JP3917395B2 - Content distribution method, content distribution device, content illegal copy inspection method, content illegal copy inspection device, content distribution program, content illegal copy inspection program, and computer-readable recording medium recording these programs - Google Patents

Description

[0001]
BACKGROUND OF THE INVENTION
  The present invention encrypts content by embedding digital watermark information.TechniqueContent distribution method and apparatus for distributing content encrypted byDistribution techniquesBy techniqueDistributedContent illegal copy inspection method and apparatus for inspecting illegal copy of contentAnd soContent distribution program and program used for realizing the content distribution methodA computer-readable record ofRecording medium, content illegal copy inspection program used for realizing the content illegal copy inspection method, and the program recorded thereinComputer readableAnd a recording medium.
[0002]
[Prior art]
Digital data can be copied without deterioration and is easily redistributed using a network. Digital watermarking is used as a countermeasure against this. Digital watermarking is a technique for embedding other information in content such as images and sounds in a form that is difficult to recognize by human vision and hearing.
[0003]
One method of using digital watermark for content protection is a method of embedding information related to the copyright of the content. This embeds the author's name and identifier of the content with a digital watermark, and makes it possible to assert a legitimate right by this information when distributing the copy.
[0004]
However, the protection by embedding information related to copyrights does not provide information on illegal copying from a digital watermark, and the effect of measures against illegal copying is weak.
[0005]
The second digital watermark utilization method embeds information related to a user of content as a digital watermark. In this case, when the content is sold or transferred to the user, the user information is embedded in the content as a digital watermark.
[0006]
In this case, the digital watermark information embedded in the illegally copied content makes it possible to identify the user to whom the content was originally sold or transferred, and information on the path of illegal copy can be obtained. Higher than when embedding information related to.
[0007]
On the other hand, when embedding copyright information, since the digital watermark information to be embedded in the same content is unique, it is possible to distribute a large amount of data embedded with the same digital watermark.
[0008]
On the other hand, when embedding user information, even if it is embedded in the same content, the digital watermark information differs for each user at the distribution destination, and it is necessary to generate new content data for each distribution destination. . This causes a problem that not only a very large load is imposed on the content provider, but also mass distribution of content such as a CD-ROM or broadcast becomes impossible.
[0009]
In order to solve this problem, the invention described in Japanese Patent Laid-Open No. 10-191025 disclosed by the present applicant has proposed a method for embedding a digital watermark on the user side.
[0010]
In the present invention, content is scrambled and sent to the user, and separately from this, data obtained by synthesizing the descrambling key and user information embedded as a digital watermark is sent to the user. The user unscrambles when using the content, but the descrambler has a digital watermark embedding function. At the same time as the descrambling key, the user information sent is descrambled using the digital watermark. Embed it in the content.
[0011]
This makes it possible for a content user to embed an electronic watermark, thereby reducing the load on the content provider and enabling compatibility with content distribution by CD-ROM or broadcast.
[0012]
[Problems to be solved by the invention]
However, since this method (the method of the invention described in Japanese Patent Laid-Open No. 10-191025) is composed of two processes of descrambling and watermark embedding, when only the process of descrambling is illegally extracted, There is a risk that content not embedded with a digital watermark is generated.
[0013]
In this method, information to be embedded as a watermark is included in the information sent to the user. Therefore, if the sent user information is falsified before being embedded as a digital watermark, a false User information may be embedded in content.
[0014]
The present invention is intended to solve such a problem. While embedding user information in content as a digital watermark efficiently on the user side, the user side illegally embeds digital watermark information. An object of the present invention is to provide a new technique for embedding digital watermark information that can be canceled or embedded with false digital watermark information.
[0015]
[Means for Solving the Problems]
  [1] Configuration of content distribution apparatus of the present invention
  In order to achieve the above object, the content distribution device of the present invention includes (1) dividing means for dividing content into a plurality of divided parts, and (2) processing all or part of the divided parts divided by the dividing means. As the divided parts to be processed, the divided parts to be processed are prepared for a number of different pieces of digital watermark information prepared in advance, and each of the prepared divided parts to be processed is selected from the digital watermark information. Separate digital watermark information is selected and embedded one by one. On the other hand, for each of the divided parts other than the divided part to be processed, only one is prepared regardless of the number of the digital watermark information. An embedding means for preventing embedding; (3) each divided portion in which digital watermark information is embedded; and each divided portion in which digital watermark information is not embedded are encrypted. And (4) for each divided portion divided from the content, the encryption used for encrypting the divided portion. By generating a key bundle that is a combination of encryption keys configured by selecting separate encryption keys one by one from the keys, and generating the key bundle for all combinations of encryption keys, Generation means for generating a set for the key ring; (5) content distribution means for distributing encrypted content composed of a set of all divided portions encrypted by the encryption means to all distribution destination users; (6) Select one key ring not distributed to the distribution destination user from the set of key rings, and distribute the encrypted data of the selected key ring to the distribution destination users who have not distributed the key ring. Key ring distribution means (7) Correspondence between the distribution destination user and the key ring distributed to the distribution destination user, or the correspondence between the distribution destination user and the digital watermark information read from the content decrypted by the key ring distributed to the distribution destination user And a recording unit that records the correspondence of any one of the relationships in the memory as a distribution record.
  When adopting this configuration, there may be further provided list generation means for generating a list of correspondence between the key ring and the digital watermark information read from the content decrypted by the key ring.
  When this list generation means is provided, the key ring distribution means selects the electronic watermark information obtained from the ID of the distribution destination user as the electronic watermark information issued to the distribution destination user and read from the content. In some cases, a key bundle associated with the selected digital watermark information is selected in accordance with the correspondence list generated by the list generation means, and the selected key bundle is distributed to the distribution destination user. Further, the key ring distribution means selects the digital watermark information that has not been issued so far as the digital watermark information to be read from the content issued to the distribution destination user, and the correspondence generated by the list generation means There is a case where processing is performed such that a key ring associated with the selected digital watermark information is selected according to the relation list, and the selected key ring is distributed to the distribution destination user.
  Further, when adopting this configuration, when the digital watermark information to be embedded in the content is given, a key bundle associated with the digital watermark information is obtained according to a prescribed conversion, thereby obtaining the key bundle and the key. There may be provided a specifying means for dynamically specifying the correspondence with the digital watermark information read from the content decoded by the bundle.
  When this specifying means is provided, the key ring distribution means selects digital watermark information obtained from the ID of the distribution destination user as electronic watermark information to be read from the content issued to the distribution destination user, There is a case in which a key ring associated with the selected digital watermark information is selected according to the correspondence relationship specified by the specifying means, and processing is performed to distribute the selected key ring to the distribution destination user. In addition, the key ring distribution means selects the digital watermark information that has not been issued so far as the digital watermark information that is issued to the distribution destination user and is read from the content, and the correspondence relationship specified by the specification means Accordingly, the key bundle associated with the selected digital watermark information may be selected and processing may be performed to distribute the selected key bundle to the distribution destination user.
  [2] Configuration of content illegal copy inspection apparatus of the present invention
  In order to achieve the above object, the content illegal copy inspection device of the present invention performs an illegal copy of the content with the content to be distributed and decrypted by the content distribution device of the present invention as the inspection target. A content illegal copy inspection device to be inspected, comprising: (1) reading means for reading digital watermark information embedded in the content to be inspected; and (2) content of the present invention using the digital watermark information read by the reading means as a key. A list recorded as a distribution record by a distribution device, which describes a correspondence relationship between a content distribution destination user and digital watermark information read from content decrypted by a key ring distributed to the distribution destination user. By referencing, a specifying means for specifying a regular distribution destination user of the contents to be inspected; (3) a distribution destination user identified legitimate identification means, configured to include an inspection means for the user who owns the content to be inspected to check whether or not the match.
  In order to achieve the above object, the content illegal copy inspection apparatus according to the present invention uses the content that is distributed and decrypted by the content distribution apparatus according to the present invention as an inspection target, and illegally checks the content. A content illegal copy inspection apparatus for inspecting a copy, wherein (1) reading means for reading electronic watermark information embedded in the content to be inspected, and (2) the electronic watermark information read by the reading means as a key It corresponds to the digital watermark information read by the reading means by referring to the list describing the correspondence between the key ring and the digital watermark information read from the content decrypted by the key ring generated by the content distribution apparatus A key ring specifying means for specifying the key ring to be attached, and (3) the key ring specified by the key ring specifying means as a key. The list is recorded as a distribution record by the content distribution apparatus of the present invention, and is checked by referring to the list describing the correspondence between the content distribution destination user and the key ring distributed to the distribution destination user. Whether the distribution destination user identification means for identifying the regular distribution destination user of the target content matches the (4) regular distribution destination user identified by the distribution destination user identification means and the user who owns the content to be inspected And an inspection means for inspecting whether or not.
  In order to achieve the above object, the content illegal copy inspection apparatus according to the present invention uses the content that is distributed and decrypted by the content distribution apparatus according to the present invention as an inspection target, and illegally checks the content. A content illegal copy inspection apparatus for inspecting a copy, wherein (1) reading means for reading electronic watermark information embedded in the content to be inspected, and (2) corresponding to electronic watermark information read by the reading means in accordance with prescribed conversion A key ring specifying means for specifying a key ring to be attached; and (3) a list recorded as a distribution record by the content distribution device using the key ring specified by the key ring specifying means as a key, Content to be inspected by referring to a list that describes the correspondence with the key ring distributed to the distribution destination user Distribution destination user specifying means for specifying a regular distribution destination user, and (4) Checking whether the regular distribution destination user specified by the distribution destination user specifying means matches the user who owns the content to be inspected. And an inspection means to be configured.
  FIG. 1 illustrates an example of a system configuration including the present invention.
  Next, the outline of the present invention will be described with reference to FIG.
[0016]
  In the figure, 1 is a content provider comprising the present invention, 2-i (i = 1 to n)IsThe user terminal 3 is a content illegal copy inspection organization provided with the present invention.
[0017]
  Content provider 1 comprising the present inventionTo implement the present invention.Content encryption device 10And coEquipped with content distribution device 11YeahUser terminal 2-iIsContent illegal copy inspection organization 3 having a content decoding apparatus 20 and the present inventionIs a bookThe content illegal copy inspection apparatus 30 of the invention is provided.
[0018]
  (1) Configuration of content encryption apparatus 10
  Main departureCo that is prepared to realize MingThe content encryption device 10 uses the content to be encrypted as the processing target.(A)Means for dividing the content into a plurality of parts;(B)Means for embedding a plurality of different digital watermark information for each of the divided parts to be processed, with all or part of the divided parts as processing targets;(C)Means for encrypting the divided part in which the digital watermark information is embedded and the divided part in which the digital watermark information is not embedded, using different encryption keys;(D)A key bundle used for decrypting encrypted content by selecting one encryption key for each divided portion from the set of encryption keys used for each divided portion.Set ofAnd generating means.
[0019]
  (2) Configuration of content decryption device 20
  CoContent decoding device 20IsA set of encrypted contents generated by the content encryption apparatus 10 is to be decrypted.(A)Means for obtaining one of the key rings generated by the content encryption device 10;(B)Means for extracting an encrypted content portion associated with each encryption key constituting the acquired key ring;(C)Means for decrypting the extracted encrypted content part with an encryption key associated therewith;(D)And a means for restoring the content by integrating the decrypted content portions.
[0020]
  hereAndThe content decrypting device 20 is provided with a means for decrypting the key bundle distributed from the content provider 1 in response to the encryption.
[0021]
  (3) Configuration of content distribution apparatus 11
  Main departureCo that is prepared to realize MingContent distribution device 11IsA set of encrypted contents generated by the content encryption device 10 is a distribution target.(A)Means for distributing a set of encrypted contents generated by the content encryption apparatus 10 to all distribution destinationsAnd (b)Key generated by the content encryption device 10Select one key ring from the unselected key rings included in the bundle set.To distribute the encrypted key ring to the distribution destination.And (c) the correspondence between the distribution destination and the key ring distributed to the distribution destination is recorded as a distribution record, or the electronic data read from the distribution destination and the content decrypted by the key ring distributed to the distribution destination And a means for recording a correspondence relationship with the watermark information as a distribution record.
[0022]
  FurtherAndContent distribution device 11(D) keyMeans for generating a list of correspondences between a bundle and digital watermark information read from the content decrypted thereby,(E)Correspondence between the key ring and the digital watermark information read from the content decrypted by obtaining the key ring that realizes the embedding according to the specified conversion when the digital watermark information to be embedded in the content is given There may be provided means for dynamically identifying the relationship.
[0023]
  (4) Configuration of content illegal copy inspection device 30
  Content illegal copy inspection apparatus 30 of the present inventionIs distributed and distributed by the content provider 1 equipped with the present invention.The content decrypted by the content decryption device 20 is the inspection target.(A)Means for reading digital watermark information embedded in the content to be inspected;(B)Using the read digital watermark information as a keyAndA correspondence list (a list of correspondence between the content distribution destination user and the digital watermark information read from the content decrypted by the key ring distributed to the distribution destination user) recorded by the content distribution apparatus 11 as a distribution record. By referring to, means for identifying the authorized distribution destination user of the content to be inspected,(C)A means for inspecting whether or not the specified regular distribution destination user matches the user who owns the content to be inspected is configured.
[0024]
  Here means to refer to the listIsThe list may be obtained from the content distribution apparatus 11 and referred to.AndThe list may be referred to by inquiring to the content distribution apparatus 11.
[0025]
  Also, the content illegal copy inspection device 30 of the present invention.Is distributed and distributed by the content provider 1 equipped with the present invention.The content decrypted by the content decryption device 20 is the inspection target.(A)Means for reading digital watermark information embedded in the content to be inspected;(B)The specified conversion was appliedRBy referring to the list of correspondence generated by the content distribution apparatus 11 (list of correspondence between the key ring and the digital watermark information read from the content decrypted thereby), embedding of the read digital watermark information is performed. Means for identifying the key ring to be realized;(C)Using that identified key ring as a keyAndThe content distribution apparatus 11 refers to a list of correspondences recorded as a distribution record (a list of correspondences between content distribution destination users and key bundles distributed to the distribution destination users), so that the content of the content to be inspected can be properly registered. A means of identifying the distribution destination user;(D)A means for inspecting whether or not the specified regular distribution destination user matches the user who owns the content to be inspected is configured.
[0026]
  Here means to refer to the listIsThe list may be obtained from the content distribution apparatus 11 and referred to.AndThe list may be referred to by inquiring to the content distribution apparatus 11.
[0027]
  Configured in this wayA content provider 1 having the present invention comprising a content encryption device 10 and a content distribution device 11.For example, as shown in FIG._1,c_{2, ...,}c_L) And the L divided parts c_iFor example, digital watermark operation w_{i, j}After embedding the digital watermark information “0”, “1” using (i is the identifier of the divided portion and j is the identifier of the digital watermark information to be embedded), the encryption key k_{i, j}(I is an identifier of the divided portion, j is an identifier of the digital watermark information), thereby generating content distribution data composed of a set of the encrypted content and the encryption key k_{i, j}To L divided parts c_iOne encryption key for each_{i, j}To select a key ring K used for decrypting the content c._j(J = 1-2^L) Is generated.
[0028]
  ThisKiThe content distribution device 11 is a key ring K_jAnd digital watermark information d read from the content decrypted thereby_j(In the example of FIG. 2, a list of correspondence relationships between “0” and “1” enumerated data) is generated.
[0029]
  ContinuedAndAs shown in FIG. 3, the content distribution apparatus 11 distributes the generated content distribution data to all the user terminals 2-i (eight user terminals in the example of FIG. 3), and each user terminal One key ring K for 2-i_jAnd select the selected key ring K_jDistribute the encrypted version of
[0030]
This key bundle K_jIs selected from, for example, digital watermark information (for example, digital watermark information d associated with the binary representation of the ID) obtained from the ID of the distribution destination user._j) And a key ring K that has been generated_jAnd digital watermark information d_jThe key bundle K is generated by selecting a key bundle associated with the digital watermark information in accordance with the list of correspondence relations with the digital watermark information or by selecting unpublished digital watermark information._jAnd digital watermark information d_jThis is performed by selecting a key bundle associated with the digital watermark information in accordance with the list of correspondence relations.
[0031]
Where key ring K_jAnd digital watermark information d_jDigital watermark information d_jIs given in accordance with the prescribed conversion, the watermark information d_jKey bundle K for embedding_jMay be specified dynamically. For example, the digital watermark information d “00000000”_j2, if described in the example of FIG. 2, by arranging eight “0” s, the digital watermark information d_jKey bundle K for embedding_jIs
K_j= K_1,1, k_2,1, k_3,1,. . . . . . , K_{L, 1}
The given watermark information d at that time_jKey ring K associated with_jMay be specified dynamically.
[0032]
  When performing such distribution processingAndIn order to enable content illegal copy inspection by the content illegal copy inspection device 30 of the present invention, the content distribution apparatus 11 includes the distribution destination user ID and the distribution destination user as a distribution record as shown in FIG. Key ring K distributed to_jOr the ID of the distribution destination user and the key ring K distributed to the distribution destination user_jWatermark information d read from the content decrypted by_jCorrespondence between “0” and “1” in the example of FIG. 3 is recorded.
[0033]
  oneOneContent decoding device 20IsThe key distribution distributed from the content distribution apparatus 11 is received, the encrypted content portion associated with each encryption key constituting the key ring is extracted from the received content distribution data, and the extracted encrypted content is extracted. The content is restored by decrypting the portion with the encryption key associated therewith and integrating the decrypted content portion.
[0034]
In the content restored in this way, digital watermark information unique to the distribution destination user is embedded in accordance with the distributed key ring. In addition, embedding of the digital watermark information unique to the distribution destination user is performed on the user side of the distribution destination.
[0035]
  On the other hand, the content illegal copy inspection device 30 of the present invention, when given content to be inspected, reads digital watermark information embedded in the content and uses it as a key.AndReference is made to a list of distribution records recorded by the content distribution apparatus 11 (a list of correspondence between content distribution destination users and digital watermark information read from content decrypted by a key ring distributed to the distribution destination users). Thus, the authorized distribution destination user of the content to be inspected is specified, and whether or not the user who owns the content to be inspected is an authorized content owner is inspected accordingly.
[0036]
  Also, in the content illegal copy inspection device 30 of the present invention, when a content to be inspected is given, the digital watermark information embedded in the content is read and subjected to prescribed conversion, thereby embedding the read digital watermark information. Identify the key ring that realizesAndBy referring to a list of distribution records recorded by the content distribution apparatus 11 (a list of correspondences between content distribution destination users and key rings distributed to the distribution destination users), regular distribution of the contents to be inspected is performed. The previous user is specified, and it is inspected whether the user who owns the content to be inspected is an authorized content owner.
[0037]
In the content to be inspected in this way, digital watermark information unique to the legitimate content owner is embedded, which indicates whether or not the content owner is the legitimate owner, When unauthorized copying is performed, it can be detected from which content owned by the authorized content owner the copying is performed.
[0038]
In this way, according to the present invention, the user side takes the form of embedding digital watermark information unique to the user into the content, and the digital watermark information to be embedded at that time and the embedding process are actually key bundles. This is used and controlled on the providing side, so that it is possible to prevent the user from illegally canceling the embedding of the digital watermark information or embedding the fake digital watermark information.
[0039]
When an illegal copy of content is performed, it can be accurately detected, and the copy source can be accurately detected.
[0040]
As described above, in the present invention, the content is divided into a plurality of parts, a plurality of digital watermarks are prepared for each of the divided parts, and the digital watermark for each user is extracted from the extracted divided parts. A configuration is adopted in which a combination of digital watermark values is used, whereby the amount of data to be prepared as digital watermarked content can be reduced.
[0041]
That is, as in the past, when user information is embedded directly as digital watermarks in content, it is necessary to embed digital watermarks in n ways for n users. The number of embedded digital watermarks is n. Assuming that the data amount of the original content is C, even if it is assumed that there is no increase in the data amount due to the digital watermark, the total data amount of the content with the digital watermark is C × n. As the number of users increases, the number of embeddings becomes enormous and the amount of data becomes enormous.
[0042]
As described above, according to the conventional technology, the burden on the provider is large due to the problem of the number of times of embedding the watermark, and due to the problem of the data amount, it is not possible to distribute the contents prepared in advance by CD-ROM or broadcasting. It is possible.
[0043]
On the other hand, in the method of the present invention, when m parts are extracted from content and k types of digital watermark data are associated with each part,^mVarious types of digital watermarks can be embedded. For n users, the digital watermark is embedded approximately “k × log n ÷ lon k” times, which is very small compared to n. In addition, the amount of data for realizing a combination of digital watermarks for distinguishing all n users is proportional to this, and therefore is much smaller than C × n.
[0044]
Further, if the total C ′ of the extracted portions (the total of the portions to be subjected to the digital watermark embedding process of the present invention) is made smaller than the data amount C of the content, the data embedded with the digital watermark for different users is obtained. The amount of data to be prepared in advance is “C ′ × log n ÷ lon k”, and the amount of data for adding digital watermark information for n users is smaller than that of the original content C, and it is for all users in advance. It is possible to prepare a digital watermark-added content and distribute it on a CD-ROM or the like, or distribute it by broadcasting or downloading from a server.
[0045]
DETAILED DESCRIPTION OF THE INVENTION
Hereinafter, the present invention will be described in detail according to embodiments.
[0046]
Before going into the description of the invention, a mathematical preparation is made.
[0047]
For the content encoding format F, a division operation Ω that satisfies the following properties and its inverse transform are prepared. The format F here refers to bitmap encoding in image encoding, JPEG, MPEG in moving image encoding, MP3 in audio encoding, and the like.
[0048]
(1) [Property Ω: Property of Ω]
Content c encoded in format F is divided into a plurality of (L) parts c by dividing operation Ω.₁, c₂,_....., c_LIt is divided into. This is written as C = Ω (c). Here, C is a sequence of divided parts, and C = c₁, c₂,_....., c_LIt is.
[0049]
The division operation Ω can be defined by its inverse transformation Ω ′ (referred to as a combination operation), and the series C = c of the divided part of Ω ′₁, c₂,_....., c_LBy applying to the above, it is possible to generate the content c ′ that satisfies the format F. This is expressed as c ′ = Ω ′ (C) or c ′ = Ω ′ (c₁, c₂,_....., c_L). (End of description of this property).
[0050]
Next, for the format F and the operation Ω, a series of a set of operations (becomes digital watermark operations) for the divided part of the content satisfying the following properties:
W = v₁, v₂,_....., v_L
However, v_i= (W_{i, 1}, w_{i, 2}, ..., w_{i, Ni}), (I = 1 to L)
Prepare.
[0051]
(2) [Property W1: Property of W]
A set of operations v for each of the i-th (i = 1, 2,..., L) divisions due to the content division performed by Ω_iTo correspond. I-th divided part c of content c by Ω_iAnd v_iArbitrary operation w_{i, k}The data obtained by applying_{i, k}(C_i).
[0052]
Where v_iAny operation w for each i from (i = 1, 2,..., L)_{i, k}Select operations one by one and consist of a sequence of operations for each segment.
w = w_{1, k1} , w_{2, k2} , ..., w_{L, kL}
And apply this to the sequence C of the divided part as follows.
[0053]
w (C) = w_{1, k1}(C₁), w_{2, k2}(C₂), ....., w_{L, kL}(C_L)
At this time, data obtained by applying Ω 'to this
c^w= Ω '(w (C)) = Ω' (w_{1, k1}(c₁), w_{2, k2}(c₂), ...., w_{L, kL}(c_L))
Will satisfy F again if the original content c satisfies the encoding format F. (End of description of this property).
[0054]
For a certain content c satisfying the encoding F and the division operation Ω, when W satisfies the following properties, it is assumed that W embeds an identifier in c, and the operation in W is assigned to each target. This is called an identifier embedding operation.
[0055]
(3) [Property W2: Property of W]
Two operations on the sequence of split parts taken from W₁, w₂
w₁= W_{1, k1} , w_{2, k2} , ..., w_{L, kL}
w₂= W_{1, m1} , w_{2, m2} , ..., w_{L, mL}
Does not match, that is, w₁, w₂Operation w for a certain divided part_{j, kj}And w_{j, mj}Is different from c,₁And w₂Are integrated to obtain different content data. That means
Ω '(w₁(Ω (c))) ≠ Ω '(w₂(Ω (c)))
It becomes. (End of description of this property).
[0056]
Next, for the identifier embedding operation W, a data read operation R (which becomes a digital watermark read operation) satisfying the following two properties is prepared.
[0057]
(4) [Property R1: Property of R]
Different operations w on any two different series of splits taken from one W₁And w₂And against
R (Ω '(w₁(Ω (c)))) ≠ R (Ω ′ (w₂(Ω (c))))
And the operation w for the sequence of any divided part
R (c) ≠ R (Ω ′ (w (Ω (c))))
Is established. Here, R (c) includes a case where data cannot be read (R (c) = φ, read error). (End of description of this property).
[0058]
(5) [Property R2: Independent reading of data content by R]
When there is an operation w for a sequence of divided parts taken from a certain W and different contents ca and cb satisfying the format F
R (Ω ′ (w (Ω (ca)))) = R (Ω ′ (w (Ω (cb))))
It becomes.
[0059]
That is, when the same digital watermark information is embedded in different contents, the same digital watermark information can be read by performing a data reading operation R from the contents. (End of description of this property).
[0060]
By applying the data reading operation R to the content c, certain data d = R (c) can be extracted. Here, the method of taking the identifier embedding operation w for the sequence of divided parts is “N₁× N₂× ・ ・ ・ × N_LThere are kinds. From now on, the data read out from R differs depending on the operation Ω ′ (w (Ω (c)))).₁× N₂× ・ ・ ・ × N_L"Indicates that content is available.
[0061]
When R satisfies [Property R2], if w is the same, the same data can be read regardless of the content. (Preparation finished).
[0062]
An embodiment of the present invention that realizes secure distribution of content based on the above preparation will be described.
[0063]
Here, in the following description, for the convenience of explanation, it is assumed that visible information such as an identifier is used as digital watermark information embedded in content. However, the present invention is limited to embedding such digital watermark information. In short, the present invention can be applied as it is to a digital watermark configured by embedding contents having different properties in content. Also, the content is not limited to images.
[0064]
  FIG. 4 shows a content provider having the present invention shown in FIG.1'sDiagram of an example of functional configurationAnd also shows an example of the functional configuration of the user terminal 2 shown in FIG.FIG. 5 shows an embodiment of the functional configuration of the content illegal copy inspection institution 3 having the present invention shown in FIG.
[0065]
As shown in FIG. 4, the content provider 1 having the present invention generates a content distribution data generation unit 100 that generates encrypted content distribution data for transmitting content to the user terminal 2. A content distribution data storage unit 101 that stores content distribution data, a content distribution data transmission unit 102 that transmits the stored content distribution data to the user terminal 2, and a key bundle used to decrypt the content distribution data A key ring generation unit 103 for generating the key ring, a key ring identifier correspondence list 104 for managing a correspondence relationship between the generated key ring and an identifier (digital watermark information unique to the user) read from the decrypted content, When an identifier to be embedded in the content is given, the key ring that realizes the embedding is moved. An identifier key ring conversion unit 105 specified for the key, a key ring selection unit 106 for selecting a key ring specific to a transmission destination to be transmitted to the user terminal 2, and a key for encrypting the selected key ring and transmitting it to the user terminal 2 Distribution that stores the bundle transmission unit 107 and the information of the key bundle transmitted to the user terminal 2 (information on the correspondence between the user ID, the transmitted key bundle, and the identifier read from the content decrypted by the key bundle) And a recording storage unit 108.
[0066]
Here, the content distribution data generation unit 100, the content distribution data transmission unit 102, the key ring generation unit 103, the identifier key ring conversion unit 105, the key ring selection unit 106, and the key ring transmission unit 107 are specifically described. The present invention is realized by a computer program, and these computer programs can be stored in an appropriate recording medium such as a semiconductor memory readable by a computer.
[0067]
  oneYuuAs shown in FIG. 4, the user terminal 2 receives a content distribution data receiving unit 200 for receiving content distribution data transmitted from the content provider 1 and a content distribution for storing the received content distribution data. The data storage unit 201, the key ring receiving unit 202 that receives and decrypts the encrypted key ring transmitted from the content provider 1, and the received content distribution data using the received key ring And a content restoring unit 203 that restores the content by decoding.
[0068]
Here, the content distribution data receiving unit 200, the key ring receiving unit 202, and the content restoring unit 203 are specifically realized by computer programs, and these computer programs are computer-readable semiconductors. It can be stored in an appropriate recording medium such as a memory.
[0069]
On the other hand, the content illegal copy inspection organization 3 having the present invention, as shown in FIG. 5, the identifier reading unit 300 for reading the identifier (digital watermark information unique to the user) embedded in the content to be inspected, and the content provider 1 An acquisition unit 301 that acquires information of the distribution record storage unit 108 possessed by the user, a distribution record storage unit 302 that stores information of the acquired distribution record storage unit 108 (information on the correspondence between user IDs and identifiers), and an acquisition The distribution record storage unit 303 that stores the information of the distribution record storage unit 108 (the information on the correspondence between the user ID and the key ring) and the content provider 1 that has been subjected to the prescribed conversion or generated by the present invention By referring to the information in the key ring identifier correspondence list 104, the key ring associated with the identifier read from the content to be inspected is specified. Information on the key ring identification unit 304, the illegal copy inspection unit 305 that checks whether the content to be inspected is illegally copied while referring to the information in the distribution record storage unit 302, and the information in the distribution record storage unit 303 And an illegal copy inspection unit 306 for inspecting whether or not the content to be inspected is an illegally copied content.
[0070]
Here, the identifier reading unit 300, the acquisition unit 301, the key ring specifying unit 304, the illegal copy inspection unit 305, and the illegal copy inspection unit 306 are specifically realized by computer programs, and these computer programs are It can be stored in a suitable recording medium such as a semiconductor memory readable by a computer.
[0071]
In this embodiment, the content is distributed by downloading from the content provider 1 to the user terminal 2. However, as a content distribution method, other than distribution by download from a broadcast or a server or the like. In addition, there are various methods such as a method of distributing using a CD-ROM or the like, and the present invention is applicable to those distributing methods.
[0072]
(I) Description of processing of content provider 1
(A) Processing of content distribution data generation unit 100
The content distribution data generation unit 100 performs processing for generating content distribution data for distributing content to users by executing the processing flow of FIG.
[0073]
That is, first, the division operation Ω is applied to the content c to be distributed encoded in the format F, and the sequence C = c of the divided portion of the content₁, c₂,_....., c_LIs generated.
[0074]
Subsequently, a set W of identifier embedding operations is prepared, and an identifier embedding operation w for each divided portion in W is prepared._{i, j}To the corresponding split part c of C_iApply to N₁+ N₁+ ... + N_LPieces
w_1,1(c₁ ), w_1,2(c₁ ), ....., w_{1, N1}(C₁ ),
w_2,1(c₂ ), w_2,2(c₂ ), ....., w_{2, N2}(C₂ ),
_........,
w_{L, 1}(c_L), w_{L, 2}(c_L), ....., w_{L, NL}(C_L)
Is generated.
[0075]
Next, N with an embedded identifier₁+ N₁+ ... + N_LEach of the divided parts is encrypted using a separate encryption key.
[0076]
N obtained by this₁+ N₁+ ... + N_LA collection of encrypted pieces,
D =
E (k_1,1, w_1,1(c₁)), E (k_1,2, w_1,2(c₁ )), ...., E (k_{1, N1}, w_{1, N1}(c₁)),
E (k_2,1, w_2,1(c₂)), E (k_2,2, w_2,2(c₂ )), ...., E (k_{2, N2}, w_{2, N2}(c₂)),
_........,
E (k_{L, 1}, w_{L, 1}(c_L)), E (k_{L, 2}, w_{L, 2}(c_L)), ...., E (k_{L, NL}, w_{L, NL}(c_L))
Is content distribution data.
[0077]
Where k_{i, j}Indicates an encryption key, and E (k, ...) indicates encryption with the encryption key k, and thus E (k_{i, j}, W_{i, j}(c_i)) Is a divided part c of C_iThe encrypted data is embedded in the identifier.
[0078]
A set k of this encryption key_i= {K_{i, 1}, K_{i, 2}, ..., k_{i, Ni}} Is the divided part c_iThis is a set of decryption keys for data encrypted by embedding identifiers. The set of cryptographic keys k_iSimply split part c_iCall the key set for.
[0079]
Finally, the generated content distribution data is stored in the content distribution data storage unit 101.
[0080]
In executing this processing, the content distribution data generation unit 100 converts the content c into (L) parts c by the division operation Ω.₁, c₂,_....., c_LWhen dividing into parts c₁The main part, the other part c₂,_..., c_LAs the adjustment unit, these divided parts may be divided into two types of classes having different properties, and the main part may be processed so as not to perform the identifier embedding operation.
[0081]
That is, in the operation set for the divided part, v₁= (W_1,1) = (I) (I is the identity transformation).₁You may process so that operation may not be performed. At this time, c₂,_..., c_LThe amount of data in c₁Processing may be performed so that the amount of data is less than the amount of data.
[0082]
That is, it is not necessary to perform the identifier embedding operation according to the present invention for all parts of the content c, and there are some content parts that are difficult to embed digital watermarks. That portion is processed so as not to perform the identifier embedding operation according to the present invention.
[0083]
Further, when the identifier embedding operation according to the present invention is performed, the data amount of the content distribution data increases accordingly. Therefore, in order to prevent this, the main unit is provided as described above, and the main unit is not subject to the present invention. It is processed so as not to perform the identifier embedding operation.
[0084]
Instead of adopting a configuration in which the identifier embedding operation according to the present invention is not performed on this main part, processing may be performed so as to perform a fixed identifier embedding operation.
[0085]
That is, in the operation set for the divided part, v₁= (W_1,1(Only one identifier embedding operation is prepared))₁May be processed to perform a fixed operation. At this time, c₂,_..., c_LThe amount of data in c₁Processing may be performed so that the amount of data is less than the amount of data.
[0086]
Since it is preferable to embed an identifier even if it is fixed rather than embedding an identifier, a fixed identifier embedding operation is performed on the main part while reducing the data amount of content distribution data. It is processed like this.
[0087]
(B) Processing of content distribution data transmission unit 102
The content distribution data transmission unit 102 performs processing for transmitting the content distribution data stored in the content distribution data storage unit 101 to all the user terminals 2. That is, the same content distribution data is transmitted to all user terminals 2.
[0088]
(C) Processing of the key ring generation unit 103
The key ring generation unit 103 performs a process of generating a key ring used for content decryption by executing the processing flow of FIG.
[0089]
That is, first, from the content distribution data generation unit 100, each divided portion c used for generating the content distribution data_iKey set k for_iTo get.
[0090]
Subsequently, the acquired key set k_iOne key from_{i, ji}To select each c_iRepeat for N₁× N₁× ・ ・ ・ × N_LKey bundle K_j
K_j= K_{1, j1} , k_{2, j2} , ...., k_{L, jL}
Create Where j_iIs a different number for each i.
[0091]
Finally, for each key ring, the identifier d embedded by it_jIs generated, the key bundle identifier correspondence list 104 describing the correspondence between the key bundle and the identifier is generated. As illustrated in FIG. 2, the correspondence between the key ring and the identifier is obtained, and the key ring identifier correspondence list 104 is generated based on the correspondence.
[0092]
The key ring K thus generated_jIncludes one key for data obtained by embedding and encrypting an identifier in each divided part of c by Ω. Therefore, key ring K_jAs a result, data in a decrypted form is obtained one by one with an identifier embedded in each divided part of c.
[0093]
If necessary as management information, the key ring includes a key ring K_jThe key correspondence information indicating which divided portion of the content c corresponds to each key inside is attached. Correspondence between the keys and the divided parts may be, for example, a means in which an order is given to the keys in the key ring and the order of the divided parts is made to correspond to the keys.
[0094]
In this way, the value of the identifier of the restored content c ′ obtained as the total of the identifiers embedded in all the divided portions of c is determined by the configuration of the key ring, that is, the configuration of the keys included in the key ring. Will be.
[0095]
Next, a process for generating the key ring identifier correspondence list 104 will be described.
[0096]
Key ring K_jThe data embedded by d_jAnd That is
d_j= R (Ω '(w_j(Ω (c))))
And Where w_jIs K_jIs an identifier embedding operation corresponding to.
[0097]
The key ring generation unit 103 determines each key ring K according to this correspondence._jEmbedded identifier d for_jAnd its correspondence (K_j, D_j) To generate the key ring identifier correspondence list 104.
[0098]
(D) Processing of identifier key ring conversion unit 105
As will be described later, the key ring selection unit 106 selects an identifier to be embedded in the content, refers to the key ring identifier correspondence list 104, and performs processing to select a key ring associated with the identifier.
[0099]
For this processing, the key ring identifier correspondence list 104 is generated by the key ring generation unit 103. If this key ring identifier correspondence list 104 is not generated, the identifier key ring conversion unit 105 A process of dynamically specifying a key bundle associated with the key bundle selected by the bundle selection unit 106 is performed.
[0100]
Assume that the identifier to be embedded is d. Here, when the information embedded in the divided portion of the content encrypted by each key in the key ring affects the determination of the value of d independently, that is, the divided portion other than itself is determined from the value of d. If the data embedded in each divided part can be determined independently of the value embedded in, the identifier d embedded in the i-th part_iIs a function Fd_iBy
d_i= Fd_i(D)
As required. This Fd_iIs obtained from the operation R.
[0101]
In the simplest example, when content c is divided into four parts and identifiers 0 and 1 are embedded and encrypted in each divided part, and d = 0101 is given, the identifier key The bundle conversion unit 105 determines that the key bundle associated with d = 0101 is a divided portion c.₁The identifier 0 is embedded in the divided part c₂Identifier 1 is embedded in the divided part c_ThreeThe identifier 0 is embedded in the divided part c_FourA process is performed to specify that the key ring is to embed identifier 1 in
[0102]
(E) Processing of the key ring selection unit 106
When distributing content to a certain user U, the key ring selection unit 106 sets a key ring used for decrypting the content distribution data D to be transmitted separately for each user in accordance with the processing flow of FIGS. 8 (a) and 8 (b). Perform processing to select.
[0103]
That is, when following the processing flow of FIG. 8A, a function F that issues a user ID (represented by u) to each user in advance and converts u to the distribution content identifier d._userWhen (u) is prepared and the user terminal 2 designates the issued user ID and issues a key ring transmission request, first, the user ID is assigned to the function F._userBy substituting into, an identifier to be embedded in the content is obtained. Here, if u and d are in the same system, d = u, and the function F_userCan be omitted.
[0104]
Subsequently, the key bundle K associated with the identifier d is selected by referring to the key bundle identifier correspondence list 104. At this time, by issuing a conversion request to the identifier key ring conversion unit 105, processing may be performed to identify the key ring K associated with the identifier d.
[0105]
Since the selected key bundle is transmitted to the user terminal 2 that issued the key bundle transmission request by the key bundle transmission unit 107, the selected key bundle is notified to the key bundle transmission unit 107, and will be described later. For the content illegal copy inspection processing to be performed, the correspondence (u, d, K) between the ID (u) of the user of the key ring transmission destination, the obtained identifier d, and the selected key ring K is distributed and stored. Stored in the unit 108.
[0106]
On the other hand, in the case of following the processing flow of FIG. 8B, when a key ring transmission request is issued from the user terminal 2, first, an unissued identifier d is assigned to the user.
[0107]
Subsequently, the key bundle K associated with the identifier d is selected by referring to the key bundle identifier correspondence list 104. At this time, by issuing a conversion request to the identifier key ring conversion unit 105, processing may be performed to identify the key ring K associated with the identifier d.
[0108]
Since the selected key bundle is transmitted to the user terminal 2 that issued the key bundle transmission request by the key bundle transmission unit 107, the selected key bundle is notified to the key bundle transmission unit 107, and will be described later. For the content illegal copy inspection processing to be performed, the correspondence (u, d, K) between the ID (u) of the key ring transmission destination user, the assigned identifier d, and the selected key ring K is distributed and stored. Stored in the unit 108.
[0109]
Depending on the content illegal copy inspection processing method, (u, d) or (u, K) may be saved instead of saving (u, d, K) in the distribution record storage unit 108. It may be processed. Further, as the user ID (u) to be stored at this time, not only a numerical string but also a user's ID given from another system such as a mail address may be used.
[0110]
(F) Processing of key ring transmission unit 107
The key ring transmitting unit 107 performs a process of encrypting the key ring notified from the key ring selecting unit 106 and transmitting it to the user terminal 2 that issued the key ring request.
[0111]
Unlike content distribution data being uniformly transmitted to all user terminals 2, a different key ring is transmitted to each user terminal 2 as one unique to the user. Become.
[0112]
(Ii) Explanation of processing of the user terminal 2
(A) Processing of content distribution data receiving unit 200
The content distribution data receiving unit 200 performs processing for receiving the content distribution data transmitted from the content provider 1 and storing it in the content distribution data storage unit 201.
[0113]
(B) The key ring receiving unit 202 performs a process of receiving and decrypting the encrypted key ring transmitted from the content provider 1.
[0114]
(C) Processing of the content restoration unit 203
The content restoration unit 203 performs the process of restoring the content from the content distribution data transmitted from the content provider 1 by executing the processing flow of FIG.
[0115]
That is, the key ring K from the content provider 1_jUpon receiving (decrypted by the key ring receiving unit 202), the content distribution data to be decrypted is read from the content distribution data storage unit 201.
[0116]
Next, the received key ring K_jTo each divided part c_iKey k corresponding to_{i, ji}Are extracted from the content distribution data to be decrypted and their respective keys k_{i, ji}Encrypted segment E (k_{i, ji}, W_{i, ji}(C_i)).
[0117]
Subsequently, each E (k_{i, ji}, W_{i, ji}(C_i)) For k_{i, ji}By applying the decryption process_{i, ji}(C_i).
[0118]
Subsequently, w decoded in this way_{i, ji}(C_i) To apply content operation c^w
c^w= Ω '(w_{1, j1}(c₁), w_{2, j2}(c₂), ...., w_{L, jL}(c_L))
To restore.
[0119]
In the content restored at this time, an identifier unique to the user specified by the key ring transmitted from the content provider 1 is embedded in the form of a digital watermark.
[0120]
(iii) Explanation of processing by Content Illegal Copy Inspection Organization 3
(A) Processing of identifier reading unit 300
The identifier reading unit 300 performs a process of reading the identifier embedded in the content to be inspected (content restored by the user terminal 2).
[0121]
(B) Processing of the acquisition unit 301
The acquisition unit 301 acquires information of the distribution record storage unit 108 of the content provider 1 and, based on the information, associates the user ID (u) with the identifier d associated with the distribution record storage unit 302. A process of registering information on the relationship or registering information on the correspondence between the user ID (u) and the key ring K associated therewith is performed in the distribution record storage unit 303.
[0122]
(C) Processing of key ring specifying unit 304
The key ring specifying unit 304 detects the key ring associated with the identifier read from the content to be inspected by executing the same processing as the identifier key ring conversion unit 105 included in the content provider 1, By referring to the key ring identifier correspondence list 104 provided in the provider 1, processing for detecting a key ring associated with the identifier read from the content to be inspected is performed.
[0123]
(D) Process of illegal copy inspection unit 305
When the contents to be inspected are given, the illegal copy inspection unit 305 inspects whether or not the contents to be inspected are illegally copied by executing the processing flow of FIG. Process to output.
[0124]
That is, first, the ID of the user who owns the content to be inspected is input. Subsequently, the identifier read from the content to be inspected is received from the identifier reading unit 300.
[0125]
Subsequently, using the received identifier as a key, by referring to the information in the distribution record storage unit 302 (managing the correspondence between the user ID and the identifier d associated therewith), the proper ownership of the content to be inspected The user ID of the person is specified.
[0126]
Subsequently, it is determined whether or not illegal copying has been performed by determining whether or not the input user ID matches the user ID of the identified legitimate owner, and the inspection result is obtained. Output.
[0127]
(E) Process of illegal copy inspection unit 306
When the content to be inspected is given, the illegal copy inspection unit 306 checks whether the content to be inspected is illegally copied by executing the processing flow of FIG. Process to output.
[0128]
That is, first, the ID of the user who owns the content to be inspected is input. Subsequently, the key ring specified by the key ring specifying unit 304 in response to the identifier read from the identifier reading unit 300 is received from the key ring specifying unit 304.
[0129]
Subsequently, using the received key ring as a key, by referring to the information in the distribution record storage unit 303 (managing the correspondence between the user ID and the key ring K associated therewith), it is possible to verify the normality of the content to be inspected. The user ID of the owner of is specified.
[0130]
Subsequently, it is determined whether or not illegal copying has been performed by determining whether or not the input user ID matches the user ID of the identified legitimate owner, and the inspection result is obtained. Output.
[0131]
The process of the present invention configured as described above will be described in detail with reference to FIGS.
[0132]
That is, the content provider 1 having the present invention, for example, as shown in FIG.₁, c₂,_....., c_L), And each of the L divided parts c_iFor example, digital watermark operation w_{i, j}After embedding identifiers “0” and “1” using_{i, j}Is used to generate content distribution data composed of a set of these encrypted contents, and the encryption key k_{i, j}To L divided parts c_iOne encryption key for each_{i, j}To select a key ring K used for decrypting the content c._j(J = 1-2^L) Is generated.
[0133]
At this time, the content provider 1 having the present invention_jAnd an identifier d read from the content decrypted thereby_jA key ring identifier correspondence list 104 is generated that describes the correspondence relationship with “0” or “1” enumerated data in the example of FIG. 2.
[0134]
Subsequently, as shown in FIG. 3, the content provider 1 having the present invention distributes the generated content distribution data to all the user terminals 2-i, and to each user terminal 2-i. Key ring K one by one_jAnd select the selected key ring K_jDistribute the encrypted version of
[0135]
This key bundle K_jIn the selection process, for example, the ID of the distribution destination user is changed to the function F._userAn identifier is obtained by substituting in (u), and it is performed by referring to the key bundle identifier correspondence list 104 using it as a key, or by selecting an unissued identifier and using it as a key. This is done by referring to 104.
[0136]
Here, when the key ring identifier correspondence list 104 has not been generated, an identifier is designated and a conversion request is issued to the identifier key bundle conversion unit 105 so that a key bundle associated with the identifier is obtained. To process.
[0137]
When performing such distribution processing, the content provider 1 equipped with the present invention, as shown in FIG. 3, in order to enable content illegal copy inspection by the content illegal copy inspection organization 3 equipped with the present invention, as shown in FIG. As the distribution record, the correspondence (u, d, K) between the ID (u) of the user of the key ring transmission destination, the assigned identifier d, and the selected key ring K is stored in the distribution record storage unit 108.
[0138]
  oneYuuThe user terminal 2 receives the key bundle distributed from the content provider 1 having the present invention, and the encrypted content associated with each encryption key constituting the key bundle from the received content distribution data The content is restored by extracting the portion, decrypting the extracted encrypted content portion with the encryption key (decryption key) associated therewith, and integrating the decrypted content portion.
[0139]
In the content restored in this way, digital watermark information unique to the distribution destination user is embedded in accordance with the distributed key ring. In addition, embedding of the digital watermark information unique to the distribution destination user is performed on the distribution destination user side.
[0140]
On the other hand, the content illegal copy inspection organization 3 equipped with the present invention, when the content to be examined is given, reads the identifier embedded in the content, and stores it as a key, and the content provider 1 equipped with the present invention stores it. By referring to the information of the distribution record, a regular distribution destination user of the content to be inspected is specified, and it is inspected whether the user who owns the content to be inspected is a regular content owner.
[0141]
Content that is inspected in this way is embedded with a unique identifier for the legitimate content owner, which indicates whether the content owner is the legitimate owner and unauthorized copying of the content If it is performed, it becomes possible to detect from which content the authorized content owner owns the copy.
[0142]
In this way, according to the present invention, the user side takes the form of embedding digital watermark information unique to the user into the content, and the digital watermark information to be embedded at that time and the embedding process are actually key bundles. This is used and controlled on the providing side, so that it is possible to prevent the user from illegally canceling the embedding of the digital watermark information or embedding the fake digital watermark information.
[0143]
When an illegal copy of content is performed, it can be accurately detected, and the copy source can be accurately detected.
[0144]
【Example】
(1) Content distribution data generation for still image data
(B) [Division operation Ω]
Still image data is divided into vertical and horizontal n × m grids, and n × m portions are defined as divided portions. This operation is defined as a split operation Ω.
[0145]
The combination operation Ω ′ is an image of the original size by arranging n × m portions at the original positions. At this time, if header information such as an encoding parameter is present in the data of the encoding method F, this value is inherited by the data of each divided portion, and the parameter is restored at the time of combination.
[0146]
A JPEG image is divided into 8 × 8 pixel blocks, and compression coding is performed for each block. Henceforth, when dividing into a grid, the number of pixels in the vertical and horizontal directions of the grid is a multiple of the number of pixels in the block, and the image is divided into rectangular areas consisting of n ′ × m ′ blocks.
[0147]
(B) [Identifier Embedding Operation W]
For each divided portion, an identifier is embedded using an electronic watermark embedding method in an image. In the digital watermark method, by designating embedded data, a plurality of data can be embedded with the same algorithm. This operation is referred to as an identifier embedding operation W.
[0148]
That is, each w_{i, j}Is a certain data d by a common watermark algorithm w_{i, j}Is implemented as an operation of embedding in a content with a digital watermark. d_{i, j}Is d when j ≠ j ′_{i, j}≠ d_{i, j '}Take so that. The read function R is naturally defined from W.
[0149]
(C) [Encryption]
The encryption as described in the embodiment is applied to the divided portion of the content in which the identifier is embedded.
[0150]
(2) Content distribution data generation for video data
(B) [Division operation Ω]
In the MPEG encoded moving image data, a portion obtained by encoding a motion compensation vector in a P picture and a B picture is extracted for each frame, and a portion extracted from the first frame is divided into parts c₂, The part extracted from the next frame is divided into parts c_ThreeIn this way, when there are L-1 adjustment units, the motion compensation vector coding portion is assigned to the divided portion in the L-1 frame period.
[0151]
Also, the data obtained by removing the portion obtained by encoding the motion compensation vector from the encoded data of the original content c is the main part c.₁And
[0152]
The coupling operation Ω ′ is opposite to Ω, and the main part c₁The motion compensation vector is c by the reverse procedure of removing the adjustment unit from₁It is done by adding to.
[0153]
(B) [Embed identifier]
Adjustment unit c_kThe motion compensation vector assigned to is added with a displacement according to the embedded value.
[0154]
(C) [Encryption]
The encryption as described in the embodiment is applied to the divided portion of the content in which the identifier is embedded.
[0155]
(3) Distribution method (with membership registration)
The owner of the content c deposits the content at a center for creating and distributing the distribution content.
[0156]
The center creates the content distribution data D by performing the division operation Ω, the identifier embedding operation W, and the division part encryption.
[0157]
The center distributes data D for content distribution. As a distribution method here, any data distribution means such as distribution on a CD-ROM and distribution by distribution, download from a data server on the Internet, distribution by broadcast waves, distribution by e-mail, etc. may be used.
[0158]
The user obtains the distributed content distribution data D. The user decrypts the distributed content distribution data D, and requests the center for a key ring for restoring the content c. At the time of this request, the user transmits the content to be decrypted and the user ID registered in the center to the center.
[0159]
The center prepares a key ring K corresponding to the user ID. The key ring K is prepared based on the method described in the embodiment. The center sends the prepared key ring K to the user.
[0160]
For sending the key ring K, a general key distribution method is used. As one of these methods, there is a method in which the key ring K is encrypted with a delivery key k and sent. As another method, the key k is further replaced with the user's public key k._uThe key k is sent to the user in addition to the key ring K. Infoket is a typical example of key distribution.
[0161]
The user receives the key ring K and based on the “content restoration method” described in the exemplary embodiment: content c^wTo restore. Where c^wIs content with an embedded identifier.
[0162]
(4) Distribution system (no membership registration)
The owner of the content c deposits the content at a center for creating and distributing the distribution content.
[0163]
The center creates the content distribution data D by performing the division operation Ω, the identifier embedding operation W, and the division part encryption.
[0164]
The center distributes data D for content distribution. As a distribution method here, any data distribution means such as distribution on a CD-ROM and distribution by distribution, download from a data server on the Internet, distribution by broadcast waves, distribution by e-mail, etc. may be used.
[0165]
The user obtains the distributed content distribution data D. The user decrypts the distributed content distribution data D, and requests the center for a key ring for restoring the content c. At the time of this request, the user transmits content to be decrypted and authentication data obtained from a certification authority existing outside the center to the center.
[0166]
The center prepares a key ring K corresponding to the user ID. The key ring K is prepared based on the method described in the embodiment. The center sends the prepared key ring K to the user.
[0167]
The user receives the key ring K, and based on the “content restoration method” described in the embodiment, the content c^wTo restore. Where c^wIs content with an embedded identifier.
[0168]
(5) Example of still image
(B) Creation of data
An N × M pixel image is divided into n × m blocks, and C₁, C₂, ..., C_{n * m}And Each C_iIs a block of (N / n) × (M / m) pixels.
[0169]
Digital watermark embedding W for this block of (N / n) × (M / m) pixels₁, W₂, ....., W_xPrepare. This means that each block has a different value w₁, w₂, ..., w_xPerform an operation to embed
[0170]
W_jBlock C embedded with watermark by_iW_j(C_i) And each C_iAll W against_jBy applying
W₁(C₁), W₂(C₁), ..., W_x(C₁), W₂(C₂), ..., W_x(C_{n * m})
X × n × m pieces of data are created.
[0171]
This is a different key k_{i, j}Encrypt with
E (k_1,1, W₁(C₁)), E (k_2,1, W₂(C₁)), ..., E (k_{x, n * m}, W_x(C_{n * m}))
X × n × m pieces of data are created and stored in a CD-ROM or the like for delivery.
[0172]
(B) Key transmission
The content provider has a key k for each of i = 1,2,3, ...., n × m_{ji, i}Select the key ring
K = (k_j1,1 , k_j2,2 , ....., k_{jn * m, n * m})
Create
[0173]
(C) Restoration
The user receives the key ring K, and each key k in the received key ring K_{ji, i}To the corresponding encrypted watermarked block E (k_{ji, i}, W_ji(C_i))
W_j1(C₁), W_j2(C₂), ..., W_{jn * m}(C_{n * m})
And restore the image by integrating it.
[0174]
An N × M pixel still image formed by reconstructing these blocks includes:
w_j1 , w_j2 , ....., w_{jn * m}
Will be included as a watermark.
[0175]
(6) Effect of illegal copy inspection
The institution that inspects illegal copies is the content to be inspected c^wOn the other hand, the identifier d = R (c^w) To get.
[0176]
Where d is the content c^wThis is information for identifying the user who distributed the content c that is the source of the.
[0177]
The organization that inspects the illegal copy uses the content c from the read data d based on the correspondence between the identifier managed by the center and the key ring.^wThe user U of the distribution destination is identified.
[0178]
Content c^wIf the user U 'who actually possessed the user U differs from the identified user U, the content c^wIndicates that it was owned by a different user than the original distribution destination.
[0179]
With this function, it is possible to determine whether or not the content possessed by a certain user has been illegally copied, and it is possible to detect to which user the illegal copy was originally distributed.
[0180]
(7) Watermark check effect
Content c distributed in the present invention^wThe watermark is checked by checking the identifier for as follows.
[0181]
By the data reading operation R from the content, the identifier d = R (c^w).
[0182]
This d is a key ring K
K_j= K_{1, j1} , k_{2, j2} , ....., k_{L, jL}
Watermark embedding operation corresponding to
w_j= W_{1, j1} , w_{2, j2} , ....., w_{L, jL}
Uniquely corresponds to K_jIf the combination of is different, the read data d is different.
[0183]
Therefore, it is possible to identify which key ring is applied to restore the content from d read by R.
[0184]
On the key ring management side, the correspondence between the key ring K or the identifier d and the user U is managed. When (U, d) or (U, K) or (U, d, K) is managed, U can be known from d or K.
[0185]
d = F_userWhen d is determined as (u), F_userInverse function F_user ^-1Can be used to obtain u from d.
[0186]
As a result, it is possible to determine whether or not the content possessed by a certain user has been illegally copied, and it is possible to detect to which user the illegal copy was originally distributed.
[0187]
(8) Data volume reduction effect
In the present invention, content having different identifiers obtained by applying a decryption key to content distribution data is N₁× N₂× ・ ×× N_LType generated.
[0188]
The data amount of the original content is s, the divided part c₁, c₂, ..., c_LThe amount of data in s₁, s₂, ..., s_LThen c is not divided and N₁× N₂× ・ ×× N_LWhen generating content with different types of identifiers, the total amount of data is
S = N₁× N₂× ・ ・ ・ × N_L× s
It is.
[0189]
On the other hand, the size of the distribution data according to the present invention is approximately
S '= N₁× s₁+ N₂× s₂+ ... + N_L× s_L
It is.
[0190]
s ≒ s₁+ S₂+ ・ ・ + S_LTherefore, S >> S ', and according to the present invention, it is possible to prepare content having many identifiers in the same distribution data with a very small amount of data. This is suitable for mass distribution of the same content on a CD-ROM or the like.
[0191]
In particular, N_kThe larger the value of, the more s_kIf S is made smaller, S 'becomes smaller accordingly.
[0192]
When the divided part is classified into the main part and the adjusting part, the data reduction effect is further increased by taking a large amount of data in the main part and making each adjusting part a divided part composed of a small amount of data. It will be a thing.
[0193]
Although the present invention has been described according to the illustrated embodiment, the present invention is not limited to this. For example, in the embodiment, a configuration in which different digital watermark information is embedded in content using one digital watermark method is adopted, but for each divided portion of the content, a digital watermark method that matches the content attribute of the divided portion It is also possible to use a configuration of using.
[0194]
【The invention's effect】
As described above, according to the present invention, the user side takes the form of embedding digital watermark information unique to the user in the content, and the digital watermark information to be embedded at that time and the embedding process are actually a key bundle. Thus, it is possible to prevent the electronic watermark information from being illegally canceled or improperly embedded with the digital watermark information.
[0195]
When an illegal copy of content is performed, it can be accurately detected, and the copy source can be accurately detected.
[0196]
As described above, in the present invention, the content is divided into a plurality of parts, a plurality of digital watermarks are prepared for each of the divided parts, and the digital watermark for each user is extracted from the extracted divided parts. A configuration is adopted in which a combination of digital watermark values is used, whereby the amount of data to be prepared as digital watermarked content can be reduced.
[0197]
That is, as in the past, when user information is embedded directly as digital watermarks in content, it is necessary to embed digital watermarks in n ways for n users. The number of embedded digital watermarks is n. Assuming that the data amount of the original content is C, even if it is assumed that there is no increase in the data amount due to the digital watermark, the total data amount of the content with the digital watermark is C × n. As the number of users increases, the number of embeddings becomes enormous and the amount of data becomes enormous.
[0198]
As described above, according to the conventional technology, the burden on the provider is large due to the problem of the number of times of embedding the watermark, and due to the problem of the data amount, it is not possible to distribute the contents prepared in advance by CD-ROM or broadcasting. It is possible.
[0199]
On the other hand, in the method of the present invention, when m parts are extracted from content and k types of digital watermark data are associated with each part,^mVarious types of digital watermarks can be embedded. For n users, the digital watermark is embedded approximately “k × log n ÷ lon k” times, which is very small compared to n. In addition, the amount of data for realizing a combination of digital watermarks for distinguishing all n users is proportional to this, and therefore is much smaller than C × n.
[0200]
Further, if the total C ′ of the extracted portions (the total of the portions to be subjected to the digital watermark embedding process of the present invention) is made smaller than the data amount C of the content, the data embedded with the digital watermark for different users is obtained. The amount of data to be prepared in advance is “C ′ × log n ÷ lon k”, and the amount of data for adding digital watermark information for n users is smaller than that of the original content C, and it is for all users in advance. It is possible to prepare a digital watermark-added content and distribute it on a CD-ROM or the like, or distribute it by broadcasting or downloading from a server.
[Brief description of the drawings]
FIG. 1 is an example of a system configuration including the present invention.
FIG. 2 is an example of processing according to the present invention.
FIG. 3 is an example of processing according to the present invention.
FIG. 4 is an example of an embodiment of the present invention.
FIG. 5 is an example of an embodiment of the present invention.
FIG. 6 is an example of a processing flow executed by a content distribution data generation unit.
FIG. 7 is an example of a processing flow executed by a key ring generation unit.
FIG. 8 is an example of a processing flow executed by a key ring selection unit;
FIG. 9 is an example of a processing flow executed by a content restoration unit.
FIG. 10 is an example of a processing flow executed by an illegal copy inspection unit.
FIG. 11 is an example of a processing flow executed by an illegal copy inspection unit.
[Explanation of symbols]
1 Content provider
2 User terminal
3 Content illegal copy inspection organization
10 Content encryption device
11 Content distribution device
20 Content decryption device
30 Content illegal copy inspection device
100 Content distribution data generator
101 Data distribution unit for content distribution
102 Content distribution data transmitter
103 Key ring generator
104 Key ring identifier correspondence list
105 Identifier key ring converter
106 Key ring selector
107 Key ring transmitter
108 Distribution record storage
200 Content distribution data receiver
201 Data distribution unit for content distribution
202 Key ring receiver
203 Content restoration unit
300 Identifier reading unit
301 Acquisition unit
302 Distribution record storage
303 Distribution record storage
304 Key ring identification part
305 Illegal Copy Inspection Department
306 Illegal Copy Inspection Department

Claims (19)

It is performed by the content distribution apparatus comprising a dividing means and embedding means and encryption means and generating means and the content distribution means and the key ring distribution means and recording means, for distributing encrypted content embedded with electronic watermark information In the content distribution method,
The dividing means divides the content into a plurality of divided portions,
The embedding unit prepares all or a part of the divided parts divided by the dividing unit as the divided parts to be processed, and prepares the divided parts to be processed by the number of different digital watermark information prepared in advance, For each of the prepared division parts to be processed, separate digital watermark information is selected and embedded one by one from the digital watermark information prepared in advance, while each division other than the division part to be processed For the part, only one is prepared regardless of the number of digital watermark information prepared in advance, and the digital watermark information is not embedded,
The encryption means uses each divided portion in which the digital watermark information is embedded and each divided portion in which the digital watermark information is not embedded as encryption targets, and separately separates the divided portions to be encrypted. Using the encryption key of
The generation means is a combination of encryption keys configured by selecting separate encryption keys one by one from among the encryption keys used for encrypting the divided portions divided from the content. Generate a set of keys for the key set by generating a set of keys for all the combinations of encryption keys,
The content distribution means distributes encrypted content composed of a set of all divided parts encrypted by the encryption means to all distribution destination users,
The key ring distribution means selects one key ring that is not distributed to the distribution destination user from the set of key rings, and distributes the key ring with the encrypted data of the selected key ring. Distribute to users who do not distribute
The recording means includes a correspondence relationship between the distribution destination user and the key ring distributed to the distribution destination user, or digital watermark information read from the content decrypted by the key ring distributed to the distribution destination user and the distribution destination user. Recording one of the correspondences with the memory as a distribution record,
Feature content distribution method. The content distribution method according to claim 1,
The content distribution apparatus further includes list generation means,
The list generating means, and Turkey to generate a list of correspondence between the digital watermark information read from the content that is more decryption to the key ring and the key ring,
Feature content distribution method. The content distribution method according to claim 2 ,
The key ring distribution means, issued to distribution destination user, as the electronic watermark information to be read out from the content, select the electronic watermark information obtained from the ID of the distributed destination user, the generation of the list generating means the list of correspondence was therefore select the key bundle which is associated to the selected electronic watermark information, and Turkey to distribute the selected the key-ring to the distribution destination user,
Feature content distribution method. The content distribution method according to claim 2 ,
The key ring distribution means, issued to distribution destination user, as the electronic watermark information to be read out from the content, select the issued non electronic watermark information so far, and generating the list generating means the list of correspondence Therefore, by selecting the key bundle which is associated to the selected electronic watermark information, and Turkey to distribute the selected the key-ring to the distribution destination user,
Feature content distribution method. The content distribution method according to claim 1,
The content distribution apparatus further includes a specifying unit,
It said specifying means, when the electronic watermark information to be embedded in the content is provided, in accordance with the conversion of the provisions, by obtaining the Kikagitaba upper associated to the electronic watermark information, the key-ring and the key and Turkey dynamically identify to the correspondence between the digital watermark information read from the content that is more decoded bundle,
Feature content distribution method. The content distribution method according to claim 5 ,
The key ring distribution means, issued to distribution destination user, as the electronic watermark information to be read out from the content, select the electronic watermark information obtained from the ID of the distributed destination user, identified in the specific means in correspondence Therefore, by selecting the key bundle which is associated to the selected electronic watermark information, and Turkey to distribute the selected the key-ring to the distribution destination user,
Feature content distribution method. The content distribution method according to claim 5 ,
Corresponding the key ring distribution means, as the electronic watermark information to be issued to the distribution destination user, read from the content, select the issued have not electronic watermark information so far identified in the specific means the relationship Thus, by selecting the key bundle which is associated to the selected electronic watermark information, and Turkey to distribute the selected the key-ring to the distribution destination user,
Feature content distribution method. In a content distribution device that distributes encrypted content in which digital watermark information is embedded,
A dividing means for dividing the content into a plurality of divided portions;
All or part of the divided parts divided by the dividing means are set as the divided parts to be processed, and each divided part to be processed is prepared for the number of different pieces of digital watermark information prepared in advance. For each of the divided parts, one piece of digital watermark information is selected and embedded from among the digital watermark information. On the other hand, for each divided part other than the divided part to be processed, the number of the digital watermark information An embedding unit that prepares only one regardless of whether the electronic watermark information is not embedded,
Each divided part in which the digital watermark information is embedded and each divided part in which the digital watermark information is not embedded are set as encryption targets, and the divided parts to be encrypted are used with different encryption keys. Encryption means for encryption;
For each divided part divided from the content, a key bundle, which is a combination of encryption keys, formed by selecting different encryption keys one by one from the encryption keys used for encryption of the divided parts, Generating means for generating a set for the key ring by generating the key ring for all combinations of encryption keys; and
Content distribution means for distributing encrypted content composed of a set of all divided parts encrypted by the encryption means to all distribution destination users;
One key ring not distributed to the distribution destination user is selected from the set of key rings, and the encrypted data of the selected key ring is distributed to the distribution destination users who have not distributed the key ring. A key ring distribution means;
The correspondence between the distribution destination user and the key ring distributed to the distribution destination user, or the correspondence relationship between the distribution destination user and the digital watermark information read from the content decrypted by the key ring distributed to the distribution destination user A recording means for recording the correspondence relationship of any one of the above as a distribution record in a memory,
Feature content distribution device. The content distribution apparatus according to claim 8,
Comprising a list generation means for generating a list of correspondence between the key ring and digital watermark information read from the content decrypted by the key ring,
Feature content distribution device. As the inspection target content that is to be decoded is distributed to the distribution destination user by the content distributing apparatus according to claim 8, piracy content by providing a testing means and reading means specifying means a content piracy inspection method performed by to that content piracy inspection system inspection,
Up the reading means reads the electronic watermark information embedded in the contents of the inspection target,
The specific means, and the readings taken watermark information in the reading means as a key, a list of the content distribution apparatus is recorded as a distribution record, the distribution destination user of the content is distributed to the distribution destination user and the correspondence between the digital watermark information read from the content to be decrypted by the key bundle by referring to the list that describes to identify the legitimate distribution destination user of the content to be inspected,
It said inspection means includes a distribution destination user of Japanese boss was authorized the specific means, and Turkey be examined whether or not the user matches that owns the content of the test object,
Characteristic content illegal copy inspection method. As the inspection target content that is to be decoded is distributed to the distribution destination user by the content distributing apparatus according to claim 9, and a the reading means and the key chain specific means and distribution destination user identification means inspection means a content piracy inspection method performed by to that content piracy inspection apparatus inspecting a piracy content by,
Up the reading means reads the electronic watermark information embedded in the contents of the inspection target,
The key ring particular means, in the key readings taken watermark information was in the reading means, which is generated by the contents distribution apparatus, the electronic watermark information read from the content to be decoded by the key-ring and its key-ring relationship by referring to the list that describes the key ring associated with the electronic watermark information read by the above reading means to a specific and,
The distribution destination user identification means, in the key Japanese boss was key bundle of the key ring specifying means, a list of the content distribution apparatus is recorded as distributed recording, the distribution destination user of the content, the distribution destination by referring to the list that describes the correspondence relation between the key ring that is distributed to users, and identify the legitimate distribution destination user of the content to be inspected,
It said inspection means includes a regular distribution destination user identified in the distribution destination user identification means, and Turkey be examined whether or not the user matches that owns the content of the test object,
Characteristic content illegal copy inspection method. As the inspection target content that is to be decoded is distributed to the distribution destination user by the content distributing apparatus according to claim 8, and a the reading means and the key chain specific means and distribution destination user identification means inspection means a content piracy inspection method performed by to that content piracy inspection apparatus inspecting a piracy content by,
Up the reading means reads the electronic watermark information embedded in the contents of the inspection target,
The key ring specific means, according to the conversion provisions, the key ring associated with the electronic watermark information read by the above reading means and specific,
The distribution destination user identification means, in the key Japanese boss was key bundle of the key ring specifying means, a list of the content distribution apparatus is recorded as distributed recording, the distribution destination user of the content, the distribution destination by referring to the list that describes the correspondence relation between the key ring that is distributed to users, and identify the legitimate distribution destination user of the content to be inspected,
It said inspection means includes a regular distribution destination user identified in the distribution destination user identification means, and Turkey be examined whether or not the user matches that owns the content of the test object,
Characteristic content illegal copy inspection method. As inspected content to be decoded is distributed to the distribution destination user by the content distributing apparatus according to claim 8, a content piracy inspection apparatus for inspecting the illegal copying of the content,
Reading means for reading digital watermark information embedded in the content to be inspected;
By the readings taken watermark information of the read means to the key decrypting, a list in which the contents distribution apparatus is recorded as a distribution record, the distribution destination user of the content, the key ring which is distributed to the distribution destination user A specifying means for specifying a regular distribution destination user of the content to be inspected by referring to a list describing a correspondence relationship with digital watermark information read from the content to be read;
A distribution destination user of Japanese boss was authorized the specific means, further comprising an inspection means for the user to check whether the matches that owns the content of the test object,
Characteristic illegal copy inspection device. As inspected content to be decoded is distributed to the distribution destination user by the content distributing apparatus according to claim 9, a content piracy inspection apparatus for inspecting the illegal copying of the content,
Reading means for reading digital watermark information embedded in the content to be inspected;
In the key readings taken watermark information was in the reading means, the content generated by the distribution device, describes correspondence between the digital watermark information read from the content which is key-ring and decoded by the key bundle By referring to the list, a key ring specifying unit for specifying a key ring associated with the digital watermark information read by the reading unit ;
In the key Japanese boss was key bundle of the key ring specifying means, a list of the content distribution apparatus is recorded as distributed recording, the distribution destination user of the content, the key ring that was distributed to the distribution destination user A distribution destination user specifying means for specifying a regular distribution destination user of the content to be inspected by referring to a list describing the correspondence relationship of
Including an inspection unit for inspecting whether or not the regular distribution destination user specified by the distribution destination specifying unit matches the user who owns the content to be inspected .
Characteristic illegal copy inspection device. As inspected content to be decoded is distributed to the distribution destination user by the content distributing apparatus according to claim 8, a content piracy inspection apparatus for inspecting the illegal copying of the content,
Reading means for reading digital watermark information embedded in the content to be inspected;
A key ring specifying means for specifying a key ring associated with the digital watermark information read by the reading means in accordance with a prescribed conversion ;
In the key Japanese boss was key bundle of the key ring specifying means, a list of the content distribution apparatus is recorded as distributed recording, the distribution destination user of the content, the key ring that was distributed to the distribution destination user A distribution destination user specifying means for specifying a regular distribution destination user of the content to be inspected by referring to a list describing the correspondence relationship of
Including an inspection unit for inspecting whether or not the regular distribution destination user specified by the distribution destination user specifying unit matches the user who owns the content to be inspected .
Characteristic illegal copy inspection device. Claims 1 to 7 or the contents distribution program for executing an operation for implementing the content distribution method according to the computer in one of. A computer-readable recording medium contents distribution program for executing an operation for implementing the content distribution method in a computer according to any one of claims 1 to 7. A content illegal copy inspection program for causing a computer to execute processing used to realize the content illegal copy inspection method according to any one of claims 10 to 12 . A computer-readable recording medium recording a content illegal copy inspection program for causing a computer to execute processing used to realize the content illegal copy inspection method according to any one of claims 10 to 12 .

Images