JPH11296978A - Information recording and reproducing device - Google Patents

Abstract

PROBLEM TO BE SOLVED: To more improve security by producing a ciphering key/a decoding key based on the data recorded in a sector front by a prescribed number from a sector in which a recording/a reprodution is to be performed for every sector in order to ciphering/decoding data based on the data already recorded on a record medium. SOLUTION: An MPU 33 reproduces the data recorded in a sector which is preceding the sector going to record to produce a ciphering key based on the read data. When the ciphering key is produced, data which are transmitted from a host computer 32 are ciphered together with a recording command by the obtained ciphering key in a ciphering/decoding circuit 42 and the ciphered data are recorded from the recording starting position of a block which is selected at present. The above-mentioned processings are repeatedly performed for every sector in which a reproding is to be performed and a ciphering key is produced based on the data of a sector ahead by one sector for every sector and data are ciphered by using this key and the ciphered data are recorded on the record medium.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to an information recording / reproducing apparatus for recording / reproducing information on / from an information recording medium, and more particularly to data encryption / decryption.

[0002]

2. Description of the Related Art Conventionally, various types of media, such as a disk, a card, and a tape, are known as a medium for optically recording information or reading the recorded information.
Among these media, an optical information recording medium formed in a card shape (hereinafter referred to as an optical card) has a recording capacity of several thousand to 10,000 times as compared with a magnetic card, and is similar to an optical disc. Cannot be rewritten, but its recording capacity is 1-6M
Since it is as large as a byte, it is considered to have a wide application range as a bank passbook, a portable map, or a prepaid card used for shopping or the like.

When recording and reproducing data on such an optical card, it is common practice to record a directory for managing data together with the data on a part of the optical card and manage the data for each file. It is a target. As shown in FIG. 3, the directory includes information necessary for file management, such as a file name, a start address of head data, and the number of continuously recorded sectors. This directory is recorded in a part of the recording area of the optical card as data management information every time data is recorded.

FIG. 4 is a schematic plan view of an optical card, 1 is an optical card, and 2 is an information recording area. In the information recording area 2, tracking tracks 31 to 3n + 1 are arranged in parallel at regular intervals, and information tracks 41 to 4n for recording information are provided between the tracking tracks. Physical track numbers 51 to 5n for identifying information tracks are added to both ends of each information track in advance. In the optical card shown in FIG. 4, information tracks 42 to 4k are divided into blocks 61 and information tracks 4k + 1 to 4n-.
Assuming that 1 is a block 62, the information recording area 2 is divided into two blocks. The division of the optical card 1 into a plurality of blocks is described in JP-A-63-244385.

For example, when an optical card is used as a medium for recording medical information and ECG information and blood pressure information of a patient in the medium are recorded, it is necessary to record ECG information in block 61 and blood pressure information in block 62. It is possible. When the blocks are divided according to the type of data to be recorded as described above, when the electrocardiogram information is reproduced, only the data in the block 61 needs to be reproduced, so that the access time can be reduced. Of course, the number of divided blocks and the number of information tracks in the block can be set arbitrarily according to the type and amount of data to be recorded.

[0006] In the optical card 1, a method of changing the number of sectors and the sector size of one information track for each block is known. FIG. 5 shows an example of the relationship between the sector size of data to be recorded on one information track and the number of sectors. In FIG. 5, the sector type 1 is 1024
One byte sector is recorded on the information track 4, and the sector type 2 stores 512 byte sectors on the information track 4.
The sector type 3 records four 256-byte sectors on the information track 4, the sector type 4 records six 128-byte sectors on the information track 4, and the sector type 5 records a 64-byte sector on the information track 4. Eight tracks are recorded on track 4, and sector type 6 indicates that 12 32-byte sectors are recorded on information track 4.

In this method, for example, when 768-byte data is recorded in sector type 1, only one sector (one information track) needs to be recorded. Information Track 2
Book). Therefore, when recording is performed in the sector type 6, not only takes time, but also the recording capacity of the optical card is wasted. In addition, when recording 32 bytes of data in sector type 1, one information track is used. However, when recording in sector type 6, only one sector is required, which is 1/1 of that in sector type 1.
Only two information tracks are used. By selecting the sector type according to the data size to be recorded in this manner, not only can the access speed be increased, but also the recording area of the optical card can be used effectively.

In FIG. 4, 711 to 71i are data recorded in the block 61, and 72l to 72j are data recorded in the block 62. 81l to 81i
Is a directory for managing the data 71 recorded in the block 61, and 821 to 82j are directories for managing the data 72 recorded in the block 62. Data is added in the B direction, and the directory is F
Add in the direction. When medical information is recorded on an optical card as described above, electrocardiogram information may be recorded as data 71, its management information as a directory 81, blood pressure information as 72, and its management information as 82.

When recording information having a large data amount such as electrocardiogram information, if the sector size is increased as data 711 to 71i and the number of sectors to be recorded on one information track is reduced to one, Access speed can be increased. Conversely, when the data amount is small, such as blood pressure information, the sector size is reduced as in data 72l to 72j, and the recording capacity of the optical card is increased by increasing the number of sectors to be recorded on one information track. Can be used for Since the data size of the directory is relatively small, it is preferable to record the data in the sector type 5, for example.

Further, information tracks 41 and information tracks 4n which do not belong to any block of the optical card are provided with the number of blocks of the optical card 1, the number of tracks of each block, the sector type used in each block, and the like. Optical card management information 9 (hereinafter, referred to as format information) is recorded. FIG. 6 is a diagram showing the contents of this format information. The first identification information is information indicating that it is format information.
T "is recorded. The next block division number is information indicating how many blocks the optical card 1 is divided into. Next, the number of information tracks and the sector type of each of the blocks 61 to 6n are described. The indicated information is recorded.

Incidentally, the recording and reproduction of information on the optical card can be performed by any user. Therefore, there is a possibility that necessary information is erroneously destroyed by a large number of users, information is falsified intentionally, or highly confidential information can be seen by others. Therefore, personal information (hereinafter referred to as password information) is recorded for each block of the optical card, and when recording or reproducing data in the block where the password information is recorded, the password information is input. A method is employed in which input password information is compared with password information recorded in a block, and recording and reproduction of information in the block is permitted only when the matching result matches.

In FIG. 4, reference numerals 1011 and 1012 denote password information of the block 61. This password information is composed of identification information and password information as shown in FIG. The identification information is information indicating that it is password information. For example, information such as “PWD” in ASCII code is used. Next, the actual password information is recorded. By using such password information,
For example, when recording and reproducing the electrocardiogram information, password information is input from the host computer, and the access to the electrocardiogram information is enabled only when the password information matches the password information in the block 61. On the other hand, since the password information is not recorded on the tracks 4k + 1 and 4n-1 for recording the password in the block 62, the blood pressure information can be freely recorded and reproduced.

However, when information is recorded on an optical card, the light beam narrowed down into a minute spot is modulated according to the recording information, and the modulated light beam is scanned on an information track, thereby optically detecting the information. Since the information is recorded as a possible pit string, even if access in the block 6 is restricted by a password, if analyzed using an optical microscope or the like, highly confidential information may be seen by others.
In order to further enhance security, a method has been proposed in which data to be recorded on an optical card is encrypted with an encryption key and recorded, and at the time of reproduction, the encrypted data is decrypted with a decryption key and reproduced. .

By using this method, even when data recorded on an optical card is analyzed by an optical microscope or the like, the analyzed data becomes meaningless.
The confidentiality of the data recorded on the optical card can be maintained. As a method of encrypting data to be recorded on an optical card, various methods are conceivable, and public key RSA encryption and common key DES encryption are well-known, but here, in order to simplify the description, The following describes an example of the Caesar encryption. In the Caesar cipher, the numbers are represented as A = 0, B =
Assume that a number representing one character of a plain text is x, a number representing one character of a cipher text is c, and a number representing an encryption key is k, corresponding to 1,..., Z = 25, c = (x + k) mod 26 is an encryption method represented by the following relational expression: However, a mod
n represents the remainder of dividing a by n. In the case of decryption of a ciphertext into a plaintext, it is expressed by a relational expression of x = (c−k) mod 26. Therefore, in the Caesar encryption, the encryption key and the decryption key are the same key. For example, when the encryption key k is 1, if the plaintext is "ABC", the ciphertext is encrypted as "BCD". However, since only letters of the alphabet can be handled as it is, the encryption equation is extended as c = (x + k) mod 256, and the decryption equation is expressed as x = (c−k) mod 256 , It is possible to handle all characters represented by one byte. Since it is desirable that the encryption or decryption be performed at a high speed, it is generally performed by hardware.

Next, a method of creating an encryption key will be described. There are various methods for creating an encryption key. For example, an encryption key can be created by inputting information such as format information, password information, and directory recorded on an optical card into a certain function. Therefore,
Assuming that the encryption key is k and the password for generating the key is n, the relational expression of k = F (n) is obtained. However, the function F (n) is a function for creating an encryption key, and a compression function or the like is used. The compression function is a function for converting a bit string having an arbitrary bit length into a bit string having a certain length. The optical card information recording / reproducing apparatus uses this encryption key to encrypt data and decrypt the encrypted data.

Next, an optical card information recording / reproducing apparatus for recording or reproducing information on / from an optical card will be described. FIG. 8 is a block diagram showing a schematic configuration of the optical card information recording / reproducing apparatus. In FIG. 8, reference numeral 31 denotes an optical card information recording / reproducing apparatus for recording / reproducing information on / from the optical card 1, and is connected to a host computer 32 of a higher-level control device. The information recording / reproducing device 31 records and reproduces information under the control of the host computer 32. 37 drives a transport mechanism (not shown) to introduce the optical card 1 into a predetermined position in the information recording / reproducing apparatus 31, and to move the optical card 1 into the R position at the predetermined position.
It is a card feed motor for reciprocating in the direction and further discharging the optical card 1 out of the apparatus. Reference numeral 38 denotes a light beam irradiation optical system including a semiconductor laser as a light source, and irradiates the optical card 1 with a light beam of the light source focused on a minute light spot when recording and reproducing information.

Reference numeral 39 denotes a photodetector for detecting light reflected from the optical card 1; AF actuator for performing autofocus control by moving in the direction, that is, the direction perpendicular to the optical card surface,
Reference numeral 41 denotes an AT actuator for driving a part of the light beam irradiation optical system 38 to move a light spot on the optical card 1 in the Y direction, that is, in a direction orthogonal to the information track of the optical card, thereby performing an automatic tracking control. It is. The optical head 30 includes the light beam irradiation optical system 38, the photodetector 39, the AF actuator 40, and the AT actuator 41. Numeral 36 denotes a head feed motor for moving the optical head 50 in the Y direction to access the light spot to a desired track.

The MPU 33 is a processor circuit for controlling each unit in the information recording / reproducing apparatus 31.
Built-in AM. MPU 33 is the head feed motor 3
6. It controls the card feed motor 37 and the like, and sends and receives data to and from the host computer 32. AT / AF
The control circuit 34 outputs the signal AT / AT from the output signal from the photodetector 39.
The AF control signal is detected, and based on the detected signal, the AF actuator 40 and the AT actuator 41 are driven, and the light spot follows the information track so that the light spot from the light beam irradiation optical system 38 is focused on the card surface. Autofocus control and autotracking control are performed so as to perform scanning.

The modulation / demodulation circuit 35 modulates the recording data under the control of the MPU 33 and demodulates the reproduction data. The encryption / decryption circuit 42 encrypts the recording data and decrypts the reproduction data. Circuit. At the time of recording information, the recording data is transferred from the host computer 32 to the MPU 33, and thereafter, the encryption / decryption circuit 4
At 2, the recording data is encrypted. The modulation / demodulation circuit 35 modulates the encrypted data, drives the light source in the light beam irradiation optical system 38 in accordance with the modulation signal, and scans the information track of the optical card 1 with the modulated light beam from the light source. Record.

On the other hand, at the time of reproducing information, a light beam for reproduction is scanned from the light beam irradiation optical system 38 onto the information track of the optical card 1, and the light detector 39 detects the reflected light from the optical card 1. At this time, the modulation / demodulation circuit 35 generates an information reproduction signal from the output signal of the photodetector 39 and demodulates the reproduction signal. The demodulated data is stored in the RAM of the MPU 33, and thereafter, the encrypted data is decrypted by the encryption / decryption circuit 42. The decrypted data is MP
It is transferred from U33 to the host computer 32. The host computer 32 transmits and receives commands and data to and from the information recording / reproducing device 31, and records and reproduces information for each sector.

Next, the operation when accessing the data of the optical card in the optical card information recording / reproducing apparatus will be described with reference to FIG.
This will be described with reference to FIG. 9, first, the information recording / reproducing apparatus 31 monitors whether the optical card 1 is inserted (S901). When the optical card is inserted, first, the format information 9 is reproduced (S902). By reproducing the format information, it is possible to know how the recording area of the optical card 1 is divided. In this case, the block 61 is automatically selected as a default block based on the format information, and the password information 10
1 is reproduced (S903). Password information is MPU
33. If no password is recorded, the fact that this block is not protected by a password is stored in the RAM.

Next, the directory 81 of the block 61
Are sequentially reproduced and stored in the RAM in the MPU 33 in the order of reading (S904). Since data and directories are sequentially recorded on the optical card 1, when the directories are reproduced, the number of reproduced directories and
The recording start position of the directory and the recording start position of the data are determined from the contents of the reproduced directory. In this way, the optical card information recording / reproducing device 31 enters a state of waiting for a command from the host computer 32 (S905).
The following processing is executed according to the type of command. First,
Check whether the command is a discharge command (S9)
06). If the command is a discharge command, the optical card 1 is discharged, and the processing for the optical card 1 ends (S907).

On the other hand, if the command is not a discharge command, it is checked whether the command is a password collation command (S908). If the command is a password collation command, the password is collated (S909).
That is, the password reproduced in S903 and stored in the RAM is compared with the password transmitted from the host computer 32 by the password comparison command.
Here, if both passwords match, it is determined that the password in block 61 has been verified.
It is stored in the RAM in the PU 33. If the passwords do not match, the process directly proceeds to the command waiting process in S905. If the currently selected block is not protected by a password, no collation is performed and S
Return to 905.

When the password collation processing is completed, it is checked whether the command is a block selection command (S
910), if it is a block selection command, S9
The password information of the designated block is reproduced based on the format information reproduced in 02 (S911). The reproduced password information is stored in the RPU in the MPU as in S903.
Store it in the AM. Next, all directories recorded in the designated block are reproduced (S91).
2), store them in the read order in the RAM in the MPU 33,
The block selection processing ends.

On the other hand, if the command is not a block selection command in S910, the command is a recording command or a reproduction command. If the currently selected block is protected by a password, it is checked whether the password has been verified. First, it is checked whether the password is protected (S913). If the password is protected, it is checked whether the password has been verified (S91).
4). This check is performed by referring to the information stored in the RAM in S909. If the password has not been verified, the process returns to S905. If the password has been verified, or if it is determined in step S913 that the password is not protected, the process proceeds to the next step S915.

In S915, it is checked whether the command is a recording command. If the command is a recording command, an encryption key required for encryption is created (S91).
6). The encryption key is created based on the last directory stored in the RAM. This directory is the directory recorded last in the block currently being accessed. If the data is to be recorded for the first time in this block, since no directory has been recorded in this block yet, an encryption key is created based on a predetermined default value. The compression function as described above is used to create the encryption key.

Next, the data sent together with the recording command from the host computer 32 is encrypted with the encryption key created from the directory in S916 (S9).
17) The encrypted data is recorded from the position where recording of the currently selected block should be started (S91).
8). Thereafter, a directory for managing the recorded data is recorded, a similar directory is stored in the RAM (S919), and the processing of the recording command ends.

On the other hand, if it is not a recording command in S915, it is checked whether the command is a reproduction command (S920). If the command is not a reproduction command, the command is not supported by the information recording / reproducing device 31, so that the
Returning to step 5, if it is a reproduction command, a decryption key is created (S921). The decryption key is created by searching a directory of data to be reproduced from a directory stored in the RAM, and based on a directory immediately before the directory. If there is no previous directory, a decryption key is created based on a predetermined default value. Next, a sector address to be reproduced is obtained from the file name specified by the recording command and the directory stored in the RAM, and the data is reproduced (S922).
Since the data reproduced here is encrypted data, it is decrypted using the created decryption key (S92).
3) Transfer the decrypted data to the host computer 32 and end the reproduction process.

[0029]

In the conventional method, an encryption key is created from the directory of the last recorded file, and a decryption key is created from the directory of the file immediately before the file to be reproduced. That is, since encryption / decryption is performed for each file, if one key is specified, the entire file is decrypted, and the security is low.

The present invention has been made in view of the above-mentioned conventional problems, and has as its object to provide an information recording / reproducing apparatus capable of further improving security by making an encryption key / decryption key different for each sector. And

[0031]

SUMMARY OF THE INVENTION It is an object of the present invention to record / reproduce data on / from a write-once recording medium having a plurality of tracks each composed of one or a plurality of sectors, and manage data on the recording medium. Recording / reproduction means for recording / reproducing a directory for recording data, means for encrypting data before recording the data, and means for decrypting the reproduced data, the information recorded / reproduced on the recording medium. Means for generating an encryption key / decryption key for encrypting / decrypting data based on the stored data, wherein the encryption key / decryption key generation means comprises, for each sector, a sector to be recorded / reproduced. The information recording / reproducing apparatus is characterized in that an encryption key / decryption key is created based on data recorded in a sector preceding by a predetermined number of times.

[0032]

Embodiments of the present invention will be described below in detail with reference to the drawings. First, the first of the present invention
An embodiment will be described. The hardware configuration of the information recording / reproducing apparatus according to the first embodiment is the same as that shown in FIG. 8, and the optical card shown in FIG. 4 is used as a recording medium. The directory for managing the file data to be recorded on the optical card 1 is as shown in FIG. 3, the sector type is as shown in FIG. 5, the format information is as shown in FIG. 6, and the password information is as shown in FIG. These FIGS. 8, 4, 3,
5, 6, and 7 have been described above, and thus detailed description will be omitted.

FIG. 1 is a flowchart showing the operation of this embodiment. Note that S101 to S115 in FIG. 1 are the same as S901 to S915 in FIG. 9, first, when the optical card 1 is inserted into the information recording / reproducing apparatus 31 in S101, the format information of the optical card 1 is reproduced (S102). When the format information is reproduced, the division state of the blocks of the optical card 1 is known. In this embodiment, the block 61 is automatically selected as a default block and the password information of the block 61 is reproduced as in the related art (S103).
The password information is stored in the RAM in the MPU 33. If no password information has been recorded, the fact that this block is not protected by a password is stored in the RAM.

Next, the directory 81 of the block 61
Are sequentially reproduced (S104), and stored in the RAM in the MPU 33 in the order in which they were read. Since both the data and the directory are sequentially recorded on the optical card, the recording start position of the directory and the Is obtained. Next, the information recording / reproducing device 31 waits for a command from the host computer 32 (S105), and executes the following processing according to the type of the command. First, it is checked whether the command is a discharge command (S106). If the command is a discharge command, the optical card 1 is discharged, and the processing for this optical card is terminated (S107). If the command is not a discharge command, it is checked whether the command is a password verification command (S1).
08) If the command is a password collation command, the password is collated (S109). That is, the password stored in the RAM is compared with the password sent from the host computer 22 by the password matching command, and if both passwords match, the block 61
MPU 33 confirms that the password in
Stored in the RAM. If the passwords do not match, the flow shifts to the command waiting process in S105.

On the other hand, if it is not a password collation command in S108, it is checked whether it is a block selection command (S110). If it is a block selection command,
The password information of the designated block is reproduced based on the format information reproduced in S102 (S11).
1). The password information is similarly stored in the RAM.
Next, all the directories of the designated block are reproduced (S112), similarly stored in the order read into the RAM, and the block selection processing is terminated. If it is not a block selection command, the command is a recording command or a playback command. If the currently selected block is protected by a password, it must be checked whether the password has been verified. (S113), and if protected, checks whether the password has been verified (S11).
4). This is performed by referring to the information stored in the RAM. If the password has not been verified, the process returns to step S105. If the password has been verified, the process returns to step S105.
If the password is not protected in step 113, the process proceeds to the next step S115.

In S115, it is checked whether the command is a recording command. If the command is a recording command, an encryption key required for encryption is created (S116). In the present embodiment, the encryption key is created using the data of the sector that is a predetermined number earlier than the sector to be recorded as the personal identification number. For example, here, the encryption key is created from the data of the immediately preceding sector. . The compression function for generating the encryption key may be any function.
A 1-byte value obtained by adding all the bytes of the immediately preceding sector by exclusive OR is used as an encryption key. The encryption key is MPU
33.

Accordingly, the MPU 33 reproduces data recorded in the sector immediately before the sector to be recorded from now on, and creates an encryption key based on the data. In addition,
This data is the data recorded last in the block currently being accessed, and when data is recorded for the first time in this block, since no data has been recorded in this block yet, a predetermined default Create an encryption key based on the value. When you create an encryption key,
The data sent from the host computer 32 together with the recording command is sent to the S11 by the encryption / decryption circuit 42.
6 using the encryption key created in S6 (S11).
7). Next, the encrypted data is recorded from the recording start position of the currently selected block (S118).
The processing from S116 to S118 is repeated for each sector to be recorded, an encryption key is created for each sector based on the data of one previous sector, and encryption is performed using the encryption key created for each sector. To record.
Thereafter, a directory for managing the recorded data is recorded, a similar directory is stored in the RAM, and the processing of the recording command is completed (S119).

Next, if it is not a recording command in S115, it is checked whether the command is a reproduction command (S120). If it is not a reproduction command, it returns to S105 because the command is not supported by the information recording / reproducing apparatus 31. If it is a reproduction command, a decryption key is created (S121). In the present embodiment, when a decryption key is created, the file name specified by the playback command and the R
The sector address to be reproduced is obtained from the directory stored in the AM, the data recorded in the sector preceding the sector to be reproduced by a predetermined number is reproduced, and a decryption key is created based on the data. I have. The decryption key is MP
The decryption key is created by U33, and here, for example, a decryption key is created based on the data recorded in the sector immediately before the sector to be reproduced. If there is no previous sector, a decryption key is created based on a predetermined default value.

When the decryption key is created, the data is reproduced (S122). Since the reproduced data is encrypted data, the data is reproduced by using the decryption key generated by the encryption / decryption circuit 42. Is decrypted and the decrypted data is transferred to the host computer 32 (S12).
3). The processes of S121 to S123 are repeated for each sector to be reproduced, and a data is reproduced by creating a decryption key based on the data of the immediately preceding sector for each sector.
When all the sectors specified by the host computer 32 have been reproduced, the process returns to S105 and waits for a command.

As described above, in this embodiment, since the encryption key / decryption key of the data to be recorded / reproduced from now on is created based on the data recorded in a predetermined number of previous sectors. The encryption key / decryption key is different for each, and even if the encryption key / decryption key of a certain sector is found, the other sector cannot be decrypted, and the security is greatly improved compared to the past. Can be.
Furthermore, since the data for creating the encryption key and the decryption key is not recorded as a security code, it is difficult to recognize that the security code is a security code, and even if the recording area is analyzed, the security code is specified. There is a difficult advantage.

Next, a second embodiment of the present invention will be described. In the first embodiment, when creating an encryption key and a decryption key, the number of sectors before recording or reproducing is fixed based on the data of the sector. Each time.
Specifically, using the directory of FIG. 2, a predetermined numerical value indicating how many previous sectors of data of the sector to create an encryption key and a decryption key is recorded in the directory. It is assumed that an arbitrary value is selected and recorded when the information recording / reproducing apparatus 31 or the host computer 32 records data for each file.

The operation of this embodiment is the same as that of FIG.
If it is determined in S115 that the command is a recording command, a predetermined value included in a directory already read into the RAM, that is, a directory of a file to be recorded is referred to, and a sector preceding the sector to be recorded by a predetermined value is referred to. Create an encryption key based on the recorded data (S11
6). Next, the data is encrypted using the created encryption key (S117) and recorded on the optical card 1 (S11).
8). The processing of S116 to S117 is repeated for each sector, and an encryption key is created based on the data of the sector preceding the sector to be recorded for each sector by a predetermined value, and the data is recorded. When all the sectors specified by the host computer 32 have been recorded, a directory for managing the recording data is recorded (S119), and the recording process ends. When recording a file for the first time, a predetermined value is determined by the information recording / reproducing device 31 or the host computer 32, and an encryption key is created using the value.
When a directory is recorded, a directory including a predetermined value is recorded.

On the other hand, if it is determined in S120 that the command is a reproduction command, the host computer 32 refers to a predetermined value contained in a directory having a file name specified by the host computer (already read into the RAM), and changes the value. A decryption key is created based on data recorded in a sector that is a predetermined value before the sector to be reproduced using the key (S12).
1). Next, the data is reproduced in S122, and the data is decrypted using the decryption key in S123. S121-S
The process of 123 is repeated for each sector, and a decryption key is created based on the data of the sector preceding by a predetermined value for each sector, and the data is reproduced. Is reproduced, the process returns to step S105 and waits for a command.

In this embodiment, since a predetermined value is recorded in the directory and the encryption key and the decryption key are created using the values, the sector for recording or reproducing the encryption key and the decryption key is used. The number of previous sectors to be created based on the data can be changed for each file, and the security can be further enhanced as compared with the first embodiment.

In the above embodiment, the Caesar encryption is used as the encryption algorithm, but another encryption algorithm such as DES may be used. In particular, DES is more complicated and harder to decipher than the Caesar cipher, so that security can be further improved. Further, the information recording medium is not limited to an optical card, and any type of write-once recording medium may be used.

[0046]

As described above, according to the present invention, an encryption / decryption key is created for each sector on the basis of data of a predetermined number of sectors before a sector to be recorded / reproduced. , Different encryption key for each sector /
The data can be encrypted / decrypted using the decryption key. Even if the key of one sector is specified, the other sector cannot be decrypted, and the security is greatly improved compared to the past. can do. Also, since the data is not recorded as a password, it is difficult to recognize that it is a password, it is difficult to identify the password even if the recording area is analyzed, and the password is stored separately from the data. Since there is no need to record in the area, the recording area can be used effectively. Further, by recording a predetermined number in a directory and making the value different for each file, security can be further improved.

[Brief description of the drawings]

FIG. 1 is a flowchart showing an operation of a first embodiment of an information recording / reproducing apparatus according to the present invention.

FIG. 2 is a diagram showing a directory used in a second embodiment of the present invention.

FIG. 3 is a diagram showing a directory of a conventional example.

FIG. 4 is a diagram illustrating an example of an optical card.

FIG. 5 is a diagram showing an example of a sector type.

FIG. 6 is a diagram illustrating an example of formatted information.

FIG. 7 illustrates an example of password information.

FIG. 8 is a diagram illustrating an example of an optical card information recording / reproducing device.

FIG. 9 is a flowchart showing an operation of accessing the optical card of the apparatus of FIG.

[Explanation of symbols]

 DESCRIPTION OF SYMBOLS 1 Optical card 2 Recording area 4 Information track 6 Block 7 Data 8 Directory 9 Format information 10 Password 31 Optical card information recording / reproducing device 32 Host computer 33 MPU 34 AT / AF control circuit 38 Light beam irradiation optical system 42 Encryption / decryption circuit

Claims (5)

[Claims] 1. A means for recording / reproducing data on / from a write-once recording medium having a plurality of tracks comprising one or more sectors, and means for recording / reproducing a directory for managing data on the recording medium. In an information recording / reproducing apparatus having means for encrypting data before recording the data and means for decrypting the reproduced data, the data is encrypted based on the data already recorded on the recording medium. Means for creating an encryption key / decryption key for decryption / decryption, wherein the encryption key / decryption key creation means records a sector by a predetermined number from a sector to be recorded / reproduced from now on for each sector. An information recording / reproducing apparatus for generating an encryption key / decryption key based on data that has been encrypted. 2. The encryption key / decryption key creation means according to claim 1, wherein when data is not recorded in said predetermined number of previous sectors, the encryption key / decryption key is created based on a predetermined default value. 2. The information recording / reproducing apparatus according to claim 1, wherein a key is created. 3. The information recording / reproducing apparatus according to claim 1, wherein the predetermined number is recorded in the directory. 4. The information recording / reproducing apparatus according to claim 3, wherein a predetermined number recorded in the directory differs for each file on the recording medium. 5. The information recording / reproducing apparatus according to claim 1, wherein the recording medium is an optical card.