JP5175494B2 - Encrypted content editing method and content management apparatus - Google Patents

Description

  The present invention relates to a method for editing encrypted content, and in particular, with respect to digitized video or music for use in information equipment, editing processing such as division, combination, deletion, and rearrangement while maintaining copyright protection. It is about how to do it.

  Hereinafter, digitized video and music are referred to as contents, and protecting them from unauthorized copying and use is referred to as content protection.

  In recent years, digital broadcasting receiving devices have been developed that allow not only viewing / storage of content but also editing while maintaining content protection. Most of hard disk drives and the like generally used as large-capacity auxiliary storage devices used in these devices use ATA specification buses.

  “7.5 User Access Bus” of ARIB TR-B14 Volume 3 Volume 8 Terrestrial Digital Television Broadcasting Content Protection Regulation 2.1 (Non-Patent Document 1) When the protection target described in Section 4 is output to the user access bus, it is encrypted with the local cipher described in Section 6.2.4 of this volume, and is equivalent to the output described in Section 4.3 of this volume. It must be output in a state where protection is being performed, or equivalent protection, and a user access bus that requires protection is a digital connection interface bus that allows users to easily retrieve signals. For example, it means a PCI bus, an IDE bus, a SCSI bus, a PCMCIA interface bus, etc. using a standard connector whose specifications are publicly disclosed. And has the content data flowing on the data bus using the published standard connectors is defined as must be encrypted.

An ATA specification bus or the like often uses a standard connector and corresponds to the above-mentioned “user access bus requiring protection”, and content data flowing on the bus must be encrypted. Therefore, in most cases, when content that requires copyright protection is stored in a large-capacity auxiliary storage device, the content data must be encrypted.
ARIB TR-B14 Volume 3 Volume 8 Terrestrial Digital Television Broadcasting Content Protection Regulation 2.1

  However, in order to edit protected encrypted content, a lot of calculation processing is required for decrypting and re-encrypting the content. In addition, if the amount of editing processing / time is large, the probability that a problem will occur during that time increases, and the possibility that the content cannot be used increases. For example, if an inconvenience that cannot be continued such as a power interruption occurs during the editing process, the content may not be used again.

  SUMMARY OF THE INVENTION An object of the present invention is to provide an encrypted content editing method capable of performing high-speed editing while maintaining content protection.

  The above and other objects and novel features of the present invention will be apparent from the description of this specification and the accompanying drawings.

  Of the inventions disclosed in the present application, the outline of typical ones will be briefly described as follows.

  In the encrypted content editing method according to the present invention, content is encrypted and stored in a first storage device, and target data for preventing the content from being replaced or tampered with in a second storage device that has been subjected to access control. Is an encrypted content editing method in an information device that protects the content by storing and managing it as content usage data, and the information device encrypts the content at random when decrypting the content. And editing processing by dividing, combining, deleting, and rearranging the content is performed without re-encrypting the content and the content usage data.

  Among the inventions disclosed in the present application, effects obtained by typical ones will be briefly described as follows.

  According to the encrypted content editing method of the present invention, the encrypted content and the target data for preventing replacement or alteration of the content are directly edited without re-encrypting, or a playlist is created. Therefore, editing of protected encrypted content can be performed at high speed while maintaining protection.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings. Note that components having the same function are denoted by the same reference symbols throughout the drawings for describing the embodiment, and the repetitive description thereof will be omitted.

<Embodiment 1>
The content protection system according to the first embodiment of the present invention will be described below with reference to FIGS. In the content protection system of the present embodiment, there are roughly two methods for managing encrypted content: a method that does not use a message authentication value and a method that uses a message authentication value.

  FIG. 1 is a diagram illustrating an example of a configuration of a content protection system that does not use a message authentication value. The content protection system is configured on an information device such as a computer or AV device that processes digitized video and music, and includes two storage devices (a large-capacity storage device 110 and a secure storage device 120) and content-related data 111. The content-related data processing unit 130 is used while protecting the content.

  As a first storage device, there is a mass storage device 110 that stores and stores content-related data 111 such as encrypted content. The mass storage device 110 has a generally disclosed and standardized specification, and can easily read the stored contents. In such a storage device, even if the content is encrypted and stored, if the mass storage device 110 is returned to the state before use after the content is used, the content can be used again illegally. In order to prevent this, the content usage data 121 is stored in the secure storage device 120 as the second storage device. Although details will be described later, the content usage data 121 needs to be indispensable information at the time of content usage / editing in order to prevent content replacement and falsification.

  The content-related data processing unit 130 performs access control 150 on the secure storage device 120 according to non-public hardware or software protocol. Accordingly, the content usage data 121 can be accessed by the content usage data storage control 141, the content usage data read control 142, and the content usage data deletion control 143.

  At the time of content registration, the content usage processing unit 131 of the content related data processing unit 130 stores the content usage data 121 in the secure storage device 120 by the content usage data storage control 141.

  When the content is used, the content usage processing unit 131 of the content related data processing unit 130 acquires the content usage data 121 in the secure storage device 120 by the content usage data read control 142. Using the acquired content usage data 121, the content usage processing unit 131 uses the content. A specific example of the content usage data 121 will be described later. It should be noted that information can be added to the content usage data 121 to enable more detailed determination as to whether or not the content can be used. For example, it is possible to add information such as availability of each content part, available date / time limit / usable number of times / usable time / number of times of copying.

  When the content is deleted, the content usage processing unit 131 of the content related data processing unit 130 deletes the content usage data 121 in the secure storage device 120 by the content usage data deletion control 143. Here, the content-related data processing unit 130 is implemented by tamper-resistant hardware or software, a tamper-proof mounted program, non-public specification hardware or program, and the like, and the content-related data processing unit 130 and the secure storage device It is implemented so that the access control 150 between 120 cannot be easily analyzed. As a result, unauthorized devices and programs can be prevented from using content illegally.

  FIG. 2 is a diagram illustrating an example of a configuration of a content protection system using a message authentication value. In the content protection system of FIG. 2, in the configuration of the content protection system of FIG. 1, the content usage data 121 is stored in the mass storage device 110 instead of the secure storage device 120, and the message authentication value 123 of the content usage data 112 is stored securely. It is stored in the device 120.

  Here, as in the content protection system of FIG. 1, the access control 150 is performed on the secure storage device 120 according to non-public hardware or software protocols. As a result, the message authentication value 123 can be accessed by the message authentication value storage control 144, the message authentication value read control 145, and the message authentication value deletion control 146.

  At the time of content registration, the message authentication value calculation unit 132 of the content related data processing unit 130 calculates the message authentication value 123 of the content usage data 112 stored in the mass storage device 110, and the message authentication value storage control 144 Store in the secure storage device 120.

  When using content, the message authentication value calculation unit 132 of the content related data processing unit 130 calculates the message authentication value of the content use data 112 stored in the mass storage device 110 and sends it to the comparison unit 133. Further, the message authentication value reading control 145 causes the comparison unit 133 to acquire the message authentication value 123 stored in the secure storage device 120. Only when the message authentication value calculated by the message authentication value calculation unit 132 matches the value of the message authentication value 123 stored in the secure storage device 120, the content using the content usage data 112 by the content usage processing unit 131 Can be used.

  At this time, as described above, the content usage data 112 needs to be information indispensable when using or editing the corresponding content. A specific example of the content usage data 112 will be described later. In addition, the content usage data 112 can be added with information to make a more detailed determination as to whether or not the content can be used.

  At the time of content deletion, the content use processing unit 131 of the content related data processing unit 130 deletes the message authentication value 123 in the secure storage device 120 by the message authentication value deletion control 146.

  In the content protection system of FIG. 2 as well, the content-related data processing unit 130 is implemented with tamper-resistant hardware and software, a tamper-resistant program, non-public specification hardware and programs, and the like. The access control 150 between the unit 130 and the secure storage device 120 is implemented so that it cannot be easily analyzed. As a result, unauthorized devices and programs can be prevented from using content illegally.

  When the size of the content usage data 112 and 121 is large, the content protection system using the message authentication value of FIG. 2 has the storage capacity of the secure storage device 120 than the content protection system of FIG. 1 that does not use the message authentication value. Can be small. As for the message authentication value 123, information can be added in the same manner as the content usage data 121 in FIG.

  As in the secure storage device 120, a part or all of the mass storage device 110 in the content protection system of FIGS. 1 and 2 can read, store, and delete data for the first time by access control using non-public hardware or software protocols. It may be a secure storage device that becomes possible.

  Next, a content registration process procedure will be described. FIG. 3 is a flowchart showing a content registration processing procedure. When the process is started at the start of the content registration process (step 301), the content related data processing unit 130 encrypts the content at the content storage process (step 302) and stores it in a large capacity as the content related data 111 together with other content attribute data. Accumulate in device 110.

  In the content usage data creation process (step 303), the content usage processing unit 131 first creates the content usage data 112 or 121. In the case of a content protection system using a message authentication value, the created content usage data 112 is also stored in the mass storage device 110 as content related data 111. The content related data 111 is read by the content related data processing unit 130, the content usage data 112 in the content related data 111 is sent to the message authentication value calculation unit 132 by the content usage processing unit 131, and the message authentication value 123 is set. Calculated.

  In the content usage data or content authentication data message authentication value storage processing (step 304), in the case of a content protection system that does not use a message authentication value, the created content usage data 121 is stored in the secure storage device 120 by the content usage data storage control 141. Store.

  In the case of a content protection system using a message authentication value, the calculated message authentication value 123 is stored in the secure storage device 120 by the message authentication value storage control 144. At this time, the secure storage device 120 can be accessed for the first time by the access control 150 using non-public hardware or software protocol. Thereafter, the process ends at the end of the content registration process (step 305).

  Next, a content use / deletion processing procedure will be described. FIG. 4 is a flowchart showing a content use / deletion processing procedure. When processing is started at the start of content use / deletion processing (step 401), the following processing is performed in the case of a content protection system that does not use a message authentication value.

  First, in the calculated / stored message authentication value comparison process (step 402), the process unconditionally proceeds to the content availability confirmation process (step 403). In the content availability confirmation process (step 403), it is determined whether to “delete” the content, or “continue” or “last use” based on the content usage. For example, if the usage content of the content is reproduction, it is determined that the usage is “continued” even after the content usage. Further, if the usage of the content is moved to another removable medium, it is determined as “last usage”.

  If it is determined that the use of the content is “continuation” in the content use permission confirmation process (step 403), the content use process (step 404) is executed. When it is determined that the content usage is “last usage” in the content availability confirmation processing (step 403), the content usage processing (step 405) is executed, and then the content usage or message authentication value deletion processing (step 406). Execute. When it is determined that the use of the content is “deletion” in the content use permission confirmation process (step 403), the content use data or message authentication value deletion process (step 407) is executed.

  In the content use processing (step 404, step 405), content reproduction / movement is executed. In the content usage data or message authentication value deletion process (steps 406 and 407), the content usage data 121 in the secure storage device 120 is deleted by the content usage data deletion control 143. At this time, the content usage data 121 can be accessed for the first time by the access control 150 using non-public hardware or software protocol.

  Thereafter, the processing ends at the end of content use / deletion processing (step 408). Note that, when it is determined that “last use” in the content use permission confirmation process (step 403), the content use data 121 corresponding to the portion used in the content is sequentially deleted in the content use process (step 405). It can also be implemented.

  Content use / deletion processing in the case of a content protection system using a message authentication value is as follows. First, in the calculated / stored message authentication value comparison process (step 402), the content usage data 112 in the content related data 111 accumulated in the mass storage device 110 is acquired. A message authentication value is calculated from the content usage data 112 by the message authentication value calculation unit 132 and sent to the comparison unit 133. Separately, the message authentication value reading control 145 causes the comparison unit 133 to acquire the message authentication value 123 stored in the secure storage device 120.

  Further, the comparison unit 133 compares the calculated message authentication value with the message authentication value 123 read from the secure storage device 120. Here, the access to the message authentication value 123 is enabled only by the access control 150 using non-public hardware or software protocol. As a result of the comparison by the comparison unit 133, if the values do not match, the content is not used and the processing ends at the end of the content usage / deletion processing (step 408).

  If the values match as a result of the comparison by the comparison unit 133, a content availability confirmation process (step 403) is performed. The content use permission confirmation processing (step 403), content use processing (step 404, step 405), and content use / deletion processing end (step 408) are the same as in the case of the content protection system that does not use the message authentication value. It will be the same.

  In the content usage data or message authentication value deletion process (steps 406 and 407), the message authentication value 123 in the secure storage device 120 is deleted by the message authentication value deletion control 146. Note that it is also possible to implement such that the message authentication value 123 is deleted before the content usage process (step 405) when it is determined as “last usage” in the content usage permission confirmation process (step 403).

  Next, a method for editing encrypted content will be described with reference to FIGS. In FIG. 5 and subsequent figures, a series of data represented by a series of rectangles connected to the message authentication value calculation unit 132 indicates content usage data.

  When the message authentication value calculation unit 132 is not shown in the figure, it is clearly indicated that the content usage data is stored in the secure storage device 120 as a data block represented by a series of rectangles. A block of data represented by a series of rectangles other than the content usage data may exist in the mass storage device 110 as the content related data 111.

  In the case of a content protection system using a message authentication value, it indicates that the content usage data is actually connected to the message authentication value calculation unit 132 and may exist in the mass storage device 110. The message authentication value 123 is always stored in the secure storage device 120. In the case of a content protection system that does not use a message authentication value, the content usage data is not actually connected even if the message authentication value calculation unit 132 exists, and the content usage data should be stored in the secure storage device 120 at a minimum. It is data.

  First, an example of a conventional encrypted content editing method will be described with reference to FIG. The content protection system that does not use the message authentication value is as follows. There is encrypted content 501 and content usage data 502, and the encrypted content 501 is stored in the mass storage device 110. The content usage data 502 is stored in the secure storage device 120. The content usage data 502 is read by the content usage data read control 142 and the encrypted content 501 is decrypted 508. Next, the content usage data 502 is deleted 509.

  The decrypted plaintext content 503 is subjected to editing 510 such as division / combination / deletion / reordering by a human operation or automatic / semi-automatic operation to become an edited plaintext content 504. Re-encryption and content usage data creation 511 are performed on the edited plaintext content 504. At this time, the encrypted content 501, the plaintext content 503, and the edited plaintext content 504 are deleted 512.

  The created edited re-encrypted content 505 is accumulated in the large-capacity storage device 110, and the corresponding content usage data 506 is stored in the secure storage device 120 by the content usage data storage control 141. When the edited plaintext content 504 is divided into a plurality of pieces by the editing 510, the edited re-encrypted content 505 and the content usage data 506 for each edited plaintext content 504 are created, stored, and stored, respectively.

  The content protection system using the message authentication value is as follows. There is encrypted content 501 and content usage data 502, both of which are stored in the mass storage device 110. The message authentication value 123 calculated by the message authentication value calculation unit 132 for the content usage data 502 is stored in the secure storage device 120 in advance.

  When starting editing, it is determined whether or not the content can be used. First, the message authentication value calculation unit 132 calculates a message authentication value from the content usage data 502 and sends it to the comparison unit 133. On the other hand, the stored message authentication value 507 is also acquired by the comparison unit 133, and the result of matching / mismatching of both values is sent to the content use permission control unit 134 in the content use processing unit 131. The content availability control unit 134 controls whether to perform editing processing based on the result of the comparison unit 133.

  If it is determined that the editing process is to be performed, the message authentication value 507 corresponding to the encrypted content 501 is deleted by the message authentication value deletion control 146, and the encrypted content 501 is decrypted 508 using the content usage data 502. The decrypted plaintext content 503 is subjected to editing 510 such as division / combination / deletion / reordering by a human operation or automatic / semi-automatic operation to become an edited plaintext content 504. Re-encryption and content usage data creation 511 are performed on the edited plaintext content 504. At this time, the encrypted content 501, the plaintext content 503, and the edited plaintext content 504 are deleted 512.

  The created edited re-encrypted content 505 and the corresponding content usage data 506 are stored in the mass storage device 110. Further, the message authentication value calculation unit 132 calculates the message authentication value 513 of the created content usage data 506, and the calculated message authentication value 513 is used as the message authentication value 513 for the edited re-encrypted content 505. It is stored in the secure storage device 120 by the authentication value storage control 144. When the edited plaintext content 504 is divided into a plurality of pieces by the edit 510, the edited re-encrypted content 505, the content usage data 506, and the corresponding message authentication value 513 for each edited plaintext content 504 are created, stored, and stored, respectively. Calculated and stored.

  Next, a conventional encrypted content editing process procedure will be described with reference to FIG. FIG. 6 is a flowchart showing a conventional encrypted content editing process procedure. When the process is started at the start of the encrypted content editing process (step 601), the following process is performed in the case of a content protection system that does not use a message authentication value.

  The calculated / stored message authentication value comparison process (step 602) and the message authentication value deletion process (step 603) are skipped. In the encrypted content decryption and content usage data deletion process (step 604), first, the content usage data read control 142 reads the content usage data 502 stored in the secure storage device 120. Next, the encrypted content 501 is decrypted 508 using the read content usage data 502 to create plaintext content 503. Thereafter, the content usage data 502 is deleted 509.

  In the plaintext content editing process (step 605), editing 510 such as division, combination, deletion, and rearrangement is performed by a human operation or automatic / semi-automatic operation, and an edited plaintext content 504 is created. In the content re-encryption and content usage data creation process (step 606), the edited plaintext content 504 is re-encrypted and content usage data creation 511, and the content usage data 506 corresponding to the edited re-encrypted content 505 is stored. create.

  In the encrypted content, plaintext content, and edited plaintext content deletion process (step 607), the encrypted content 501 to be edited, the content usage data 502, and the plaintext content 503 decrypted for editing are deleted 512. In the content usage data or message authentication value storage processing (step 608), the created content usage data 506 is stored in the secure storage device 120 by the content usage data storage control 141. Finally, the process ends at the end of the encrypted content editing process (step 609).

  In the plaintext content editing process (step 605), when the edited plaintext content 504 is divided into a plurality of parts, the content re-encryption and content usage data creation process (step 606), encrypted content, plaintext content, and edited In the case where the edited re-encrypted content 505 and the content usage data 506 for each edited plaintext content 504 are not divided in the plaintext content deletion processing (step 607) and the content usage data or message authentication value storage processing (step 608). Created, deleted, stored, and stored in the same way as

  The conventional encrypted content editing process procedure in the case of a content protection system using a message authentication value is as follows. In the calculated / stored message authentication value comparison process (step 602), the same process as the calculated / stored message authentication value comparison process (step 402) described with reference to FIG. When there are a plurality of editing target contents, the process is performed for each editing target content.

  If even one message authentication value does not match as a result of the comparison by the comparison unit 133, the content is not used and the process is terminated at the end of the encrypted content editing process (step 609). As a result of the comparison by the comparison unit 133, if all the message authentication values match, a message authentication value deletion process (step 603) is performed.

  In the message authentication value deletion process (step 603), the message authentication value 123 for the encrypted content 501 to be edited is deleted by the message authentication value deletion control 146. As a result, after the editing process, the encrypted content 501 before editing cannot be used. In the encrypted content decryption and content usage data deletion process (step 604), the encrypted content 501 is decrypted 508 using the content usage data 502 in the mass storage device 110, and the plaintext content 503 is created.

  For the plaintext content editing process (step 605), the content re-encryption and content usage data creation process (step 606), the encrypted content, the plaintext content, and the edited plaintext content deletion process (step 607), the message authentication value described above is used. Since it is the same as that of a content protection system that is not used, the description thereof is omitted.

  In the content usage data or message authentication value storage process (step 608), the message authentication value 513 of the content usage data 506 is calculated by the message authentication value calculation unit 132, and the calculated message authentication value 513 is re-encrypted after editing. The message authentication value storage control 144 stores the message authentication value 513 for the content 505 in the secure storage device 120. Finally, the process ends at the end of the encrypted content editing process (step 609).

  In the plaintext content editing process (step 605), when the edited plaintext content 504 is divided into a plurality of parts, the content re-encryption and content usage data creation process (step 606), encrypted content, plaintext content, and edited In the plaintext content deletion processing (step 607) and content usage data or message authentication value storage processing (step 608), the edited re-encrypted content 505 and content usage data 506 for each edited plaintext content 504, and corresponding message authentication The value 513 is also created / deleted / accumulated / stored as in the case where the value is not divided.

  In the case of the conventional encrypted content editing method as described above, the content needs to be re-encrypted after the editing process, and the calculation process takes a lot of time. Further, since the plaintext content 503 and the edited plaintext content 504 must be present in the auxiliary storage device or the main storage device of the system, the risk for content protection increases.

  Therefore, in the encrypted content editing method according to the present embodiment, the encrypted content 501 is directly edited together with the content usage data 502 without being re-encrypted. In the encrypted content editing method according to the present embodiment, encryption that can be randomly accessed at the time of decryption is performed when the content is encrypted, if necessary.

  Hereinafter, an example of the encrypted content editing method in the present embodiment will be described with reference to FIG. As described above, the encrypted content 501 employing the encrypted content editing method according to the present embodiment is encrypted by a method that can be randomly accessed at the time of decryption, if necessary.

  Examples of encryption that can be randomly accessed during decryption include widely known methods such as an ECB (Electric Code Book) mode, a CBC (Cipher Block Chaining) mode, and a CTR (Counter) mode as block cipher modes. A description will be given later of what editing method it is necessary to encrypt using a method that allows random access during decryption.

  The encrypted content editing method in the case of a content protection system that does not use a message authentication value is as follows. The process until the encrypted content 501 is decrypted 508 is the same as the conventional encrypted content editing method described in FIG.

  With reference to the plaintext content 503 decrypted 508, editing 510 such as division, combination, deletion, and rearrangement is performed by a human operation or automatic / semi-automatic operation. When it is not necessary to refer to the contents of the plaintext content 503 during the editing 510, it is not necessary to decrypt 508 the encrypted content 501. However, at this point, the content usage data 502 is not deleted even if the encrypted content 501 is decrypted 508 or not.

  At the time of editing 510 such as division, combination, deletion, and rearrangement, editing 701 is directly performed on the encrypted content 501, and edited encrypted content 703 is created. Also, the content usage data 502 is directly edited 702 to the content usage data 502, and the content usage data 506 corresponding to the edited encrypted content 703 is created. After performing direct editing 702 on the content usage data 502, the original content usage data 502 is deleted 514.

  The edited encrypted content 703 is stored in the mass storage device 110. The corresponding content usage data 506 is stored in the secure storage device 120 by the content usage data storage control 141. At this time, the encrypted content 501 and the plaintext content 503 are deleted 512. When a plurality of edited encrypted contents 703 are created by editing 510, each edited encrypted contents 703 and contents usage data 506 corresponding thereto are also created, stored, and stored.

  The encrypted content editing method in the case of the content protection system using the message authentication value is as follows. The process until the encrypted content 501 is decrypted 508 is the same as the conventional encrypted content editing method described in FIG.

  With reference to the plaintext content 503 decrypted 508, editing 510 such as division, combination, deletion, and rearrangement is performed by a human operation or automatic / semi-automatic operation. When it is not necessary to refer to the contents of the plaintext content 503 during the editing 510, it is not necessary to decrypt 508 the encrypted content 501. However, the message authentication value 507 is deleted by the message authentication value deletion control 146.

  At the time of editing 510 such as division, combination, deletion, and rearrangement, editing 701 is directly performed on the encrypted content 501, and edited encrypted content 703 is created. Also, the content usage data 502 is directly edited 702 to the content usage data 502, and the content usage data 506 corresponding to the edited encrypted content 703 is created. After performing direct editing 702 on the content usage data 502, the original content usage data 502 is deleted 514.

  The edited encrypted content 703 and the content usage data 506 corresponding thereto are stored in the mass storage device 110, respectively. At this time, the encrypted content 501 and the plaintext content 503 are deleted 512. Further, the message authentication value calculation unit 132 calculates the message authentication value 513 of the created content usage data 506, and the calculated message authentication value 513 is used as the message authentication value 513 for the edited re-encrypted content 703. It is stored in the secure storage device 120 by the authentication value storage control 144.

  When a plurality of edited encrypted contents 703 are created by editing 510, each edited encrypted contents 703, contents usage data 506 corresponding to the edited encrypted contents 703, and corresponding message authentication value 513 are also created, stored, and stored.

  Next, the encrypted content high-speed editing processing procedure in the present embodiment will be described with reference to FIG. FIG. 8 is a flowchart showing the encrypted content high-speed editing processing procedure. Up to the start of the encrypted content high-speed editing process (step 801), the calculated / stored message authentication value comparison process (step 802), and the message authentication value deletion process (step 803), the conventional encrypted content editing described with reference to FIG. Since it is the same as step 601 to step 603 of the processing procedure, description thereof is omitted.

  The encrypted content decrypting process (step 804) decrypts the encrypted content 501 when necessary, such as presenting the plaintext content 503 before editing to the user, and is not always necessary.

  In the encrypted content high-speed editing process in the present embodiment, the plaintext content editing process (step 605) in FIG. 6 is not performed, but instead the content-related data is directly edited without re-encryption and the content usage data is directly edited (step 805). ), The encrypted content 501 is directly edited 701. Here, the original content usage data 502 is also directly edited 702. In the encrypted content high-speed editing process according to the present embodiment, there is no process corresponding to the content re-encryption and content usage data creation process (step 606) in FIG.

  In the plaintext content and content usage data deletion process (step 806), the original content usage data 502 is deleted, and the plaintext content 503 obtained by decrypting the encrypted content 501 in the encrypted content decryption process (step 804) is also obtained. If there is, delete it. The content use data or message authentication value storing process (step 807) is the same as step 608 of the conventional encrypted content editing process described with reference to FIG. Finally, the process is terminated by the end of the encrypted content editing process (step 609).

The content usage data 112, 121, and 502 described so far must be information indispensable at the time of content usage / editing in order to prevent content replacement and tampering. It may be used as usage data.
(1) Encrypted content 501
(2) Encryption key or encryption key derivation data of encrypted content 501 (3) Information obtained from encrypted content 501 and indispensable at the time of content use / editing (3) This is encrypted content extraction data with a smaller amount of data obtained by thinning out the encrypted content 501. In this case, it is necessary to confirm from time to time that the content usage data is present in the encrypted content 501 in the content usage processing unit 131 when the content is used / edited.

  The encrypted content processing method for each of the three types of content usage data will be described below. First, referring to FIG. 9, an encrypted content decrypting method with content protection when the content use data is the encrypted content 901 will be described.

  Here, in FIG. 9 and subsequent figures, the range of the encrypted content 901 corresponding to each key or key derivation data in the key or key derivation data 902 is specified even if it is determined as a certain range in the specification. The value to be stored may be separately specified. In the content protection system of the present embodiment, the range of the encrypted content 901 corresponding to the key or key derivation data 902 is a case where the specification determines every fixed range, and editing of the encrypted content 901 is performed in each range. The case where it is performed at the boundary will be described as an example. The boundary of editing can be set at an arbitrary position.

  First, an encrypted content decrypting method in the case of a content protection system that does not use a message authentication value will be described below. The encrypted content 901 exists as content usage data 121 in the secure storage device 120. In addition, a key or key derivation data 902 exists as the content related data 111 in the mass storage device 110. The encrypted content 901 in the secure storage device 120 is decrypted by applying a key or key derivation data 902 in the content use processing unit 131.

  Next, an encrypted content decrypting method in the case of a content protection system using a message authentication value will be described below. The encrypted content 901 exists as content usage data 112 in the content related data 111 of the mass storage device 110. In addition, a key or key derivation data 902 exists in the content related data 111. Further, the message authentication value 123 of the content usage data 112 exists in the secure storage device 120.

  Before the decryption of the encrypted content 901, the message authentication value calculation unit 132 calculates the message authentication value of the encrypted content 901, and sends the value to the comparison unit 133. The comparison unit 133 further acquires a message authentication value 123 corresponding to the encrypted content 901 stored in the secure storage device 120. When both values match in the comparison unit 133, the content use permission control unit 134 in the content use processing unit 131 permits the key or key derivation data 902 to be applied to the encrypted content 901. Based on this permission, the content use processing unit 131 decrypts the encrypted content 901.

  Next, an encrypted content editing method in which content protection is performed when the content usage data is the encrypted content 901 will be described with reference to FIG. First, an encrypted content editing method in the case of a content protection system that does not use a message authentication value will be described below. For the encrypted content 901 existing as the content usage data 121 in the secure storage device 120, the contents of the edit 510 by the user together with the key or key derivation data 902 existing as the content related data 111 in the mass storage device 110. Are directly edited 701 and 702, respectively.

  In the content protection system and the encrypted content editing method, if the data amount of the encrypted content 901 is large, a large amount of storage area of the secure storage device 120, which is generally expensive, is consumed. However, compared with the case where plain text content data is stored in the secure storage device 120, the storage area of the secure storage device 120 to be consumed is almost the same.

  For example, in the case of a system that outputs after encrypting content data outside the secure storage device 120, the content data has already been encrypted, and the encryption process at the time of output can be omitted. Furthermore, since the encrypted content 901 itself is stored in the secure storage device 120, unauthorized use of content such as using a part of the encrypted content 901 can be prevented.

  Next, an encrypted content editing method in the case of a content protection system using a message authentication value will be described below. First, it is determined whether editing processing is possible. The message authentication value calculation unit 132 calculates the message authentication value of the encrypted content 901 and sends the value to the comparison unit 133. The comparison unit 133 further acquires a message authentication value 123 corresponding to the encrypted content 901 stored in the secure storage device 120. When both values match in the comparison unit 133, the content use permission control unit 134 in the content use processing unit 131 permits the key or key derivation data 902 to be applied to the encrypted content 901.

  The encrypted content 901 existing as the content usage data 112 in the content related data 111 in the mass storage device 110 is edited by the user together with the key or key derivation data 902 also existing in the content related data 111. The contents are directly edited 701 and 702, respectively.

  In the content protection system and the encrypted content editing method, if the data amount of the encrypted content 901 is large, it takes time to process the message authentication value calculation unit 132, and a waiting time occurs in the content recording / use / editing processing. there's a possibility that. On the other hand, since the integrity of the message is checked for the entire encrypted content 901, it is possible to prevent unauthorized use of content such that a part of the encrypted content 901 is replaced and used.

  Next, with reference to FIG. 11, an encrypted content decrypting method with content protection when the content usage data is the key of the encrypted content 901 or the key derivation data 902 will be described.

  First, an encrypted content decrypting method in the case of a content protection system that does not use a message authentication value will be described below. The key or key derivation data 902 exists as the content usage data 121 in the secure storage device 120. In addition, there is encrypted content 901 as the content related data 111 in the mass storage device 110. The encrypted content 901 in the mass storage device 110 is decrypted by applying the key or key derivation data 902 in the content use processing unit 131.

  Next, an encrypted content decrypting method in the case of a content protection system using a message authentication value will be described below. The key or key derivation data 902 exists as content usage data 112 in the content related data 111 of the mass storage device 110. Also, the encrypted content 901 exists in the content related data 111. Furthermore, the message authentication value 123 of the key or key derivation data 902 exists in the secure storage device 120.

  Before decrypting the encrypted content 901, the message authentication value calculation unit 132 calculates the message authentication value of the key or key derivation data 902, and sends the value to the comparison unit 133. The comparison unit 133 further acquires a message authentication value 123 corresponding to the key or key derivation data 902 stored in the secure storage device 120. When both values match in the comparison unit 133, the content use permission control unit 134 in the content use processing unit 131 permits the key or key derivation data 902 to be applied to the encrypted content 901. Based on this permission, the content use processing unit 131 decrypts the encrypted content 901.

  Next, an encrypted content editing method in which content protection is performed when the content usage data is the key of the encrypted content 901 or the key derivation data 902 will be described with reference to FIG. First, an encrypted content editing method in the case of a content protection system that does not use a message authentication value will be described below. For the key or key derivation data 902 existing as the content usage data 121 in the secure storage device 120, the contents of the edit 510 by the user together with the encrypted content 901 existing as the content related data 111 in the mass storage device 110. Are directly edited 701 and 702, respectively.

  In the content protection system and the encrypted content editing method, since the key or key derivation data 902 is used as the content usage data 121, the amount of data can be reduced as compared with the case where the encrypted content 901 is used as the content usage data 121. Thus, the capacity of the secure storage device 120 can be reduced. On the other hand, if the application range to the content data with the same key is large, it is not possible to prevent unauthorized use of content such that a part of the encrypted content 901 is replaced and used.

  Next, an encrypted content editing method in the case of a content protection system using a message authentication value will be described below. First, it is determined whether editing processing is possible. The message authentication value calculation unit 132 calculates the message authentication value of the key or key derivation data 902 and sends the value to the comparison unit 133. The comparison unit 133 further acquires a message authentication value 123 corresponding to the key or key derivation data 902 stored in the secure storage device 120. When both values match in the comparison unit 133, the content use permission control unit 134 in the content use processing unit 131 permits the key or key derivation data 902 to be applied to the encrypted content 901.

  The encrypted content 901 existing in the content related data 111 in the mass storage device 110 is edited 510 by the user together with a key or key derivation data 902 that is also present as the content usage data 112 in the content related data 111. The contents are directly edited 701 and 702, respectively.

  In the content protection system and the encrypted content editing method, since the key or key derivation data 902 is used as the content usage data 112, the amount of data can be reduced as compared with the case where the encrypted content 901 is used as the content usage data 112. Thus, the processing time in the message authentication value calculation unit 132 can be further reduced. On the other hand, since the integrity of the message is checked by the key or the key derivation data 902, if the scope of application to the content data of the same key is large, illegal content usage such that a part of the encrypted content 901 is replaced and used is used. I can't prevent it.

  Next, with reference to FIG. 13, a description will be given of an encrypted content decrypting method with content protection when the content usage data is the encrypted content extraction data 1302 having a smaller data amount than the encrypted content 901 thinned out.

  First, an encrypted content decrypting method in the case of a content protection system that does not use a message authentication value will be described below. The encrypted content extraction data 1302 having a smaller data amount obtained by thinning out the encrypted content 901 exists as content usage data 121 in the secure storage device 120. The encrypted content 901 and the key or key derivation data 902 exist in the content related data 111 in the mass storage device 110.

  The encrypted content 901 that exists as the content related data 111 in the mass storage device 110 is decrypted by applying the key or the key derivation data 902 that also exists as the content related data 111 in the mass storage device 110. In this case, the comparison unit 1301 in the content usage processing unit 131 sequentially checks whether or not the above-described encrypted content extraction data 1302 exists in the encrypted content 901. If it does not exist, the decryption is stopped. To do.

  Next, an encrypted content decrypting method in the case of a content protection system using a message authentication value will be described below. The encrypted content extraction data 1302 having a smaller data amount obtained by thinning out the encrypted content 901 exists as the content usage data 112 in the content related data 111 in the mass storage device 110. The encrypted content 901 and the key or key derivation data 902 are also present in the content related data 111 in the mass storage device 110. Further, the message authentication value 123 of the encrypted content extraction data 1302 exists in the secure storage device 120.

  Before decrypting the encrypted content 901, the message authentication value calculation unit 132 calculates the message authentication value of the encrypted content extraction data 1302 and sends the value to the comparison unit 133. The comparison unit 133 further acquires a message authentication value 123 corresponding to the encrypted content extraction data 1302 stored in the secure storage device 120. When both values match in the comparison unit 133, the content use permission control unit 134 in the content use processing unit 131 permits the decryption of the encrypted content 901. Based on this permission, the content use processing unit 131 applies the key or key derivation data 902 to the encrypted content 901 and decrypts it. In this case, whether or not the encrypted content extraction data 1302 exists in the encrypted content 901 is sequentially checked by the comparison unit 1301 in the content use processing unit 131, and decryption is stopped if it does not exist.

  Next, an encrypted content editing method with content protection in the case where the content use data is encrypted content extraction data 1302 having a smaller data amount than the thinned encrypted content 901 will be described with reference to FIG. First, an encrypted content editing method in the case of a content protection system that does not use a message authentication value will be described below.

  The encrypted content 901 and the key or key derivation data 902 existing as the content related data 111 in the mass storage device 110 are combined with the encrypted content extraction data 1302 existing as the content usage data 121 in the secure storage device 120. The editing 701 and 702 are directly performed reflecting the contents of the editing 510 by the user. In this case, the comparison unit 1301 in the content usage processing unit 131 sequentially checks whether the encrypted content extraction data 1302 exists in the encrypted content 901, and if it does not exist, editing is stopped.

  Next, an encrypted content editing method in the case of a content protection system using a message authentication value will be described below. First, it is determined whether editing processing is possible. The message authentication value calculation unit 132 calculates the message authentication value of the encrypted content extraction data 1302 and sends the value to the comparison unit 133. The comparison unit 133 further acquires a message authentication value 123 corresponding to the encrypted content extraction data 1302 stored in the secure storage device 120. When both values match in the comparison unit 133, the content use permission control unit 134 in the content use processing unit 131 permits the key or key derivation data 902 to be applied to the encrypted content 901.

  For the encrypted content extraction data 1302 existing as the content usage data 112 in the content related data 111 in the mass storage device 110, the encrypted content 901 and the key or key derivation data also existing in the content related data 111. Along with 902, direct editing 701 and 702 are performed reflecting the contents of editing 510 by the user. In this case, whether or not the encrypted content extraction data 1302 exists in the encrypted content 901 is sequentially checked by the comparison unit 1301 in the content use processing unit 131, and editing does not exist if it does not exist.

  In the content protection system and the encrypted content editing method when the content usage data is the encrypted content extraction data 1302, since the encrypted content extraction data 1302 is used for the content usage data, the encrypted content 901 is used for the content usage data. In the case of a content protection system that uses a smaller amount of data than that used and does not use a message authentication value, the capacity of the secure storage device 120 can be reduced.

  In the case of a content protection system using a message authentication value, the processing amount in the message authentication value calculation unit 132 can be reduced. Since the integrity of the message is performed on the encrypted content extraction data 1302, the portion of the data to be extracted must be data indispensable for using the encrypted content 901. Specifically, for example, the head portion of the data payload of I frame data in MPEG2-PS packet data can be cited. When the message authentication value calculation unit 132, the comparison unit 133, and the secure storage device 120 do not want to handle the key or key derivation data 902, or when the entire encrypted content 901 is used as content usage data, the message authentication value is calculated. This method is effective when it is desired to avoid the time-consuming point.

  On the other hand, the processing load is high because the comparison unit 133 in the content usage processing unit 131 sequentially checks whether the encrypted content extraction data 1302 exists in the encrypted content 901 when using or editing the content. Become. Further, in the encrypted content extraction data 1302, if the extraction interval from the encrypted content 901 is large, it is not possible to prevent unauthorized use of content such that a part of the encrypted content 901 is replaced and used.

  Next, a direct editing method in which the content related data 111 is not re-encrypted will be described with reference to FIGS. As the content protection system, as described above, the content usage data 121 is in the secure storage device 120, the content usage data 112 is in the mass storage device 110, and the message authentication value 123 of the content usage data 112 is secure storage. There are systems in the device 120, that is, (1) a content protection system that does not use a message authentication value and (2) a content protection system that uses a message authentication value.

  In addition, for each of these, content usage data includes (a) encrypted content 901, (b) key or key derivation data 902 of encrypted content 901, and (c) encrypted content extraction with a smaller data amount than thinned encrypted content 901. Data 1302 is divided into cases. Hereinafter, a method for editing the content-related data 111 directly and actually without re-encryption in each case will be described.

  First, with reference to FIG. 15, (1) in a content protection system that does not use a message authentication value, (a) a content division / combination / deletion editing method when content usage data is encrypted content 901 will be described. When content is divided, the encrypted content 901 is directly divided without being re-encrypted, and becomes divided encrypted content 1501 and 1502. Similarly, the corresponding keys or key derivation data 902 are also divided into divided keys or key derivation data 1503 and 1504. The divided encrypted contents 1501 and 1502 become new contents use data and are stored in the secure storage device 120 instead of the original encrypted contents 901.

  When combining the contents, the encrypted contents 1501 and 1502 are directly combined without being re-encrypted, and become one encrypted content 901. Keys or key derivation data 1503 and 1504 are also directly combined into one key or key derivation data 902. The encrypted content 901 becomes new content usage data and is stored in the secure storage device 120 instead of the original encrypted content 1501 and 1502.

  When part of the divided encrypted content 1502 is partially deleted, the encrypted content 1505 is directly deleted without being re-encrypted to be partially deleted. The key or key derivation data corresponding thereto is also directly deleted from the original key or key derivation data 1504 to become a partially deleted key or key derivation data 1506. The new encrypted content 1505 is stored as content usage data in the secure storage device 120 instead of the original encrypted content 1502.

  Next, with reference to FIG. 16, (1) in a content protection system that does not use a message authentication value, (b) an editing method for content division / combination / deletion when content usage data is a key or key derivation data 902 will be described. To do. The processes of division / combination / partial deletion are the same as those in the case where the content use data described with reference to FIG. However, in this method, the content usage data is the key or key derivation data 902, 1503, 1504, 1506. It is this key or key derivation data 902, 1503, 1504, 1506 that is stored in the secure storage device 120.

  Next, with reference to FIG. 17, (1) in a content protection system that does not use a message authentication value, (c) an editing method for content division / combination / deletion when content usage data is encrypted content extraction data 1302 will be described. To do. The processes of division / combination / partial deletion are the same as those in the case where the content use data described with reference to FIG. Further, in this method, the encrypted content extraction data 1302 is added to the content related data 111, and the same processing as the processing for the encrypted content, the key, or the key derivation data is performed regarding the division / combination / deletion. However, in this method, the content usage data is encrypted content extraction data 1302, 1701, 1702, and 1703. The encrypted content extraction data 1302, 1701, 1702, and 1703 are stored in the secure storage device 120.

  Next, with reference to FIG. 18, (2) in the content protection system using the message authentication value, (a) the editing method of content division / combination / deletion when the content usage data is the encrypted content 901 will be described. The processes of division / combination / partial deletion are the same as those in the case where the content use data described with reference to FIG. However, in this method, the encrypted content 901, 1501, 1502, 1505, which is content usage data, is not stored in the secure storage device 120, but each message authentication value calculated by the message authentication value calculation unit 132 is stored in the secure storage. Stored in the device 120 as the message authentication value 123.

  Next, with reference to FIG. 19, (2) in the content protection system using the message authentication value, (b) an editing method of content division / combination / deletion when the content usage data is the key or key derivation data 902 will be described. To do. The processes of division / combination / partial deletion are the same as those in the case where the content use data described with reference to FIG. However, in this method, the content usage data is the key or key derivation data 902, 1503, 1504, 1506. Further, instead of storing the content use data in the secure storage device 120, each message authentication value calculated by the message authentication value calculation 132 is stored in the secure storage device 120 as the message authentication value 123.

  Next, with reference to FIG. 20, (2) in the content protection system using the message authentication value, (c) an editing method for content division / combination / deletion when the content usage data is the encrypted content extraction data 1302 will be described. To do. The processes of division / combination / partial deletion are the same as those in the case where the content use data described with reference to FIG. Further, in this method, the encrypted content extraction data 1302 is added to the content related data 111, and the same processing as the processing for the encrypted content, the key, or the key derivation data is performed regarding the division / combination / deletion. However, in this method, the content usage data is encrypted content extraction data 1302, 1701, 1702, and 1703. Further, instead of storing the content usage data in the secure storage device 120, each message authentication value calculated by the message authentication value calculation unit 132 is stored in the secure storage device 120 as the message authentication value 123.

  In the content protection system of the present embodiment, a method that allows random access during decryption is used for content encryption. Encryption schemes that can be randomly accessed at the time of decryption include block cipher modes that cannot be decrypted without previous cipher block data, such as CBC (Cipher Block Chaining) mode.

  When this encryption method is used, when the encrypted content 901 is directly edited without being decrypted and divided / combined, extra data for one block is required at the beginning of the combined content. If the head of the combined content is the head of the original content, data for one block having an initial value must be added. The content use processing unit 131 must be able to process even if extra data for one block exists in the encrypted content 901.

  Further, when the time stamp information exists in the data of the encrypted content 901, the time stamp information may become non-continuous / non-monotonically increasing due to editing. The content use processing unit 131 must be able to process even when the time stamp information in the encrypted content 901 is discontinuous / non-monotonically increasing.

  Even if the content usage processing unit 131 has no special function other than the above, in the encrypted content editing method according to the present embodiment, the structure of the original content related data 111 and the structure of the edited content related data 111 are Since they can be the same or substantially the same, the processing of the content use processing unit 131 can be executed with little or no deceleration.

  As described above, according to the encrypted content editing method of the present embodiment, the encrypted content and the target data for preventing the replacement or falsification of the content are directly edited without re-encrypting. Therefore, editing of protected encrypted content can be performed at high speed while maintaining protection. Furthermore, since calculation processing and time are reduced, it is possible to reduce the possibility that the content cannot be used due to a problem during the editing processing of the protected encrypted content.

<Embodiment 2>
The content protection system according to the second embodiment of the present invention will be described below with reference to FIGS. The content protection system of this embodiment uses a playlist when editing encrypted content.

  First, the encrypted content high-speed editing processing procedure using the playlist in the present embodiment will be described with reference to FIG. FIG. 21 is a flowchart showing an encrypted content high-speed editing process procedure using a playlist. The processing content is the same as the encrypted content editing processing procedure in FIG. 8 of the first embodiment, but only the processing of the direct editing without re-encrypting the content-related data and the direct editing of the content usage data (step 805), It is replaced with virtual editing (step 2105) of encrypted content / content usage data using a playlist. Note that content encryption may or may not be required to use a random accessible method at the time of decryption depending on the editing method described later.

  In virtual editing of encrypted content / content usage data using a playlist (step 2105), as will be described later with reference to FIGS. 22 to 36, all or part of the editing is virtually performed using the playlist. . Here, the play list is a list showing the chapter information divided by the time delimiter information with respect to the normal reproduction time of the content and the reproduction order thereof. When content is divided, a playlist is created so that there is no duplication in the playback portion of the divided content, or only duplication within an allowable time (for example, 30 seconds).

  In the encrypted content editing method according to the present embodiment, editing is virtually performed using a playlist, so that processing during editing can be omitted. On the other hand, since the content use processing unit 131 corresponds to a playlist, it must be able to process even when the time stamp information in the encrypted content is non-continuous / non-monotonically increasing. In addition, the processing amount is increased by performing decoding / reproduction with reference to the playlist when using the content.

  As described above, as the content protection system, the content usage data 121 is in the secure storage device 120, the content usage data 112 is in the mass storage device 110, and the message authentication value 123 of the content usage data 112 is secure storage. There are systems in the device 120, that is, systems that do not use message authentication values and systems that use message authentication values.

  In addition, for each, the content usage data must be indispensable information at the time of content usage / editing. Specifically, as described above, (1) encrypted content (2) encryption of encrypted content Key or encryption key derivation data (3) Information obtained from encrypted content 501 and made indispensable at the time of content use / editing may be used as content use data. Specifically, (3) is encrypted content extraction data with a smaller amount of data obtained by thinning out the encrypted content. In this case, the content usage processing unit 131 uses the content usage data when using or editing the content. Must be confirmed from time to time in the encrypted content.

  A total of six types of content protection systems can be considered in combination with the above, and a method for virtually editing each of these content protection systems using a playlist will be described below.

  As a method of virtually editing using a playlist, there are a method that does not edit content-related data and a method that does not edit content usage data. Furthermore, there are two methods for not editing the content usage data: a method in which only one new playlist exists in the new content usage data, and a new playlist in the new content usage data, which is not limited to one. There is a way to do it. There are a total of six types of methods for virtually editing using a playlist in the above combination.

  Here, the method of virtually editing using a playlist and not editing the content usage data is to combine the new playlist with the original content usage data to obtain new content usage data. It is. A new playlist does not overlap with a plurality of new content usage data.

  In this method, the method in which only one new playlist exists in the new content usage data means that the original content usage data is prepared by duplication as the content usage data for the content referred to by the new playlist. This is a method of combining new playlists to obtain new content usage data. One content usage data includes one new play list, and one or more copied original content usage data exist.

  In addition, a method in which a new playlist is not limited to one in new content usage data means that a new playlist is added to the original content usage data as content usage data for the content referred to by the new playlist. Are combined into a new content usage data. At this time, one content usage data may include a plurality of new playlists.

  However, in a content protection system that does not use a message authentication value, a method in which only one new playlist exists in new content usage data among methods that do not edit content usage data secures copying of the content usage data itself. It is inefficient because it is stored in a storage device. The original content usage data only needs to have at least one entity, and it is generally expensive to consume the costly area of the secure storage device by copying the same data. Therefore, in the following, in the content protection system that does not use the message authentication value, the description of the method in which only one new playlist exists in the new content usage data is omitted because the procedure can be easily understood.

  Regardless of whether or not the content usage data is edited, the method for editing the content related data is inefficient because it negates the effect obtained by virtually editing the playlist. In particular, when editing content usage data, it is not necessary to use a playlist in the first place. Therefore, the description of the method for editing the content related data will be omitted below because the procedure and the method for not editing the content related data can be easily understood.

  When editing content usage data in a content protection system that does not use a message authentication value, in addition to the newly edited content usage data, other data such as a playlist can be stored in the secure storage device 120. is there. Further, when the content usage data is not edited, a playlist is added to the original content usage data to obtain new content usage data, but other data can be stored in the secure storage device 120 together.

  When editing the content usage data in the content protection system using the message authentication value, other data such as a playlist can be combined with the newly edited content usage data. When the content usage data is not edited, the content usage data and the playlist are combined to form new content usage data, but other data can be combined.

  Hereinafter, with reference to FIGS. 22 to 27, in the content protection system that does not use the message authentication value, (1) when the content usage data is the encrypted content 901, (2) when it is the key or the key derivation data 902, (3) When there is encrypted content extraction data 1302, for each of the three cases, (a) a method for editing content usage data and (b) content usage data as two types of editing methods using a playlist. Will be described, and a new playlist is not limited to one in new content usage data.

  First, with reference to FIG. 22, an encrypted content editing method using a playlist when (1) content usage data is encrypted content 901 and (a) content usage data is edited will be described. In this case, it is necessary to actually edit the encrypted content 901 at the time of editing, but it is not necessary to edit the key or key derivation data 902. When the encrypted content 901 is created, if encryption that can be randomly accessed at the time of decryption is performed, it is not necessary to decrypt from the beginning at the time of reproduction, and the reproduction can be performed at a higher speed. In addition, editing can be performed at a higher speed by not performing re-encryption during editing. In order to eliminate the sharing of data between the divided contents, it is only necessary to copy the key or key derivation data 902 and prepare the same number as the number of divided contents.

  Next, referring to FIG. 23, when (1) the content usage data is the encrypted content 901, (b) the content usage data is not edited and the new content usage data is limited to one new playlist. An encrypted content editing method using a playlist when it exists without being performed will be described. In this case, it is not necessary to actually edit the encrypted content 901 at the time of editing, and it is not necessary to edit the key or key derivation data 902. When the encrypted content 901 is created, if encryption that can be randomly accessed at the time of decryption is performed, it is not necessary to decrypt from the beginning at the time of reproduction, and the reproduction can be performed at a higher speed. In this case, sharing of data between the divided contents is essential.

  Next, FIG. 24 is used to show an encrypted content editing method using a playlist when (2) content usage data is key or key derivation data 902 and (a) content usage data is edited. . In this case, it is necessary to actually edit the key or key derivation data 902 at the time of editing, but the encrypted content 901 need not be edited. When the encrypted content 901 is created, if encryption that can be randomly accessed at the time of decryption is performed, it is not necessary to decrypt from the beginning at the time of reproduction, and the reproduction can be performed at a higher speed. In addition, editing can be performed at a higher speed by not performing re-encryption during editing. In order to eliminate sharing of data between the divided contents, the encrypted contents 901 may be copied and the same number as the number of divided contents may be prepared.

  Next, referring to FIG. 25, when (2) the content usage data is the key or key derivation data 902, (b) one new playlist is added to the new content usage data without editing the content usage data. An encrypted content editing method using a playlist in the case where it exists without being limited to will be described. In this case, it is not necessary to actually edit the encrypted content 901 at the time of editing, and it is not necessary to edit the key or key derivation data 902. When the encrypted content 901 is created, if encryption that can be randomly accessed at the time of decryption is performed, it is not necessary to decrypt from the beginning at the time of reproduction, and the reproduction can be performed at a higher speed. In this case, sharing of data between the divided contents is essential.

  Next, with reference to FIG. 26, (3) when content usage data is encrypted content extraction data 1302, (a) an encrypted content editing method using a playlist when editing content usage data is shown. . In this case, it is necessary to actually edit the encrypted content extraction data 1302 at the time of editing, but it is not necessary to edit the encrypted content 901 or the key or key derivation data 902. When the encrypted content 901 is created, if encryption that can be randomly accessed at the time of decryption is performed, it is not necessary to decrypt from the beginning at the time of reproduction, and the reproduction can be performed at a higher speed. In addition, editing can be performed at a higher speed by not performing re-encryption during editing. In order to eliminate sharing of data between the divided contents, it is only necessary to copy the encrypted contents 901 and the key or key derivation data 902 and prepare the same number as the number of divided contents.

Next, referring to FIG. 27, when (3) the content usage data is the encrypted content extraction data 1302, (b) the content usage data is not edited and one new playlist is added to the new content usage data. An encrypted content editing method using a playlist in the case where it exists without being limited to will be described. In this case, it is not necessary to actually edit the encrypted content extraction data 1302, the encrypted content 901, and the key or key derivation data 902 at the time of editing. When the encrypted content 901 is created, if encryption that can be randomly accessed at the time of decryption is performed, it is not necessary to decrypt from the beginning at the time of reproduction, and the reproduction can be performed at a higher speed. In this case, sharing of data between the divided contents is essential.
Hereinafter, with reference to FIGS. 28 to 36, in the content protection system using the message authentication value, (1) the content use data is the encrypted content 901, (2) the key or the key derivation data 902, (3) When there is encrypted content extraction data 1302, for each of the three cases, (a) a method for editing content usage data and (b) content usage data as three types of editing methods using a playlist (C) The content usage data is not edited and the new content usage data is limited to one new playlist. The existing method will be described.

  In FIG. 28 and subsequent figures, a block of data represented by a series of rectangles connected to the message authentication value calculation unit 132 includes playlist data and encrypted content or key that is content usage data, Some of the key derivation data and the encrypted content extraction data are concatenated, and these represent data concatenated at least when the message authentication value 123 is calculated. In this way, by connecting the playlist data and the content usage data and calculating the message authentication value 123, the content is protected from unauthorized use such as tampering even when editing the encrypted content using the playlist. It becomes possible.

  As a connection method for data, if it can uniquely identify the playlist data and other data in linked data, it may be determined in advance how. When a plurality of play list data is present in the consolidated data is if it can uniquely identify each playlist data, it may be determined in advance how. Specifically, there is a method of inserting divided identification data between playlist data and other data or between each playlist data.

  First, with reference to FIG. 28, (1) when content usage data is encrypted content 901, (a) an encrypted content editing method using a playlist when content usage data is edited will be described. In this case, it is necessary to actually edit the encrypted content 901 at the time of editing, but it is not necessary to edit the key or key derivation data 902. When the encrypted content 901 is created, if encryption that can be randomly accessed at the time of decryption is performed, it is not necessary to decrypt from the beginning at the time of reproduction, and the reproduction can be performed at a higher speed. In addition, editing can be performed at a higher speed by not performing re-encryption during editing. In order to eliminate the sharing of data between the divided contents, it is only necessary to copy the key or key derivation data 902 and prepare the same number as the number of divided contents.

  Next, referring to FIG. 29, (1) when the content usage data is the encrypted content 901, (b) the content usage data is not edited, and there is only one new playlist in the new content usage data. In this case, an encrypted content editing method using a playlist is shown. In this case, it is not necessary to actually edit the encrypted content 901 at the time of editing, and it is not necessary to edit the key or key derivation data 902. However, it is necessary to copy the encrypted content 901 before editing and prepare the same number as the number of divided contents. Furthermore, it is necessary to be able to recognize the head of the data of the linked playlist. When the encrypted content 901 is created, if encryption that can be randomly accessed at the time of decryption is performed, it is not necessary to decrypt from the beginning at the time of reproduction, and the reproduction can be performed at a higher speed. In order to eliminate the sharing of data between the divided contents, it is only necessary to copy the key or key derivation data 902 and prepare the same number as the number of divided contents.

  Next, referring to FIG. 30, when (1) the content usage data is the encrypted content 901, (c) the content usage data is not edited and the new content usage data is limited to one new playlist. An encrypted content editing method using a playlist when it exists without being performed will be described. In this case, it is not necessary to actually edit the encrypted content 901 at the time of editing, and it is not necessary to edit the key or key derivation data 902. However, it is necessary to be able to recognize the beginning of the data of the linked playlist. When the encrypted content 901 is created, if encryption that can be randomly accessed at the time of decryption is performed, it is not necessary to decrypt from the beginning at the time of reproduction, and the reproduction can be performed at a higher speed. In this case, sharing of data between the divided contents is essential.

  Next, FIG. 31 is used to show an encrypted content editing method using a playlist when (2) content usage data is key or key derivation data 902 and (a) content usage data is edited. . In this case, it is not necessary to actually edit the encrypted content 901 during editing, but the key or key derivation data 902 needs to be edited. When the encrypted content 901 is created, if encryption that can be randomly accessed at the time of decryption is performed, it is not necessary to decrypt from the beginning at the time of reproduction, and the reproduction can be performed at a higher speed. In order to eliminate sharing of data between the divided contents, the encrypted content 901 may be copied and the same number as the number of divided contents may be prepared.

  Next, referring to FIG. 32, when (2) the content usage data is the key or key derivation data 902, (b) one new playlist is added to the new content usage data without editing the content usage data. The encrypted content editing method using the playlist when only the file exists. In this case, it is not necessary to actually edit the encrypted content 901 at the time of editing, and it is not necessary to edit the key or key derivation data 902. However, it is necessary to prepare the same number of divided contents by copying the key before editing or the key derivation data 902. Furthermore, it is necessary to be able to recognize the head of the data of the linked playlist. When the encrypted content 901 is created, if encryption that can be randomly accessed at the time of decryption is performed, it is not necessary to decrypt from the beginning at the time of reproduction, and the reproduction can be performed at a higher speed. In order to eliminate sharing of data between the divided contents, the encrypted content 901 may be copied and the same number as the number of divided contents may be prepared.

  Next, referring to FIG. 33, when (2) the content usage data is the key or key derivation data 902, (c) one new playlist is added to the new content usage data without editing the content usage data. An encrypted content editing method using a playlist in the case where it exists without being limited to will be described. In this case, it is not necessary to actually edit the encrypted content 901 at the time of editing, and it is not necessary to edit the key or key derivation data 902. However, it is necessary to be able to recognize the beginning of the data of the linked playlist. When the encrypted content 901 is created, if encryption that can be randomly accessed at the time of decryption is performed, it is not necessary to decrypt from the beginning at the time of reproduction, and the reproduction can be performed at a higher speed. In this case, sharing of data between the divided contents is essential.

  Next, with reference to FIG. 34, (3) when content usage data is encrypted content extraction data 1302 and (a) content usage data is edited, an encrypted content editing method using a playlist is shown. . In this case, it is not necessary to actually edit the encrypted content 901 and the key or key derivation data 902 at the time of editing, but it is necessary to edit the encrypted content extraction data 1302. When the encrypted content 901 is created, if encryption that can be randomly accessed at the time of decryption is performed, it is not necessary to decrypt from the beginning at the time of reproduction, and the reproduction can be performed at a higher speed. In order to eliminate sharing of data between the divided contents, it is only necessary to copy the encrypted contents 901 and the key or key derivation data 902 and prepare the same number as the number of divided contents.

  Next, referring to FIG. 35, when (3) content usage data is encrypted content extraction data 1302, (b) content usage data is not edited and one new playlist is added to the new content usage data. The encrypted content editing method using the playlist when only the file exists. In this case, it is not necessary to actually edit the encrypted content 901 and the key or the key derivation data 902 at the time of editing, and it is not necessary to edit the encrypted content extraction data 1302. However, it is necessary to prepare the same number of divided contents by copying the encrypted content extraction data 1302 before editing. Furthermore, it is necessary to be able to recognize the head of the data of the linked playlist. When the encrypted content 901 is created, if encryption that can be randomly accessed at the time of decryption is performed, it is not necessary to decrypt from the beginning at the time of reproduction, and the reproduction can be performed at a higher speed. In order to eliminate sharing of data between the divided contents, it is only necessary to copy the encrypted contents 901 and the key or key derivation data 902 and prepare the same number as the number of divided contents.

  Next, referring to FIG. 36, when (3) content usage data is encrypted content extraction data 1302, (c) content usage data is not edited and one new playlist is added to the new content usage data. An encrypted content editing method using a playlist in the case where it exists without being limited to will be described. In this case, it is not necessary to actually edit the encrypted content 901 and the key or the key derivation data 902 at the time of editing, and it is not necessary to edit the encrypted content extraction data 1302. However, it is necessary to be able to recognize the beginning of the data of the linked playlist. When the encrypted content 901 is created, if encryption that can be randomly accessed at the time of decryption is performed, it is not necessary to decrypt from the beginning at the time of reproduction, and the reproduction can be performed at a higher speed. In this case, sharing of data between the divided contents is essential.

  As described above, according to the encrypted content editing method of the present embodiment, when editing encrypted content, editing is performed by creating a playlist. Editing can be performed at high speed while maintaining protection. Furthermore, since calculation processing and time are reduced, it is possible to reduce the possibility that the content cannot be used due to a problem during the editing processing of the protected encrypted content.

  As mentioned above, the invention made by the present inventor has been specifically described based on the embodiment. However, the present invention is not limited to the embodiment, and various modifications can be made without departing from the scope of the invention. Needless to say.

  The encrypted content editing method of the present invention can be used as an editing method for performing editing processing such as division, combination, deletion, and rearrangement on digitized video and music for use in information equipment.

It is a figure showing the example of a structure of the content protection system which does not use a message authentication value in Embodiment 1 of this invention. It is a figure showing the example of a structure of the content protection system using the message authentication value in Embodiment 1 of this invention. It is the flowchart which showed the content registration processing procedure in Embodiment 1 of this invention. It is the flowchart which showed the content utilization and deletion processing procedure in Embodiment 1 of this invention. It is the figure which showed the example of the conventional encryption content editing method. It is the flowchart which showed the conventional encryption content edit processing procedure. It is the figure which showed the example of the encryption content editing method in Embodiment 1 of this invention. It is the flowchart which showed the encrypted content high-speed edit processing procedure in Embodiment 1 of this invention. It is the figure which showed the encrypted content decoding method in Embodiment 1 of this invention when content utilization data is an encrypted content. It is the figure which showed the encryption content editing method in Embodiment 1 of this invention when content utilization data is encryption content. It is the figure which showed the encrypted content decoding method in case the content utilization data is the key or the key derivation data in Embodiment 1 of this invention. It is the figure which showed the encrypted content edit method in Embodiment 1 of this invention when content utilization data is a key or key derivation data. It is the figure which showed the encrypted content decoding method in Embodiment 1 of this invention in case content utilization data is encryption content extraction data. It is the figure which showed the encrypted content edit method in Embodiment 1 of this invention in case content utilization data is encryption content extraction data. It is the figure which showed the edit method of content division | segmentation, a coupling | bonding, and deletion when content utilization data is an encryption content in the content protection system which does not use a message authentication value in Embodiment 1 of this invention. It is the figure which showed the edit method of content division | segmentation, a coupling | bonding, and deletion when content utilization data is a key or key derivation data in the content protection system which does not use a message authentication value in Embodiment 1 of this invention. It is the figure which showed the edit method of content division | segmentation, a coupling | bonding, and deletion when content utilization data is encryption content extraction data in the content protection system which does not use a message authentication value in Embodiment 1 of this invention. It is the figure which showed the edit method of content division | segmentation, a coupling | bonding, and deletion when content utilization data is an encryption content in the content protection system using a message authentication value in Embodiment 1 of this invention. It is the figure which showed the edit method of content division | segmentation, a coupling | bonding, and deletion when content utilization data is a key or key derivation data in the content protection system using the message authentication value in Embodiment 1 of this invention. It is the figure which showed the edit method of content division | segmentation, a coupling | bonding, and deletion in case the content utilization data is encryption content extraction data in the content protection system using a message authentication value in Embodiment 1 of this invention. It is the flowchart which showed the encrypted content high-speed edit processing procedure using the play list in Embodiment 2 of this invention. It is the figure in Embodiment 2 of this invention which showed the encryption content edit method using a play list which edits content use data when content use data is encryption content. In the second embodiment of the present invention, when the content usage data is encrypted content, the content usage data is not edited, and the new content usage data is not limited to one new playlist, It is the figure which showed the encryption content editing method using a play list. FIG. 10 is a diagram showing an encrypted content editing method using a playlist for editing content usage data when the content usage data is key or key derivation data in Embodiment 2 of the present invention. In the second embodiment of the present invention, when the content usage data is a key or key derivation data, the content usage data is not edited, and there is no limitation to one new playlist in the new content usage data. It is the figure which showed the encryption content editing method using a play list. FIG. 10 is a diagram showing an encrypted content editing method using a playlist for editing content usage data when the content usage data is encrypted content extraction data in Embodiment 2 of the present invention. In the second embodiment of the present invention, when the content usage data is encrypted content extraction data, the content usage data is not edited, and the new content usage data is not limited to one new playlist. It is the figure which showed the encryption content editing method using a play list. It is the figure in Embodiment 2 of this invention which showed the encryption content edit method using a play list which edits content use data when content use data is encryption content. In the second embodiment of the present invention, when the content usage data is encrypted content, the content usage data is not edited and only one new playlist exists in the new content usage data. It is the figure which showed the encrypted content editing method which had. In the second embodiment of the present invention, when the content usage data is encrypted content, the content usage data is not edited, and the new content usage data is not limited to one new playlist, It is the figure which showed the encryption content editing method using a play list. FIG. 10 is a diagram showing an encrypted content editing method using a playlist for editing content usage data when the content usage data is key or key derivation data in Embodiment 2 of the present invention. In the second embodiment of the present invention, when the content usage data is a key or key derivation data, the content usage data is not edited and only one new playlist exists in the new content usage data. It is the figure which showed the encryption content editing method using. In the second embodiment of the present invention, when the content usage data is a key or key derivation data, the content usage data is not edited, and there is no limitation to one new playlist in the new content usage data. It is the figure which showed the encryption content editing method using a play list. FIG. 10 is a diagram showing an encrypted content editing method using a playlist for editing content usage data when the content usage data is encrypted content extraction data in Embodiment 2 of the present invention. In the second embodiment of the present invention, when the content usage data is encrypted content extraction data, the content usage data is not edited and only one new playlist exists in the new content usage data. It is the figure which showed the encryption content editing method using. In the second embodiment of the present invention, when the content usage data is encrypted content extraction data, the content usage data is not edited, and the new content usage data is not limited to one new playlist. It is the figure which showed the encryption content editing method using a play list.

Explanation of symbols

110 ... Mass storage device, 111 ... Content related data, 120 ... Secure storage device, 121 ... Content usage data, 122 ... Master key or master key derivation data, 130 ... Content related data processing unit, 131 ... Content usage processing unit, 141 ... Content usage data storage control, 142 ... Content usage data read control, 143 ... Content usage data deletion control, 150 ... Access control, 160 ... Master key or master key derivation data read control,
112 ... Content usage data, 123 ... Message authentication value, 132 ... Message authentication value calculation unit, 133 ... Comparison unit, 144 ... Message authentication value storage control, 145 ... Message authentication value read control, 146 ... Message authentication value deletion control,
134 ... Content availability control unit, 501 ... encrypted content, 502 ... content usage data, 503 ... plaintext content, 504 ... edited plaintext content, 505 ... edited re-encrypted content, 506 ... content usage data, 507 ... message Authentication value 508 ... Decryption, 509 ... Delete, 510 ... Edit, 511 ... Re-encryption and content usage data creation, 512 ... Delete, 513 ... Message authentication value,
514 ... Delete, 701 ... Direct edit, 702 ... Direct edit, 703 ... Edited encrypted content,
901 ... encrypted content, 902 ... key or key derivation data,
1301 ... Comparison unit, 1302 ... Encrypted content extraction data,
1501 ... Encrypted content, 1502 ... Encrypted content, 1503 ... Key or key derivation data, 1504 ... Key or key derivation data, 1505 ... Encrypted content, 1506 ... Key or key derivation data,
1701 ... Encrypted content extraction data, 1702 ... Encrypted content extraction data, 1703 ... Encrypted content extraction data,
2201 ... Playlist, 2202 ... Playlist, 2203 ... Playlist,
2401 ... key or key derivation data, 2402 ... key or key derivation data, 2403 ... key or key derivation data,
2601 ... Encrypted content extraction data, 2602 ... Encrypted content extraction data, 2603 ... Encrypted content extraction data,
2901 ... Playlist / encrypted content combined data, 2902 ... Playlist / encrypted content combined data, 2903 ... Playlist / encrypted content combined data,
3001 ... Plural playlist / encrypted content combined data, 3002 ... Multiple playlist / encrypted content combined data,
3201 ... Playlist / key or key derivation data combination data 3202 ... Playlist / key or key derivation data combination data, 3203 ... Playlist / key or key derivation data combination data,
3301 ... Multiple playlist / key or key derivation data combination data, 3302 ... Multiple playlist / key or key derivation data combination data,
3501 ... Playlist / encrypted content extracted data combined data, 3502 ... Playlist / encrypted content extracted data combined data, 3503 ... Playlist / encrypted content extracted data combined data,
3601 ... Plural playlist / encrypted content extracted data combined data 3602 ... Multiple playlist / encrypted content extracted data combined data.

Claims (16)

The information device encrypts and stores the content in the first storage device, and stores the target data as content usage data to prevent the content from being replaced or falsified in the access-controlled second storage device An encrypted content editing method for protecting the content by managing the content,
The information device performs encryption that can be randomly accessed at the time of decryption when encrypting the content, and performs editing processing by dividing, combining, deleting, and rearranging the content in one or a plurality of pieces of content. By substituting by creating a list, and by dividing, combining, deleting, and rearranging the content usage data according to the created playlist, one or more new content usage data can be obtained. encrypted content editing method and performing without the re-encryption of the content usage data and the content. In the encrypted content editing method according to claim 1 Symbol placement,
The information device performs the editing process by dividing, combining, deleting, and rearranging the content by creating one or a plurality of playlists for the content, and using the content for the created playlist. An encrypted content editing method, wherein one or a plurality of new content usage data is obtained by combining data. The encrypted content editing method according to claim 2 ,
The encrypted content editing method, wherein the new content usage data includes only one playlist. The encrypted content editing method according to claim 2 ,
The encrypted content editing method, wherein the new content usage data includes the playlist without being limited to one. The encrypted content editing method according to any one of claims 1 to 4 ,
The encrypted information editing method, wherein the information device does not perform an editing process by dividing, combining, deleting, or rearranging the encrypted content itself. The encrypted content editing method according to any one of claims 1 to 5 ,
The encrypted content editing method, wherein the content usage data is the encrypted content itself. The encrypted content editing method according to any one of claims 1 to 5 ,
The encrypted content editing method, wherein the content usage data is an encrypted encryption key or encryption key derivation data of the content. The encrypted content editing method according to any one of claims 1 to 5 ,
The content usage data is data extracted by thinning out the encrypted content data, and when the information device uses or edits the content, the content usage data is present in the content. An encrypted content editing method characterized by checking whether or not there is at any time. A first storage device;
A second storage device with controlled access;
The content is encrypted and stored in the first storage device, and the target data for preventing replacement and alteration of the content is stored and managed as content usage data in the second storage device. A content management device having a content-related data processing unit for protecting content,
The content-related data processing unit performs encryption that can be randomly accessed at the time of decryption when encrypting the content, and performs editing processing by dividing, combining, deleting, and rearranging the content, By substituting by creating a plurality of playlists, and dividing, combining, deleting, and rearranging the content usage data in accordance with the created playlists, one or more new content usage data and Thus , the content management apparatus can perform the content and the content usage data without re-encryption. The content management apparatus according to claim 9 , wherein
The content-related data processing unit performs the editing process by dividing, combining, deleting, and rearranging the content by creating one or a plurality of playlists for the content, and the created playlists A content management apparatus characterized by combining the content usage data into one or more new content usage data. The content management apparatus according to claim 10 .
The content management apparatus according to claim 1, wherein the new content usage data includes only one playlist. The content management apparatus according to claim 10 .
The content management apparatus according to claim 1, wherein the new content usage data includes the play list without being limited to one. The content management device according to any one of claims 9 to 12 ,
The content management apparatus, wherein the content-related data processing unit does not perform editing processing by dividing, combining, deleting, and rearranging the encrypted content itself. The content management apparatus according to any one of claims 9 to 13 ,
The content management apparatus, wherein the content usage data is the encrypted content itself. The content management apparatus according to any one of claims 9 to 13 ,
The content management apparatus, wherein the content usage data is an encrypted encryption key or encryption key derivation data of the content. The content management apparatus according to any one of claims 9 to 13 ,
The content usage data is data extracted by thinning out the encrypted content data, and the content related data processing unit stores the content usage data in the content when using or editing the content. A content management apparatus for checking whether or not it exists at any time.

Images