JPWO2006049083A1 - KEY INFORMATION PROVIDING METHOD, INFORMATION REPRODUCING DEVICE, AND KEY INFORMATION PROVIDING DEVICE - Google Patents

Abstract

To provide a data distribution apparatus or a data providing apparatus that can easily manage key information and can improve copyright protection and user operability. The information recording / reproducing apparatus 400 decrypts the content data provided in the data distribution system 100 based on the license key information recorded in the removable HD 10, and uses the license key information for the decrypted content data. The content key information is generated based on the content key information, and a predetermined encryption process is performed based on the generated content key information. The content key information is recorded on the removable HD 10 when the encrypted content data is decrypted. The license key information is deleted from the removable HD 10.

Description

  The present invention belongs to a technical field related to a key information providing process in consideration of copyright protection used when decrypting encrypted content data.

  In recent years, with the development of technology related to communication networks such as the Internet, it is easy for each user to browse, obtain and provide various information including video data using a personal mobile communication terminal device using a mobile phone or the like. Information can be used.

  In such exchange of information, all information is carried out by digital signals. Therefore, when music data or video data is exchanged, the data is hardly affected by the transmission or reception of data without causing any deterioration in sound quality or image quality. It is possible to duplicate. Therefore, in the case of music data and video data provided on various media, if there is a copyright holder's right, the copyright holder's right will be remarkably reduced unless appropriate measures for copyright protection are taken. There is a risk of infringement.

  On the other hand, if the purpose of copyright protection is given the highest priority and the transfer of data such as music data and video data duplicates provided on various media is prohibited, users who have legally purchased content data will use it personally Even if this is the case, it will not be possible to copy, so copyright protection will be excessive, and for copyright owners who can collect a certain amount of copyright fees when copying content data May result in a disadvantage.

  Under such circumstances, a distribution system focusing on copyright management, which is called a super-distribution system that realizes copyright protection for use, not for possession of content data, has been proposed.

Specifically, in this super-distribution system, content data is provided through various routes such as a network represented by a communication line, a CD (Compact Disc), a DVD (Digital Versatile Disc) recording medium, and the like. Is used, key information called a license for performing decryption or reproduction management of the content data is used. This super-distribution system uses this key information to manage the use of content data and to protect copyright (for example, Non-Patent Document 1).
Ryoichi Mori, Masaharu Kawahara, Yasuhiro Otsuki “Electronic Technology for Super-Distribution Intellectual Property Processing” Information Processing, Information Processing Society of Japan, December 1996, Vol. 37, No. 2, pp. 155-161

  However, in such a distribution system, since the key information indicating the license information is also digital information, it is necessary to construct an accurate method for the exchange of the key information. That is, in such a distribution system, if the key information is illegally acquired or used, not only the copyright protection of the content data cannot be performed properly, but also the distribution system cannot be constructed. .

  In view of the above-described problems, the present invention, as one example thereof, can accurately exchange key information by transmitting and receiving it step by step while encrypting the key information with respect to the transmission and reception of the key information. It is to provide a key information providing method capable of protecting the right.

  In order to solve the above-mentioned problem, the invention according to claim 1 is characterized in that the second storage means different from the first storage means is changed from the first storage means for storing the key information for decrypting the encrypted data. A key information providing method for generating a plurality of transmission information from the key information in the first storage means, and each of the generated transmission information at a timing different from other transmission information In the transmission step of sequentially transmitting from the first storage means to the second storage means step by step, the reception step of sequentially receiving the transmission information transmitted by the second storage means, and the second storage means A restoration step of restoring the key information using the transmission information after receiving the transmission information, wherein in the transmission step, the first storage means has transmitted one piece of transmission information, Still sent to the second storage means Before sending the other transmission information not have a configuration for erasing the transmission information to which the transmitted.

The invention according to claim 9 is an information reproducing apparatus for acquiring the key information from the storage means for recording the key information for decrypting the encrypted data and reproducing the data,
A plurality of transmission information used for encrypting the key information is generated in the storage unit, and the generated transmission information is sequentially transmitted from the storage unit step by step at a timing different from other transmission information. Transmission control means for receiving, receiving means for receiving each transmitted transmission information, restoring means for restoring the key information using the transmission information after receiving the transmission information, and the restored key information And a reproducing means for decrypting the encrypted data based on the data and reproducing the content data, wherein the transmission control means has received the one transmission information and is still transmitted from the storage means. Before receiving other transmission information that has not been received, the transmitted transmission information is erased from the storage means.

  The invention according to claim 12 is a key information providing apparatus for providing key information for decrypting encrypted data to an information reproducing apparatus for reproducing the data, wherein the key information is stored in advance. Storage means, generation means for generating a plurality of transmission information for use in encrypting the key information, and each of the generated transmission information in stages at different timing from other transmission information. And transmission means for sequentially transmitting to other storage means, and after transmitting the one transmission information, before transmitting other transmission information that has not yet been transmitted, delete the transmitted transmission information. And an erasing unit.

It is a block diagram which shows the structure of the information recording / reproducing apparatus concerning this application. It is a figure for demonstrating the provision process of the license key information in 1st Embodiment. It is a table | surface which shows the presence and the reproduction | regeneration possible state of the license key information in the removable HD and key information acquisition part in 1st Embodiment. It is a flowchart which shows the operation | movement of the reproduction start process of content data in the reproduction | regeneration control part of 1st Embodiment. It is a flowchart (I) which shows the operation | movement of the license key information provision process in the HD drive and decoding control part of 1st Embodiment. It is a flowchart (II) which shows the operation | movement of the license key information provision process in the HD drive and decryption control part of 1st Embodiment. FIG. 10I is a diagram (I) for explaining a process of encrypting and transferring license key information based on shared key information. FIG. 11 is a diagram (II) for explaining a process of encrypting and transferring license key information based on shared key information. It is a figure for demonstrating the other example of the license key information provision process in the information recording / reproducing apparatus of 1st Embodiment. It is a figure (I) for demonstrating the secret sharing method used in the license key information transfer process of 2nd Embodiment. It is a figure (II) for demonstrating the secret sharing method used in the license key information transfer process of 2nd Embodiment. It is a figure for demonstrating the provision process of the license key information in 2nd Embodiment. It is a table | surface which shows the presence and the reproducible state of the license key information in the removable HD and key information acquisition part in 2nd Embodiment. It is a flowchart (I) which shows the operation | movement of the license key information provision process in the HD drive of 2nd Embodiment, and a decoding control part. It is a flowchart (II) which shows operation | movement of the license key information provision process in the HD drive and decryption control part of 2nd Embodiment. It is a figure for demonstrating the other example of the license key information provision process in the information recording / reproducing apparatus of 2nd Embodiment.

Explanation of symbols

10… Removable HD
DESCRIPTION OF SYMBOLS 100 ... Information recording / reproducing apparatus 110 ... TV receiving part 120 ... HD drive 130 ... Key information acquisition part 140 ... Decryption process part 150 ... Decryption control part 160 ... Output process part 170 ... Recording control part 180 ... Playback control part 190 ... OSD processing unit 200 ... operation unit 210 ... system control unit 220 ... ROM / RAM

  Hereinafter, embodiments of the present application will be described with reference to the drawings.

  In the embodiment described below, content data including audio data and video data is recorded and has a portable hard disk (hereinafter referred to as “removable HD”). Content data and key information are stored by the removable HD. This is an embodiment in which the license key information providing method and information reproducing apparatus of the present application are applied to an information reproducing apparatus capable of giving and receiving.

  Also, in the present embodiment, the content data itself is not managed for copyright protection, and information recording / reproduction belonging to a distribution system called super-distribution that performs viewing control of content data by managing this key information. The apparatus will be described.

[First Embodiment]
First, a first embodiment of an information recording / reproducing apparatus according to the present application will be described with reference to FIGS.

  First, the configuration and operation of the information recording / reproducing apparatus of this embodiment will be described with reference to FIG. FIG. 1 is a block diagram showing the configuration of the information recording / reproducing apparatus in this embodiment.

  The information recording / reproducing apparatus 100 of the present embodiment uses encrypted content data (hereinafter referred to as encrypted content data) provided by the removable HD 10 or a broadcast wave transmitted from a predetermined broadcast station. Decryption processing is executed using the key information (hereinafter referred to as license key information) supplied from the distribution source of the content data provided by the removable HD 10 (hereinafter referred to as decryption processing), and connected to the outside. The decrypted content data is output to an external device such as a monitor.

  In particular, when the information recording / reproducing apparatus 100 according to the present embodiment acquires license key information from the removable HD 10, the information recording / reproducing apparatus 100 and the removable HD 10 each have a license key capable of decrypting encrypted content data. Therefore, the license key information is exchanged step by step.

  In other words, in a distribution system such as super-distribution, there is no recording restriction such as the number of times or recording prohibition in the recording of encrypted content data when performing copy recording or mobile recording. The apparatus can also play back encrypted content data. Therefore, the information recording / reproducing apparatus 100 according to the present embodiment does not have a single license key information in a plurality of apparatuses or recording media. The license key information is transferred step by step between each device and the recording medium, and each license key information is managed.

  As shown in FIG. 1, the information recording / reproducing apparatus 100 according to this embodiment includes a TV receiver 110 that receives encrypted content data as a broadcast wave via an antenna AT, and an HD drive 120 in which a removable HD 10 is mounted. A key information acquisition unit 130 that acquires license key information from the removable HD 10, a decryption processing unit 140 that decrypts encrypted content data based on the acquired license key information, and a process of decrypting content data A decryption control unit 150 that performs control, and an output processing unit 160 that converts the decrypted content data into a predetermined signal and outputs the signal to an external device, and is received or recorded in the removable HD 10 The content data is decrypted and output to an external device (not shown).

  In this embodiment, the key information acquisition unit 130, the decryption processing unit 140, and the decryption control unit 150 are connected by the bus B and are physically isolated areas that can be accessed only by a predetermined operation. It is arranged in the secure area R that is. Therefore, the license key information acquired by the key information acquisition unit 130 is not output outside the secure area R by a method other than the method for providing the license key in the present embodiment, and is decrypted. The content data is not output to the other than the output processing unit 160 as a decoded signal.

  The information recording / reproducing apparatus 100 includes a recording control unit 170 that performs recording control of received content data, a reproduction control unit 180 that performs reproduction control of encrypted content data in conjunction with the decryption control unit 150, An OSD processing unit 190 that performs OSD (On screen Display) processing on an output video signal, an operation unit 200 that performs various setting operations for recording and reproducing encrypted content data, and a system that controls each unit The system control unit 210 includes a control unit 210 and a ROM / RAM 220 used to control each unit, and the system control unit 210 is connected to each unit including the decoding control unit 150 via a bus B.

  For example, the removable HD 10 of this embodiment constitutes the first storage means and conversion means of the present invention, and the key information acquisition unit 130 constitutes the second storage means, reception means, and restoration means. Further, for example, the decryption processing unit 140 and the output processing unit 160 of the present embodiment constitute the reproducing means of the present invention. Furthermore, for example, the system control unit 210 of the present embodiment constitutes a transmission control control unit of the present invention.

  The TV receiving unit 110 receives a broadcast wave transmitted from each broadcast station via the antenna AT, for example, a broadcast wave having a predetermined digital format such as BS (Broadcasting Satellite) digital broadcast. The signal wave received in synchronization with the selected reception band is demodulated into encrypted content data, and the demodulated encrypted content data is output to the HD drive 120 or the decryption processing unit 140.

  The HD drive 120 has a structure for making the removable HD 10 removable, and has an HD drive interface that complies with a standard such as iVDR (Information Versatile Disc for Removable usage). In addition, the HD drive 120 switches input / output regarding encrypted content data or license key information data read from the removable HD 10 under the control of the playback control unit 180 or the recording control unit 170, and the recording / playback of the HD associated therewith. Control is to be performed.

  In addition, the HD drive 120 according to the present embodiment, when outputting the license key information from the removable HD 10 to the key information acquisition unit 130, operates in conjunction with the decryption control unit 150 under the control of the playback control unit 180, While the stored license key information is encrypted, the key information acquisition unit 130 generates a plurality of pieces of information (hereinafter referred to as encrypted information or transmission information) that can be used to decrypt the license key information. The generated encryption information is output to the key information acquisition unit 130 step by step.

  Note that details of the HD drive 120 of the present embodiment will be described later in particular, regarding details of processing relating to generation and transmission of encryption information (hereinafter referred to as encryption information transmission processing). In addition, the HD drive 120 performs a predetermined process for recording the encrypted content data received by the TV receiving unit 110 in the removable HD 10 attached.

  The key information acquisition unit 130 operates in conjunction with the HD drive 120 when acquiring license key information from the removable HD 10 under the control of the decryption control unit 150. Are sequentially input, and after receiving all the encryption information, the key information acquisition unit 130 generates license key information using all the encryption information. The key information acquisition unit 130 outputs the generated license key information to the decryption processing unit 140 via the decryption control unit 150.

  The key information acquisition unit 130 includes a nonvolatile memory M therein, and stores the encryption information and other information necessary for providing the license key information transmitted from the removable HD 10 in the nonvolatile memory M. It has become.

  Note that details of the decryption processing unit 140 in this embodiment will be described later in particular, regarding details of processing related to reception of encryption information and generation of license key information (hereinafter referred to as encryption information reception processing). In this embodiment, the above-described encryption information transmission process and encryption information reception process are referred to as license key information provision process.

  The decryption processing unit 140 receives the encrypted content data output from the HD drive 120 or the TV receiving unit 110 and the license key information generated by the key information acquisition unit 130. The decryption processing unit 140 decrypts the encrypted content data output from the TV receiving unit 110 or read from the removable HD 10 based on the license key information under the control of the decryption control unit 150. The decrypted content data is output to the output processing unit 160.

  The decryption control unit 150 controls each part of the key information acquisition unit 130 and the decryption processing unit 140 under the control of the reproduction control unit 180. Specifically, the decryption control unit 150 controls the reception of encrypted information in the key information acquisition unit 130, the generation control of license key information based on the encryption information, and the decryption of encrypted content data in the decryption processing unit 140. Control of the digitization process.

  The output processing unit 160 is input with the content data decrypted by the decryption processing unit 140. The output processing unit 160 converts the input content data into a predetermined signal, Output to an external device.

  Specifically, the output processing unit 160 of the present embodiment separates the decrypted content data into audio data and video data under the control of the playback control unit 180, and performs decoding processing on each of these data The video data and the audio data in the content data are generated by performing predetermined processing. The output processing unit 160 converts the decoded video data and audio data into a signal format of NTSC format, and the display generated and input by the OSD processing unit 190 with respect to the converted video signal. The data is superimposed. The output processor 160 outputs the video signal on which the display data is superimposed and the audio signal whose signal format is converted to an external device (not shown) connected via the video signal output terminal T1 and the audio signal output terminal T2. It is supposed to be.

  For example, in the present embodiment, a monitor having a function of amplifying audio is connected as an external device, and the video signal or audio signal output from the output processing unit 160 is amplified by the monitor. And to display.

  The recording control unit 170 receives a recording instruction input from the operation unit 200 via the system control unit 210. The recording control unit 170 is input under the control of the system control unit 210. Based on the recorded instruction, the HD drive 120 is controlled to record the encrypted content data output from the TV receiving unit 110 in the removable HD 10.

  A reproduction instruction input from the operation unit 200 via the system control unit 210 is input to the reproduction control unit 180. The reproduction control unit 180 is input under the control of the system control unit 210. The TV reception unit 110, the HD drive 120, the decryption control unit 150, and the output processing unit 160 are controlled on the basis of the playback instruction, the license key information is acquired, and the encrypted content data is decrypted and reproduced. It comes to perform control.

  In particular, the playback control unit 180 links the HD drive 120 and the decryption control unit 150 to control license key information provision processing for transferring the license key information stored in the removable HD 10 to the key information acquisition unit 130. Based on the acquired license key information, control for decrypting the encrypted content data and control for converting the decrypted content data into a predetermined signal and outputting it to an external device are performed. It has become.

  Note that details of the operation of processing for starting playback of content data (hereinafter referred to as playback start processing) including the license key information provision processing in the playback control unit 180 of the present embodiment will be described later.

  The OSD processing unit 190 generates display data to be superimposed on a video signal output to an external device such as character information under the control of the reproduction control unit 180, and the display data such as the generated character information Is output to the output processing unit 160.

  The operation unit 200 includes a remote control device having a number of keys such as various confirmation buttons, selection buttons, and numeric keys, and a light receiving unit that receives a signal transmitted from the remote control device, or various confirmation buttons, selection buttons, and numbers. It is constituted by an operation panel having a large number of keys such as keys. The operation unit 200 is used for various instructions when receiving content data, recording the content data on the removable HD 10 or reproducing the content data recorded on the removable HD 10. Yes.

  The system control unit 210 reads out a control program stored in the receiving device ROM / RAM 220 and executes each process, and temporarily stores data being processed in the ROM / RAM 220. Playback control of the encrypted content data received by the receiving unit 110 or recorded in the removable HD 10 attached to the HD drive 120, and the encrypted content data is recorded in the removable HD 10 attached to the HD drive 120. The recording control of the encrypted content data is performed. In particular, the system control unit 210 of the present embodiment controls the license key information providing process in an integrated manner when playing back the decrypted content data while controlling the playback control unit 180.

  Next, the license key information provision processing of the HD drive 120 and the key information acquisition unit 130 according to this embodiment will be described with reference to FIGS. FIG. 2 is a diagram for explaining the processing for providing license key information in the present embodiment. FIG. 3 shows the existence and reproduction of license key information in the removable HD 10 and the key information acquisition unit 130 of the present embodiment. It is a table | surface which shows a state.

The HD drive 120 of this embodiment controls the removable HD 10 when transmitting license key information from the removable HD 10 to the key information acquisition unit 130.
(1) Authentication control with the key information acquisition unit 130 (state 1),
(2) Random number generation control (random number information generation control (state 2)),
(3) License key information encryption control (state 3),
(4) Transmission control and deletion control of encrypted license key information (state 4 and state 5)
(5) Encryption control of random number information (state 6)
(6) Perform transmission control and deletion control (state 7 and state 8) of the encrypted random number information,
The license key information is encrypted and output from the removable HD 10 to the key information acquisition unit 130. However, the state in the parenthesis described above or described later indicates each state in FIG.

  Specifically, as shown in FIG. 2, the HD drive 120 operates in conjunction with the key information acquisition unit 130 via the decryption control unit 150 under the control of the playback control unit 180 to acquire the removable HD 10 and the key information. The authentication is performed with the unit 130, and the removable HD 10 is configured to hold key information (hereinafter referred to as common key information) different from the license key information common to the key information acquisition unit 130 (state 1). ). That is, the HD drive 120 holds the same key information as the key information stored in the key information acquisition unit 130 in the removable HD 10 as common key information.

  In addition, when the removable HD 10 and the key information acquisition unit 130 are authenticated, the HD drive 120 generates a random number based on a predetermined process in the removable HD 10 (state 2). Based on the generated random number, the license key information stored in the removable HD 10 is encrypted by a predetermined encryption process (state 3). The HD drive 120 controls transmission of license key information encrypted from the removable HD 10 (hereinafter referred to as encryption key information) to the key information acquisition unit 130 as first encryption information. (State 4).

  In this embodiment, when the encryption key information is generated in the removable HD 10, the HD drive 120 deletes the license key information based on the encryption key information. When the encryption key information is generated, the encryption key information is stored in the removable HD 10 and the generated random number is stored in the removable HD 10 as random number information. ing.

  Furthermore, when the reception confirmation information indicating that the encryption key information has been received is transmitted from the key information acquisition unit 130 after the transmission of the encryption key information, the HD drive 120 stores the removal HD 10 in the removable HD 10. The encrypted encryption key information is erased (state 5). Then, the HD drive 120 causes the removable HD 10 to encrypt the random number information stored in the removable HD 10 based on the common key information (state 6), and the encrypted random number information (hereinafter referred to as “removable HD 10”). , The encrypted random number information) is transmitted to the key information acquisition unit 130 (state 7).

  Finally, when the HD drive 120 receives reception confirmation information indicating that the encrypted random number information has been received from the key information acquisition unit 130 after transmission of the encrypted random number information, the HD drive 120 sends the removable HD 10 to the removable HD 10. The stored encryption key information is erased (state 8 and state 9).

On the other hand, when the key information acquisition unit 130 receives license key information from the removable HD 10,
(1) Authentication control with the removable HD 10 (state 1 to state 3),
(2) Reception of encryption key information (state 4 to state 6),
(3) Reception of encrypted random number information (state 7, state 8),
(4) Decrypt the encrypted random number information and restore the license key information (state 9),
The encryption key information transmitted from the removable HD 10 is received, the encryption key information is decrypted, and the license key information is restored. However, the state in the parenthesis described above or described later indicates each state in FIG.

  Specifically, as shown in FIG. 2, the key information acquisition unit 130 performs authentication with the removable HD 10 in conjunction with the HD drive 120 via the playback control unit 180 under the control of the decryption control unit 150. The common key information common to the removable HD 10 is stored in the internal nonvolatile memory M (state 1 to state 3). That is, the key information acquisition unit 130 holds the same key information as the key information stored in the removable HD 10 in the nonvolatile memory M as common key information.

  When the key information acquisition unit 130 authenticates with the removable HD 10 and receives the encryption key information transmitted first, the key information acquisition unit 130 stores the encryption key information in the nonvolatile memory M, and stores the encryption key information. Reception confirmation information indicating that the key information has been received is transmitted to the removable HD 10 (state 4 to state 6).

  In this embodiment, the reception confirmation information transmitted to the removable HD 10 is an instruction to delete the encryption key information stored in the removable HD 10. When the key information acquisition unit 130 receives the encryption key information and does not correctly receive the encryption key information, the key information acquisition unit 130 does not transmit the reception confirmation information and transmits a retransmission instruction or predetermined error processing. Is supposed to do.

  Further, when the encrypted random number information is transmitted from the removable HD 10 after receiving the encryption key information, the key information acquisition unit 130 stores the encrypted random number information in the nonvolatile memory M, and stores the encrypted random number information. Reception confirmation information indicating that the information has been received is transmitted to the removable HD 10 (state 7 and state 8).

  In this embodiment, as in the case of receiving the encryption key information, the reception confirmation information transmitted to the removable HD 10 is an instruction to delete the encrypted random number information stored in the removable HD 10. When the key information acquisition unit 130 receives the encrypted random number information and does not correctly receive the encrypted random number information, the key information acquisition unit 130 does not transmit the reception confirmation information, and does not send a retransmission instruction or predetermined error processing. Is supposed to do.

  Finally, after receiving the encrypted random number information, the key information acquisition unit 130 decrypts the encrypted random number information based on the common key information, and encrypts the key information based on the decrypted random number information. And the license key information is restored (state 9). The key information acquisition unit 130 outputs the restored license key information to the decryption processing unit 140 as described above.

  In this embodiment, the removable HD 10 and the HD drive 120 and the key information acquisition unit 130 perform the encrypted information transmission process and the encrypted information reception process in this way. That is, as shown in the table of FIG. 3, in the removable HD 10 and the key information acquisition unit 130, the license key information (or encryption key information) and the random number information (or encryption key information) in the states 1 to 9, respectively. In addition, since the three types of information of the common key information are not included at the same time, the license key information always exists only in one device. Therefore, in the present embodiment, in the removable HD 10 and the key information acquisition unit 130, the license key information (license key information in an unencrypted state) does not exist in each member. With information, a plurality of content data cannot be decrypted simultaneously.

  Next, the operation of the content data reproduction start process including the license key information provision process in the reproduction control unit 180 of this embodiment will be described with reference to FIG. FIG. 4 is a flowchart showing the operation of content data reproduction start processing in the reproduction control unit 180 of this embodiment.

  In the following operation, it is assumed that the removable HD 10 is mounted on the HD drive 120 in advance, and that the license key information for decrypting the encrypted content data to be played back is stored in the removable HD 10. It is assumed that the target content data is recorded in the removable HD 10 in advance.

  First, by operating the operation unit 200, it is instructed to reproduce the content data recorded on the removable HD 10, and when the instruction is input to the reproduction control unit 180 via the system control unit 210, the reproduction is performed. The control unit 180 detects the instruction (step S11), and the reproduction control unit 180 executes a license key information provision process by linking the HD drive 120 and the decryption control (step S12).

  Specifically, the playback control unit 180 outputs an instruction to execute the license key information providing process to the HD drive 120 and the decryption control unit 150, and the HD drive 120 and the decryption processing unit 140 respond to the instructions. Based on this, control of the encrypted transmission process or the encrypted reception process is started.

  The operation of the license key information provision processing of the HD drive 120 and the decryption control unit in this embodiment, that is, details of the encrypted transmission processing unit and the encrypted reception processing unit will be described later.

  Next, the playback control unit 180 determines whether or not the license key information providing process has been properly performed (step S13), and when determining that the license key information providing process has not been properly performed, It is determined whether or not to perform the license key information provision process (step S14).

  At this time, the reproduction control unit 180 controls the OSD processing unit 190 and the output processing unit 160 to display whether or not to perform the license key information provision processing again, and based on an instruction input from the operation unit 200. To make this decision.

  Next, when the reproduction control unit 180 determines to perform the license key information provision process again, the reproduction control unit 180 proceeds to the process of step S12 and determines to cancel the license key information provision process. In this case, the present operation is terminated without reproducing the content data.

  On the other hand, when the reproduction control unit 180 determines that the license key information providing process can be properly performed, the reproduction control unit 180 receives the decryption processing unit 140 and the HD via the decryption control unit 150. The drive 120 is controlled to give an instruction to start reproduction of the encrypted content data stored in the removable HD 10 (step S15), and this operation is terminated.

  When the reproduction control unit 180 instructs each unit to start reproduction, reproduction of the encrypted content data is executed. Specifically, the HD drive 120 sequentially reads the encrypted content data from the removable HD 10 and outputs the encrypted content data to the decryption processing unit, and the decryption processing unit 140 acquires the input encrypted content data by the key information acquisition unit 130. The decryption process is sequentially performed based on the license key information. Further, the output processing unit 160 sequentially converts the decrypted content data into predetermined video signals and sound signals and outputs them to an external device.

  Next, the operation of the license key information provision processing in the HD drive 120 and the decryption control unit 150 of this embodiment will be described using FIG. 5 and FIG. Note that. 5 and 6 are flowcharts showing the operation of the license key information provision processing in the HD drive 120 and the decryption control unit 150 of this embodiment.

  In this operation, the encryption transmission process in the removable HD 10 that transmits the license key information and the encryption reception process in the key information acquisition unit 130 that receives the license key information are shown in individual flowcharts as operations for each process. explain.

  In this operation, the HD drive 120 and the decryption control unit 150 start control of the encrypted transmission process and the encrypted reception process based on an instruction from the reproduction control unit 180, and the encrypted transmission process is used as a reference. Each process will be described.

  First, when an instruction to execute the license key information provision processing from the playback control unit 180 is input to the HD drive 120 and the decryption control unit 150, the HD drive 120 and the decryption control unit 150 are linked to each other. Then, the authentication of the removable HD 10 and the key information acquisition unit 130 is executed (steps S111 and S211), and it is determined whether or not the authentication of the removable HD 10 and the key information acquisition unit 130 is properly executed (step S112, step S211). S212).

  At this time, if the HD drive 120 and the decryption control unit 150 determine that the authentication of the removable HD 10 and the key information acquisition unit 130 is not properly executed, the HD drive 120 and the decryption control unit 150 perform this operation. Terminate.

  On the other hand, when the HD drive 120 and the decryption control unit 150 determine that the authentication of the removable HD 10 and the key information acquisition unit 130 has been properly performed, the HD drive 120 and the decryption control unit 150 determine whether the removable HD 10 or the key information The acquisition unit 130 holds the shared key information (steps S113 and S213).

  At this time, the decryption control unit 150 stores the shared key information in the nonvolatile memory M inside the key information acquisition unit 130 and waits for reception of the encryption key information transmitted from the removable HD 10 (step S214).

  Next, the HD drive 120 causes the removable HD 10 to generate a random number as random number information in the removable HD 10 by a predetermined process (step S114) and encrypts the license key information based on the generated random number information. Then, the encryption key information is generated as encryption information in the removable HD 10 (step S115).

  Next, the HD drive 120 reads the encrypted information, which is the generated encryption key information, from the removable HD 10 and transmits it to the key information acquisition unit 130, and waits for reception confirmation information transmitted from the key information acquisition unit 130. (Step S116).

  At this time, when the key information acquisition unit 130 receives the encryption key information from the removable HD 10 via the HD drive 120 (step S215), the decryption control unit 150 receives the encryption key received by the key information acquisition unit 130. The validity of the information is determined (step S216), and when it is determined that the information is not valid, the decoding control unit 150 ends this operation.

  When the decryption control unit 150 ends this operation, the playback control unit 180 receives the end notification (hereinafter referred to as end notification), and performs the encrypted transmission processing of the HD drive 120 based on the end notification. Force termination.

  On the other hand, when the key information acquisition unit 130 determines that the received encryption key information is valid, the decryption control unit 150 indicates to the key information acquisition unit 130 that the encryption key information has been received. Reception confirmation information, that is, deletion instruction information (hereinafter referred to as deletion instruction information) is transmitted to the HD drive 120 (step S217).

  Next, when the HD drive 120 receives the reception confirmation information transmitted from the key information acquisition unit 130 (step S117), the HD drive 120 determines whether or not the received reception confirmation information is valid, that is, acquires the key information. It is determined whether or not the encryption key information has been successfully received by the unit 130 (step S118). If the reception confirmation information is not valid, this operation is terminated.

  When this operation is completed by the HD drive 120, the playback control unit 180 receives the end notification, and forcibly ends the encryption reception process of the decryption control unit 150 based on the end notification.

  On the other hand, when the HD drive 120 determines that the encryption key information has been properly acquired by the key information acquisition unit 130, the HD drive 120 controls the removable HD 10 to store the encryption key stored in the removable HD 10. The information is erased (step S119).

  Next, the HD drive 120 causes the removable HD 10 to encrypt the random number information generated in step S114 based on the common key information held in the removable HD 10, and uses the encrypted random number information as the encrypted information. It is generated in the HD 10 (step S120).

  Next, the HD drive 120 reads the encrypted information, which is the generated encrypted random number information, from the removable HD 10 and transmits it to the key information acquisition unit 130, and waits for reception confirmation information transmitted from the key information acquisition unit 130 (Step S121).

  At this time, when the key information acquisition unit 130 receives the encrypted random number information from the removable HD 10 via the HD drive 120 (step S218), the decryption control unit 150 receives the encrypted random number received by the key information acquisition unit 130. The validity of the information is determined (step S219), and when it is determined that the information is not valid, the decoding control unit 150 ends this operation.

  When this operation is completed by the decryption control unit 150, the playback control unit 180 receives the end notification and performs the encrypted transmission processing of the HD drive 120 based on the end notification, as in the process of step S215 described above. Force termination.

  Next, when the key information acquisition unit 130 determines that the received encrypted random number information is valid, the decryption control unit 150 indicates that the key information acquisition unit 130 has received the encrypted random number information. Is received by the HD drive 120 (step S220).

  Next, when the HD drive 120 receives the reception confirmation information transmitted from the key information acquisition unit 130 (step S122), the HD drive 120 determines whether or not the received reception confirmation information is valid, that is, acquires the key information. The unit 130 determines whether or not the encryption key information has been received effectively (step S123). If the reception confirmation information is not valid, the operation is terminated.

  When this operation is completed by the HD drive 120, the playback control unit 180 receives the end notification, and forcibly ends the encryption reception process of the decryption control unit 150 based on the end notification.

  Next, when the HD drive 120 determines that the encrypted random number information has been properly acquired by the key information acquisition unit 130, the HD drive 120 controls the removable HD 10 to store the encrypted random number stored in the removable HD 10. The information is erased (step S124), and this operation is terminated.

  On the other hand, the decryption control unit 150 causes the key information acquisition unit 130 to decrypt the received encrypted random number information and encrypted key information (step S221), and determines the validity of the decrypted license key information. If the decrypted license key information is determined not to be valid (step S222), the decryption control unit 150 ends this operation.

  When the decryption control unit 150 ends this operation, the playback control unit 180 receives the end notification, and forcibly ends the encrypted transmission process of the HD drive 120 based on the end notification.

  On the other hand, when the key information acquisition unit 130 determines that the decrypted license key information is valid, the decryption control unit 150 notifies the reproduction control unit 180 that the license key information provision processing has been properly completed ( Step S223), this operation is terminated.

  As described above, according to the present embodiment, the information recording / reproducing apparatus 100 provides the license key provided from the removable HD 10 that stores the key information for decrypting the encrypted content data to the key information acquisition unit 130 that is different from the removable HD 10. In the case of performing an information providing process, a generation process for generating a plurality of pieces of encrypted information used when encrypting license key information, and each of the generated pieces of encrypted information at different timings from other pieces of encrypted information A transmission process for sequentially transmitting from the removable HD 10 to the key information acquisition unit 130, a reception process for sequentially receiving each encrypted information transmitted by the key information acquisition unit 130, and a key information acquisition unit 130 A generation process that generates license key information using all the encrypted information after receiving the encrypted information. The removable HD 10 has a configuration for deleting the transmitted encrypted information after transmitting the encrypted information and before transmitting other encrypted information that has not yet been transmitted to the information acquisition unit. is doing.

  With this configuration, the information recording / reproducing apparatus 100 according to the present embodiment sequentially transmits the generated encrypted information from the removable HD 10 to the key information acquisition unit 130 step by step at different timing from the other encrypted information. Each encryption information transmitted in the key information acquisition unit 130 is sequentially received, and after all the encryption information is received in the key information acquisition unit 130, the license key information is obtained using all the encryption information. Generate. Then, the information recording / reproducing apparatus 100 of the present embodiment transmits other encrypted information that has not yet been transmitted to the key information acquisition unit 130 after the encrypted information transmitted by the removable HD 10 has been transmitted. Before that, the transmitted encrypted information is erased.

  Therefore, in the license key information providing process of this embodiment, even when encrypted content data is transferred between members, the license key for decrypting the encrypted content data and the encrypted content data at each member Since there is always only one member where the encrypted content data and the license key information exist at the same time, only one piece of encrypted content data is always reproduced from one license key information. It becomes possible.

  Further, for example, in the method of providing the license key information shown in FIG. 7, after the common key information is shared by authentication, the license key information is encrypted and transmitted using the common key information, and the encryption key information is transmitted. Since the license key information is erased after transmission of the license key information, the license key information is erased immediately before the license key information is erased or due to fraud. Content data encrypted in each of the plurality of members can be decrypted. FIG. 7 is a diagram (I) for explaining the process of encrypting and transferring the license key information based on the shared key information.

  Further, for example, in the method of providing the license key information shown in FIG. 8, after the common key information is shared by authentication, the license key information is encrypted and transmitted with the common key information, and the encryption key information is transmitted. After sending the encrypted license key information, the license key information will be deleted regardless of whether it has been received from the member on the provided side, so transfer processing during transfer of the encrypted license key information Is canceled, or when the member on the transfer side cannot properly receive the license key information, the license key information is decrypted even if the information of each member is aggregated. I can't. FIG. 8 is a diagram (II) for explaining the process of encrypting and transferring the license key information based on the shared key information.

  On the other hand, for example, the standard (ARIB Technical Report B-15) established by ARIB (Association of Radio Industries and Business), which is one of the rules for super distribution systems, is based on the content protection rules for digital broadcasting. ), Regarding content data move (transfer recording), in the middle of the move process, both the content data transfer side (move source) in the move process and the content data transfer side (move destination) in the move process At the same time, it is stipulated that content data having a predetermined time, that is, a time length exceeding one minute should not be reproducible. For this reason, a superdistribution system cannot be constructed by a providing method that does not satisfy this condition, such as the method of providing license key information shown in FIGS.

  On the other hand, in the license key information providing process of the present embodiment, as described above, there is always one member where the encrypted content data and the license key information exist at the same time. At the same time, there is no license key information that can decrypt the encrypted content data, which satisfies the standard.

  As described above, in the license key information providing process of the present embodiment, only one encrypted content data can always be reproduced from one license key information, and it is resistant to a failure during transfer of the license key information. Since the conditions can be satisfied even in a system that performs strong copyright protection represented by the above-mentioned super-distribution system, license key information can be exchanged accurately, and copyright protection of content data can be strengthened. Can be performed accurately and accurately.

  It should be noted that the information recording / reproducing apparatus 100 of the present embodiment simply exchanges encryption key information and encrypted random number information between the removable HD 10 and the key information acquisition unit 130 in the license key information provision process. In order to increase security in the transfer of each encrypted information, in order to show that each piece of information is sent from the sender and is not tampered with in the middle with respect to the transmission / reception of each encrypted information and the transmission / reception of the reception confirmation information. The digital signature method may be used.

  In this case, as shown in FIG. 9, when transmitting each piece of encrypted information and reception confirmation information, the removable HD 10 or key information acquisition unit 130 generates a digital signature in the removable HD 10 or key information acquisition unit 130 as signature information. Then, after receiving each information, the signature of the removable HD 10 or the key information acquisition unit 130 that transmitted the information using the attached signature information is verified. When the digital signature is approved, the removable HD 10 or the key information acquisition unit 130 that has received the information is generated and attached as signature information.

  In the information recording / reproducing apparatus 100 of the present embodiment, the license key information is provided by the removable HD 10, but may be provided by other portable recording media such as a DVD. .

  The information recording / reproducing apparatus 100 according to the present embodiment is provided with license key information in the removable HD 10. However, other information such as a personal computer or a hard disk recorder is provided via a communication line such as the Internet. The information may be provided from the information reproducing apparatus or the information recording / reproducing apparatus 100.

  In this case, the information recording device that provides the license key information erases the encryption key information and the encrypted random number information through the communication line while sequentially transmitting to the device that provides the license key information step by step.

[Second Embodiment]
Next, a second embodiment of the information recording / reproducing apparatus according to the present application will be described with reference to FIGS.

  In the present embodiment, in the license key information transfer process according to the first embodiment, instead of transmitting the license key information using random number information, a plurality of pieces of key information for uniquely determining the license key information from the license key information And license key information is provided using the distributed key information (hereinafter referred to as distributed key information). Other configurations are the same as those in the first embodiment, and the same members are denoted by the same reference numerals and description thereof is omitted. The reproduction start process that is a premise of the license key information providing process in the present embodiment is as follows. Since it becomes the operation | movement similar to 1st Embodiment, the description is abbreviate | omitted.

  In this embodiment, an information division method called a secret sharing method is used as a method for generating the division key information in the license key information transfer process.

  First, the secret sharing process used in the license key information transfer process according to the present embodiment will be described with reference to FIGS. 10 and 11 are diagrams for explaining the secret sharing process used in the license key information transfer process of the present embodiment.

  The secret sharing process is a process of encoding the license key information into a plurality of shared information, and this secret sharing process knows the entire information, that is, the license key information from each distributed information piece. Therefore, it is possible to maintain high security from leakage of license key information.

  For example, as shown in FIG. 10, if a straight line equation (y = ax + b) on the XY plane is information to be calculated, a straight line equation cannot be calculated from the information of each coordinate. For example, (y = ax + b) cannot be calculated from (x1, y1). However, (y = ax + b) can be calculated from the coordinates of two points, for example, (x1, y1) (x3, y3). That is, information on a straight line (y = ax + b) on the XY plane can be calculated from information on two or more coordinates. Accordingly, if the license key information is information on a straight line (y = ax + b) on the XY plane, the license key information cannot be calculated with each piece of shared information if a plurality of pieces of coordinate information are generated as shared information. If a plurality of pieces of shared information are acquired, the license key information can be calculated, that is, the license key information can be restored.

  In the present embodiment, secret sharing processing (distribution) is performed on the license key information using this principle, and when the license key information is restored, the respective shared information is acquired, and based on the respective shared information. Secret sharing processing (integration) is performed, and information necessary for restoring the license key information is provided to other members.

  FIG. 11 is a diagram for explaining the secret sharing process when the license key information is information of a quadratic curve equation (y = ax2 + bx + c) on the XY plane. This shows that the quadratic curve equation (y = ax2 + bx + c), that is, the license key information can be restored from the coordinate information of points or more.

  In the present embodiment, the encoded shared information is further encrypted based on the common key information, and leakage of license key information is highly prevented.

  Next, with reference to FIGS. 12 and 13, the license key information provision processing of the HD drive 120 and the key information acquisition unit 130 according to the present embodiment will be described. FIG. 12 is a diagram for explaining the processing for providing the license key information in the present embodiment. FIG. 13 shows the existence and reproduction of the license key information in the removable HD 10 and the key information acquisition unit 130 of the present embodiment. It is a table | surface which shows a state.

  Similar to the first embodiment, the HD drive 120 according to the present embodiment, when outputting the HD license key information from the removable HD 10 to the key information acquisition unit 130, controls the decryption control unit 150 under the control of the reproduction control unit 180. The key information acquisition unit 130 generates a plurality of pieces of information, that is, distributed information by performing predetermined processing on the license key information stored in the removable HD 10 and encrypts the distributed information. A plurality of pieces of encrypted information necessary for decrypting the license key information are generated, and the generated pieces of encrypted information are output to the key information acquisition unit 130 step by step.

The HD drive 120 of this embodiment controls the removable HD 10 when transmitting license key information from the removable HD 10 to the key information acquisition unit 130.
(1) Authentication control with the key information acquisition unit 130 (state 1),
(2) Generation control (state 2) for dividing the license key information into two pieces of key information by secret sharing processing (distribution), and generating two pieces of key information,
(3) Encryption control (state 3) of the divided first key information (hereinafter referred to as first key information),
(4) Transmission control and deletion control of encrypted first key information (hereinafter referred to as encrypted first key information) (state 4 and state 5)
(5) Encryption control (state 6) of the divided second key information (hereinafter referred to as second key information),
(6) Transmission control and deletion control (state 7 and state 8) of the encrypted second key information (hereinafter referred to as encrypted second key information) are performed,
The license key information is encrypted and output from the removable HD 10 to the key information acquisition unit 130. However, the state in the parenthesis described above or described later indicates each state in FIG.

  Specifically, as shown in FIG. 12, the HD drive 120 operates in conjunction with the key information acquisition unit 130 via the decryption control unit 150 under the control of the reproduction control unit 180 to acquire the removable HD 10 and the key information. Authentication with the unit 130 is performed, and the removable HD 10 is configured to hold common key information common to the key information acquisition unit 130 (state 1).

  In addition, when authentication of the removable HD 10 and the key information acquisition unit 130 is performed, the HD drive 120 performs secret sharing processing (distribution) on the license key information in the removable HD 10, and starts from the license key information. One key information and second key information are generated (state 2), and the generated first key information is encrypted by a predetermined encryption process based on the common key information. (State 3). The HD drive 120 controls transmission of the encrypted first key information, which is the first key information encrypted from the removable HD 10, to the key information acquisition unit 130 as the first encrypted information ( State 4).

  Furthermore, when the reception confirmation information indicating that the encrypted first key information is received from the key information acquisition unit 130 after the transmission of the encrypted first key information, the HD drive 120 transmits the reception confirmation information to the removable HD 10. The encrypted first key information stored in the removable HD 10 is erased (state 5). Then, the HD drive 120 causes the removable HD 10 to encrypt the second key information stored in the removable HD 10 based on the common key information (state 6), and the encrypted second from the removable HD 10 The encrypted second key information, which is key information, is controlled to be transmitted to the key information acquisition unit 130 (state 7).

  Finally, after receiving the encrypted second key information from the key information acquisition unit 130 after the transmission of the encrypted second key information, the HD drive 120 transmits to the removable HD 10 the reception confirmation information indicating that the encrypted second key information has been received. The encrypted second key information stored in the removable HD 10 is erased (state 8 and state 9).

  On the other hand, the key information acquisition unit 130 of this embodiment is linked to the HD drive 120 when acquiring license key information from the removable HD 10 under the control of the decryption control unit 150, as in the first embodiment. On the other hand, a plurality of pieces of encrypted information output from the HD drive 120 are sequentially input, and after receiving all the encrypted information, the key information acquisition unit 130 receives all the encrypted information. To generate license key information. The key information acquisition unit 130 outputs the generated license key information to the decryption processing unit 140 via the decryption control unit 150.

  The key information acquisition unit 130 includes a nonvolatile memory M therein, and stores the encryption information and other information necessary for providing the license key information transmitted from the removable HD 10 in the nonvolatile memory M. It has become.

When the key information acquisition unit 130 of the present embodiment receives license key information from the removable HD 10,
(1) Authentication control with the removable HD 10 (state 1 to state 3),
(2) Reception of encrypted first key information (state 4 to state 6),
(3) reception of encrypted second key information (state 7, state 8), and
(4) Decrypt encrypted first key information and encrypted second key information and restore license key information (state 9),
The encrypted first key information and the encrypted second key information transmitted from the removable HD 10 are received and the license key information is restored. However, the state in the parenthesis described above or described later indicates each state in FIG.

  Specifically, as shown in FIG. 12, the key information acquisition unit 130 performs authentication with the removable HD 10 in conjunction with the HD drive 120 via the playback control unit 180 under the control of the decryption control unit 150. The common key information common to the removable HD 10 is stored in the internal nonvolatile memory M (state 1 to state 3). That is, the key information acquisition unit 130 holds the same key information as the key information stored in the removable HD 10 in the nonvolatile memory M as common key information.

  Further, when the authentication with the removable HD 10 is performed and the first key information transmitted first is received, the key information acquisition unit 130 stores the first encryption key information in the nonvolatile memory M. The reception confirmation information indicating that the encrypted first key information has been received is transmitted to the removable HD 10 (state 4 to state 6).

  In this embodiment, the reception confirmation information transmitted to the removable HD 10 is an instruction to delete the encrypted first key information stored in the removable HD 10. In addition, when the key information acquisition unit 130 receives the encrypted first key information and does not correctly receive the encrypted first key information, the key information acquisition unit 130 does not transmit the reception confirmation information, Predetermined error handling is performed.

  Furthermore, when the encrypted second key information is transmitted from the removable HD 10 after receiving the encrypted first key information, the key information acquisition unit 130 stores the encrypted second key information in the nonvolatile memory M. Then, reception confirmation information indicating that the encrypted second key information has been received is transmitted to the removable HD 10 (state 7 and state 8).

  In this embodiment, as in the case of receiving the encrypted first key information, the reception confirmation information transmitted to the removable HD 10 is an instruction to delete the encrypted second key information stored in the removable HD 10. Further, when the key information acquisition unit 130 receives the encrypted second key information and does not correctly receive the encrypted second key information, the key information acquisition unit 130 does not transmit the reception confirmation information, Predetermined error handling is performed.

  Finally, after receiving the encrypted second key information, the key information acquisition unit 130 decrypts the encrypted first key information and the encrypted second key information based on the common key information (state 9). ), Secret sharing processing is performed based on the decrypted first key information and second key information, and the license key information is restored (state 9). The key information acquisition unit 130 outputs the restored license key information to the decryption processing unit 140 as described above.

  In this embodiment, the removable HD 10 and the HD drive 120 and the key information acquisition unit 130 perform the encrypted information transmission process and the encrypted information reception process in this way. That is, as shown in the table of FIG. 13, in the removable HD 10 and the key information acquisition unit 130, in the state 1 to the state 10, the first key information (or encrypted first key information), the second key information (or encrypted) Since the three types of information (second key information) and common key information are not included at the same time, the license key information always exists only in one device. Therefore, in the present embodiment, the license key information (license key information in an unencrypted state) does not exist individually in the removable HD 10 and the key information acquisition unit 130. Therefore, with one license key information, At the same time, a plurality of content data cannot be decrypted.

  Next, the operation of the license key information provision process in the HD drive 120 and the decryption control unit 150 of this embodiment will be described using FIG. 14 and FIG. Note that. 14 and 15 are flowcharts showing the operation of the license key information provision processing in the HD drive 120 and the decryption control unit 150 of this embodiment.

  In this operation, as in the first embodiment, the encryption transmission process in the removable HD 10 that transmits the license key information, the encryption reception process in the key information acquisition unit 130 that receives the license key information, The operation will be described with reference to individual flowcharts.

  In this operation, the HD drive 120 and the decryption control unit 150 start control of the encrypted transmission process and the encrypted reception process based on an instruction from the reproduction control unit 180, and the encrypted transmission process is used as a reference. Each process will be described.

  First, when an instruction to execute the license key information provision processing from the playback control unit 180 is input to the HD drive 120 and the decryption control unit 150, the HD drive 120 and the decryption control unit 150 are linked to each other. Then, the authentication of the removable HD 10 and the key information acquisition unit 130 is executed (steps S311 and S411), and it is determined whether or not the authentication of the removable HD 10 and the key information acquisition unit 130 is properly executed (step S312, step S311). S412).

  At this time, if the HD drive 120 and the decryption control unit 150 determine that the authentication of the removable HD 10 and the key information acquisition unit 130 is not properly executed, the HD drive 120 and the decryption control unit 150 perform this operation. Terminate.

  On the other hand, when the HD drive 120 and the decryption control unit 150 determine that the authentication of the removable HD 10 and the key information acquisition unit 130 has been properly performed, the HD drive 120 and the decryption control unit 150 determine whether the removable HD 10 or the key information The acquisition unit 130 holds the shared key information (steps S313 and S413).

  At this time, the decryption control unit 150 stores the shared key information in the internal nonvolatile memory M, and waits for reception of the encryption key information transmitted from the removable HD 10 (step S414).

  Next, the HD drive 120 causes the removable HD 10 to execute the secret sharing process to generate the first key information and the second key information from the license key information (step S314), and the first key information based on the common key information And the first key information is generated as encrypted information in the removable HD 10 (step S315). At this time, the removable HD 10 generates the first key information and the second key information, and then deletes the license key information that is the basis of the secret sharing process.

  Next, the HD drive 120 reads out the encrypted information that is the generated encrypted first key information from the removable HD 10 and transmits it to the key information acquisition unit 130, and receives the reception confirmation information transmitted from the key information acquisition unit 130. (Step S316).

  At this time, when the key information acquisition unit 130 receives the encrypted first key information from the removable HD 10 via the HD drive 120 (step S415), the decryption control unit 150 receives the encryption information received by the key information acquisition unit 130. The validity of the encrypted first key information is determined (step S416), and when it is determined that it is not valid, the decryption control unit 150 ends this operation.

  When the decryption control unit 150 ends this operation, the playback control unit 180 receives the end notification (hereinafter referred to as end notification), and performs the encrypted transmission processing of the HD drive 120 based on the end notification. Force termination.

  On the other hand, when the key information acquisition unit 130 determines that the received encrypted first key information is valid, the decryption control unit 150 receives the encrypted first key information from the key information acquisition unit 130. The reception confirmation information indicating the completion, that is, the erasure instruction information is transmitted to the HD drive 120 (step S417).

  Next, when the HD drive 120 receives the reception confirmation information transmitted from the key information acquisition unit 130 (step S317), the HD drive 120 determines whether the received reception confirmation information is valid, that is, acquires the key information. The unit 130 determines whether or not the encryption key information has been received effectively (step S318). If the reception confirmation information is not valid, this operation is terminated.

  When this operation is completed by the HD drive 120, the playback control unit 180 receives the end notification, and forcibly ends the encryption reception process of the decryption control unit 150 based on the end notification.

  On the other hand, when the HD drive 120 determines that the encrypted first key information has been properly acquired by the key information acquisition unit 130, the HD drive 120 controls the removable HD 10 to store the encryption stored in the removable HD 10. The first key information is deleted (step S319).

  Next, the HD drive 120 causes the removable HD 10 to encrypt the second key information generated in step S114 based on the common key information held in the removable HD 10, and the encrypted second information to be encrypted information. Is generated in the removable HD 10 (step S320).

  Next, the HD drive 120 reads out the encrypted information that is the generated encrypted second key information from the removable HD 10 and transmits it to the key information acquisition unit 130, and receives the reception confirmation information transmitted from the key information acquisition unit 130. (Step S321).

  At this time, when the key information acquisition unit 130 receives the encrypted second key information from the removable HD 10 via the HD drive 120 (step S418), the decryption control unit 150 receives the encryption information received by the key information acquisition unit 130. The validity of the encrypted second key information is determined (step S419), and when it is determined that it is not valid, the decryption control unit 150 ends this operation.

  When this operation is terminated by the decryption control unit 150, the playback control unit 180 receives the end notification and performs the encrypted transmission processing of the HD drive 120 based on the end notification, as in the above-described step S415. Force termination.

  Next, when the key information acquisition unit 130 determines that the received encrypted second key information is valid, the decryption control unit 150 sends the encrypted second key information to the key information acquisition unit 130. Is received to the HD drive 120 (step S420).

  Next, when the HD drive 120 receives the reception confirmation information transmitted from the key information acquisition unit 130 (step S322), the HD drive 120 determines whether the received reception confirmation information is valid, that is, acquires the key information. The unit 130 determines whether or not the encrypted second key information has been received successfully (step S323). If the reception confirmation information is not valid, the operation is terminated.

  When this operation is completed by the HD drive 120, the playback control unit 180 receives the end notification, and forcibly ends the encryption reception process of the decryption control unit 150 based on the end notification.

  Next, when the HD drive 120 determines that the encrypted second key information has been properly acquired by the key information acquisition unit 130, the HD drive 120 controls the removable HD 10 to store the encryption stored in the removable HD 10. The second key information is erased (step S324), and this operation is terminated.

  On the other hand, the decryption control unit 150 causes the key information acquisition unit 130 to decrypt the received encrypted first key information and encrypted second key information based on the common key information (step S421), and the decryption Using the converted first key information and second key information, the integration process in the secret sharing process is performed to restore the license key information (step S422).

  Next, the decryption control unit 150 causes the key information acquisition unit 130 to determine the validity of the restored license key information (step S423), and when it is determined that the decrypted license key information is not valid. The decryption control unit 150 ends this operation.

  When the decryption control unit 150 ends this operation, the playback control unit 180 receives the end notification, and forcibly ends the encrypted transmission process of the HD drive 120 based on the end notification.

  On the other hand, when the key information acquisition unit 130 determines that the decrypted license key information is valid, the decryption control unit 150 notifies the reproduction control unit 180 that the license key information provision processing has been properly completed ( Step S424), this operation is terminated.

  As described above, according to the present embodiment, the information recording / reproducing apparatus 100 provides the license key provided from the removable HD 10 that stores the key information for decrypting the encrypted content data to the key information acquisition unit 130 that is different from the removable HD 10. In the case of performing an information providing process, a generation process for generating a plurality of pieces of encrypted information used when encrypting license key information, and each of the generated pieces of encrypted information at different timings from other pieces of encrypted information A transmission process for sequentially transmitting from the removable HD 10 to the key information acquisition unit 130, a reception process for sequentially receiving each encrypted information transmitted by the key information acquisition unit 130, and a key information acquisition unit 130 A generation process that generates license key information using all the encrypted information after receiving the encrypted information. The removable HD 10 has a configuration for deleting the transmitted encrypted information after transmitting the encrypted information and before transmitting other encrypted information that has not yet been transmitted to the information acquisition unit. is doing.

  With this configuration, the information recording / reproducing apparatus 100 according to the present embodiment sequentially transmits the generated encrypted information from the removable HD 10 to the key information acquisition unit 130 step by step at different timing from the other encrypted information. Each encryption information transmitted in the key information acquisition unit 130 is sequentially received, and after all the encryption information is received in the key information acquisition unit 130, the license key information is obtained using all the encryption information. Generate. Then, the information recording / reproducing apparatus 100 of the present embodiment transmits other encrypted information that has not yet been transmitted to the key information acquisition unit 130 after the encrypted information transmitted by the removable HD 10 has been transmitted. Before that, the transmitted encrypted information is erased.

  Therefore, in the license key information providing process according to this embodiment, as in the first embodiment, even when encrypted content data is transferred between members, the encrypted content data and the encrypted content are transmitted by each member. Since the license key information for decrypting the data does not exist at the same time, that is, there is always one member where the encrypted content data and the license key information exist at the same time, one license key information always indicates one. Only the encrypted content data can be reproduced.

  For example, as in the first embodiment, the license key information can also be exchanged by the method of providing the license key information shown in FIGS. 7 and 8, but in the method of providing these license key information, Immediately before the license key information is deleted, the content data encrypted in each of the members can be decrypted, or the transfer process is canceled due to some trouble during the transfer process of the license key information. In such a case, the license key information cannot be decrypted in the transfer status (the state of each member of the license key information).

  Furthermore, for example, the standard (ARIB Technical Report B-15) established by ARIB (Association of Radio Industries and Business), which is one of the rules for super distribution systems, is based on the content protection rules for digital broadcasting. ), Regarding content data move (transfer recording), in the middle of the move process, both the content data transfer side (move source) in the move process and the content data transfer side (move destination) in the move process At the same time, it is stipulated that content data having a predetermined time, that is, a time length exceeding one minute should not be reproducible. For this reason, a superdistribution system cannot be constructed by a providing method that does not satisfy this condition, such as the method of providing license key information shown in FIGS.

  On the other hand, in the license key information providing process of the present embodiment, as described above, there is always one member where the encrypted content data and the license key information exist at the same time. At the same time, there is no license key information that can decrypt the encrypted content data, which satisfies the standard.

  As described above, in the license key information providing process of the present embodiment, only one encrypted content data can always be reproduced from one license key information, and it is resistant to a failure during transfer of the license key information. Since the conditions can be satisfied even in a system that performs strong copyright protection represented by the above-mentioned super-distribution system, license key information can be exchanged accurately, and copyright protection of content data can be strengthened. Can be performed accurately and accurately.

  Note that the information recording / reproducing apparatus 100 according to the present embodiment simply exchanges the encrypted first key information and the encrypted second key information between the removable HD 10 and the key information acquisition unit 130 in the license key information provision process. However, in order to increase security in the transfer of each encrypted information, each information is transmitted from the sender regarding the transmission / reception of each encrypted information and the transmission / reception confirmation information, and is not tampered with in the middle. A digital signature method for indicating this may be used.

  In this case, as shown in FIG. 16, the removable HD 10 or the key information acquisition unit 130 generates the digital signature in the removable HD 10 or the key information acquisition unit 130 as signature information at the time of transmission of each encrypted information and reception confirmation information. Then, after receiving each information, the signature of the removable HD 10 or the key information acquisition unit 130 that transmitted the information using the attached signature information is verified. When the digital signature is approved, the removable HD 10 or the key information acquisition unit 130 that has received the information is generated and attached as signature information.

  In the information recording / reproducing apparatus 100 of the present embodiment, the license key information is provided by the removable HD 10, but may be provided by other portable recording media such as a DVD. .

  The information recording / reproducing apparatus 100 according to the present embodiment is provided with license key information in the removable HD 10. However, other information such as a personal computer or a hard disk recorder is provided via a communication line such as the Internet. The information may be provided from the information reproducing apparatus or the information recording / reproducing apparatus 100.

  In this case, the information recording device that provides the license key information erases the encryption key information and the encrypted random number information through the communication line while sequentially transmitting to the device that provides the license key information step by step.

  In the license key information transfer process of the present embodiment, two key information is generated from the license key information, encrypted, and transferred. Of course, three or more key information are generated from the license key information. Then, it may be encrypted and transferred.

[0002]
On the other hand, when using the content data, key information called a license for performing decryption or reproduction management of the content data is used. This super-distribution system uses this key information to manage the use of content data and to protect copyright (for example, Non-Patent Document 1).
[Non-Patent Document 1] Ryoichi Mori, Masaharu Kawahara, Yasuhiro Otsuki “Electronic Technology for Super-Distribution Intellectual Property Processing” Information Processing, Information Processing Society of Japan, December 1996, Vol. 37, No. 2, pp. 155-161
DISCLOSURE OF THE INVENTION
[Problems to be solved by the invention]
[0007] However, in such a distribution system, since the key information indicating the license information is also digital information, it is necessary to construct an accurate method for the exchange of the key information. That is, in such a distribution system, if the key information is illegally acquired or used, not only the copyright protection of the content data cannot be performed properly, but also the distribution system cannot be constructed. .
[0008] In view of the above-described problems, the present invention, as one example, can accurately exchange key information by transmitting and receiving the key information in stages while encrypting the key information. An object is to provide a key information providing method capable of strong copyright protection.
[Means for Solving the Problems]
[0009] In order to solve the above problems, the invention according to claim 1 provides:
A key information providing method for providing from a first storage means for storing key information for decrypting encrypted data to a second storage means different from the first storage means,
A generating step of generating a plurality of transmission information from the key information in the first storage means;
A transmission step of sequentially transmitting each of the generated transmission information from the first storage means to the second storage means at a timing different from other transmission information;
A receiving step of sequentially receiving each transmission information transmitted by the second storage means;
A restoration step of restoring the key information using the transmission information after receiving the transmission information in the second storage means;

[0003]
Including
In the transmission step, the transmitted transmission is performed after the first storage unit transmits one transmission information and before transmitting other transmission information that has not yet been transmitted to the second storage unit. Erase information,
The generating step includes
A distribution step of distributing the key information into a plurality of pieces of information and deleting the key information;
An encryption step of encrypting distributed information indicating each of the distributed information by an encryption process common to the first storage means and the second storage means, and generating the plurality of transmission information;
It has the composition containing.
[0010] The invention according to claim 9 provides
An information reproducing apparatus that acquires the key information from a storage unit that records key information for decrypting encrypted data and reproduces the data,
A plurality of transmission information used for encrypting the key information is generated in the storage unit, and the generated transmission information is sequentially transmitted from the storage unit step by step at a timing different from other transmission information. Transmission control means for
Receiving means for receiving each transmitted transmission information;
A restoration means for restoring the key information using the transmission information after receiving the transmission information;
Reproducing means for decrypting the encrypted data based on the restored key information and reproducing the content data;
With
The transmission control means deletes the transmitted transmission information from the storage means after receiving the one transmission information and before receiving other transmission information not yet transmitted from the storage means. ,
The transmission control means includes
Distributing means for distributing the key information to a plurality of information and erasing the key information;
Encryption means for encrypting distributed information indicating each distributed information by encryption processing common to the storage means and the receiving means, and generating the plurality of transmission information;
It has the composition containing.
[0011] The invention according to claim 12
A key information providing device for providing key information for decrypting encrypted data to an information reproducing device for reproducing the data,
Storage means for storing the key information in advance;
Generating means for generating a plurality of transmission information used when encrypting the key information;
Transmitting means for sequentially transmitting each of the generated transmission information from the storage means to the other storage means step by step at a timing different from other transmission information;
An erasure unit for erasing the transmitted transmission information after transmitting the one transmission information and before transmitting other transmission information that has not yet been transmitted;
With
The generating means includes
Distributing means for distributing the key information to a plurality of information and erasing the key information;
Encryption means for encrypting distributed information indicating each of the distributed information by encryption processing common to the storage means and the other storage means, and generating the plurality of transmission information;
It has the composition containing.
[Brief description of the drawings]
[0012] FIG. 1 is a block diagram showing a configuration of an information recording / reproducing apparatus according to the present application.
FIG. 2 is a diagram for explaining license key information provision processing in the first embodiment.
[FIG. 3] A table showing the presence and reproducible state of license key information in the removable HD and key information acquisition unit in the first embodiment.

In order to solve the above-mentioned problem, the invention according to claim 1 is characterized in that the second storage means different from the first storage means is changed from the first storage means for storing the key information for decrypting the encrypted data. A key information providing method for generating a random number; a first encrypted information generating step for generating first encrypted information by encrypting the key information based on the random number; A second encrypted information generating step of generating second encrypted information by encrypting the random number by an encryption process common to the first storage means and the second storage means; A generation step of generating transmission information, and a first transmission step of sequentially transmitting each of the plurality of generated transmission information from the first storage means to the second storage means stepwise at a timing different from other transmission information; , The second encryption information A second transmission step of transmitting from the first storage unit in the second storage unit, a receiving step of sequentially receiving each transmission information said transmission in said second storage means, receiving the transmission information in the second storage means And then restoring the key information using the transmission information . In the first transmission step, after the first storage means has transmitted one transmission information, before sending the other transmission information that is not transmitted to the second storage unit has a configuration for erasing the transmission information to which the transmitted.

The invention described in claim 9 is an information reproducing apparatus for acquiring the key information from the storage means for recording the key information for decrypting the encrypted data and reproducing the data . A first storage means for storing key information for decrypting the received data, a second storage means different from the first storage means, a generating means for generating a random number, and the key information based on the random number. First encryption information generating means for generating first encrypted information by encryption and second encryption by encrypting the random number by an encryption process common to the first storage means and the second storage means A second encrypted information generating means for generating information, a generating means for generating a plurality of transmission information from the first encrypted information, and each of the generated plurality of transmission information at a timing different from other transmission information. Step by step the first memory Receiving a first transmission means for sequentially transmitting to the second storage means, second transmitting means for transmitting the second encrypted information to the second storage means from said first storage means, each transmission information in which the sent from Receiving means for receiving the transmission information, restoring means for restoring the key information using the transmission information, decrypting the data encrypted based on the restored key information, and the content data Reproduction means for reproducing the transmission information, and the first transmission means after receiving the one transmission information and before receiving other transmission information that has not yet been transmitted from the storage means. the transmission information has a configuration causes erased from the memory means.

According to a twelfth aspect of the present invention, there is provided a key information providing apparatus for providing key information for decrypting encrypted data to an information reproducing apparatus for reproducing the data, the encrypted data being A first storage means for storing key information for decryption; a second storage means different from the first storage means; a generating means for generating random numbers; and encrypting the key information based on the random numbers. And generating the second encrypted information by encrypting the random number by an encryption process common to the first encrypted information generating means for generating the first encrypted information and the first storage means and the second storage means. The second encrypted information generating means, the generating means for generating a plurality of transmission information from the first encrypted information, and each of the generated plurality of transmission information in stages at different timing from other transmission information From the first storage means to the second Transmitting a first transmission means for sequentially transmitting to the unit, a second transmitting means for transmitting the second encrypted information to the second storage means from the first storing means, said first transmitting means for transmitting information of the one And erasing means for erasing the transmitted transmission information before transmitting other transmission information that has not yet been transmitted.

Claims (12)

A key information providing method for providing from a first storage means for storing key information for decrypting encrypted data to a second storage means different from the first storage means,
A generating step of generating a plurality of transmission information from the key information in the first storage means;
A transmission step of sequentially transmitting each of the generated transmission information from the first storage means to the second storage means at a timing different from other transmission information;
A receiving step of sequentially receiving each transmission information transmitted by the second storage means;
A restoration step of restoring the key information using the transmission information after receiving the transmission information in the second storage means;
Including
In the transmission step, the transmitted transmission is performed after the first storage unit transmits one transmission information and before transmitting other transmission information that has not yet been transmitted to the second storage unit. A key information providing method comprising erasing information. The key information providing method according to claim 1,
The generating step includes
A generation process for generating arbitrary information;
A first encrypted information generating step of generating first transmission information by encrypting the key information based on the generated arbitrary information;
A second encrypted information generating step of generating second transmission information by encrypting the arbitrary information by an encryption process common to the first storage means and the second storage means;
A key information providing method comprising: The key information providing method according to claim 2,
The restoration step includes
A key information providing method, wherein the key information is restored using the first transmission information and the second transmission information. The key information providing method according to claim 3,
In the transmission step, the second storage means is immediately before receiving the transmitted first transmission information or the reception confirmation information indicating that the second transmission information is received in the second storage means. A method for providing key information, comprising: erasing the transmission information transmitted to the key. The key information providing method according to claim 1,
The generating step includes
A distribution step of distributing the key information into a plurality of pieces of information and deleting the key information;
An encryption step of encrypting distributed information indicating each of the distributed information by an encryption process common to the first storage means and the second storage means, and generating the plurality of transmission information;
A key information providing method comprising: The key information providing method according to claim 4,
The restoration step includes
A key information providing method, wherein the key information is restored using the plurality of transmission information. The key information providing method according to claim 6,
In the transmission step, after receiving the reception confirmation information indicating that the transmission information transmitted in the second storage means has been received, it becomes a basis of the transmission information transmitted to the second storage means immediately before A method for providing key information, wherein the shared information is erased. The key information providing method according to any one of claims 1 to 7,
In the transmission step, when transmitting each transmission information to the second storage unit, the transmission information is attached with signature information indicating that no alteration or the like has been performed during the transmission of the transmission information. The key information providing method characterized by transmitting. An information reproducing apparatus that acquires the key information from a storage unit that records key information for decrypting encrypted data and reproduces the data,
A plurality of transmission information used for encrypting the key information is generated in the storage unit, and the generated transmission information is sequentially transmitted from the storage unit step by step at a timing different from other transmission information. Transmission control means for
Receiving means for receiving each transmitted transmission information;
A restoration means for restoring the key information using the transmission information after receiving the transmission information;
Reproducing means for decrypting the encrypted data based on the restored key information and reproducing the content data;
With
After the transmission control means receives the one transmission information and before receiving another transmission information that has not yet been transmitted from the storage means, the transmitted transmission information is received from the storage means. An information reproducing apparatus characterized by being erased. An information reproducing apparatus according to claim 9, wherein
An information reproducing apparatus, wherein the storage means is mounted on the information reproducing apparatus. The information reproducing apparatus according to claim 9 or 10,
The storage means is mounted on a device different from the information reproducing device,
An information reproducing apparatus, wherein the receiving means receives the key information via a communication line. A key information providing device for providing key information for decrypting encrypted data to an information reproducing device for reproducing the data,
Storage means for storing the key information in advance;
Generating means for generating a plurality of transmission information used when encrypting the key information;
Transmitting means for sequentially transmitting each of the generated transmission information from the storage means to other storage means step by step at different timing from other transmission information;
An erasure unit for erasing the transmitted transmission information after transmitting the one transmission information and before transmitting other transmission information that has not yet been transmitted;
A key information providing apparatus comprising:

Images