device)
180 users
200 Content aggregator
300 Authoring Studio
400 Information distribution terminal (kiosk terminal)
500 Authentication server
600 network

Claims (14)

And authoring key generating apparatus for generating an authoring key for authoring subjected to encryption in the content data distributed via the information delivery terminal (Content), and authoring apparatus for receiving the authoring key from the authoring key generating device An authoring system with:
The authoring key generating device includes content identifier (CID) generating means for generating a content identifier (CID) uniquely assigned to each content data (Content) ;
An authoring key use key (CEK) that is uniquely assigned to each authoring device that authors the content data (Content), and that can be shared with the authoring device to which the authoring key use key (CEK) is assigned Authoring key use key (CEK) generation means for generating a key (CEK) ;
Authoring key (CED) generating means,
The authoring key (CED) generation means includes:
The authoring key use key (CEK) generation means assigned to the content author (CID) generated by the content identifier (CID) generation means and the destination authoring apparatus that transmits the content data (Content). A reading means for reading out an authoring key usage key (CEK) generated by
Encryption means for generating the content data second content key and the encrypted content key (Kc) and the content key for encrypting (Content) a (Kc) with the root key (Kroot) (EKc);
Further comprising
The authoring key (CED) generation means uses the content identifier (CID) read by the reading means and the content key (Kc) obtained by the encryption means and the second content key (EKc ) and by the authoring key using the key (CEK), it generates an authoring key (CED) by encrypting;
The authoring device includes content storage means for storing the content data (Content) specified by the content identifier (CID);
An authoring key usage key (CEK) uniquely assigned by the authoring key generation device, the content identifier (CID), the authoring key usage key (CEK), and a content key for encrypting the content data (Content) ( Kc) and a second content key (EKc) obtained by encrypting the content key with a root key (Kroot) by using the content identifier (CID) and the authoring key use key (CEK) And key information storage means for receiving and storing from the authoring key generation device;
Reading means for reading out the content identifier (CID), the authoring key use key (CEK), and the authoring key (CED) from the key information storage means;
Using the content identifier (CID) read by the reading means and the authoring key use key (CEK), the authoring key (CED) read by the reading means is decrypted, and the content identifier (CID) Decryption means for obtaining a content key (Kc) and a second content key (EKc) of the specified content data (Content) ;
It encrypts the content data (Content) with the content key (Kc) obtained in the decoding means, authored encrypted content data (E (Kc, Content)) and encryption means for generating;
It characterized the Turkey with the authoring system. And generates authoring key for authoring subjected to encryption in the content data (Content) delivered via the information delivery terminal, the authoring apparatus for encrypting said content data (Content) with the authoring key An authoring key generator that provides an authoring key:
Content identifier (CID) generating means for generating a content identifier (CID) uniquely assigned to each content data (Content) ;
An authoring key use key (CEK) that is uniquely assigned to each authoring device that authors the content data (Content), and that can be shared with the authoring device to which the authoring key use key (CEK) is assigned Authoring key use key (CEK) generation means for generating a key (CEK) ;
Authoring key (CED) generating means,
The authoring key (CED) generation means includes:
The content identifier generated by the content identifier (CID) generating means and the authoring key use key (CEK) generating means assigned to the destination authoring apparatus that transmits the content data (Content). Reading means for reading out the authoring key use key (CEK);
Encryption means for generating the content data second content key and the encrypted content key (Kc) and the content key for encrypting (Content) a (Kc) with the root key (Kroot) (EKc);
Further comprising
The authoring key (CED) generation means uses the content identifier (CID) read by the reading means and the content key (Kc) obtained by the encryption means and the second content key (EKc ) and wherein the authoring key using the key (CEK), and generating an authoring key (CED) by encrypting the authoring key generating apparatus. The authoring key (CED) generating means, in addition to the previous SL content key (Kc) and the second content key (EKc), checking of the content key (Kc) and the second content key (EKc) Sam information, the read the content identifier (CID) and the authoring key using the key (CEK) in the reading unit, wherein the encryption child, authoring key generating apparatus according to claim 2. The computer, is subjected to encryption to generate the authoring key for authoring the content data distributed via the information delivery terminal (Content), authoring encrypting the content data (Content) with the authoring key A computer program that causes a device to function as an authoring key generation device that provides the authoring key :
A content identifier (CID) generating means for generating a uniquely assigned content identifier (CID) for each of the content data (Content);
An authoring key use key (CEK) that is uniquely assigned to each authoring device that authors the content data (Content), and that can be shared with the authoring device to which the authoring key use key (CEK) is assigned Authoring key use key (CEK) generation means for generating a key (CEK) ;
Authoring key (CED) generating means,
The authoring key (CED) generation means includes:
The content identifier generated by the content identifier (CID) generating means and the authoring key use key (CEK) generating means assigned to the destination authoring apparatus that transmits the content data (Content). Reading means for reading out the authoring key use key (CEK);
Encryption means for generating the content data second content key and the encrypted content key (Kc) and the content key for encrypting (Content) a (Kc) with the root key (Kroot) (EKc);
Further comprising
The authoring key (CED) generation means uses the content identifier (CID) read by the reading means and the content key (Kc) obtained by the encryption means and the second content key (EKc ) and wherein by the authoring key using the key (CEK), the computer program characterized by allowed to function as an authoring key generating apparatus for generating an authoring key (CED) by encrypting. The authoring key for authoring subjected to encryption in the content data (Content) delivered via the information delivery terminal, in the authoring apparatus receives from the authoring key generating device for generating the authoring key:
Content storage means for storing the content data (Content) specified by a content identifier (CID) ;
Content to be encrypted authoring key using the key uniquely assigned from the authoring key generating device (CEK), and the content identifier (CID), the o Saringu key using key (CEK), the content data (Content) key (Kc) and the authoring key a second content key encrypted with the root key (Kroot) (EKc) the content key was encrypted by the content identifier (CID) and the authoring key using the key (CEK) ( and CED), and receives from the authoring key generating device, and the key information storage means for memorize;
Reading means for reading out the content identifier (CID), the authoring key use key (CEK), and the authoring key (CED) from the key information storage means;
Using the content identifier (CID) read by the reading means and the authoring key use key (CEK), the authoring key (CED) read by the reading means is decrypted, and the content identifier (CID) Decryption means for obtaining a content key (Kc) and a second content key (EKc) of the specified content data (Content) ;
The content key (Kc) at the content data (Content) and encrypts the encrypted content data (E (Kc, Content)) obtained in said decoding means and encryption means for generating a;
Characterized in that it comprises an authoring device. Encrypted content data (E (Kc, Content)) obtained by the encrypting means and the said content identifier is read from the key information storing means (CID), said second content key obtained in said decoding means and (EKc), a package means to package as a single package data;
The authoring device according to claim 5 , comprising: Said package means, I by the unique device key is assigned to the playback apparatus for reproducing content data specified (Content) with the content identifier (CID) (Kdevice), the root key (Kroot) is encrypted content available key a (EKB) further receives from the authoring key generation device, characterized in that the packaging as the content usable key (EKB) is also the package data, to claim 6 The authoring device described. The authoring key read from the key information storing means by said reading means (CE D), in addition to the content key (Kc) and the second content key (EKc), wherein said content key (Kc) first 6. The authoring device according to claim 5 , wherein the checksum information with respect to the second content key (EKc) is encrypted by the content identifier (CID) and the authoring key use key (CEK) . The authoring apparatus according to claim 5 , wherein the content data (Content) includes main content data and additional information of the main content data. 6. The authoring apparatus according to claim 5 , wherein the packaging means further packages together fringe data, which is additional information related to the content data (Content). The authoring key (CED) read from the key information storage means by the reading means is generated from the content identifier (CID) and the authoring key use key (CEK) as a redundant content key block (CRKcB) with checksum. The Encrypted with the final encryption key (Kcid) obtained;
In the redundant content key block with checksum (CRKcB), the content key (Kc), the second content key (EKc), and the version information (EKB-Version) of the content enabling key (EKB) are connected. The authoring apparatus according to claim 7, wherein the checksum (CS) of the redundant content key block (RKcB) generated in this manner and the redundant content key block (RKcB) are concatenated and generated. Computer the computer, the authoring key for authoring subjected to encryption in the content data (Content) delivered via the information delivery terminal to function as the authoring apparatus receives from the authoring key generating device for generating the authoring key In the program :
Content storage means for storing the content data (Content) specified by a content identifier (CID) ;
Content to be encrypted authoring key using the key uniquely assigned from the authoring key generating device (CEK), and the content identifier (CID), the o Saringu key using key (CEK), the content data (Content) key (Kc) and the authoring key a second content key encrypted with the root key (Kroot) (EKc) the content key was encrypted by the content identifier (CID) and the authoring key using the key (CEK) ( and CED), and receives from the authoring key generating device, and the key information storage means for memorize;
Reading means for reading out the content identifier (CID), the authoring key use key (CEK), and the authoring key (CED) from the key information storage means;
Using the content identifier (CID) read by the reading means and the authoring key use key (CEK), the authoring key (CED) read by the reading means is decrypted, and the content identifier (CID) Decryption means for obtaining a content key (Kc) and a second content key (EKc) of the specified content data (Content) ;
The content key (Kc) at the content data (Content) and encrypts the encrypted content data (E (Kc, Content)) obtained in said decoding means and encryption means for generating a;
A computer program characterized by functioning. A authoring key generation method according to the authoring key generating apparatus for generating an authoring key for authoring subjected to encryption in the content data (Content) delivered via the information delivery terminal:
A content identifier (CID) generation step for generating a content identifier (CID) uniquely assigned to each content data (Content) ;
An authoring key use key (CEK) that is uniquely assigned to each authoring device that authors the content data (Content), and that can be shared with the authoring device to which the authoring key use key (CEK) is assigned An authoring key use key (CEK) generation stage for generating a key (CEK) ;
An authoring key (CED) generation stage for generating an authoring key (CED);
In the authoring key (CED) generation step,
The content identifier generated in the content identifier (CID) generation stage and the authoring key use key (CEK) generation stage assigned to the authoring device of the transmission destination that transmits the content data (Content), A reading stage for reading out the authoring key usage key (CEK);
Further included with the encryption step of generating the content data second content key and the encrypted content key (Kc) and the content key for encrypting (Content) a (Kc) with the root key (Kroot) (EKc) is And
In the authoring key (CED) generation step, the content identifier (CID) read in the read step and the content key (Kc) and the second content key (EKc) obtained in the encryption step and the authoring step Generating an authoring key (CED ) by encrypting with a key usage key (CEK) ;
The content identifier (CID) generation step is executed by content identifier (CID) generation means provided in the authoring key generation device;
The authoring key using key (CEK) generating step is executed by an authoring key using key (CEK) generating means provided in the authoring key generating device;
The reading step is performed by a reading means provided in the authoring key generation device;
The encryption step is performed by an encryption means included in the authoring key generation device;
The authoring key generation method, wherein the authoring key (CED) generation step is executed by an authoring key (CED) generation means provided in the authoring key generation device . An authoring method by an authoring apparatus that receives and authors the authoring key from an authoring key generation apparatus that generates an authoring key for encrypting and authoring content data (Content) distributed via an information distribution terminal. :
A content storage stage for storing content data (Content) specified by a content identifier (CID);
An authoring key usage key (CEK) uniquely assigned by the authoring key generation device, an authoring key usage key (CEK) uniquely assigned for each authoring device authoring the content identifier (CID) and the content data (Content). ), A content key (Kc) for encrypting the content data (Content), a second content key (EKc) obtained by encrypting the content key with a root key (Kroot), the content identifier (CID), and the A key information storage step of receiving and storing an authoring key (CED) encrypted with an authoring key use key (CEK) from the authoring key generation device;
A step of reading out the content identifier (CID), the authoring key use key (CEK), and the authoring key (CED) stored in the key information storing step;
Using the content identifier (CID) read in the authoring key (CED) reading step and the authoring key use key (CEK), the authoring key (CED) read in the reading step is decrypted, and the content identifier (CID) A decryption step of obtaining a content key (Kc) and a second content key (EKc) of the content data (Content) specified by;
An encryption step of encrypting the content data (Content) with the decrypted content key (Kc) obtained in the decryption step and generating authored encrypted content data (E (Kc, Content)). Included,
The content storage step is performed by content storage means provided in the authoring device;
The content storage step is performed by content storage means provided in the authoring device;
The key information storing step is executed by a key information storing means provided in the authoring device;
The reading step is performed by reading means provided in the authoring device;
The decryption step is performed by a content key (Kc) decryption means provided in the authoring device;
The authoring method according to claim 1, wherein the encryption step is executed by a content encryption unit provided in the authoring device.

Images