JPH10222064A - Digital information management system, terminal device, information management center, and method of controlling digital information - Google Patents

Abstract

PROBLEM TO BE SOLVED: To make it possible to prevent illegal copy without losing convenience for proper users. SOLUTION: When digital information is used, a registration number and a registration number authentication corresponding to the digital information used from a terminal device 2 are transmitted to an information management center 1. The information management center 1 checks the conditions for the use of the digital information corresponding to the received registration number, and transmits data showing a permission for the use to the terminal device 2 if the registration number is duly allowed for the use of the information and transmits data for inhibiting the use to the terminal device 2, if the number is not duly allowed for the use. The terminal device 2 is arranged so that the digital information is usable thereon only when it receives a permission for the use.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a digital information management system and a digital information management method for preventing unauthorized use of digital information stored in a terminal device, and more particularly to a case where a specified number of times or a specified period is exceeded. The present invention relates to a digital information management system and a digital information management method for preventing unauthorized users from using digital information.

[0002]

2. Description of the Related Art In recent years, digitization of texts, voices, still images, moving images, and the like for use on computers has been rapidly increasing. However, since digital data has the property that the exact same data as the original data can be easily copied / created on a computer, there arises a problem that illegal copying violates the rights of copyright holders and data sellers. .

In recent years, in addition to simply preventing unauthorized copying, the number of times data is used and the number of times digital data and the like are reproduced are limited in terms of the number of uses and the period of use in order to have the user understand the usefulness of the data. There is also a growing need to collect fees depending on the situation.

[0004] As a method of solving these problems and realizing the needs, for example, Japanese Patent Application Laid-Open No. 3-288227 is disclosed.
This is a way to limit the number of uses of the software,
Briefly, first, a software provider sends a use limit number and an initial value of the use number to a user's computer (terminal device) via a communication means, and sends them to a recording medium in the user's computer. Record it. And
In this method, the number of times of use is updated during execution of the software, and the number of times of use is compared with the number of times of use limit.

However, in this method, the number of times of use and the number of times of use are recorded and managed in the user's computer, so that not only a dedicated computer but also hardware and an operating system whose specifications are generally disclosed are used. In a so-called general computer (personal computer), a user having a high technical level may rewrite the number of times of use or the number of times of use limit. Also,
Since it is necessary to inform the software provider of the telephone number and address of the computer to be used, there has been a problem in terms of complicated procedures and privacy protection.

Another method is disclosed in JP-A-7-131452. This is because when downloading digital information stored in an information center from a terminal device via a communication line, the digital information is encrypted so that the digital information can be used only by the terminal device, and the digital information is The usage conditions are downloaded and stored in the confidential processing unit in the terminal device. Then, when using the information, it is checked whether or not a predetermined use condition stored in the confidential processing unit is met. If the condition is not met, the use is prohibited.

[0007]

In this latter method,
It is necessary that the confidential processing unit for storing the common key of the encryption, usage conditions, usage history, etc. in the terminal device be completely hidden from users, but in order to acquire more users, Preferably, the terminal device is a computer (personal computer) having a general configuration. However, it is very difficult to implement such a confidential processing unit on a computer with a very common configuration without adding a special device with tamper resistance that does not allow users to read and write even by unauthorized methods. Met. In addition, when a special device is used, the cost of the terminal device is increased, and the number of users is limited, so that there is a practical problem.

Further, in the above two methods, the number of terminal devices that can use the purchased software or digital information is limited to only one downloaded terminal device. Even if it is desired to use the digital information in both the office and the workplace, it is impossible to use such digital information unless the terminal device is carried and moved, which may impair the convenience of a legitimate user. As another method, when digital information is used, a method of preventing illegal copying by downloading the digital information from the server each time and not storing the digital information in the terminal device can be considered, but the communication cost increases, There was a problem that it took time to download.

Accordingly, the present invention prevents unauthorized copying without impairing the convenience of a legitimate user, and restricts the number of uses and the period of use to use data, and reproduces digital moving images and the like. It is an object of the present invention to provide a digital information management system capable of collecting a fee according to the information.

[0010]

As means for achieving the above object, the following digital information management system is provided.
It is intended to provide a terminal device, an information management center, and a digital information management method.

1. A digital information management system in which a terminal device and an information management center are connected via a communication line and manages digital information stored in the terminal device, wherein the terminal device communicates with the information management center. Communication means for performing the following, digital information storage means for storing the digital information body, random number generation means for generating a random number, and first encryption for encrypting the random number using the public key of the management center The information management center comprises: a processing unit; a first control unit for controlling a use procedure of the digital information; a second communication unit for communicating with the terminal device; Condition storage means for storing the information, a second encryption processing means for decrypting the random number encrypted by the first encryption processing means, and a second control means for controlling the entire information management center. Digital information management system characterized in that it is constituted by a means.

2. The above 1. The digital information management system according to claim 1, wherein said digital information storage means stores an information body authenticator together with said digital information body, and said first cryptographic processing means calculates a hash function value of said digital information. An operation unit is provided, and the information body authenticator is decrypted by using the public key of the management center, and the information body authenticator decrypted by the first encryption processing means by the first control means and the information body authenticator A terminal device configured to compare a hash function value of the digital information calculated by a first hash function operation unit and control a use procedure of the digital information; A second hash function operation unit for calculating the same hash function value as the first hash function operation unit for the information; An information management center that encrypts a hash function value of the digital information calculated by the second hash function operation unit using a secret key that generates encrypted data to be decrypted to generate the information body authenticator; A digital information management system comprising:

3. Communication means for communicating with the information management center; digital information storage means for storing digital information itself; random number generation means for generating random numbers; and cryptographic processing for encrypting random numbers using the public key of the management center And a control means for controlling a use procedure of the digital information.

4. 3 above. The terminal device according to claim 1, wherein said digital information storage means stores an information body authenticator together with said digital information body, said encryption processing means includes a hash function operation unit for calculating a hash function value of said digital information, and said management center. Decrypting the information body authenticator using the public key of the above, and hashing the digital information calculated by the hash function operation unit with the information body authenticator decrypted by the encryption processing means by the control means. A terminal device configured to compare a function value and control a use procedure of the digital information.

[0015] 5. Communication means for communicating with the terminal device;
It is characterized by comprising usage condition storage means for storing the usage conditions of the digital information, encryption processing means for decrypting a random number encrypted by the terminal device, and control means for controlling each of the means. Information management center.

6. 5 above. In the information management center described above, the cryptographic processing means is provided with a hash function operation unit for calculating the same hash function value as the hash function value calculated by the terminal device of the digital information, and the encryption is performed using the public key. An information management center configured to encrypt the hash function value of the digital information calculated by the hash function operation unit using a secret key for generating data to generate the information body authenticator.

[7] A digital information management method for managing digital information stored in a terminal device, comprising: a first procedure of generating a random number in the terminal device; and a second step of encrypting the random number with a public key of the management center. A third procedure of transmitting a registration number for identifying the digital information and an encrypted random number from the terminal device to an information management center connected via a communication line; and Confirming whether the digital information corresponding to the registration number received at step 4 matches the use condition.
And a fifth procedure for decrypting the encrypted random number,
The information management center transmits the decrypted random number to the terminal device if the use condition is met, and transmits another value to the terminal device if the use condition is not met. And a seventh procedure for using the digital information when the random number received by the terminal device matches the random number generated in the first procedure. Digital information management method.

[8] 7 above. A digital information management method performed before the first procedure of the digital information management method described above, wherein an information body authenticator that has encrypted a hash function value of the digital information at an information management center is provided together with the digital information. A first procedure for storing the hash value of the digital information in the terminal device; a first procedure for storing the hash value of the digital information in the terminal device; 3rd decryption using public key
A fourth step of comparing a value obtained by decrypting the information body authenticator in the terminal device with a hash function value of the digital information calculated in the second step; and A digital information management method, wherein when the values match, the procedure shifts to the next procedure.

[0019]

DESCRIPTION OF THE PREFERRED EMBODIMENTS A digital information management system according to the present invention, as shown in FIG.
Are systems connected via the communication line 3, and the information management center 1 records and manages the usage conditions and usage status of the digital information held in the terminal device 2. In particular, in the present invention, since the digital information is held in the terminal device 2, a fake information management center 1 is provided to prevent unauthorized use of the digital information, and the content of the digital information is falsified in the distribution process. Authenticate whether it has been done.

In such a digital information management system, as shown in FIG. 2, the terminal device 2 uniquely communicates the digital information with the communication means (first communication means) 4 for communicating with the information management center 1. A digital information storage means 6 for storing an identifiable registration number, an authenticator of the registration number, and a digital information body; and a cryptographic processing means for encrypting using a public key created by the information management center 1 (first Encryption processing means) 7
And control means for controlling the use procedure of digital information (first
Control means) 5, an input means 8 and an output means 9. The authenticator of the registration number is not necessary when only the digital information is illegally used by the fake information management center 1 and the distribution process or the falsification of the contents in the terminal device 2 is to be authenticated. For this reason, in this embodiment, a combination of a registration number and an authenticator of the registration number is also used.

As shown in FIG. 4, the information management center 1 includes a communication unit (second communication unit) 101 for communicating with the terminal device 2 and a usage condition for storing and storing a registration number and its usage condition. A storage unit 103, an encryption processing unit (second encryption processing unit) 104 that authenticates the registration number and decrypts the encryption encrypted by the terminal device 2, and a control unit (second control unit) 102. have.

A digital information management method for actually managing digital information in the digital information management system having such a configuration will be described. First, when selling the digital information, the information seller adds the registration number and the authenticator of the registration number to the main body of the digital information, and stores the registration number and its use condition in the use condition storage means 103 of the information management center 1. Register with. Here, as a method of adding the registration number and the authenticator of the registration number to the digital information main body, for example, digital information is pre-installed or supplied by a portable recording medium such as a CD-ROM. If the information has already been stored in the digital information storage means 6 of the terminal device 2, the registration number and the authenticator of the registration number are used when registering as a user.
When the digital information is supplied via the communication line 3 and the digital information is downloaded via the communication line 3, it may be supplied together with the digital information.

Then, after the registration, the control means 5 of the terminal device 2 allows the user to use the digital information on the terminal device 2.
Is given, the digital information becomes available after the following processing is performed between the terminal device 2 and the information management center 1. First, the terminal device 2 transmits to the information management center 1 a registration number, an authenticator of the registration number, and an appropriate random number encrypted by the encryption processing means 7. The information management center 1 checks the usage conditions of the digital information corresponding to the received registration number, and checks whether the digital information is in a legally usable state. If the use is legitimate, the encrypted random number is decrypted by the encryption processing means 104 and the value is transmitted to the terminal device 2. If it is not valid use, other values are transmitted to the terminal device 2. In the terminal device 2, the information management center 1
The digital information is controlled so that it can be used only when the value received from the server matches the transmitted random number.

Also, a hash function value of the digital information is calculated in advance in the information management center 1 and encrypted with the secret key of the information management center 1 and added to the digital information as an information body authenticator. If the value obtained when the hash function value of the digital information is calculated in step 2 does not match the value obtained by decrypting the information body authenticator with the public key of the information management center 1, it is determined that the digital information has been tampered with. can do. By using such a method, it becomes difficult for the user to illegally change the usage conditions,
It is possible to accurately manage the number of times and expiration date of digital information.

Further, the terminal device 2 according to the present invention does not store a common key or a secret key that requires confidentiality, but stores only a public key that does not require confidentiality. Further, since the use conditions and use histories that need to be hidden from the user are not stored, a confidential processing unit unlike the conventional example is not required. Therefore, even when a computer having a general configuration without a special device is used as the terminal device 2, it is possible to accurately manage the number of times of use and expiration date of digital information.

[0026]

DESCRIPTION OF THE PREFERRED EMBODIMENTS One embodiment of the digital information management system of the present invention will be described with reference to the drawings. FIG. 1 is a diagram showing the overall configuration of the present embodiment. In FIG. 1, a terminal device 2 that uses digital information and an information management center 1 that manages conditions for using digital information are connected by a communication line 3 such as a telephone line, a dedicated line, or a LAN. FIG. 2 shows a configuration example of the terminal device 2. In the case of a personal computer, a portion indicated by a dotted line in the figure is a personal computer main body, to which input means 8 such as a keyboard and a mouse and output means 9 such as a display are connected. A communication unit 4 for communicating with the information management center 1, a registration number capable of uniquely identifying digital information, an authenticator of the registration number, and digital information for storing the digital information main body are surrounded by a dotted line. It has a storage means 6, an encryption processing means 7 for decrypting digital information using a public key of the information management center 1, and a control means 5 for controlling a procedure for using digital information.

The communication means 4 is constituted by a modem, a LAN controller or the like according to the type of the communication line 3.
It communicates with the information management center 1 according to an instruction from the control means 5. The digital information storage means 6 is composed of a hard disk, a floppy disk, an MO disk, or another nonvolatile memory. Then, for one piece of digital information, a registration number for identifying the digital information, an authenticator of the registration number, and a digital information body are stored. In addition, an authenticator of the digital information body may be stored in addition to them.

As shown in FIG. 3, the encryption processing means 7 includes an encryption key storage unit 71, a random number generation unit 72, and an encryption function operation unit 7.
3, one-way hash function operation unit 74 and selector 7
5, 76. The public key Kp of the information management center 1 is stored in the encryption key storage unit 71. The random number generator 72 generates an appropriate random number. The encryption function operation unit 73 and the one-way hash function operation unit 74 are the same as those used in the encryption processing unit 104 of the information management center 1 described later. If it is not necessary to check for falsification of digital information, the one-way hash function operation unit 74 and the selector 76 can be omitted. The public key of the information management center 1 stored in the encryption key storage 71
Kp is supplied to the terminal device 2 via the communication line 3 or a portable recording medium, and is stored in the encryption key storage unit 71. Then, since only the public key created by the information center 1 which has no problem even if the contents are made public is stored in the terminal device 2, confidentiality is not required. Therefore, it is not necessary to use a tamper-resistant device required to store a common key or secret key whose contents must not be disclosed to others, and to use a generally-used personal computer as a terminal device. Can be. The specific operation of the encryption processing means 7 after storing the public key in the encryption key storage unit 71 will be described later.

The control means 5 comprises a CPU, a RAM, a ROM, and the like, and controls each section of the terminal device 2 according to a predetermined procedure when a user uses digital information. The input unit 8 includes a keyboard, a mouse, operation buttons, a remote controller, and the like, and is used to give the digital information to be used by the user and an instruction of the result of selecting the use method to the control unit 5. Information output means 9
Is an output device such as a display, a speaker, and a printer, and an appropriate output device is selected according to the type of digital information, such as a display for a still image or a moving image and a speaker for audio.

FIG. 4 shows the configuration of the information management center 1. The information management center 1 includes a communication unit 101 for communicating with the terminal device 2, a use condition storage unit 103 for storing and storing use conditions, and a cryptographic processing unit 1 using a public key method.
04 and a control unit 102.

The use condition storage means 103 stores a use condition table in the format shown in FIG. In the table shown in FIG. 5, a registration number is a number for uniquely identifying digital information managed by the information management center 1, and a different registration number is assigned to each type of digital information.
The registration number is the same as the registration number stored in the digital information storage means 6 of the terminal device 2. The period restriction flag is a flag indicating whether or not the use period is restricted. When the use period is restricted, “1” is set.
Otherwise, it is set to "0". The number-of-times restriction flag is a flag indicating whether or not to limit the number of times of use, and is set to “1” when the number of times of use is restricted, and set to “0” when not. The permission start date and time is valid when the period restriction flag is "1", and indicates the year, month, day, and time when the use permission is started. The permission end date and time is valid when the period restriction flag is “1”, and indicates the year, month, day, and time when the use permission ends. The usable count is valid when the count limit flag is “1”, and indicates the number of usable times in the future. Therefore, when the number-of-times restriction flag is "1" and this field becomes "0", it cannot be used. When both the use period and the number of times of use are restricted, both flags are set to “1”.

In the digital information management system having such a configuration, a digital information seller can sell digital information to a user by downloading digital information or the like, or can store a portable recording medium such as a CD-ROM or a pre-installed digital information. When a user who has already acquired digital information is registered, a predetermined instruction is given to the control means 102 of the information management center 1 via an input means (not shown) or a management terminal, and a flowchart shown in FIG. The use condition table stored in the use condition storage unit 103 is set according to the procedure.

First, a number that is not used as a registration number in the use condition table is selected as a new registration number N (step S11). Next, register the registration number on the digital information
N is added, and distribution data to be supplied to the terminal device 2 is created (step S12). This will be described in detail later. Next, the registration number N is written in a new entry of the use condition table (step S13). Then, various usage restrictions are set according to the contents of the digital information and the contract with the user. First, to limit the usage period (step S14
(→ YES), the period restriction flag is set to “1”, and the permission start time and the permission end time are set in the permission start date and time field and the permission end date and time field, respectively (step S15). When it is not necessary to set either the permission start time or the permission end time, the field is set to a predetermined initial value (for example, 0). If the usage period is not restricted (step S14 → NO), the period restriction flag is set to “0”, and the permission start time and the permission end time are each set to a predetermined initial value (for example, 0) (step S16).

After the setting of the use period, the process proceeds to the setting of the number of uses in step 17. If the number of times of use is to be limited (step S17 → YES), the number-of-times limit flag is set to “1” and a usable number field is set (step S18). For example, if you want to allow three uses,
Set this field to "3". If the number of times of use is not limited (step S17 → NO), the number-of-times limit flag is set to “0”, and the available number field is set to a predetermined initial value (for example, 0) (step S19). This completes the setting of the usage condition table.

Further, the digital information seller gives predetermined instructions to the control means 102 of the information management center 1 via input means (not shown) or a management terminal, and creates distribution data to be supplied to the terminal device 2. FIGS. 7A and 7B show examples of the format of the distribution data. The registration number authenticator 54 and the information main body authenticator 56 in the figure are created by the encryption processing means 104 of the information management center 1. It should be noted that the distribution data shown in the figure is a format when the digital information main body 55 is supplied together with the digital information main body 55 via the communication line 3 or a portable recording medium, and the digital information main body 55 is already supplied to the terminal device 2. In this case, the digital information main body 55 is created from the format shown in FIG. At this time, the position information 52 is set in the terminal device 2 in accordance with the position of the digital information body 55.

The format shown in FIG. 7A is a basic format, and the format shown in FIG.
The information body authenticator 56 is added to the format shown in FIG. In the format shown in FIG. 3B, the processing in the terminal device 2 is slightly complicated, but the digital information main body 55 can be checked for falsification. In the distribution data shown in the drawing, the format type 51 is a flag for distinguishing the presence / absence of the information body authenticator 56, and is “1” when the information body authenticator 56 is attached,
When "6" is not added, "0" is set. The position information 52 is information indicating the positions of the registration number 53, the registration number authenticator 54, the information body 55, and the information body authenticator 56.

Next, the encryption processing means 1 of the information management center 1
FIG. 8 shows the configuration of the device 04, which will be described below. here,
The creation of the authenticator, the verification of the authenticator, and the decryption are performed by using a public key cryptosystem known in the art. The digital information seller prepares a public key Kp and a secret key Ks in advance, supplies the public key Kp to the terminal device 2,
Ks is stored in the encryption key storage unit 81 of the encryption processing unit 104. The encryption processing unit 104 includes an encryption key storage unit 81, an encryption function operation unit 83, a one-way hash function operation unit 84, and a selector 85. The one-way hash function operation unit 84 It calculates and outputs short fixed-length data H (X) from input data X of an arbitrary length to be input. It is extremely difficult to calculate the input data X from the operation output H (X), and the probability that the same H (X) value can be obtained from a plurality of different Xs is extremely small. It is an operation unit.

The cryptographic function operation unit 83 outputs an output Z using a predetermined cryptographic function F (Y) from the secret key Ks and the input data Y.
Is calculated. This cryptographic function F (Y) is applied to the case where the public key Kp is applied to the input data Y and then the secret key Ks is applied, and the case where the secret key Ks is applied to the input data Y and then the public key Kp is applied. In any case, the original input data Y can be restored. From this, equation (1) holds.

Y = F (Ks, F (Kp, Y)) = F (Kp, F (Ks, Y)) (1)

Here, the secret key Ks is information known only to the digital information seller but not to the user (terminal device 2). Therefore, F (Ks, Y) can be calculated only by the digital information seller (information management center 1). Conversely, if F (Ks, Y) is correctly calculated, it means that the digital information seller has calculated, and F (Ks, Y) has a function as an authenticator.

The cryptographic processing means 7 of the terminal device 2 also uses the same cryptographic function and one-way hash function as the cryptographic processing means 104 of the information management center 1. Then, the registration number authenticator Vn is created by setting the selector 85 to the f side, giving the registration number N to the input terminal, and performing the operation of the equation (2).

Vn = F (Ks, N) (2)

By performing the above processing, the distribution data shown in FIG. 7A can be created. Further, the distribution data shown in FIG. 7 (B) can be created by calculating and adding an authenticator (information main body authenticator) Vm of the digital information main body as follows. Then, by adding the information body authenticator Vm, it is possible to check the digital information body for tampering. Digital information authenticator
The Vm is created by setting the selector 85 on the e side and applying the digital information body M to the input terminal, thereby performing the calculation shown in Expression (3).

Vm = F (Ks, H (M)) (3)

Next, the case where the digital information purchased by the user is used will be described. When the user gives a predetermined instruction to the control means 5 of the terminal device 2 using the input means 8 of the terminal device 2, the processing according to the flowchart shown in FIG. 9 is performed. First, the user selects digital information to be used using the input means 8 of the terminal device 2 (step S2).
1). The control means 5 to which the selection information is supplied reads the format type 51 and the position information 52 of the selected digital information from the digital information storage means 6 (step S2).
2). Then, the format type 51 is determined.
(Step S23). If the data of the format type 51 is “0” (step S23 → NO), the format does not include the information body identifier 56 (see FIG. 7A), and the process directly proceeds to step S28.

If the data of the format type 51 is “1” (step S 23 → YES), the data is in the format having the information body identifier 56 (see FIG. 7B), so the encryption processing means 7 of the terminal device 2 (See FIG. 3), the selector 76 is set to the c side, the information body M1 read from the digital information storage means 6 is input from the input terminal, and the one-way hash function operation unit 74 calculates Ha = H ( M1) is calculated (step S24). Next, after setting the selector 76 on the d side and setting the selector 75 on the a side, the information body identifier Vm read from the digital information storage means 6 is input from the input terminal and supplied to the cryptographic function operation unit 73. A value Hb = F (Kp, Vm) obtained by applying the public key Kp to the information body identifier Vm is calculated (step S25). Here, the above equations (1) and (3)
Using the equation, Hb can be transformed as in equation (4).

Hb = F (Kp, Vm) = F (Kp, F (Ks, H (M)) = H (M) Equation (4)

That is, Hb is a one-way hash function value of the information main body 55 calculated by the one-way hash function operation part 84 of the information management center 1, and calculated by the terminal device 2 if the information main body 55 is not falsified. Should match Ha. If Ha = Hb, the information body M in the information management center 1 and the information body M1 in the terminal device 2 match. Therefore, it is checked whether or not Ha = Hb holds for Ha calculated by the one-way hash function calculation unit 74 of the terminal device 2 (step S26). Ha =
If Hb does not hold (NO in step S26), the digital information body has been falsified, and a message to that effect is output to the output means 9 (step S27), and the use is stopped.

If Ha = Hb holds (step S26)
(→ YES), the selector 76 of the encryption processing means 7 is set to the d side, the selector 75 is set to the b side, and the random number generation section 72 is set.
A value Re = F obtained by encrypting the random number R with the public key Kp in the cryptographic function operation unit 73 for the appropriate random number R generated in
(Kp, R) is obtained (step S28). Then, the position information 52
To read the registration number Nr and the registration number authenticator Vr,
Registration number Nr, registration number authenticator Vr, and value R obtained by encrypting random number R
e is transmitted to the information management center 1 via the communication means 4 (step S29).

The cryptographic processing means 104 of the information management center 1 performs the following processing on the received registration number Nr and registration number authenticator Vr, and checks whether the registration number 53 has been illegally changed. Perform (Step S30). First, similarly to the case where the registration number authenticator 54 was created at the time of creating distribution data, the selector 85 is set to the f side, the received registration number Nr is given to the input terminal, and the secret key Ks is used by the encryption function operation unit 83. Calculate equation (5) to obtain output Vo.

Vo = F (Ks, Nr) (5)

Here, if Vr ≠ Vo (step S30 → N
O) Since the registration number 53 has been illegally changed, data indicating use prohibition is transmitted to the terminal device 2.
(Step S31). If Vr = Vo (step S30 →
YES), it can be determined that the registration number 53 has not been tampered with, so the process proceeds to step S32. In step S32, it is checked whether the registration number Nr is registered in the use condition table. If not registered (Step S32 → N
O), the registration number Nr is considered to have been forged,
The data indicating the use prohibition is transmitted to the terminal device 2 (step S31).

If the registration number Nr is registered in the use condition table (step S32 → YES),
It is checked whether the period restriction flag is set to “1” (step S33). If the period restriction flag is “0” (step S33 → NO), the process directly proceeds to step S35. If the period restriction flag is set to “1” (step S33 → YES), it is confirmed that the current date and time is between the permission start date and time and the permission end date and time (step S3).
Four). If the current date and time is between the permission start date and time and the permission end date and time (step S34 → YES), step S3
Proceed to 5.

In step S34, if the permission start date and time or the permission end date and time is a predetermined initial value (the period restriction flag is "1"), it is considered that the item having the initial value satisfies the permission condition. That is, if the permission start date and time are the initial values, only the permission end date and time are checked, and if the current date and time is before the permission end date and time, the process proceeds to step S35. Similarly, if the permission end date is the initial value, only the permission start date and time is checked, and if the current date is after the permission start date and time, the process proceeds to step S35. If it is not within the permission period (step S34 → NO), the process proceeds to step S31, and data indicating use prohibition is transmitted to the terminal device 2.

In step S35, it is checked whether the number limit flag is set to "1". If the number-of-times restriction flag is “0” (step S35 → NO), there is no particular restriction on the number of times of use, and the process directly proceeds to step S38. If the count limit flag is set to “1” (step S35 →
YES), it is checked whether the number of usable times is greater than "0" (step S36). Then, when the usable number of times is “0” (step S36 → NO), the process proceeds to step S31, and data indicating use prohibition is transmitted to the terminal device 2. If the usable number is not “0”, the usable number is reduced by 1 (step S37), and the process proceeds to step S38. Then, if it is confirmed by the above determination that the use is legitimate, the data indicating the use permission is transmitted to the terminal device 2 (step S38).

Here, data meaning permission and prohibition of use will be described. The simplest example is
There is a method of assigning "1" to use permission and "0" to use prohibition. However, this method makes it easy to create a fake information management center 1. For example, when the terminal device 2 and the information management center 1 are connected via a LAN, it is possible to create a fake information management center having an apparently the same address as the regular information management center 1, and this is always "1". Is returned, the digital information already stored in the terminal device 2 becomes usable.

In order to prevent such inconvenience, the present embodiment performs the following processing. In the information management center 1, the selector 85 of the encryption processing unit 104
Is set to the f side, and Re (a value obtained by encrypting the random number R using the public key Kp) transmitted from the terminal device 2 is input, and the encryption function operation unit 81 calculates F (Ks, Re). I do. this is,
As can be seen from the following equation (6), the only difference is that the random number R encrypted by the terminal device 2 is decrypted. When the use is permitted, the decrypted value “R” is transmitted as transmission data S. When the use is not permitted, a predetermined value other than “R” (here, “R + 1”) is transmitted.

F (Ks, Re) = F (Ks, F (Kp, R)) = R (6)

In this case, since the terminal device 2 uses the public key Kp of the information management center 1 for encryption, the random number R cannot be extracted without the secret key Ks stored in the information management center 1. . Since it is difficult to obtain the secret key Ks of the information management center 1, it is difficult to create a fake information management center 1.

The control means 5 of the terminal device 2 checks whether the data S received from the information management center 1 via the communication means 4 is the same as the random number R generated by the terminal device 2 (step S39). If S = R (step S39 → YES),
Since the use of the digital information is permitted, the digital information main body 55 is read from the digital information storage means 6 and processed according to the format of the digital information.
The output is output to output means 9 such as a display and a speaker (step S40). If S ≠ R (step S39 → NO), S
Is checked (step S41), and if so (step S41 → YES), a message indicating that use is not permitted is output (step S42). If S ≠ (R + 1) (step S41 → NO), a warning is issued to the effect that the information management center 1 is not connected (step S43). Thus, the process ends. By performing the processing in this manner, registration can be performed, and use permission of digital information can be given only to a legitimate terminal device (user) that observes the use period and the number of times.

[0061]

The digital information management system and the digital information management method of the present invention not only prevent unauthorized copying of digital information, but also use the digital information by limiting the period of use, the number of times of use, or both. It becomes possible. Strictly speaking, it is possible to copy digital information itself, but if the number of uses is limited, even if a user who has obtained digital information in a legitimate manner gives a copy of digital information to another user, , The original user suffers disadvantages because the number of times that the original user can use it is reduced by the number of times that another user who obtained the copy has used it,
Such an action (copying of digital information) can be sufficiently suppressed.

When a legitimate user wants to use digital information at two places, for example, at home and at work, the digital information is copied to separate terminal devices and used properly at each terminal device. be able to. Even in this case, when the number of times of use is limited, the number of times of use is limited by the total number of times of use in each terminal device, so that the information provider is not damaged.

Further, since all the use conditions and use conditions of digital information are recorded and managed by the information management center, it becomes very difficult for the user of the terminal device to illegally change such information. If a random number generated in the terminal device is used as the data for use permission, it is very difficult to forge the data for use permission or to use digital information without connecting to an authorized information management center. Becomes difficult,
The rights of copyright holders and sellers can be strictly protected.

On the other hand, the user can purchase the product by setting the use period and the number of uses in detail according to individual needs, so that there is no waste and a substantially lower price than in the case of selling out without setting these conditions. And the necessary information can be used as needed. In addition, since the digital information is stored in the terminal device and only the use permission information is transmitted to the terminal device, the digital information is not stored in the terminal device but is compared with the conventional method in which the digital information is downloaded from the center each time it is used.
There is an excellent effect that the communication cost is reduced and the waiting time when using is reduced.

Further, according to the present invention, since a common key or a secret key of the encryption is not stored in the terminal device, there is no need for a part requiring confidentiality to the user. Therefore, a computer having a general configuration can be configured as a terminal device without adding a special device to the terminal device.
The cost of the terminal device is lower than before, and at the same time, more users can be used. In addition, since a computer having a general configuration can be configured as a terminal device, the type of terminal device that uses digital information is not limited, so that a user can use digital information from a plurality of different terminal devices. This has the effect of improving user convenience.

Further, when the information body authenticator is included in the distribution data, it is possible to cope with unauthorized alteration of the information body performed at the time of download or delivery and at the terminal device.

[Brief description of the drawings]

FIG. 1 is a configuration diagram showing one embodiment of a digital information management system of the present invention.

FIG. 2 is a configuration diagram showing an example of a terminal device of the digital information management system of the present invention.

FIG. 3 is a configuration diagram illustrating an example of an encryption processing unit of the terminal device of the present invention.

FIG. 4 is a configuration diagram showing an information management center.

FIG. 5 is a diagram for explaining a use condition table.

FIG. 6 is a flowchart illustrating a method of setting a use condition table.

FIG. 7 is a configuration diagram illustrating an example of a data format supplied to a terminal device.

FIG. 8 is a configuration diagram illustrating an example of an encryption processing unit of the information processing center according to the present invention.

FIG. 9 is a flowchart illustrating a procedure for using digital information.

[Explanation of symbols]

 Reference Signs List 1 information management center 2 terminal device 3 communication line 4 communication means (first communication means) 5 control means (first control means) 6 digital information storage means 7 encryption processing means (first encryption processing means) 8 input means 9 output means 101 communication means (second communication means) 102 control means (second control means) 103 use condition storage means 104 encryption processing means (second encryption processing means)

Claims (8)

[Claims] 1. A digital information management system in which a terminal device and an information management center are connected via a communication line and manages digital information stored in the terminal device, wherein the terminal device includes: First communication means for communicating with the management center, digital information storage means for storing the digital information body, random number generation means for generating a random number, and encryption of the random number using the public key of the management center. The information management center comprises: a first cryptographic processing unit for performing communication; a first control unit for controlling a use procedure of the digital information; a second communication unit for performing communication with the terminal device; Use condition storage means for storing use conditions of digital information; second encryption processing means for decrypting the random number encrypted by the first encryption processing means;
A digital information management system, comprising: a second control means for controlling the entire information management center. 2. The digital information management system according to claim 1, wherein said digital information storage means stores an information body authenticator together with said digital information body, and said first encryption processing means stores a hash function value of said digital information. Is provided, and the information body authenticator is decrypted using the public key of the management center, and the information body authenticator is decrypted by the first encryption processing means by the first control means. A terminal device configured to compare the information body authenticator with the hash function value of the digital information calculated by the first hash function operation unit and control a use procedure of the digital information; The second cryptographic processing means is provided with a second hash function operation section for calculating the same hash function value as the first hash function operation section for the digital information. Both encrypt the hash function value of the digital information calculated by the second hash function operation unit using a secret key that generates encrypted data to be decrypted using the public key to generate the information body authenticator A digital information management system, comprising: an information management center configured to perform the operation. 3. A communication means for communicating with an information management center, a digital information storage means for storing a digital information body, a random number generation means for generating a random number, and an encryption of a random number using a public key of the management center. Encryption processing means for performing encryption;
A terminal device comprising: a control unit for controlling a use procedure of the digital information. 4. A terminal function according to claim 3, wherein said digital information storage means stores an information body authenticator together with said digital information body, and said encryption processing means calculates a hash function value of said digital information. An operation unit is provided and the information body authenticator is decrypted by using the public key of the management center, and the information body authenticator decrypted by the encryption processing unit by the control unit and the hash function operation unit A terminal device configured to compare a calculated hash function value of the digital information and control a use procedure of the digital information. 5. A communication means for communicating with a terminal device, a use condition storage means for storing and using a use condition of the digital information, an encryption processing means for decoding a random number encrypted by the terminal device, An information management center, comprising: control means for controlling each of the means. 6. The information management center according to claim 5, wherein said cryptographic processing means is provided with a hash function operation unit for calculating the same hash function value of said digital information as calculated by said terminal device. The hash function value of the digital information calculated by the hash function operation unit is encrypted using a secret key that generates encrypted data to be decrypted using a public key, and the information body authenticator is generated. An information management center characterized by the following. 7. A digital information management method for managing digital information stored in a terminal device, comprising: a first procedure for generating a random number in the terminal device; And a third procedure of transmitting a registration number for identifying the digital information and an encrypted random number from the terminal device to an information management center connected via a communication line. A fourth procedure for confirming whether the digital information corresponding to the registration number received by the information management center matches the use condition, a fifth procedure for decrypting an encrypted random number, The information management center transmits the decrypted random number to the terminal device if the use condition is met, and transmits another value to the terminal device if the use condition is not met. Steps and A seventh procedure for enabling the use of the digital information when the random number received by the terminal device matches the random number generated in the first procedure. Method. 8. A digital information management method which is performed before the first step of the digital information management method according to claim 7, wherein an information body in which a hash function value of the digital information is encrypted by an information management center. A first procedure for holding an authenticator together with the digital information in the terminal device; a second procedure for calculating a hash function value of the digital information in the terminal device; and the information in the terminal device. A third procedure for decrypting the main body authenticator using the public key of the management center; a value obtained by decrypting the information main body authenticator in the terminal device; and a hash of the digital information calculated in the second procedure. 4. A digital information management method, comprising: a fourth step of comparing a function value; and, in the fourth step, when the values match, the procedure shifts to the next step.