JP5031305B2 - Content receiving apparatus and content decoding program - Google Patents

Description

  The present invention relates to a content reception device and a content decryption program.

  In recent years, with the spread of digital content, digital rights management (DRM) technology has attracted attention. For example, in digital television broadcasting, broadcast waves are scrambled by Conditional Access System (hereinafter referred to as CAS (see Non-Patent Document 1, for example)), and copyright protection of content is performed. Thereby, viewer limited reception is realizable. In the future, the introduction of CAS is also being considered for digital TV broadcasting and digital radio broadcasting for mobile phones.

  In CAS, each receiver first receives an EMM (Entitlement Management Message) including a key Kw (work key) encrypted with a key Km (master key) for each receiver so that the desired content can be viewed. The included broadcast wave is received from the broadcast station (step S1 in FIG. 5). Each receiver acquires the EMM from the broadcast wave, and decrypts the key Kw with the key Km stored in the IC card of the receiver (step S2 in FIG. 5). Subsequently, each receiver receives a broadcast wave including an ECM (Entitlement Control Message) including the key Ks (scramble key) encrypted with the key Kw from the broadcast station (step S3 in FIG. 5). Each receiver acquires the ECM from the broadcast wave, and decrypts the key Ks with the previously decrypted key Kw (step S4 in FIG. 5). Each receiver receives a broadcast wave including the content from the broadcast station, and decrypts the content with the key Ks (step S5 in FIG. 5).

As a similar DRM technique, an access control method described in Non-Patent Document 2 is known. According to the technique described in Non-Patent Document 2, it is possible to realize viewer-limited reception in IPTV (Internet Protocol Television) broadcasting using a communication line.
ARIB STD-B24 STD-B25 “Marlin IPTV End-point Service Specification”, Version 1.0, The Marlin Developer Community, July 20.2006

  In the above CAS, the EMM is different information for each receiver, so the broadcaster must transmit EMMs for all subscribers using broadcast waves. In particular, when the current CAS method is applied to digital TV broadcasts / digital radio broadcasts for mobile phones as is, broadcasters will use the remaining bandwidth other than video, audio, and data broadcasts (digital TV broadcasts for mobile phones: about 320kbps Digital radio broadcasting: Up to about 960kbps) must be used to transmit EMMs for all subscribers. For this reason, there is a problem that enormous time is required for key distribution. Further, in IPTV broadcasting, efficient use of communication lines becomes a problem.

  In addition, except for the PPV (Pay Per View) method, which relies on sensitive IC cards, in the current CAS method, once an EMM containing the key Kw is acquired, the channel is updated until the EMM is updated. Will be viewable. Digital TV broadcasts / digital radio broadcasts for mobile phones are expected to be viewed for a short period of time, so it is only necessary to update EMM in a short cycle. In this case, the amount of information transmitted from broadcast stations further increases, and mobile phones It becomes an increasingly unsuitable system for digital TV broadcasting / digital radio broadcasting.

  On the other hand, in PPV, the viewer decides whether or not to view content in units of programs. The information of the viewed program is temporarily stored in a CAS card provided in the receiver, and then transmitted to the CAS center via a telephone line. The CAS center collects information on the programs that have been viewed as logs, and notifies the broadcast station of information on the programs that the viewer has viewed. The broadcasting station performs billing processing for the viewer based on the notified information. In the conventional PPV, due to disconnection of the telephone line between the receiver and the CAS center, there is a possibility that the CAS center cannot collect logs after viewing the content and the viewer is not charged.

  The present invention has been made in view of the above-described problems, and an object of the present invention is to provide a content receiving device and a content decryption program that can efficiently distribute keys. Another object of the present invention is to make it possible to charge a viewer before viewing content.

  The present invention has been made to solve the above-described problem, and receives a broadcast wave including encrypted content from a broadcast station and decrypts the content using a scramble key decrypted with a content key. In the apparatus, storage means for storing a package key from which the content key is generated, reception means for receiving a broadcast wave including a seed key associated with the content from the broadcast station, and storage means are stored. The content receiving apparatus further comprises: key generation means for generating the content key using the package key and the seed key received by the receiving means.

  The content receiving apparatus according to the present invention is a content receiving apparatus that receives data including encrypted content from a broadcasting station via a communication line, and decrypts the content using a scramble key decrypted with a content key. Stored by a storage unit that stores a package key that is a source for generating a content key, a reception unit that receives data including a seed key associated with the content from the broadcasting station via a communication line, and stored by the storage unit And a key generation unit that generates the content key using the package key and the seed key received by the reception unit.

  In the content receiver of the present invention, the key generation unit further generates another package key using the package key stored by the storage unit and the seed key received by the reception unit. The storage unit has a function of storing the package key or the package key as a source for generating the content key.

  In the content receiver of the present invention, information included in PSI / SI of a digital broadcast control signal is used as the seed key.

  In the content receiving apparatus of the present invention, the key generation unit generates the content key using the package key, the seed key, and the directed graph, so that the same content key is obtained from a plurality of different package keys. Can be generated.

  The present invention also provides a source for generating the content key in a content decryption program for causing a computer to execute a process of decrypting content encrypted by a broadcast station using a scramble key decrypted with a content key. The content using a process for storing a package key in a storage unit, a seed key associated with the content included in a broadcast wave received from the broadcast station, and the package key stored in the storage unit A content decryption program that causes a computer to execute processing for generating a key.

  A content decryption program according to the present invention generates a content key in a content decryption program for causing a computer to execute processing for decrypting content encrypted by a broadcasting station using a scramble key decrypted with a content key. A process for storing the original package key in the storage means, a seed key associated with the content included in the data received from the broadcast station via a communication line, and the package stored by the storage means A process for generating the content key using a key is executed by a computer.

  In the content decryption program of the present invention, another package key is generated using the package key stored by the storage unit and the seed key received by the reception unit, and the package key or the content is generated. It is characterized by causing a computer to execute a process of storing in a storage means as a package key from which a key is generated.

  In the content decryption program of the present invention, information included in PSI / SI of a digital broadcast control signal is used as the seed key.

  In the content decryption program of the present invention, the same content key is generated from a plurality of different package keys by causing a computer to execute a process of generating the content key using the package key, the seed key, and the directed graph. Can be generated.

According to the present invention, since the content key is generated using a common seed key between viewers that does not depend on the viewer of the content, there is a margin in the band used for broadcast wave transmission, Distribution can be performed efficiently. If the package key is charged, the viewer can be charged before viewing the content.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings. FIG. 1 shows the configuration of a digital broadcasting system according to an embodiment of the present invention. In this digital broadcasting system, in the case of digital TV broadcasting / digital radio broadcasting for mobile phones, the receiver receives EMM from the server via the mobile phone's secret communication (eg SSL), and in the case of digital broadcasting for home use. The receiver receives broadcast waves including EMM from the broadcast station. In the digital broadcasting system shown in FIG. 1, a broadcasting station 10, a key distribution server 20, and a receiver 30 are provided, and the receiver 30 receives an EMM from the key distribution server 20. The broadcast station 10 may have the function of the key distribution server 20. One broadcasting station 10, one key distribution server 20, and one receiver 30 are provided.

  The key distribution server 20 manages a package key that is a source for generating a content key for decrypting the encrypted content. This package key is a key that replaces the conventional work key. The receiver 30 communicates with the key distribution server 20 before receiving the broadcast wave including the encrypted content from the broadcast station 10, and receives the EMM including the package key via a dedicated line or via a network. Received from the key distribution server 20. The package key included in the EMM is encrypted with the key Km (master key) of the receiver 30. The receiver 30 performs decryption using Km stored in the IC card, and obtains a package key Kp. When the broadcast station 10 has the function of the key distribution server 20, the receiver 30 communicates with the broadcast station 10 and includes the package key before receiving the broadcast wave including the content from the broadcast station 10. Receive EMM.

  The broadcast station 10 transmits a broadcast wave including the encrypted content and including the key Kh (seed key) associated with the content. The receiver 30 receives the broadcast wave, extracts the key Kh, and generates a key Kc (content key) used to decrypt a scramble key for decrypting the content using the key Kp and the key Kh. The receiver 30 decrypts the content with the key Kc.

  The relationship between the keys Kp, Kh, Kc is as follows (see FIG. 3). The keys Kp and Kc form a hierarchical structure as shown in FIG. The key Kp is a key prepared in package units (program units, time units, program category units, etc.). The receiver 30 includes a package key Kpx (x = all, a, b,...) And a seed key Khx (x = a, b,...) Corresponding to the content group included in the package unit of the package key Kpx. ) And a hash function, a lower package key of the package key Kpx is generated.

  In the example of FIG. 3, the package key Kpall common to all contents contained in a predetermined package unit and the seed key Kha corresponding to the content of category A are packaged common to the content of category A using a hash function. A key Kpa is generated. Further, a package key Kpb common to the category B content is generated from the package key Kpall and the seed key Khb corresponding to the category B content using a hash function.

  In this embodiment, a message authentication code (MAC) that calculates a fixed-bit length output based on two inputs of an arbitrary length message and a key shared by the sender and the receiver is used. Thus, a lower package key is generated from the upper package key and the seed key. A method of constructing a message authentication code using a one-way hash function such as SHA-1 or MD5 is called HMAC (Hash Message Authentication Code). This HMAC includes HMAC-SHA1 and HMAC-MD5, which can be used in this embodiment.

  The receiver 30 further uses a content key used for decrypting the scramble key for decrypting the content from the package key at the bottom of the package unit and the seed key for the program unit using the hash function (the message authentication code). Kcy (y = a1, a2, ...) is generated. In the example of FIG. 3, the content of the program C using the hash function from the package key Kpa of the category A and the seed key Kha1 corresponding to the program C that is the specific content among the content group included in the category A The content key Kca1 used for decrypting the scramble key for decrypting is generated. Also, for decrypting the content of program D using a hash function from the package key Kpa of category A and the seed key Kha2 corresponding to program D that is specific content among the content group included in category A A content key Kca2 used for decrypting the scramble key is generated. The receiver 30 decrypts the content using the scramble key decrypted with the content key.

  FIG. 1 shows only the configuration related to the generation of the content key in the configuration of the receiver 30. The server communication unit 301 communicates with the key distribution server 20 and receives a package key. The received package key is stored in the key storage unit 302. The broadcast receiving unit 303 receives a broadcast wave from the broadcast station 10 and outputs a seed key included in the broadcast wave to the key generation unit 304. The key generation unit 304 reads the package key from the key storage unit 302, and generates a lower package key or content key using the message authentication code using the seed key and the package key. The key generation unit 304 stores the generated package key or content key in the key storage unit 302. As shown in FIG. 3, when the package key structure is multistage, the key generation unit 304 repeats the above operation to generate a content key.

  As described above, the broadcast station 10 may transmit a common seed key to each viewer without transmitting an EMM that includes a work key encrypted with a different master key for each viewer as in the past. . The receiver 30 can generate the content key using the package key and the seed key from the broadcasting station 10 if the EMM including the package key is acquired in advance. In this way, since the content key is generated using a seed key that is not dependent on the viewer of the content and is common to the viewers, there is a margin in the bandwidth that the broadcast station 10 uses for transmitting broadcast waves, The key can be distributed efficiently. It is particularly preferable to apply this embodiment to a digital TV broadcast / digital radio broadcast for mobile phones with a narrow band.

  Since the content key (Kca1, Kca2) and the program-specific seed key (Kha1, Kha2) are changed for each program, the receiver 30 uses the lowest package key (Kpa, Kpb) for each package and a specific program. When one content key is created from the seed keys (Kha1, Kha2), the viewer gets viewing rights for only one program. The lowest unit of the package unit may be defined according to the type of program purchase package. For example, a category identified as news, animation, education, etc. may be defined as the lowest unit of package units.

  With such a multi-stage key structure, it is possible to create a key for each charging unit according to the purchase needs of the subscriber. For example, a user who has purchased the package key Kpall in FIG. 3 can view all programs belonging to categories A and B, but a user who has purchased the category A package key Kpa cannot view programs other than category A. . Further, if the subscriber is charged when the package key is acquired before receiving the broadcast wave, it is possible to charge before viewing the content according to the key acquired by the subscriber.

  The key structure shown in FIG. 3 can be variously modified. For example, in FIG. 3, the lowest level of the package unit is a category unit, but by providing a program unit in the lower level, the multi-stage structure may be more complicated, and conversely, the package unit is only a category unit. By doing so, the multistage structure may be further simplified. In addition to providing the content key for each program, the content key may be provided for each time division unit of the program. By providing the content key in the time division unit of the program, when the viewer purchases the key from the middle of the program, it is possible to realize a viewing mode in which the fee is different from the case of purchasing the key from the beginning of the program. Different content keys may be provided depending on the viewing mode. For example, each content key may be generated from each package key for audio, video, and data broadcasting.

  Also, as shown in FIG. 4, a directed graph may be used so that the same content key can be generated from two types of package keys. In FIG. 4, it is possible to generate the same seed value (referred to as Khc) of the hash function from the category D package key Kpd and the category E package key Kpe (function of the key generation unit 304). This is realized as follows. If the result of the XOR operation of Kpd and Khc is Kd, the result of the XOR operation of Kpd and Kd is Khc. Therefore, the receiver having the package key Kpd may receive Kd as a seed key from the broadcasting station. Similarly, if the result of the XOR operation of Kpe and Khc is Ke, the result of the XOR operation of Kpe and Ke is Khc. Therefore, if the receiver having the package key Kpe receives Ke as a seed key from the broadcasting station, Good. Using this Khc and the hash function, a content key Kcd1 is generated. Thus, for example, both the category D user and the category E user can view the program F.

  As a seed key for creating a key with a hash function, it is also possible to divert an appropriate PSI / SI packet of a conventional digital broadcast control signal. For example, the program ID and time information such as evnet_id and TOT in the EIT may be used as the seed key value.

  The embodiment of the present invention has been described in detail above with reference to the drawings. However, the specific configuration is not limited to this embodiment, and includes design changes and the like without departing from the gist of the present invention. For example, the receiver according to the above embodiment records a program for realizing the operation and function on a computer-readable recording medium, and causes the computer to read and execute the program recorded on the recording medium. May be realized.

  Here, the “computer” includes a homepage providing environment (or display environment) if the WWW system is used. The “computer-readable recording medium” refers to a storage device such as a portable medium such as a flexible disk, a magneto-optical disk, a ROM, and a CD-ROM, and a hard disk built in the computer. Further, the “computer-readable recording medium” refers to a volatile memory (RAM) in a computer system that becomes a server or a client when a program is transmitted via a network such as the Internet or a communication line such as a telephone line. In addition, those holding programs for a certain period of time are also included.

  The program described above may be transmitted from a computer storing the program in a storage device or the like to another computer via a transmission medium or by a transmission wave in the transmission medium. Here, the “transmission medium” for transmitting a program refers to a medium having a function of transmitting information, such as a network (communication network) such as the Internet or a communication line (communication line) such as a telephone line. Further, the above-described program may be for realizing a part of the above-described function. Furthermore, what can implement | achieve the function mentioned above in combination with the program already recorded on the computer, what is called a difference file (difference program) may be sufficient.

  In the present invention, a stream encryption method can also be applied. In the conventional access control method (CAS) in digital broadcasting, the block encryption method is adopted as the content encryption method, so the load of the decryption process in the receiving device is heavy. In particular, this is a serious problem for digital television broadcasting for mobile terminals (commonly known as “One Seg”) in which a mobile terminal having a relatively low processing capacity is used as a receiver. Therefore, it is very effective to adopt a stream encryption method that has a lighter decryption processing load than a block encryption method. Hereinafter, an embodiment to which the stream encryption method is applied will be described.

  6 to 9 are block diagrams showing configurations of a content transmission apparatus and a content reception apparatus according to an embodiment to which the stream encryption method of the present invention is applied. 6 and 7 show the configuration of the content transmission apparatus. 8 and 9 show the configuration of the content receiving apparatus.

First, a content transmission apparatus to which a stream encryption method is applied will be described with reference to FIG. 6 and FIG.
The content transmission apparatus shown in FIG. 6 includes a stream encryption unit 111, an IV generation unit 112, and an IV packet generation unit 113.

  The stream encryption unit 111 performs stream encryption as scramble for TS (Transport Stream) packets. FIG. 10 shows the structure of a TS packet. The range of stream encryption is the payload portion of the TS packet. Content such as video and audio is stored in the payload portion. Further, when the value of transport scramble control (transport_scrambling_control) is “00”, there is no encryption, and when it is “10” or “11”, there is encryption.

  FIG. 7 is a block diagram showing the configuration of the stream encryption unit 111 shown in FIG. The stream encryption unit 111 includes a pseudo random number generator 121 and an exclusive OR calculator 122. The stream encryption unit 111 receives an initial value (Initial Vector: IV) used for initializing the stream encryption algorithm, a key used for stream encryption, and the content to be encrypted. The content to be encrypted is extracted from the payload portion of the TS packet whose transport scramble control value is “10” or “11”.

  The pseudo random number generator 121 generates a pseudo random number based on the key. The pseudo random number generator 121 is initialized with IV.

  The content data is encrypted by exclusive-ORing the pseudo-random number generated by the pseudo-random number generator 121 by the exclusive-OR calculator 122 for each bit. The encrypted content is stored in the payload portion of the original TS packet. The stream encryption unit 111 outputs a TS packet including encrypted content.

Returning to FIG.
For the IV input to the stream encryption unit 111, a seed key (Kh) associated with the content is used. The IV generation unit 112 generates a pseudo random number, concatenates the seed key (Kh) and the pseudo random number sequence, and outputs the concatenated data of the seed key (Kh) and the pseudo random number sequence as IV. Here, IV is the size of the payload portion of the TS packet (see FIG. 10). Further, since the amount of information as a seed key (Kh) used for HMAC is 20 bytes (when SHA-1 is used), the remaining 164 bytes in the 184 bytes of the payload portion are information used only for IV. . The information of 164 bytes is a pseudo-random number sequence.

  The IV packet generation unit 113 generates an IV packet that stores the IV. The IV is stored in the payload portion of the TS packet.

  The key input to the stream encryption unit 111 is a content key (Kc). The content key (Kc) is generated from the package key (Kp) and the seed key (Kh) by a hash function.

  The content transmission device transmits TS packets and IV packets including encrypted content on broadcast waves, respectively.

  The content transmitting apparatus repeatedly transmits a seed key (Kh) related to the content being broadcast. This is to prevent the content receiving apparatus from receiving the seed key (Kh) related to the content being broadcast. Also, the seed key (Kh) related to the content being broadcast is transmitted in order from the top of the hierarchical structure. For example, in the example of FIG. 3, during the broadcast of the program (C) corresponding to the content key (Kca1), the seed key (Kha, Kha1) related to the program (C) is first changed to the upper seed key (Kha). Send repeatedly in order of seed key (Kha1). The repetition interval is about 100 milliseconds to 2 seconds.

Next, a content receiving apparatus to which the stream encryption method is applied will be described with reference to FIG. 8 and FIG.
The content receiving apparatus shown in FIG. 8 is paired with the content transmitting apparatus of FIG. 6 and includes a stream encryption / decryption unit 131, an IV packet decomposition unit 132, a seed key extraction unit 133, and a content key generation unit 134. .

  The content receiving device receives TS packets and IV packets including encrypted content via broadcast waves. The package key (Kp) is stored in advance in a key storage unit (not shown) in the content receiving device. The package key (Kp) is acquired from a broadcast station or a key distribution server via a communication line. Alternatively, the recorded package key (Kp) may be read from a recording medium such as an IC card.

  The stream encryption / decryption unit 131 decrypts the stream cipher as descrambling for the TS packet. When the transport scramble control value of the TS packet is “00”, there is no encryption, and when it is “10” or “11”, there is encryption. The decryption range of the stream cipher is the payload portion of the TS packet. Encrypted content is stored in the payload portion of the encrypted TS packet.

  FIG. 9 is a block diagram showing the configuration of the stream encryption / decryption unit 131 shown in FIG. The stream encryption / decryption unit 131 has the same configuration as the stream encryption unit 111 in FIG. 7, and includes a pseudo-random number generator 121 and an exclusive OR calculator 122. The stream encryption / decryption unit 131 receives the IV used to initialize the stream encryption algorithm, the key used for decryption, and the encrypted content. The encrypted content is extracted from the payload portion of the TS packet whose transport scramble control value is “10” or “11”.

  The pseudo random number generator 121 generates a pseudo random number based on the key. The pseudo random number generator 121 is initialized with IV.

  The encrypted content data is subjected to exclusive OR for each bit of the pseudorandom number generated by the pseudorandom number generator 121 by the exclusive OR calculator 122 and decrypted. The decrypted content is stored in the payload portion of the original TS packet. The stream encryption / decryption unit 131 outputs a TS packet including the decrypted content.

Returning to FIG.
The IV packet decomposing unit 132 extracts the IV from the payload portion of the received IV packet. IV is the entire payload portion. The IV extracted from the IV packet is input to the stream encryption / decryption unit 131 and used to initialize the pseudo random number generator 121.

  The seed key extraction unit 133 extracts a seed key (Kh) from the IV extracted from the IV packet. Of IV, the seed key (Kh) is 20 bytes (when SHA-1 is used).

  The content key generation unit 134 generates a content key (Kc) by a hash function from the seed key (Kh) extracted from the IV and the package key (Kp) stored in the key storage unit. The generated content key (Kc) is input to the stream encryption / decryption unit 131 and becomes a key used for decoding the stream encryption.

  The TS packet including the decrypted content is sent to the playback device, and the content is played back.

  6 and 8 may be realized by dedicated hardware, or may be configured by a computer system and shown in FIGS. 6 and 8, respectively. The function may be realized by executing a program for realizing each function of the apparatus.

  In the above-described embodiment, a digital broadcast system using broadcast waves has been described as an example, but the present invention can be similarly applied to a digital broadcast system using a communication line. For example, the present invention can be applied to an IPTV broadcast system using an IP (Internet Protocol) network. As the DRM technology related to the IPTV broadcasting system, ““ Marlin IPTV End-point Service Specification ”, Version 1.0, The Marlin Developer Community, July 20.2006” (see Non-Patent Document 2) is known. The access control method described in Non-Patent Document 2 is similar to the CAS in FIG. 5 described above, but uses a communication line instead of the broadcast channels 1 and 2. Further, instead of the broadcast channel 3, a SAC (Security Authentication Channel) that realizes secrecy of information on a communication line is used. In the access control method described in Non-Patent Document 2, the work key (Kw) and the contract information are not encrypted, but the information concealment on the communication line is guaranteed by the SAC. By applying the present invention to such an IPTV broadcast system, it is possible to efficiently distribute keys according to the access control method and to efficiently use communication lines. Further, a stream encryption method can be easily adopted instead of the block encryption method. As a result, even in the receiver of the IPTV broadcast system, the processing load can be reduced, and a more comfortable viewing environment can be realized.

It is a block diagram which shows the structure of the receiver by one Embodiment of this invention. It is a block diagram which shows the structure of the digital broadcasting system by one Embodiment of this invention. It is a reference figure which shows the hierarchical structure of the key in one Embodiment of this invention. FIG. 5 is a reference diagram for explaining a key creation method using a directed graph in an embodiment of the present invention. It is a reference figure for demonstrating operation | movement of the conventional digital broadcasting system. It is a block diagram which shows the structure of the content transmission apparatus which concerns on other embodiment of this invention. It is a block diagram which shows the structure of the stream encryption part 111 shown in FIG. It is a block diagram which shows the structure of the content receiver which concerns on other embodiment of this invention. It is a block diagram which shows the structure of the stream encryption / decryption part 131 shown in FIG. It is a figure which shows the structure of TS packet.

Explanation of symbols

  DESCRIPTION OF SYMBOLS 10 ... Broadcasting station, 20 ... Key distribution server, 30 ... Receiver (content receiving apparatus), 301 ... Server communication part, 302 ... Key memory | storage part (memory | storage means), 303 ... Broadcast reception unit (reception unit), 304 ... key generation unit (key generation unit), 111 ... stream encryption unit, 112 ... IV generation unit, 113 ... IV packet generation unit, 131 ... stream encryption Decryption unit, 132 ... IV packet decomposition unit, 133 ... Seed key extraction unit, 134 ... Content key generation unit

Claims (10)

In a content receiving device that receives a broadcast wave including encrypted content from a broadcast station and decrypts the content using a scramble key decrypted with a content key,
Storage means for storing a package key from which the content key is generated;
Receiving means for receiving a broadcast wave including a seed key associated with the content from the broadcast station;
Key generation means for generating the content key using the package key stored by the storage means and the seed key received by the reception means;
A content receiving apparatus comprising: In a content receiving apparatus that receives data including encrypted content from a broadcasting station via a communication line and decrypts the content using a scramble key decrypted with a content key,
Storage means for storing a package key from which the content key is generated;
Receiving means for receiving data including a seed key associated with the content from the broadcasting station via a communication line;
Key generation means for generating the content key using the package key stored by the storage means and the seed key received by the reception means;
A content receiving apparatus comprising:   The key generation unit further generates another package key using the package key stored by the storage unit and the seed key received by the reception unit, and generates the package key or the content key. The content receiving apparatus according to claim 1, wherein the content receiving apparatus has a function of storing in the storage unit as a package key which is a source to be performed.   The content receiving apparatus according to claim 1 or 2, wherein information included in PSI / SI of a control signal for digital broadcasting is used as the seed key.   The key generation means can generate the same content key from a plurality of different package keys by generating the content key using the package key, the seed key, and the directed graph. The content receiving apparatus according to claim 1 or 2, wherein the content receiving apparatus is characterized in that: In a content decryption program for causing a computer to execute processing for decrypting content encrypted at a broadcast station using a scramble key decrypted with a content key,
A process for storing in a storage means a package key that is a source for generating the content key;
Processing for generating the content key using a seed key associated with the content included in the broadcast wave received from the broadcasting station and the package key stored by the storage unit;
A content decryption program for causing a computer to execute In a content decryption program for causing a computer to execute processing for decrypting content encrypted at a broadcast station using a scramble key decrypted with a content key,
A process for storing in a storage means a package key that is a source for generating the content key;
A process of generating the content key using a seed key associated with the content included in data received via a communication line from the broadcasting station and the package key stored by the storage unit;
A content decryption program for causing a computer to execute   Using the package key stored by the storage unit and the seed key received by the receiving unit as another package key, and as a package key from which the package key or the content key is generated The content decryption program according to claim 6 or 7, wherein a computer stores the processing stored in the storage unit.   8. The content decryption program according to claim 6, wherein information included in PSI / SI of a digital broadcast control signal is used as the seed key.   It is possible to generate the same content key from a plurality of different package keys by causing a computer to execute a process of generating the content key using the package key, the seed key, and a directed graph. The content decryption program according to claim 6 or 7, characterized in that

Images