JP4336131B2 - Recording apparatus, reading apparatus, program, and method - Google Patents

Description

[0001]
[Technical Department]
The present invention relates to a recording medium such as a DVD, a recording device, a reading device, and a program, and more particularly, to an improvement when a digital work is privately used on a home network.
[0002]
[Prior art]
In research and development of recording media and recording devices, how to integrate the recording media and recording devices with the home network has become a major issue. The home network is a private network constructed by connecting devices having digital interfaces with digital cables such as IEEE1394. In a home network that incorporates an STB (Set Top Box), digital TV, personal computer, or recording device, the digital data received by the personal computer or STB is transferred over the home network and played on a digital TV installed in a separate room at home. be able to. It is also possible to record on a DVD using a recording device provided in a separate room in the home. Since digital data can be shared between devices, convenience for users is dramatically increased.
[0003]
When digital data is freely distributed in a home network, the handling of video data and audio data protected by copyright holders becomes a problem. Even if it is a digital work covered by copyrights such as distribution rights, duplication rights, and transmittable rights, the act of privately copying and reproducing them on the home network is permitted. This is because the use of digital works on the home network is a private use and the copyright is not effective. A technique for recording digital video data on a DVD for private copying is described in Patent Document 1 below.
[0004]
[Patent Document 1]
Japanese Patent No. 3120444
[0005]
[Problems to be solved by the invention]
By the way, in the case of private copying, there are problems in what kind of copyright holder protection is applied to video data already recorded on a recording medium and how copying permission / inhibition is set. If there is no copyright protection, a copy obtained by a private copy in the home network may be uploaded to an Internet site without permission of the author and distributed to an unspecified number of people. However, as described in Patent Document 1, the copy control information is set to “Only One Copy” or “No More Copy” to stop private copying in the home network. Calling will suppress the right of private copying and will buy back on the user side.
[0006]
Such a problem becomes prominent when dealing with TV program works that are currently routinely used for private copying. If digital data obtained by encoding a TV program is distributed to an unspecified number of people without the author's permission, the author will suffer. This is because even if the rightful owner sells packaged software that records a TV program, it cannot be sold. On the other hand, despite the fact that copying in a good state is possible, if digital copying of such digital data is prohibited, the repulsion on the user side will increase. Conventionally, there is no copy permission / prohibition setting that adjusts the demands of both parties, and the maker has been put in a difficult position due to a pinch between the user and the copyright holder.
[0007]
The object of the present invention is to allow the user to make a private copy while prohibiting the act of uploading a digital stream over the network. Record It is to provide a recording device, a reading device, and a duplicating device.
[0008]
[Means for Solving the Problems]
The above purpose is Correspondence with determination means for determining a copy attribute for a signal input from the outside of the recording apparatus and copy control information indicating that the copy attribute is conditional copy free when the copy attribute indicates conditional copy free And writing means for writing a part of the digital stream to a recording medium, and encryption means for encrypting a part of the digital stream using a predetermined encryption key. The copy means is free to write on the copy destination recording medium, and the writing means writes the encrypted part in the recording medium in association with the check code, and the copy control information and the check code Are paired with each other and recorded on the recording medium for each part, and the check code is stored in the code using the encryption key. -A code obtained by converting control information, the value changes depending on whether the copy control information indicates conditional copy free, and determines whether the copy control information has been tampered with Recording device characterized in that it is used for Achieved by:
[0009]
The conditional copy-free is a copy-free copy that can be copied any number of times as long as the condition “write with encryption” is satisfied.
A concept that is easily confused with conditional copy-free is copy processing such as movement, migrate, and checkout. The difference between these copy processing and conditional copy free is as follows.
[0010]
“Move” is a copy process that involves deletion of copy source content, and is used when moving content between a plurality of recording media. Conditional copy-free is clearly different from this move because there is no need to delete the copy source.
The “migrate” is a transfer process on the premise that usage condition information is generated in the copy destination recording medium. Like moving, it is not required to delete the copy source, nor is it required to generate usage condition information, so it is clearly different from this migrate.
[0011]
Checkout is a type of copy that is limited in number of times. Content is copied after the copy number is decremented by one. The general difference between copying with a limited number of times and checkout is that the number of copies can be incremented. The increment of the number of copies is made after performing a process (called “check-in”) in which the content recorded on the recording medium by copying cannot be reproduced. Conditional copy-free is different from checkout because there is no limit on the number of copies. For these reasons, conditional copy-free is pure copy-free that removes restrictions such as the number of copies and deletion of the copy source, and can be performed any number of times as long as the condition of “write with encryption” is satisfied. be able to.
[0012]
DETAILED DESCRIPTION OF THE INVENTION
Hereinafter, the mode of implementation of the recording medium according to the present invention will be described. Of these implementation actions, the use action of the recording medium according to the present invention will be described. The recording medium according to the present invention is a DVD on which a digital stream in the MPEG2-PS (Program Stream) format is recorded, and is used for a user in a home network. FIG. 1 is a diagram showing a home network as a use environment of a recording medium according to the present invention.
[0013]
The home network is configured by connecting devices equipped with an IEEE1394 digital interface, such as a DVD recorder 100, STB 110, digital TV 120, HD recorder 130, etc., which are recording devices. Each device in the home network is operated by a user with a single remote controller 200. Each device in the home network can output the MPEG2-TS (Transport Stream) format digital stream received from the broadcast station to other devices via IEEE1394, and other devices have received from the broadcast station. A digital stream can be input via IEEE1394. Digital streams are freely copied in the closed world of home networks. The DVD is loaded into the DVD recorder 100 and is subjected to data writing by the DVD recorder 100. By the data writing by the DVD recorder 100, the recording medium according to the present invention is produced. However, it is prohibited to take a DVD with a digital stream in MPEG2-PS format from the home network (arrow my1) and upload it to an Internet site using an unauthorized computer (my2). The recording medium (DVD) according to the present invention plays a role of preventing a digital stream from flowing out of the home network while realizing free copying within the home network. The above is the mode of use of the recording medium according to the present invention.
[0014]
Next, a recording medium production act according to the present invention will be described. The recording medium according to the present invention is produced by performing data writing shown in FIG. 2 on a DVD.
.
FIG. 2 is a diagram detailing the configuration of a digital stream recorded on a DVD in stages. In this figure, the digital stream to be recorded on the DVD is shown in the fifth level, which is the lowest level. This digital stream is an MPEG2-PS format digital stream and is called VOB (Video Object) in the DVD-Video Recording standard. As shown in the figure, the VOB is obtained by multiplexing the video stream and the audio stream shown in the first stage. The video stream located at the first level is an array of a plurality of picture data pj1, 2, 3,. All of these picture data are displayed in one display period (also called a video frame) of the display. In the NTSC display, the video frame is about 33 msec (exactly 1 / 29.97 sec), and in the PAL display, the video frame is 40 msec. These picture data are subjected to compression coding based on the correlation between frames. Therefore, Bidirectionally Predictive (B) pictures that have been inter-frame compressed using the correlation with images to be reproduced in the past and future directions are reproduced in the picture data constituting the video stream. Predictive (P) picture that has been inter-frame compression encoded using the correlation with the image to be performed, intra-frame compression using the spatial frequency characteristics in the image for one frame without using the correlation There are types such as Intra (I) pictures that have been encoded.
[0015]
The smallest unit that can be decoded in a video stream is called GOP (Group Of Picture). A GOP is a set of picture data including at least one I picture and having a playback time of about 0.4 to 1.0 seconds. In FIG. 2, the video stream shown at the first level is divided into a plurality of GOPs at the second level. Since the compression encoding method for picture data is a variable code length method, the GOP data lengths are different from each other. Regardless of the size of each GOP when recording on a DVD, the GOP sequence is divided into a plurality of parts. The division part obtained by the division is stored in the PES packet sequence shown in the third row. On the other hand, the audio stream located on the right side of the first stage is also divided into a plurality of parts, and the divided part obtained by the division is stored in the PES packet sequence shown in the third stage. A PES (Packetized Elementary Stream) packet is a packet storing a divided portion of a video stream and an audio stream as shown in the third row of FIG. 2, and when a part of the video stream and the audio stream is decoded. “DTS (Decode Time Stamp)” indicating “” and “PTS (Presentation Time Stamp)” indicating when the partial decoding result is displayed are added to the header.
[0016]
The PES packet sequence storing the GOP sequence is divided into a plurality of parts, interleaved with the PES packets constituting the audio data (tj2), and the AV pack sequence in the VOBU is converted into the fourth and fifth levels. Constitute. Each VOBU is prefixed with an RDI-Pack (RDI in the figure).
FIG. 3 is a diagram illustrating the relationship between PES packets and AV packs. As shown in the second row of FIG. 3, the AV pack has a size of 2048 bytes, and includes a pack header and a payload. A PES packet is stored in this payload. In the pack header, an SCR (System Clock Reference) indicating the time when the AV pack is input to the buffer in the device is set. The size of 2048 bytes of the AV pack is the same as the size of one sector in the DVD, and the AV pack is stored in each sector of the DVD at a ratio of 1: 1.
[0017]
FIG. 4 is a diagram showing packs constituting the VOBU. The first level of FIG. 4 shows the overall configuration of the VOBU. As shown in the first row, there is an RDI (Realtime Data Information) -Pack at the head of the VOBU, followed by an AV pack sequence.
The second row in FIG. 4 shows the internal configuration of the RDI-Pack and AV pack train. RDI-Pack includes `` CCI (Copy Control Information) '' and `` Manufacture Information '', and AV pack sequence includes `` PSC (PES Scrambling Control) '' and `` Time-varying coefficient Dtkc '' in the top pack, Encrypted AV data ”follows.
[0018]
“CCI” is control information that defines whether copying is permitted or not in VOBU.
“Manufacture Information” is information about the device that wrote the VOBU on the DVD, and contains the code Dveri inside.
The above is the internal configuration of the RDI-Pack. Next, the internal configuration of the AV pack row will be described.
[0019]
The “AV pack sequence” includes a plurality of video packs and a plurality of audio packs, and includes GOP and audio data. From the viewpoint of encryption, the AV pack sequence is divided into a plaintext that occupies the head and a ciphertext.
In plain text, “PES Scrambling Control (PSC)” exists, and a time-varying coefficient Dtkc exists at the 84th byte position from the beginning. The encrypted data exists at a position offset from the time-varying coefficient Dtkc.
[0020]
“PES Scrambling Control (PSC)” is set to “11” to indicate that the audio data contained in the VOBU should be encrypted, and set to “00” to indicate that it should not be encrypted. It is a flag to show. The above is the schematic configuration of the VOBU according to the present embodiment.
“Time-varying coefficient Dtkc” is a coefficient having a time-varying factor. The time variation factor means that a part of the digital stream included in the digital stream varies depending on where on the playback time axis of the digital stream. In the present embodiment, 8-byte data that is 84 bytes ahead from the beginning of the AV pack string is used as the time-varying coefficient Dtkc. In a normal AV pack sequence, a part of picture data generally exists 84 bytes from the beginning of the AV pack sequence. A part of this picture data can be said to be a time fluctuation factor because it is completely different where the VOB is on the VOB playback time axis.
[0021]
The “encrypted AV data” is located at a predetermined offset from the time-varying coefficient Dtkc. In this AV pack sequence, the beginning is in plain text, and at first glance, the GOP included in the AV pack sequence seems to be played. However, the size of this plaintext is about 128 bytes, which is only a small amount from the size of GOP. Therefore, even if the top part is plain text, the VOBU is not normally decrypted. Therefore, the VOBU including the encrypted data is not normally reproduced unless it is decrypted.
[0022]
Next, information indicating whether copying is permitted will be described in more detail. FIG. 5 is a diagram illustrating a configuration of the CCI according to the first embodiment. In this embodiment, the CCI includes “CGMS (Copy Generation Managing System)”, “APSTB (Analogue Protection System Trigger Bits)”, and “EPN flag”. In the current DVD-Video Recording standard, CCI consists of CGMS and APSTB. The CCI according to this embodiment is new in that an EPN flag is added.
[0023]
“CGMS” is information indicating that the VOBU is copy-free when set to “00” and indicating that the VOBU is “No More Copy” when set to “11”. “APSTB” is a 2-bit value indicating whether or not to protect analog output when the VOBU is converted to analog and output. If APSTB is “01”, it indicates that protection is performed by disturbing the AGC circuit of the VTR, and if “10”, protection is achieved by reversing the AGC disturbance and the color stripe by two lines. Show. “11” indicates that AGC is disturbed and protection is achieved by inverting the color stripes by 4 lines. If APSTB is “00”, it indicates that protection by analog output is not performed.
[0024]
The "EPN (Encrypted Plus Non-asserted) flag" is a flag used in combination with CGMS. When CGMS is set to "11", it is set to "1" on and EPN Asserted is copy free. Indicates that there is. EPN Asserted Copy-free means so-called conditional copy-free. The condition is to perform encryption when writing the digital stream to the copy destination.
[0025]
EPN Asserted Copy-free CCI setting was born from the following requests for the spread of home networks. Since devices that construct home networks with IEEE1394 are manufactured by legitimate manufacturers, it is unlikely that duplication that distributes digital streams to an unspecified number of people is possible. However, when a removable media such as a DVD is selected as the digital stream copy destination instead of the HD built in the device, a loophole is created in which the DVD is taken out of the home network and loaded into an unauthorized computer (arrow in Fig. 1). my1, my2). In such a case, if the digital stream is distributed to an unspecified number of times, the profits of the author will be greatly impaired. Therefore, in this embodiment, a new copy permission / prohibition setting called EPN Asserted copy free is introduced. In EPN Asserted copy-free, a digital stream in MPEG2-TS format is transferred to another device on condition that encryption is performed when the digital stream is written to the copy destination. As long as the conditions for EPN Asserted copy-free are satisfied, grandchild copy and great-grandchild copy are allowed, and free private copies for many generations are possible on the home network. As long as the conditional copy-free condition is satisfied, copies for generations are allowed on the home network, increasing convenience for the user. Copy-free in EPN Asserted copy-free is a copy-free with encryption restriction because it imposes restrictions on encryption for private copies.
[0026]
EPN Asserted Copy-free is allowed to copy freely if it is encrypted. However, the strict identity of the encryption method such as the encryption algorithm and data structure is not required, and the copy source encryption method and the copy destination encryption method may be different. For example, if the copy destination is a recording medium different from the DVD and there is an encryption method unique to the copy destination medium, the condition is satisfied as long as the encryption is performed by the encryption method.
[0027]
As long as the condition of encryption is satisfied, the compression encoding method at the copy destination may be different from the compression encoding method at the copy source. For example, if the recording medium of the copy source is a DVD and the digital stream that is the copy object is in the MPEG2-PS format, the MPEG2-PS format is converted to the MPEG2-TS format if the encryption condition is satisfied. Writing to the copy destination above is also acceptable. Similarly, conversion to MPEG1 and MPEG4 format and writing are also acceptable. However, since the condition of encryption is an indispensable and minimum condition, there is no copyright protection, and a digital stream cannot be written on a recording medium that is not obligated to encrypt. Recording media without such obligation include a microdrive and a compact flash (registered trademark).
[0028]
On the other hand, there are SD memory cards and Blu-ray Discs as well as DVDs as recording media for which copyright protection exists and encryption is obligatory. EPN Asserted Copy-free exception is not writing to removable media such as DVD, but writing to a built-in recording medium (built-in HD). This HD does not necessarily require encryption. This is because such a built-in recording medium is difficult to remove and take away from the device.
[0029]
The above is the technical significance of EPN Asserted copy-free as indicated by the EPN flag. Next, how to combine the CGMS and the EPN flag will be described with reference to FIG. FIG. 6 shows possible values of the CGMS, PSC, and EPN flags and the meaning of the CGMS, PSC, and EPN flags. When the EPN flag is set to “0”, copying permission / inhibition is set by CGMS and PSC. If CGMS is “00” and PSC is “00”, it indicates that there is no condition for copy free. If CGMS is “11” and PSC is “11”, it indicates “No More Copy”.
[0030]
On the other hand, when the EPN flag is set to “1”, it indicates that CGMS is “11”, PSC is “11”, and conditional copy free. When CCI indicates conditional copy free, setting CGMS and PSC to “11 (No More Copy)” has the following intention. The intention is that if a DVD that records this VOBU is inserted into a device that complies with the current standard that cannot support the EPN flag, this VOBU will not be copied unconditionally. Current standard-compliant devices cannot interpret the intention of the EPN flag and perform copy control using CGMS and PES Scrambling Control. Since CGMS is set to “No More Copy” as described above, VOBU is not copied at all. When a DVD is loaded on a current device that does not support the EPN flag, copying is completely prohibited, and copying is handled more strictly, thus preventing the overflow of duplicates that are set to conditional copy-free. This is the same when tampering is performed to remove the EPN flag from the CCI.
[0031]
Next, the encryption process of the encrypted AV data will be described. FIG. 7 is a diagram showing what kind of encryption process the encrypted AV data is generated through. AV data is encrypted based on CPRM (Copy Protection for Recordable Media), which is compatible with the current DVD-Video Recording standard. The first level in FIG. 7 shows the VOBU before encryption. In this first level, the AV data is not encrypted. The third level shows the VOBU after encryption. The middle frame hw1 in the middle shows the process of encrypting AV data. As indicated by the frame hw1, the encrypted AV data is obtained by encrypting the original video pack and audio pack in the C2-ECBC mode using the content key Kc.
[0032]
Encryption in the C2_ECBC mode is to divide AV data in VOBU into 64 bits or less, and encrypt each divided part. When encrypting each divided part, the content key Kc is used for encrypting the leading divided part. The encryption result is used for encryption of the next divided part. This C2_ECBC mode repeats the process of encrypting the next divided portion using a certain encryption. Note that a mode in which decoding is performed by following the reverse procedure is referred to as a C2_DCBC mode. Further, “C2” in C2_ECBC means an encryption method based on CPRM.
[0033]
A frame hw2 in the figure is a diagram showing a generation process of the content key Kc. The content key Kc is obtained by adding the APSTB in the RDI-Pack and the title key Kt unique to the recording medium, and using the addition result to perform C2_G conversion on the time-varying coefficient Dtkc. Hw3 in the figure emphasizes that only APSTB in CCI is referenced.
In the content key Kc generation process, the C2-G conversion is a one-way function, and performs irreversible conversion on the concatenated data. While general encryption is a reversible conversion, the C2-G conversion is an irreversible conversion, and therefore has the property that an input value cannot be specified from an output value. Since the time-varying coefficient Dtkc existing in the same VOBU is used as the parameter for generating the content key Kc, the content key Kc for the VOBU can be obtained even if the preceding and succeeding VOBUs are deleted. Since the time-varying coefficient Dtkc has a time-varying factor, the content key Kc obtained from the time-varying coefficient has a property of changing for each VOBU.
[0034]
The problem in this encryption process is that the content key Kc is generated not only from the entire CCI but from the APSTB alone.
The reason is as follows. Conventional DVD copy permission / rejection states have only two states: copy prohibition after encryption and copy free without encryption. It meant “encrypted, equal copy prohibited”, so if it was encrypted, the copyright holder would be adequately protected, and if it was wary of even tampering with rewriting APSTB Was good. In other words, even if copying is prohibited, reproduction output is possible, and there is a possibility that the reproduced analog video signal is recorded in the VTR. Therefore, when APSTB is set so that the analog video output is protected, a content key Kc is generated from APSTB, and encryption is performed using the content key Kc. As a result, it is possible to prevent dubbing by falsifying APSTB and recording an analog video signal with a VTR.
[0035]
However, in this embodiment, a new state of “copy free on condition of encryption” is introduced. If CGMS originally set to copy prohibition is tampered with conditional copy-free, it can be freely copied because it can be decrypted as long as the APSTB matches. The same applies if the CCI including CGMS indicating copy prohibition is replaced with an RDI-Pack including CCI indicating conditional copy-free.
[0036]
Therefore, the code Dveri is provided. The code Dveri is present in Manufacture Information in the RDI-Pack shown in FIG. FIG. 8 shows the process through which this code Dveri is generated. FIG. 8 shows the generation process of the code Dveri in the same notation as FIG. The first level in FIG. 8 shows the VOBU before encryption. The fourth level shows the VOBU after encryption. The second frame hw1 indicates the AV data encryption process.
[0037]
The code Dveri generation process is shown in the third level between the encrypted VOBU and the AV data encryption process. As shown in the third level, the code Dveri is obtained by performing C2-G conversion on the CCI using the content key Kc.
A frame cw1 in FIG. 8 shows a process until the code Dveri is obtained. As shown in the box, the code Dveri is a process pc1 in which the entire CCI with CGMS set to “11” and EPN flag set to “1” is stored in the register and waits for generation of the content key Kc, the generated content key Kc The process of C2-G conversion of the entire CCI stored in the register using pc2, the conversion result of the C2-G conversion is written back to the register (pc3), and the CPU writes to the Manufacturing Information of the RDI-Pack (pc4) The process consists of obtaining the code Dveri.
[0038]
Since the code Dveri is generated in this process, the following can be said.
It generates the code Dveri from the CCI and the content key Kc used to encrypt the AV data, so the device corresponding to EPN Asserted copy-free generates the code Dveri by the procedure shown in the figure, By comparing with the code Dveri existing in the RDI-Pack, it is possible to detect the presence or absence of CCI falsification or RDI-Pack replacement. In other words, after the VOBU is generated, the CCI is falsified. Suppose that the user commands an EPN compatible device to copy the VOBU. At that time, the EPN-compatible device generates the content key Kc through the same process as in FIG. 8, uses this content key Kc, converts the CCI to C2-G, and collates the result with the code Dveri in the RDI-Pack. To do. Since the CGMS and EPN flags in CCI are rewritten, the result of C2-G conversion by the EPN compatible device is significantly different from the code Dveri in the RDI-Pack.
[0039]
If the verification result is clearly different, the EPN compatible device interrupts the decoding. This makes it possible to prevent RDI-Pack replacement and CCI tampering with EPN compatible devices while ensuring compatibility with current DVD-Video Recording standard compatible devices.
The provision of the code Dveri in the RDI-Pack has a deep causal relationship with the offset (see FIG. 4) from the time-varying coefficient Dtkc to the AV data.
[0040]
FIG. 9 is a diagram showing on what basis the offset from the time-varying coefficient Dtkc to the AV data is provided. The offset is determined based on the sum of the time required to obtain the content key Kc (C2_G) and the time required to obtain the code Dveri (C2_G). Since the generation timing of the content key Kc, the calculation of the code Dveri, and the encryption / decryption processing of the AV data are separated, these processes can be time-shared. Through this time division, even with a single cryptographic operation circuit, a series of processing such as generation of content key Kc, calculation of code Dveri, encryption / decryption of AV data is realized without reducing processing efficiency. can do. The offset value from the time-varying coefficient Dtkc to the encrypted data is preferably at least the minimum unit of the cipher block. In the case of the DES method or the C2 method, this cipher block is 8 bytes, so the above-described offset is preferably 8 bytes or more. The above is the form of production of the recording medium according to the present embodiment. The procedure for obtaining the unit-specific encryption key (content key Kc) from the time-varying coefficient (time-varying coefficient Dtkc), medium unique key (title key Kt), and CCI is merely an example. An operation other than such an operation may be applied, or a conversion other than the C2-G conversion may be applied.
[0041]
Subsequently, a mode of implementation of the recording apparatus according to the present invention will be described. The usage action is the same as that of the recording medium, and is used for the user in the home network. FIG. 10 is a diagram illustrating a form in which a recording device is used in a home network.
As shown in FIG. 10, the DVD recorder 100 can receive the MPEG2-TS format digital stream transmitted from the STB 110 as shown by the arrow gy1, convert it to the MPEG2-PS format, and write it to the DVD. The digital stream written to the digital TV 120 can be read out and played back on the digital TV 120. It is also possible to read the MPEG2-PS format digital stream written on the DVD, convert it to the MPEG2-TS format, and then record it on the HD recorder 130.
[0042]
When transferring on the home network, the recording device transfers the MPEG2-TS format digital stream to another device based on a protocol of DTCP (Digital Transmission Content Protection) standard. The protocol in the DTCP standard includes procedures such as mutual authentication of devices and encryption / decryption of TS packets. However, the details are not the main subject of the present application, and will be omitted. Devices that send and receive TS packets according to the DTCP standard exclude connections with devices that do not comply with copyright protection at the stage of mutual authentication. For this reason, the digital stream is not transferred to a micro drive or a compact flash (registered trademark) drive device (see the cross in the figure).
[0043]
Whether or not a digital stream can be written to a DVD or HD is specified in the DTCP_Descriptor in the DTCP standard and transmitted to other devices. FIG. 11 is a diagram illustrating an example of the DTCP_Descriptor. DTCP_Descriptor is “retention move mode” indicating whether temporary storage or movement mode of digital stream is specified, “retention state” indicating period of temporary storage, copying of MPEG2-TS format digital stream is permitted or not "CCI (Copy Control Information)" indicating whether the copy is free or "EPN flag" indicating whether the copy free is EPN Asserted, or a digital stream in MPEG2-TS format `` Image Constraint Token '' indicating that resolution is limited when playing and outputting, and `` APS '' indicating whether or not to protect with analog output when converting MPEG2-TS format digital stream to analog (Analogue Protection System) ". This DTCP_Descriptor is transmitted after the DTCP_Descriptor is stored in a TS packet. In this DTCP_Descriptor, the CCI and EPN flags are compatible with the CCI and EPN flags in the RDI-Pack. In such a home network, the recording device is used for a user.
[0044]
Next, a production act of the recording apparatus according to the present invention will be described. The recording apparatus is industrially produced based on the internal configuration diagram of FIG. Hereinafter, the internal configuration of the recording apparatus will be described. FIG. 12 is a diagram showing an internal configuration of the DVD recorder 100.
As shown in FIG. 12, the DVD recorder 100 includes a drive 1, a CPU 2, a buffer memory 3, a stream controller 4, an analog tuner 9, an analog protect detector 10, an IEEE1394 receiver 11, a digital tuner 12, a TS decoder 13, and an AV encoder. 14, a stream encryption unit 15, a stream decryption unit 16, an AV decoder 17, a TS encoder 18, and an IEEE1394 transmission unit 19.
[0045]
First, components (drive 1, buffer memory 3, stream control unit 4) used for both VOBU reading from DVD and VOBU writing to DVD will be described.
The drive 1 is loaded with a removable recording medium such as a DVD.
The CPU 2 controls the entire recording apparatus.
[0046]
The buffer memory 3 is a buffer for storing VOBU. The VOBU read from the DVD and the VOBU to be written to the HDD or DVD are temporarily stored in this buffer.
The stream control unit 4 connects the drive 1 and the HDD via an IDE I / F, and performs real-time transmission of VOBU among the drive 1, the HDD, the buffer memory 3, the stream encryption unit 15, and the stream decryption unit 16.
[0047]
FIG. 13 is a diagram illustrating an internal configuration of the stream control unit 4. As shown in FIG. 13, the stream control unit 4 includes a memory control unit 5 for reading / writing the buffer memory 3, a memory scramble unit 6 for performing scramble / descrambling for the VOBU, and a stream encryption unit 15 for reading / writing the buffer memory 3. A DMA control unit 7 that performs DMA transfer between the buffer memory 3 and between the buffer memory 3 and the stream decoding unit 16, a drive 1, and an IDE I / F unit 8 that is an I / F with the HDD.
[0048]
Next, components used when writing an MPEG2-PS format digital stream to a DVD will be described. FIG. 14 is a diagram showing components used for writing data on a DVD. In this figure, the stream control unit 4 is replaced with the internal bus of the stream control unit 4 for illustration. A VOBU written on a DVD is obtained by encoding an analog signal input to the DVD recorder 100 (1), and a multi-program MPEG2-TS format digital stream input to the DVD recorder 100 is converted. There are three types: one obtained (2) and one obtained by converting a digital stream input from IEEE1394 (3). Arrows wv1, 2, 3, and 4 in the figure indicate routes to which the digital streams (1), (2), and (3) are transferred and reach the drive 1, and an arrow wv6 indicates an analog signal input to the AV encoder 4. Indicates. An arrow wv5 in the figure indicates a route from the digital stream (2) to the AV encoder 14. An arrow wv7 in the figure indicates a route from the digital stream (3) to the AV encoder 14. The components related to these routes (analog tuner 9, analog protect detection unit 10, IEEE1394 reception unit 11, digital tuner 12, TS decoder 13, AV encoder 14, and stream encryption unit 15) will be described below.
[0049]
The analog tuner 9 receives an analog broadcast signal and obtains an analog video signal and an audio signal. These signals are output to the AV encoder 14 via the A / D converter.
The analog protect detector 10 detects copy protection information (CGMS-A) superimposed on the vertical blanking interval (VBI) of the analog broadcast signal, and analog protection signals such as macrovision and color stripes.
[0050]
The IEEE1394 receiving unit 11 receives TS packets input from other devices via IEEE1394 based on the DTCP_Descriptor and outputs them to the TS decoder 13. If the CCI in the DTCP_Descriptor indicates “No More Copy”, the IEEE1394 receiver 11 does not perform reception. An MPEG2-TS format digital stream with CCI set to “No More Copy” was originally transferred over the home network for playback on a digital TV, and this was accidentally recorded on a DVD. This is to prevent you from doing it. When receiving the TS packet, the IEEE1394 reception unit 11 passes the received DTCP_Descriptor to the AV encoder 14. This is to cause the AV encoder 14 to set the CCI and EPN flags in the RDI-Pack based on the CCI and EPN flags in the DTCP_Descriptor.
[0051]
The digital tuner 12 receives a broadcast wave and obtains a digital stream in the multiprogram TS format.
The TS decoder 13 performs demultiplexing on the multi-program TS format digital stream obtained by the digital tuner 12, and sends the video stream, audio stream, and service information time-division multiplexed to these TS packets to the AV encoder 14. Output. The reason why the service information is output is to allow the IEEE1394 receiver 11 to set the CCI and EPN flags in the RDI-Pack based on the service information. Demultiplexing by the TS decoder 13 is also performed on TS packets obtained by the IEEE1394 receiver 11. That is, the TS packet obtained by the IEEE1394 receiver 11 is demultiplexed to obtain a video stream and an audio stream and output them to the AV encoder 14.
[0052]
The AV encoder 14 compresses and encodes the video signal and the audio signal obtained by the demodulation of the tuner and digitized by the A / D converter to obtain video data and audio data of 0.4 to 1.0 seconds. Furthermore, VOBU is obtained by multiplexing these. The video stream and audio stream obtained by the digital tuner 12 and TS decoder 13 are also multiplexed to obtain a VOBU. When obtaining a VOBU, an RDI-Pack is generated by setting CCI based on the detection result of the analog protect detection unit 10, the DTCP_Descriptor from the IEEE1394 reception unit 11, and the service information from the digital tuner 12. This setting is based on CCI and service information of CGMS-A and DTCP_Descriptor.
[0053]
When the encoder obtains the VOBU, the stream encryption unit 15 uses the content key from the DVD-specific title key Kt, the CCI set in the RDI-Pack by the encoder, and the time-varying coefficient Dtkc generated by the encoder during the encoding process. Kc and code Dveri are obtained, encrypted in the C2-ECBC mode using the content key Kc, and stored in the buffer memory 3. The VOBU stored in the buffer memory 3 is written on the DVD by the drive 1.
[0054]
As long as the analog broadcast signal and the TS packet constituting the MPEG2-TS format digital stream continue to be input, the analog tuner 9 to the stream encryption unit 15 continue the above-described operation. It will be recorded in PS format.
The above are the components related to VOBU writing. Next, components related to VOBU reading will be described. There are two types of VOBU read from a DVD: one that is reproduced as video and audio by the AV decoder 17 (1), and one that is transferred from IEEE1394 to another device (2). FIG. 15 is a diagram in which the components used for reading the VOBU are extracted from the components shown in FIG. In this figure, the stream control unit 4 is replaced with the internal bus of the stream control unit 4 for illustration. Arrows rv 1, 2 in the figure indicate routes from the former and latter VOBUs read from the DVD to the stream decoding unit 16. An arrow rv3 indicates a route through which the former VOBU is reproduced by the AV decoder 17, and an arrow rv4 indicates a route through which the latter VOBU is output to another device via IEEE1394. Hereinafter, components (AV decoder 17, TS encoder 18, IEEE1394 transmission unit 19) used for data reading will be described.
[0055]
When the VOBU is reproduced from the DVD or when the VOBU is copied from the DVD to another device in the home network, the stream decoding unit 16 includes the DVD-specific title key Kt, the CCI set in the RDI-Pack by the encoder, The content key Kc and the code Dveri are obtained from the time-varying coefficient Dtkc, and the VOBU is decrypted in the C2-DCBC mode using the content key Kc.
[0056]
The AV decoder 17 performs a decompression process defined in MPEG2 on the VOBU decoded by the stream decoding unit 16 to obtain and reproduce a video signal and an audio signal.
The TS encoder 18 converts the VOBU decoded by the stream decoding unit 16 into a TS packet and outputs the TS packet to the IEEE1394 transmission unit 19.
The IEEE1394 transmission unit 19 encrypts and outputs the TS packet body obtained by the conversion of the TS encoder 18 based on the DTCP standard.
[0057]
The overall control of the recording apparatus configured as described above is performed by the CPU 2 executing the program shown in FIG. 16. Thereafter, the processing of the CPU 2 at the time of VOBU writing with reference to the flowchart of FIG. The procedure will be described.
Steps S41 to S45 in FIG. 16 are a loop process for generating a VOBU based on an input signal to the DVD recorder 100. Input signals include analog signals, digital broadcast signals, and input signals from other devices in the home network. The copy attribute means copy permission / inhibition setting indicated by CGMS-A, service information, CCI in DTCP_Descriptor, and EPN flag.
[0058]
In step S41 in the loop processing, it is monitored whether or not the detection of the copy attribute of the input signal is completed. When the detection of the copy attribute of the input signal is completed, VOBU is generated in any of step S43, step S45, and step S46.
Which of step S43, step S45, and step S46 is executed is defined by three determination steps of step S42, step S44, and step S52.
[0059]
The VOBU is obtained in step S43 when the copy attribute in the input signal from the outside of the apparatus indicates EPN Asserted copy free (Yes in step S42). In this case, a VOBU including an RDI-Pack including CCI indicating EPN Asserted copy-free and an AV pack string is obtained (step S43).
The VOBU is obtained in step S45 when the copy attribute indicates Only One Copy (Yes in step S44). In this case, Only One Copy is converted to No More Copy. After the conversion, a VOBU including an RDI-Pack including CCI indicating No More Copy and an AV pack string is obtained (step S45).
[0060]
If the copy attribute is normal copy free (YES in step S52), a VOBU including CCI indicating normal copy free is recorded (step S46). If you want to make copyright protection stricter, the copy attribute may be converted to EPN Asserted Copy Free, and VOBU including CCI indicating EPN Asserted Copy Free may be recorded. If the copy attribute indicates No More Copy, the process returns to the detection of the copy attribute in the input signal in step S41.
[0061]
If VOBU is obtained by the above procedure, the process of step S47-step S51 is performed and it returns to step S21.
In the processing from step S47 to step S51, APSTB in the VOBU RDI-Pack and the title key Kt are added (step S47), the time-varying coefficient Dtkc is C2-G converted using the addition result, and the content key Kc is converted. (Step S48), CCI is C2-G converted using the content key Kc to obtain the code Dveri and placed in the Manufacture Information in the RDI-Pack (Step S49), and the content key Kc is used in the VOBU. The AV pack string is encrypted in the C2_ECBC mode (step S50), and the encrypted VOBU on which the code Dveri is arranged is written to the DVD (step S51). By repeating this step S41 to step S51, the DVD VOBU will be written sequentially.
[0062]
Next, the processing procedure of the CPU 2 at the time of VOBU reading will be described with reference to the flowchart of FIG.
The flowchart of FIG. 17 waits for the VOBU to be stored in the buffer memory 3 (step S61). If the VOBU is stored, the processing of step S62 to step S71 is performed and the process returns to step S61. It is.
[0063]
In the processing from step S62 to step S71, the APSTB in the VOBU RDI-Pack and the title key Kt are added (step S62), and the time-varying coefficient Dtkc is C2-G converted using the addition result, and the contents After obtaining the key Kc (step S63), CCI is C2-G converted using the content key Kc to obtain the code Dveri (step S64).
[0064]
In step S65, it is determined whether the code Dveri generated in step S64 matches the code Dveri existing in the RDI-Pack. If the code Dveri does not match, a display indicating that is displayed on the front panel of the recording apparatus or the TV. The read process is forcibly terminated after output to the monitor. This is a forced measure for fraud. Instead of taking such a forced measure, more flexible responses may be taken. That is, the same processing may be repeated for subsequent VOBUs without reproducing / transmitting only the VOBU in which the mismatch of the code Dveri is detected.
[0065]
If they match, the encrypted AV pack sequence in the VOBU is decrypted in the C2-DCBC mode using the content key Kc (step S66).
Thereafter, different processing is performed depending on whether playback or transmission. If it is a reproduction process (reproduction in step S67), TS packets are extracted from the 32 EX-added TS packets, and output to the AV decoder 17 for reproduction (step S68). In the case of transmission processing, different processing is performed depending on whether the CCI in the RDI-Pack is EPN Asserted copy free, No More Copy, or normal copy free (steps S69 and S70).
[0066]
If EPN Asserted copy free (YES in step S69), VOBU is converted into a TS packet and transmitted together with DTCP_Descriptor indicating EPN Asserted copy free (step S71). If the CCI is No More Copy (YES in Step S70), the VOBU is converted into a TS packet and transmitted together with the DTCP_Descriptor indicating No More Copy (Step S72). If it is normal copy free (N0 in step S70), VOBU is converted into a TS packet and transmitted together with DTCP_Descriptor indicating normal copy free (step S73). If it is desired to treat copyright protection strictly, it may be transmitted together with DTCP_Descriptor indicating EPN Asserted copy-free in step S73.
[0067]
As described above, according to the present embodiment, the decryption of the encrypted AV data by the device conforming to the current standard is ensured, and in the case of fraudulent acts such as falsification of the CCI and replacement of the RDI-Pack, this is verified by checking with the code Dveri. Therefore, it is possible to efficiently prohibit copying on the premise of fraud.
(Second embodiment)
The first embodiment mainly focuses on preventing CCI tampering using the code Dveri, but the second embodiment discloses an improvement that can prevent CCI tampering without using the code Dveri. For this purpose, it is only necessary to generate the content key Kc straight from the entire CCI, instead of generating the content key Kc only from APSTB.
FIG. 18 is a diagram showing an encryption process when the content key Kc is generated from the entire CCI in the same notation as FIG. In this case, compatibility with current standard-compliant devices cannot be maintained, but tampering with CCI can be prevented without using code Dveri. This is because if the CCI is rewritten, the content key Kc generated by the device at the time of decryption is significantly different from the original content key Kc, and decryption cannot be performed properly.
[0068]
In this case, the code Dveri becomes unnecessary, so there is no need to wait for the generation of the code Dveri, and the offset from the time-varying coefficient Dtkc to the AV data can be shortened.
(Third embodiment)
The first embodiment and the second embodiment are in the form of writing an MPEG2-PS format digital stream on a recording medium. The third embodiment relates to an aspect of writing an MPEG2-TS format digital stream in a recording medium.
[0069]
Writing in MPEG2-TS format is convenient for writing a digital stream to HD or Blu-ray Disc.
A description will be given of how the GOP shown in the first embodiment is converted when a digital stream is written in a recording medium in the MPEG2-TS format.
FIG. 19 is a diagram detailing the structure of a digital stream recorded on a Blu-ray Disc in stages. In FIG. 19, the first to third stages are the same as those in FIG. 2, and show a picture sequence, a GOP division, and a PES packet sequence, respectively. The fourth and fifth stages are greatly different from those in FIG. The PES packet sequence storing the GOP sequence is multiplexed (tj1 in the figure) with the PES packet sequence storing the audio stream to form the MPEG2-TS format digital stream shown in the fourth row. The video stream and audio stream constituting the TV program are transferred through a transmission path such as a satellite wave, a terrestrial wave, and a wired cable in the form of the fourth stage.
[0070]
Next, the internal structure of the TS packet will be described. The configuration of the TS packet is shown in the third level of FIG. As shown in the third row of FIG. 20, the TS packet is composed of a “TS packet header” and a “payload part”, and has a size of 188 bytes. The “payload” stores a divided portion obtained by dividing the PES packet into a plurality of pieces. As indicated by arrows ct1,2,3, it is stored in the payload of the TS packet in the third stage. This completes the description of the TS packet.
[0071]
Next, how the MPEG2-TS format is written on a Blu-ray Disc will be described. FIG. 21 is a diagram showing a process through which TS packets constituting the MPEG2-TS format are written on a Blu-ray Disc. The first stage of the figure shows TS packets constituting an MPEG2-TS format digital stream.
As shown in the second row, TP_extra_header (“EX” in the figure) is added to the TS packets constituting the MPEG2-TS format digital stream.
[0072]
The third and fourth levels show the correspondence between the physical unit of the Blu-ray Disc and the TS packet. As shown in the fourth row, a plurality of sectors are formed on the Blu-ray Disc. TS packets with extra_header (hereinafter abbreviated as EX-added TS packets) are grouped every 32 and written in three sectors. A group consisting of 32 EX-attached TS packets is 6144 bytes (= 32 × 192), which matches three sector sizes of 6144 bytes (= 2048 × 3). Thirty-two EX-attached TS packets stored in three sectors are called “Aligned Units”, and when writing to a Blu-ray Disc, encryption is performed in units of Aligned Units. The sector in the fourth stage is added with an error correction code in units of 16 and constitutes an ECC block. The recording device can obtain 32 complete TS packets with EX as long as the Blu-ray Disc is accessed in units of Aligned Units.
[0073]
The above is the process of writing the MPEG2-TS format digital stream to the Blu-ray Disc. Next, the internal configuration of TP_extra_header will be described. FIG. 22A shows the internal structure of TP_extra_header.
The TP_extra_header includes “Arribval_Time_Stamp” and “copy_permission_indicator”.
[0074]
“Arribval_Time_Stamp” is a time-varying coefficient in the MPEG2-TS format digital stream. This is because Arribval_Time_Stamp has a time variation factor that varies depending on where the Aligned Unit is located on the playback time axis of the digital stream. What is used as the time-varying coefficient is the time-varying coefficient when the TS packet reaches the device. This Arribval_Time_Stamp is used to refer to time stamps such as PCR and PTS during stream reproduction. In general, PCR and PTS are set on the assumption that an MPEG2-TS format digital stream transmitted from a broadcasting station is received and reproduced in real time. However, in the accumulation and reproduction, the MPEG2-TS format digital stream is once accumulated on the Blu-ray Disc and HD and then reproduced with a considerable delay in time. In this accumulation reproduction, PCR and PTS values adjusted for real-time reproduction are wasted. Therefore, Arribval_Time_Stamp in TP_extra_header indicates the time when the TS packet reaches the recording device. Therefore, if you refer to this Arribval_Time_Stamp during playback, even if a digital stream in MPEG2-TS format is stored on a Blu-ray Disc, etc., playback timing control using PTS and PCR is the same as in real-time playback. Can be realized.
[0075]
“Copy_permission_indicator” is CCI in the MPEG2-TS format digital stream. At the time of recording on a Blu-ray Disc, information indicating whether copying is permitted is precisely set for each TS packet. The copy_permission_indicator is 2-bit information and is set to four values shown in FIG. "00" is normal copy free, "11" is "No More Copy", "01" is encrypted but unconditional copy free, "10" is EPN Asserted Each means copy free.
[0076]
Next, an encryption process for the Aligned Unit will be described. Although it takes the form of the MPEG2-TS format, the point of performing encryption using three parameters such as a time-varying coefficient, CCI, and a medium unique key (title key Kt) is the same as in the first and second embodiments. Also, the calculation is performed using two of these parameters, and the encryption key (content key Kc) for each unit is obtained from the calculation result and the remaining one parameter. It is not different from the embodiment.
[0077]
FIG. 23 is a diagram illustrating a process through which the Aligned Unit is encrypted. The first row in FIG. 23 shows the Aligned Unit before encryption. Before encryption, the 6144-byte Aligned Unit is divided into a TP_extra_header of the leading EX-added TS packet and a subsequent Dblk. Dblk means a 6136-byte (6144-8) portion excluding 8-byte TP_extra_header in the 6144-byte Aligned Unit.
[0078]
The third level shows the Aligned Unit after encryption. Since TP_extra_header of the TS packet with EX at the beginning is plain text, there is no change before and after encryption. Dblk is converted to De_blk.
The broken line dc1 in the second row shows the encryption process for Dblk. Dblk is encrypted in DES_ECBC mode using a 64-bit block key Kblk. This key Kblk corresponds to the content key Kc referred to in the first embodiment. This is because the key Kblk is also unique to the unit and varies from unit to unit.
[0079]
The encryption in the DES_ECBC mode is to divide a 6136-byte aligned unit into 64 bits or less and encrypt each divided part, and can be regarded as C2_ECBC in the first embodiment. On the other hand, a mode in which the reverse procedure is followed to perform decoding is called a DES_DCBC mode.
A frame dc2 in the figure indicates a process through which the 64-bit block key Kblk is generated. “‖” In the figure indicates a concatenation operation. This concatenation operation is one of predetermined operations, and corresponds to the addition operation performed on the title key Kt and CCI in the first embodiment. The target of this concatenation operation is a 2-bit copy_permission_indicator, a 30-bit Arribval_Time_Stamp, and a 32-bit parameter Vbkg.The block key Kblk is the concatenation operation result (64 bits) and the 128-bit recording key Krec. Used to encrypt in TDES_E mode.
[0080]
The parameter Vbkg is a common parameter included in devices that comply with copyright protection.
Krec is an encryption key corresponding to the title key Kt of the first embodiment, and is an encryption key unique to the recording medium. Krec is derived from a plurality of parameters in the Blu-ray Disc and a plurality of parameters in the device, but details thereof are omitted because they are not the main points of the present application.
[0081]
The generation of the block key Kblk in the TDES_E mode is expressed as follows:
Block key Kblk = DES_E (K1, DES_D (K2, DES_E (K1, d)))
K1 indicates the upper 64 bits of the recording key Krec, and K2 indicates the lower 64 bits of the recording key Krec.
[0082]
DES_E is encryption by ECB (Electric Codebook) mode of DES encription,
DES_D indicates decoding in the ECB (Electric Codebook) mode of DES encription.
For generation of the block key Kblk, the TDES_E mode is used in which the DES encryption is repeated three times.
[0083]
Here, if copyright protection is thoroughly enforced, the question arises that the block key should be changed not for each Aligned Unit but for each TS packet. However, when the block key Kblk is to be obtained for each TS packet, the processing load is heavy because encryption in the TDES_E mode is required for each TS packet. Therefore, in this embodiment, the block key Kblk is generated once for each Aligned Unit. Since the Aligned Unit includes 32 TS packets and is recorded in 3 sectors, the key Kblk is generated once per 3 sectors, and the processing load on the device side can be reduced.
[0084]
Next, the internal configuration of the recording apparatus according to this embodiment will be described. FIG. 24 is a diagram illustrating an internal configuration of the recording apparatus according to the third embodiment. The TS encoder 18 is connected to the output stage of the analog tuner 9 and the analog protect detection unit 10. This is because a Blu-ray Disc records a digital stream in the MPEG2-TS format, so it is sufficient to connect a TS encoder 18 to the output stage of the analog tuner 9 and the analog protect detection unit 10. The TS decoder 13 is connected to the input stage of the AV decoder 17 instead of the output stage of the IEEE1394 receiver 11 and the digital tuner 12. This is because in Blu-ray Disc, the digital stream is recorded in the MPEG2-TS format, so it is not necessary to convert the digital stream into a video stream and an audio stream. In addition, the stream encryption unit 15 and the stream decryption unit 16 are replaced with the stream encryption unit 23 and the stream decryption unit 24, and the IEEE1394 reception unit 11 and the IEEE1394 transmission unit 19 are replaced with the IEEE1394 reception unit 20 and the IEEE1394 transmission unit 25. Has been replaced. Further, a TS decoder 21 is added to the output stage of the stream control unit 4.
[0085]
Next, components used when writing an MPEG2-TS format digital stream to a Blu-ray Disc will be described. FIG. 25 is a diagram illustrating, among the internal configurations of the recording apparatus according to the third embodiment, those related to data writing (IEEE1394 reception unit 20 to stream encryption unit 23) in the same notation as FIG. Hereinafter, the IEEE1394 receiver 20 to the stream encryption unit 23 will be described.
[0086]
The IEEE1394 receiver 20 receives TS packets transferred via IEEE1394 based on DTCP. Isochronous packets are inserted everywhere in TS packets input via IEEE1394, and Arribval_Time_Stamp is generated based on the time measured by the internal clock 22 when the isochronous packet arrives. If an isochronous packet input from IEEE1394 is generated on the sender side based on Arribval_Time_Stamp, Arribval_Time_Stamp generated by the IEEE1394 receiver 11 is substantially the same as Arribval_Time_Stamp on the sender side. TP_extra_header including Arribval_Time_Stamp and copy_permission_indicator generated in this way is attached to each TS packet to obtain a TS packet with EX.
[0087]
The TS decoder 21 demultiplexes the multi-program format TS output from the digital tuner 12 to obtain a TS packet. If a TS packet is obtained, TP_extra_header is generated and attached to the TS packet. In this generation, the service information about the TV program to which the TS packet belongs is referred to, and a copy_permission_indicator in TP_extra_header is generated based on the service information. Arribval_Time_Stamp is set based on the time measured by the internal clock 22 when the TS packet reaches the device.
[0088]
When the IEEE1394 receiver 20 and the TS decoder 21 obtain an EX-attached TS packet, the stream encryption unit 23 reads a plurality of predetermined parameters from the Blu-ray Disc, and these Blu-ray Disc side parameters, A recording key Krec is obtained from a plurality of parameters stored in advance in the recording apparatus. Thereafter, every time an Aligned Unit is obtained on the buffer memory 3, a concatenation operation is performed on the copy_permission_indicator, Arribval_Time_Stamp, and parameter Vbkg of the Aligned Unit, and the 64-bit operation result is encrypted in the TDES_E mode using the recording key Krec. To do. With this encryption, a 64-bit block key Kblk is obtained. When the block key Kblk is obtained in this way, De_blk is obtained by encrypting the part other than the first TP_extra_header of the Aligned Unit. The Aligned Unit encrypted in this way is stored in the buffer memory 3 and written on the Blu-ray Disc.
[0089]
Next, components used for reading TS packets from a Blu-ray Disc will be described. FIG. 26 is a diagram showing a recording apparatus related to data reading (stream decoding unit 24, IEEE1394 transmission unit 25). Hereinafter, the stream decoding unit 24 and the IEEE1394 transmission unit 25 will be described.
The stream decoding unit 24 performs a decoding process on each Aligned Unit included in the ECC block read out to the buffer memory 3. This decryption process is a decryption process in the DES_DCBC mode using the block key Kblk unique to the Aligned Unit. The block key Kblk unique to the Aligned Unit is generated as follows. Since TP_extra_header at the head of each Aligned Unit is not encrypted, a concatenation operation is performed on copy_permission_indicator, Arribval_Time_Stamp, and parameter Vbkg in TP_extra_header to obtain a 64-bit operation result. Using the recording key Krec, this concatenation result is decrypted in the TDES_D mode, thereby obtaining Dblk of the Aligned Unit. Arrows rt5 and 6 in FIG. 26 indicate transmission routes of Aligned Units during reproduction. It can be seen that the Aligned Unit is decoded by the TS decoder 13 as indicated by arrows rt5 and 6, and decoded by the AV decoder 17 into a video signal and an audio signal. By outputting this Dblk to the IEEE1394 transmission unit 25 as indicated by arrows rt7 and 8, the Aligned Unit is transmitted to other devices in the home network.
[0090]
When the Aligned Unit is decrypted, the IEEE1394 transmission unit 25 removes TP_extra_header from each of the 32 EX-added TS packets included in the Aligned Unit, and encrypts and outputs the TS packet body based on the DTCP standard. When outputting TS packets, isochronous packets are inserted everywhere between TS packets. This insertion location is a position based on the time indicated in Arribval_Time_Stamp of TP_extra_header. With the output of the TS packet, the IEEE1394 transmission unit 25 outputs DTCP_Descriptor. DTCP_Descriptor indicates copy permission / inhibition setting in TP_extra_header.
[0091]
The overall control of the recording apparatus configured as described above is performed by the CPU 2 executing the program shown in FIG. Hereinafter, the processing procedure of the CPU 2 at the time of Aligned Unit writing will be described with reference to the flowchart of FIG.
Steps S <b> 1 to S <b> 6 in FIG. 27 are loop processing for storing the TS packet with EX in the buffer memory 3. In step S1, in this loop processing, the input of broadcast waves and TS packets from IEEE1394 is monitored. If a TS packet is input, TP_extra_header is added to the TS packet in any of step S3, step S5, and step S14.
[0092]
Which of step S3, step S5, and step S14 is executed is defined by three determination steps of step S2, step S4, and step S13.
In step S3, TP_extra_header is added when the copy attribute in the service information or DTCP_Descriptor indicates EPN Asserted copy free (YES in step S2). In this case, since the copy attribute is EPN Asserted copy free, TP_extra_header including copy_permission_indicator indicating EPN Asserted copy free is added to the TS packet (step S3).
[0093]
In step S5, TP_extra_header is added when the copy attribute in the service information and DTCP_Descriptor indicates Only One Copy (step S4). In this case, Only One Copy is converted to No More Copy. TP_extra_header including copy_permission_indicator indicating this No More Copy is added to the TS packet (step S5).
[0094]
In step S14, TP_extra_header is added when the copy attribute in the service information and DTCP_Descriptor indicates normal copy free (YES in step S13). In this case, since the copy attribute is normal copy free, TP_extra_header including copy_permission_indicator indicating normal copy free is added to the TS packet (step S14).
[0095]
When the copy attribute indicates “No More Copy”, the process returns to waiting for reception of a TS packet in step S1. This guarantees that the No More Copy TS packet will not be written to the Blu-ray Disc.
Step S6 is a step for determining whether or not 32 EX-added TS packets have been generated. If they are generated, the processing of steps S7 to S12 is performed, and the process returns to step S1. If 32 EX-added TS packets are generated, a recording key Krec is generated from a plurality of parameters in Blu-ray Disc and parameters in the recording device (step S7), and Arribval_Time_Stamp, copy_permission_indicator, and parameter Vbkg are generated. A concatenation operation is performed on the block (step S8), and the block key Kblk is obtained by encrypting the operation result in the TDES_E mode using the recording key Krec (step S9).
[0096]
If the key Kblk is obtained, the block Dblk of the Aligned Unit is encrypted in the DES_ECBC mode except for the leading TP_extra_header, and the block De_blk is obtained and stored in the buffer memory 3 (step S10). Thereafter, the processing of step S1 to step S10 is repeated until 16 aligned units are stored in the buffer memory 3 (No in step S11). If 16 Aligned Units are stored in the buffer memory 3 (Yes in step S11), error correction codes are attached to the 16 Aligned Units stored in the buffer memory 3 to obtain 3 ECC blocks. Then, three ECC blocks are written on the Blu-ray Disc (step S12). By repeating these steps S7 to S12, Aligned Units are sequentially written in the Blu-ray Disc.
[0097]
Next, the processing procedure of the CPU 2 at the time of reading Aligned Unit will be described with reference to the flowchart of FIG.
The flow chart structure shown in FIG. 28 waits for three ECC blocks to be stored in the buffer memory 3, and if stored, performs the processing from step S21 to step S32 and returns to step S21. That's it.
[0098]
The loop processing from step S22 to step S23 is to repeat the processing from step S24 to step S32 for each of a total of 16 Aligned Units included in the ECC block.
In the process repeated here, copy_permission_indicator, Arribval_Time_Stamp, and Vbkg of the Aligned Unit are concatenated (step S24), and a recording key Krec is generated from a plurality of parameters in the Blu-ray Disc and parameters in the recording device (step S25). The block key Kblk is obtained by encrypting the result of the concatenation operation in the TDES_E mode using the recording key Krec (step S26), and the block De_blk of the Aligned Unit is decrypted in the DES_DCBC mode using the block key Kblk. 32 TS packets with EX are obtained (step S27).
[0099]
Thereafter, different processing is performed depending on whether playback or transmission. If it is playback processing (playback in step S28), TS packets are extracted from the 32 EX-added TS packets, and output to the TS decoder 13-AV decoder 17 for playback (step S29).
If it is transmission processing (transmission in step S28), different processing is performed depending on whether copy_permission_indicator in TP_extra_header is EPN Asserted copy-free, No More Copy, or normal copy-free.
[0100]
If EPN Asserted copy free (YES in step S30), TS packets are extracted from 32 EX-added TS packets and transmitted together with DTCP_Descriptor indicating EPN Asserted copy free (step S31). If it is normal copy free (YES in step S33), TS packets are extracted from 32 EX-added TS packets and transmitted together with DTCP_Descriptor indicating normal copy free (step S34).
[0101]
If it is No More Copy (NO in Step S33), the TS packet is extracted from the 32 EX-added TS packets and transmitted together with the DTCP_Descriptor indicating No More Copy (Step S32). By repeating this, Aligned Units are sequentially read out.
As described above, according to this embodiment, the encryption key is generated using the parameter that changes for each Aligned Unit and the value also changes depending on the copy permission / rejection setting. While being realized, a free copy of the digital stream can be implemented in the home network.
[0102]
(Fourth embodiment)
In the first embodiment, VOBU copying is performed between devices in the home network, but in the fourth embodiment, VOBU copying is performed within one device.
FIG. 29 is a diagram illustrating an internal configuration of a recording apparatus according to the fourth embodiment. In this figure, one of the drive 1 and HDD is the copy source, and the other is the copy destination.
[0103]
The stream decryption unit 16 generates the content key Kc and the code Dveri from the copy source recording medium at the time of copying, and collates the generated code Dveri with the code Dveri existing in the RDI-Pack. If they match, the encrypted VOBU read from the copy source recording medium is decrypted.
The stream encryption unit 15 generates a content key Kc unique to the copy destination recording medium, and encrypts the VOBU on the buffer memory 3 with the content key Kc.
[0104]
FIG. 30 is a diagram showing VOBU reading from the copy source drive device.
An arrow (2-1) indicates reading from the copy source drive device to the buffer memory 3, and an arrow (2-2) indicates reading of the title key Kt by the copy source drive device. (2-3) shows VOBU decryption based on the title key Kt. (2-4) shows the output of the decryption result to the stream encryption unit 15.
[0105]
FIG. 31 shows VOBU writing to the copy destination drive device. (3-1) is the reading of the title key Kt from the copy destination recording medium by the stream encryption unit 15, and the stream encryption unit 15 generates the content key Kc from the title key Kt and encrypts the VOBU. . (3-2) indicates the writing of the encryption result to the buffer memory 3, and (3-3) indicates the writing of the encrypted VOBU to the copy destination drive device.
[0106]
As described above, according to the present embodiment, a VOBU copy as shown in the first embodiment can be realized in a hybrid recording apparatus having both HD and DVD drive apparatuses. it can.
In the fourth embodiment, the VOBU is copied in one device, but the Aligned Unit may be copied in one device.
[0107]
(Remarks)
Although it has been described based on the above embodiment, it is merely presented as an example of a system that can be expected to have the best effect in the present situation. The present invention can be modified and implemented without departing from the gist thereof. As typical modified embodiments, there are the following (A), (B), (C),...
[0108]
(A) The recording apparatus in the first to fourth embodiments is a recording apparatus of a type used by being connected to a digital television in a home network, but is a recording apparatus integrated with a liquid crystal display. There may be. In addition, the recording apparatus shown in the first embodiment includes the drive 1 and the AV decoder 17 in advance, but they may not be provided and may be connected via an IEEE1394 connector. Furthermore, in the recording apparatus of each embodiment, only a part that constitutes an essential part of the processing may be used as the recording apparatus. Since these recording apparatuses are inventions described in the present specification, any of these aspects is based on the internal configuration of the recording apparatus shown in the first to fourth embodiments. The act of manufacturing the recording device is an implementation act of the invention described in the specification of the present application. The act of transferring the recording apparatus shown in the first embodiment to the fourth embodiment for a fee or free of charge (sale if paid, or gift if free), lending or importing is also an implementation of the present invention. . The act of applying to the general user to transfer or lend them through store display, catalog solicitation, or pamphlet distribution is also an implementation of this recording device.
[0109]
(B) Since the information processing by the program shown in FIG. 16, FIG. 17, FIG. 27 and FIG. 28 is specifically realized using hardware resources, the program whose processing procedure is shown in the flowchart is as follows: Stand alone as an invention. The first to fourth embodiments have been incorporated into the recording apparatus, and the embodiments of the implementation of the program according to the present invention have been described. However, the first to fourth embodiments are separated from the recording apparatus. The single program shown in the four embodiments may be implemented. The act of implementing the program alone includes the act of producing these programs (1), the act of transferring the program for a fee (2), the act of lending (3), the act of importing (4), There is an act of offering to the public via an electronic communication line (5), an act of offering to the general user transfer or rental of the program by store display, catalog solicitation, pamphlet distribution.
[0110]
(C) The “time” element of each step executed in time series in the flowcharts of FIGS. 16, 17, 27, and 28 is considered to be an indispensable matter for specifying the invention. Then, it can be seen that the processing procedure by these flowcharts discloses the usage pattern of the recording method. If the processing of these flowcharts is performed so that the original purpose of the present invention can be achieved and the operations and effects can be achieved by performing the processing of each step in time series, the recording according to the present invention is performed. Needless to say, this is an implementation of the method.
[0111]
(D) In the first embodiment, it has been described that recording, encryption, and decryption are performed in units of VOBU. However, this is one aspect for implementing the recording apparatus according to the present invention in accordance with the DVD-Video Recording standard. Not too much. Recording may be performed in units of a plurality of VOBUs, or data units in other recording standards and corresponding to VOBUs.
(E) In the first and second embodiments, the content key Kc and the block key Kblk are generated using the medium-specific title key Kt and Krec, but the content key Kc, using the digital stream-specific encryption key, The block key Kblk may be generated. In this case, since there is no dependency on the recording medium, it is not necessary to perform decryption or encryption when reading from the recording medium or writing to the recording medium, and high-speed copying can be realized.
[0112]
(F) In the second embodiment, the content key Kc is obtained using the time-varying coefficient Dtkc existing in the same VOBU, but the time-varying coefficient Dtkc in the preceding and following VOBUs is used instead of the time-varying coefficient Dtkc. The content key Kc may be generated. In this case, if the preceding and succeeding VOBUs are deleted, the content key Kc in that VOBU can be obtained. For this reason, the consistency of the entire VOB can be maintained by using the time-varying coefficient Dtkc existing in the preceding and succeeding VOBUs.
[0113]
(G) The AV encoder 14 may encode the analog video signal and audio signal output from the VTR instead of the analog video signal and audio signal output from the analog tuner 9.
(H) In the first embodiment, the content key Kc is calculated from only the APSTB and the title key Kt. However, for compatibility with the current device, the content key Kc may be calculated from the CGMS and the title key Kt. The CCI is stored in a header called RDI-Pack or TP_extra_header. However, the CCI may be embedded in the digital stream body in the form of a digital watermark.
[0114]
【The invention's effect】
As described above, the recording medium according to the present invention is a recording medium on which a digital stream is recorded, and for each part of the digital stream, a copy indicating whether or not the part is conditional copy-free. Control information is associated, and the conditional copy-free is characterized in that it is copy-free on condition that a part of the digital stream is encrypted and written to the copy destination recording medium.
[0115]
In the recording medium, a part of the digital stream is written to the copy destination recording medium on condition that encryption is performed. That is, a part of the digital stream is freely copied as long as the condition of encryption is satisfied. This allows the user to enjoy a free private copy. Since the condition of encryption exists, an unauthorized device that cannot perform encryption / decryption is excluded from such free copy. By excluding unauthorized devices from private copies, digital streams can be prevented from being distributed to the general public.
[0116]
If importance is attached to compatibility with existing equipment, the following should be done.
That is, the copy control information includes generation management information and an extension flag. The copy control information indicates that the conditional copy is free. The generation management information is set to a value indicating that copying cannot be performed. Should be set to on (2). When the recording medium is loaded in an unsupported device that does not support the copy control information setting of “conditional copy free”, the device performs a copy operation based on the generation management information in the copy control information. Since the generation management information is set so as not to be copied, the digital stream is not copied. Since free copying with a device that does not support “conditional copy free” is prevented, flooding of duplicates of the digital stream can be prevented.
[0117]
One question arises here if we allow conditional copy with encryption. It is a question that if the digital stream copy control information that was originally encrypted for the copy prohibition setting is tampered with conditional copy free, it will be freely copied within the home network.
In order to solve this, the following may be performed.
[0118]
That is, a part of the digital stream is encrypted using a predetermined encryption key and recorded on a recording medium, and the predetermined encryption key has a value depending on whether the copy control information indicates conditional copy free. If it is an encryption key that changes, it is good (4).
A part of the digital stream is encrypted with the encryption key generated based on the copy control information. If the copy control information is altered to change the digital stream that was originally set to copy-protected to conditional copy-free, the encryption key obtained at the time of decryption is different from the encryption key used at the time of encryption. It becomes. If the encryption key is different, the digital stream cannot be decrypted. Thus, the introduction of conditional copy-free does not weaken the copyright holder protection of the digital stream.
[0119]
On the other hand, tampering cannot be detected by a device that has not generated an encryption key from copy control information. In this case, it should be as follows.
That is, a part of the digital stream is encrypted using a predetermined encryption key and recorded on a recording medium, and the part is recorded on a recording medium in association with a check code. This code is obtained by converting the copy control information using the encryption key, and the value should be changed depending on whether the copy control information indicates conditional copy free (9).
[0120]
When the encryption key is generated from the information element not related to the copy control information for compatibility with the past device, whether or not the copy control information is falsified can be detected by checking the check code. As a result, it is possible to prevent falsification of the copy control information while maintaining compatibility with past encryption methods.
[Brief description of the drawings]
FIG. 1 is a diagram showing a home network as a usage environment of a recording medium and a recording apparatus according to the present invention.
FIG. 2 is a diagram showing a process through which a VOBU is generated.
FIG. 3 is a diagram illustrating a relationship between a PES packet and an AV pack.
FIG. 4 is a diagram showing an internal configuration of a VOBU.
FIG. 5 is a diagram showing a configuration of a CCI according to the first embodiment.
FIG. 6 shows possible values of the CGMS, PSC and EPN flags and the meaning of the CGMS, PSC and EPN flags.
FIG. 7 is a diagram showing what kind of encryption process the encrypted AV data in the VOBU is generated.
FIG. 8 is a diagram showing the generation process of the code Dveri in the same notation as FIG.
FIG. 9 is a diagram showing on what basis an offset from a time-varying coefficient Dtkc to AV data is provided.
FIG. 10 is a diagram showing a home network which is a use environment of a recording medium and a recording apparatus according to the present invention.
FIG. 11 is a diagram illustrating an example of DTCP_Descriptor.
FIG. 12 is a diagram showing an internal configuration of the DVD recorder 100 according to the first embodiment.
13 is a diagram showing an internal configuration of a stream control unit 4. FIG.
FIG. 14 is a diagram in which components used for writing VOBU are extracted from the components shown in FIG.
FIG. 15 is a diagram illustrating extracted components used for VOBU reading out of the components in FIG.
FIG. 16 is a flowchart showing a processing procedure of overall control at the time of writing according to the first embodiment;
FIG. 17 is a flowchart showing a processing procedure of overall control at the time of reading in the first embodiment;
FIG. 18 is a diagram illustrating an encryption process when the content key Kc is generated from the entire CCI, in the same notation as FIG.
FIG. 19 is a diagram detailing the configuration of a partition TS recorded on a Blu-ray Disc in stages.
FIG. 20 is a diagram illustrating an internal configuration of a TS packet.
FIG. 21 is a diagram showing a process through which writing to a Blu-ray Disc is performed.
FIG. 22 is a diagram illustrating an internal configuration of TP_extra_header.
FIG. 23 is a diagram illustrating a process through which an Aligned Unit is encrypted.
FIG. 24 is a diagram illustrating an internal configuration of a recording apparatus according to a third embodiment.
FIG. 25 is a diagram illustrating extracted components used for TS packet writing out of the components shown in FIG. 24;
FIG. 26 is a diagram in which components used for reading TS packets are extracted from the components shown in FIG.
FIG. 27 is a flowchart showing a processing procedure of overall control at the time of writing according to the third embodiment;
FIG. 28 is a flowchart showing a processing procedure of overall control at the time of reading in the third embodiment.
FIG. 29 is a diagram illustrating an internal configuration of a recording apparatus according to a fourth embodiment.
FIG. 30 is a diagram illustrating Aligned Unit reading from the copy source drive apparatus.
FIG. 31 is a diagram showing Aligned Unit writing to a copy destination drive apparatus;
[Explanation of symbols]
1 drive
3 Buffer memory
4 Stream control unit
5 Memory control unit
6 Memo Risk Rumble Club
9 Analog tuner
10 Analog protect detector
11 IEEE1394 receiver
12 Digital tuner
13 TS decoder
14 AV encoder
15 Stream encryption unit
16 Stream decoding unit
17 AV decoder
18 TS encoder
19 IEEE1394 transmitter
20 IEEE1394 receiver
21 TS decoder
22 Internal clock
23 Stream encryption part
24 Stream decoding unit
25 IEEE1394 transmitter
100 DVD recorder
120 digital TV
130 HD recorder
200 remote control

Claims (22)

Determining means for determining a copy attribute of a signal input from outside the recording apparatus;
When the copy attribute indicates conditional copy free, a writing unit that writes a part of the digital stream to the recording medium in association with copy control information indicating that the conditional copy is free;
An encryption means for encrypting a part of the digital stream using a predetermined encryption key ;
Conditional copy free, on encrypted, Ri copy free der was subject to be written to the copy destination recording medium,
The writing means writes the encrypted part on the recording medium in association with a check code, and records the copy control information and the check code as a pair on the recording medium for each part. ,
The check code is a code obtained by converting the copy control information using the encryption key, the value changes depending on whether the copy control information indicates conditional copy free, and the copy code A recording apparatus used to determine whether or not unauthorized alteration of control information has occurred . The writing means includes
Even if the copy attribute showing the unconditional copy free, in association with the copy control information indicating a conditional copy free, recording of claim 1, wherein a portion of the digital stream and writes into the recording medium apparatus. The signal input from the outside of the device is a digital broadcast signal,
The copy attribute is:
Recording apparatus according to claim 1, wherein the indicated in the service information in a digital broadcast signal. The signal input from the outside of the device is a signal transmitted from another device,
The copy attribute is:
Recording apparatus according to claim 1, wherein the indicated protocol descriptor, which is transmitted from another device. The input signal from the outside of the device includes a plurality of transport packets,
The recording apparatus includes a transport decoder that converts a plurality of transport packets into an elementary stream,
The recording apparatus according to claim 3 or 4 , wherein a part of the digital stream includes a part of an elementary stream. The signal input from the outside of the device is an analog broadcast signal,
The copy attribute, recording apparatus according to claim 1, wherein the indicated information that is superimposed on the analog broadcast signal. The predetermined encryption key is
The recording apparatus according to claim 1 , wherein the recording apparatus is an encryption key whose value changes depending on whether or not the copy control information indicates conditional copy free. The copy control information includes generation management information and an extension flag,
The generation control information is set to a value indicating that copying is not possible.
Extension flag, the recording apparatus according to claim 1, characterized in that when it is set to ON. The encryption key has three parameters, the analog protection information for a part of the digital stream as the first parameter, the time-varying coefficient for the part of the digital stream as the second parameter, and the data specific to the recording medium as the third parameter. Calculated from
The analog protection information is information indicating whether or not copy restriction is applied to the analog signal when the digital stream is converted into the analog signal.
When The varying coefficient, on the playback time axis of the digital stream, the recording apparatus according to claim 1, wherein the playback time of the portion is a value that varies depending on whether there where. A portion of the encrypted digital stream is disposed on the recording medium with a predetermined offset from a time-varying coefficient,
The offset is set based on the sum of the time until the encryption key is obtained from the three parameters and the time until the copy control information is converted using the encryption key to obtain the check code. The recording apparatus according to claim 9 . A reading device for reading a digital stream from a recording medium,
A part of the digital stream is encrypted on the recording medium, and the encrypted part is written to the recording medium in association with a check code,
The check code changes depending on whether or not the copy control information indicates conditional copy free, and is used to determine whether or not the copy control information has been tampered with. The information and the check code are paired with each other and recorded on the recording medium for each part.
The reading device includes a reading unit that reads a part of the encrypted digital stream and copy control information associated with the part from the recording medium,
A determination means for determining whether or not the copy control information indicates conditional copy-free on condition that writing to the copy destination recording medium after encryption,
If the copy control information indicates conditional copy free, together with copy control information indicating conditional copy free, a transmission means for transmitting a part of the digital stream to another device based on the protocol on the transmission path;
A check code is generated (1), and the generated check code is collated with a check code recorded in a recording medium in advance (2). (3) decrypting means for decrypting a part of the digital stream read by the reading means using the encryption key of
The generation of the check code is as follows:
A reading apparatus characterized in that the copy control information is converted by using the encryption key . The reading apparatus according to claim 11 , wherein the copy control information is converted into a protocol descriptor and transmitted to another device. The reading device includes a transport encoder that converts a part of a digital stream into a plurality of transport packets,
The reading device according to claim 11, wherein the transmission means transmits a plurality of transport packets obtained by a transport encoder. The copy control information includes generation management information and an extension flag,
Transmission of the digital stream after decoding by the transmission means is as follows:
The reading apparatus according to claim 11 , wherein the reading is performed only when the generation management information is set to a value indicating that copying cannot be performed and the extension flag is set to ON. A part of the digital stream is encrypted on the recording medium,
The reading device
Using decryption means for decrypting a part of the digital stream read by the read means, using an encryption key whose value changes depending on whether the copy control information indicates conditional copy-free,
12. The reading apparatus according to claim 11, wherein the transmission means transmits a part of the decoded digital stream. The encryption key is calculated from three parameters with the analog protection information in the copy control information as the first parameter, the time-varying coefficient for a part of the digital stream as the second parameter, and the recording medium specific data as the third parameter. And
The analog protection information is information indicating whether or not copy restriction is applied to the analog signal when the digital stream is converted into the analog signal.
12. The reading apparatus according to claim 11 , wherein the time-varying coefficient is a value that varies depending on where the reproduction time of the part exists on the reproduction time axis of the digital stream. A portion of the encrypted digital stream is disposed on the recording medium with a predetermined offset from a time-varying coefficient,
The offset is set based on the sum of the time until the encryption key is obtained from the three parameters and the time until the copy control information is converted using the encryption key to obtain the check code. Item 17. The reading device according to Item 16 . A duplication device for copying a digital stream recorded on a recording medium to another recording medium,
A part of the digital stream is encrypted on the recording medium, and the encrypted part is written to the recording medium in association with a check code,
The check code changes depending on whether or not the copy control information indicates conditional copy free, and is used to determine whether or not the copy control information has been tampered with. The information and the check code are paired with each other and recorded on the recording medium for each part.
The replication device is
Reading means associated with the copy control information and reading a part of the encrypted digital stream from the copy source recording medium;
A check code is generated, and the generated check code is checked against the check code recorded in advance on the recording medium. If both check codes match, an encryption key unique to the copy source recording medium is used. Decoding means for decoding a part of the digital stream read by the reading means;
Encryption means for encrypting a part of the decrypted digital stream using an encryption key unique to the copy destination recording medium;
If the copy control information indicates conditional copy free, a writing means for writing a part of the encrypted digital stream to the copy destination recording medium in association with the copy control information,
The check code is
A duplication apparatus, wherein the copy control information is generated by converting the copy control information using the encryption key. A program,
A determination step of determining a copy attribute for a signal input from outside the apparatus;
When the copy attribute indicates copy free, a writing step for writing a part of the digital stream to the recording medium in association with copy control information indicating whether or not conditional copy free is performed, and a part of the digital stream are set to a predetermined encryption. The encryption step of encrypting with the key is performed by the computer,
Conditional copy free is
It is copy-free on condition that it is encrypted and written to the copy destination recording medium.
In the writing step, the encrypted part is written on a recording medium in association with a check code, the copy control information and the check code are recorded as a pair on the recording medium for each part,
The check code is a code obtained by converting the copy control information using the encryption key, the value changes depending on whether the copy control information indicates conditional copy free, and the copy code Used to determine whether unauthorized tampering with control information has occurred,
A program characterized by that. A program that causes a computer to perform a process of reading a digital stream from a recording medium,
A part of the digital stream is encrypted on the recording medium, and the encrypted part is written to the recording medium in association with a check code,
The check code changes depending on whether or not the copy control information indicates conditional copy free, and is used to determine whether or not the copy control information has been tampered with. The information and the check code are paired with each other and recorded on the recording medium for each part.
The program is
A step of reading out a portion of the encrypted digital stream and copy control information associated with the portion from the recording medium;
A determination step of determining whether or not the copy control information indicates conditional copy-free on condition that the data is encrypted and written to the copy destination recording medium;
If the copy control information indicates conditional copy free, a transmission step of transmitting a part of the digital stream to another device based on the protocol on the transmission path together with copy control information indicating conditional copy free;
A check code is generated (1), and the generated check code is checked against the check code recorded in the recording medium in advance (2). Decrypt a part of the digital stream read by the reading means using the encryption key (3) Let the computer perform the decryption step ,
The generation of the check code is as follows:
A program which is made by converting the copy control information using the encryption key . A recording method,
A determination step of determining a copy attribute for a signal input from outside the apparatus;
When the copy attribute indicates copy free, a writing step for writing a part of the digital stream to the recording medium in association with copy control information indicating whether or not conditional copy free is performed, and a part of the digital stream are set to a predetermined encryption. The encryption step of encrypting with the key is performed by the computer,
Conditional copy free is
On encrypted, Ri copy free der that the condition that the writing to the copy destination recording medium,
In the writing step, the encrypted part is written on a recording medium in association with a check code, the copy control information and the check code are recorded as a pair on the recording medium for each part,
The check code is a code obtained by converting the copy control information using the encryption key, the value changes depending on whether the copy control information indicates conditional copy free, and the copy code A recording method which is used to determine whether or not unauthorized alteration of control information has occurred . A reading method comprising:
A part of the digital stream is encrypted on the recording medium, and the encrypted part is written to the recording medium in association with a check code,
The check code changes depending on whether or not the copy control information indicates conditional copy free, and is used to determine whether or not the copy control information has been tampered with. The information and the check code are paired with each other and recorded on the recording medium for each part.
The reading method is:
A step of reading out a portion of the encrypted digital stream and copy control information associated with the portion from the recording medium;
A determination step of determining whether or not the copy control information indicates conditional copy-free on condition that the data is encrypted and written to the copy destination recording medium;
If the copy control information indicates conditional copy free, a transmission step of transmitting a part of the digital stream to another device based on the protocol on the transmission path together with copy control information indicating conditional copy free;
A check code is generated (1), and the generated check code is checked against the check code recorded in the recording medium in advance (2). Decrypt a part of the digital stream read by the reading means using the encryption key (3) Let the computer perform the decryption step ,
The generation of the check code is as follows:
A reading method comprising: converting the copy control information by using the encryption key .

Images