TW497349B - Recording device and a data distribution system using such recording system - Google Patents

Abstract

The invention provides a recording device and a data distribution system using such recording system, in which memory card (110) contains memory (1415) that stores coded content data corresponding to the identification coded content data and outputs to the external part of memory card (110) in accordance with the request from the external part of the memory card (110); the authorization holding part (1440) that can store at least a part of multiple authorization data of the above-mentioned content data for distribution via distribution system; and the control part (1420) that follows the request of the external part of memory card (110) to selectively output at least a part of the multiple authorized data kept in authorization holding part (1440) to external part.

Description

Printed today at 97349 B7 Printed by the Consumers' Office of the Intellectual Property Bureau of the Ministry of Economic Affairs 5. Description of the Invention (1) [Technical Field] The present invention is about a Jitian A-a cargo distribution system used to send final information to mobile phones In the line and music system, the copied information can be used as a memory card for protection of rights. ”The recording device and the recording and distribution system are provided. [Technical background] With the advancement of the Internet or digital information communication networks, mobile telephones and other personal terminals can be used to remove the wrong information. The use of mobile phones allows users to easily access the Internet in such digital information communication networks. , In order to use the number to reduce the number of messages. Therefore, for example, in the above digital information communication network environment, long-term users can send out data without generating sound quality or image quality degradation. @ 说 乐 或 影 Therefore, if you can With the rapid expansion of the digital information communication network, the progress of the distribution of copyrighted material and the collection of discretionary fees, at the same time, is: a beneficial system for the right holder. But, In the digital information communication network, when transmitting copyrighted content such as music or video materials, if the appropriate copyright protection strategy is not adopted, the duplication of copyright material data in the digital information communication network will be infringed and seriously infringed. On the other hand, through this digital information communication network, when distributing content data such as g music or video data to user machines, each user must spend the same time to receive, for example, a Music data of the album. Therefore, the distribution server is not limited when transferring the above content materials (please read the precautions on the back before filling this page} ··· 装 · 111 [1- This paper is suitable for financial use National Standard_ (CNS) A4 Specification (2ΐ (Γ 297 mm) 312518-

V. Description of the invention (2) J Road between users' If the system can be designed to be used flexibly among users, it will significantly improve user convenience. -However, in order to protect the copyright when the user receives the above-mentioned content, it is necessary to prevent the content from being reproduced in a renewable state without permission from the copyright owner. . [, The disclosure of the invention] ... The purpose of the present invention is to provide a digital communication network such as a mobile phone network, while protecting copyright, and can perform content data such as music data to users who can transmit and receive data. In addition to protecting copyrights, it also provides a recording device that can use data and a data distribution system using the recording device. Gu—Another object of the present invention is to provide a data distribution system that can prevent the poor material to be distributed from being copied without the copyright owner, and a recording device used in the data distribution system. Briefly, the present invention is a recording device 'for storing authorization information, and can generate encrypted content data and content data. The recording device has an i-th memory circuit and a control circuit. The second memory circuit and the first memory circuit correspond to the content information used to identify the encrypted content ~, store the encrypted content data, and then output to the & Two self-reported roads can be used to store at least a part of the multiple licenses corresponding to the same content asset to the electric machine. The control circuit is based on the information from the outside of the recording device 2 312518 -------------- ^ -------- ^ --------- ^ {Please read the Note: Please fill in this page again} I Paper size applies Chinese National Standard (CNS) A4 specification ⑵G X 297 Public Love — A7 V. Description of the invention (Requirement, select one of the plural authorization information stored in the traditional circuit of Jishou At least one of the selected authorization information is recorded on the outside of the recording device. The eight-piece knife is output to the recording and decoding circuit. The recording device has a second holding circuit and a first == holding circuit, and the corresponding recording device is used to hold two. The first record holding circuit of the first public cipher wheel, and the first! The public fork coded key is asymmetric, and it holds and holds useful information to encrypt the data encrypted by the first public cipher key. 1 Secret decoding key. The first decoding circuit receives the authorization information coded by the first public key input 3, and then decodes it using the first secret decoding key. The rationale is that the i-th memory circuit is more authorized information. , The content used to decode the encrypted content data is decoded and stored after being encrypted The recording device also includes a third key holding unit; a second encryption circuit and a second decoding circuit. The third key holding unit is unique to each recording device, and can hold two symmetric secrets in a common key method. Intrinsic surplus. The second coded circuit receives the output of the i-th decoding circuit and encrypts it secretly. The first memory circuit stores the decoded content encrypted by the second cryptographic circuit. The second decoding circuit The content decoding key stored in the i-th memory circuit is decoded with the secret unique key. In other aspects of the present invention, there is a data distribution system that can be used to distribute authorization information that at least enables reproduction of the encrypted content data, The system has a distribution server and a data reproduction device. The distribution server is used to send the authorization information. The data reproduction device is used to receive the distributed authorization resource Λ 'to decode the encrypted content data and reproduce it. Content information. Data ^ Paper size applies Chinese National Standard (CNS) A4 specification (21〇X 297 public love). Please read the phonetic on the back? Matters before filling out this page > Install the Ministry of Economic Affairs Hui property office staff consumer cooperative Du PRINTED 312518 ^ 7349 A7

Ο Hidden circuit ’corresponds to the content information used to identify the encrypted content data. The encrypted content data is stored 1 and then output to the outside of the recording device in accordance with the external requirements of the record setting. The second memory circuit can store at least a part of the plural license information corresponding to the same content information in two separate memories. The control circuit selects one of the plurality of authorization information stored in the second memory circuit according to a request external to the recording device, and outputs at least a part of the selected authorization information to the outside of the recording device. An advantage of the present invention is that, by using a distribution system using a recording device related to the present application, even when there is a plurality of authorizations when the same content is output, distribution processing can still be performed in accordance with the user's selection, etc. , Regenerative processing, and mobile processing. Flexible systems can also be used. Furthermore, since the content key that is encrypted and transmitted using the asymmetric public key method is used, it is re-encrypted by the inherent common secret input of the memory card using the symmetric key method that can be decoded at high speed. It is also decorated in a memory card, so it can be used in the reproduction of the music data corresponding to the encrypted content data. The content key of the information required for the reproduction process is accelerated by the speed of the ancient soil. China National Standard (CNS) A4 specification (210x 297 mm) " 312518 _B7 V. Description of the invention (5 code processing. In addition, it can also be improved by the surplus stored in the memory card when the data is distributed.) Input and storage are not as good as the further security. [Simplified description of the diagram] Figure 1 is a conceptual diagram that briefly describes the present invention. Overall structure Figure 2 is used to explain the first] The data points not shown in Figure 1 This is an explanatory diagram of the characteristics such as ②, yards, and distribution data used in the delivery system. The outline = the diagram is a schematic diagram showing the ten thousand pieces constituting the authorized feeder 10 shown in Fig. 1. The outline L4 is an explanatory diagram. 1 of the mobile phone-constituted Fig. 5 is a schematic block diagram illustrating the structure of the memory card π0 shown in Fig. 4 + the house. Fig. 6 is an illustration of the distribution operation that occurs when the content of the purchase data distribution system shown in the embodiment is shown! The seventh flowchart is shown in Figure 7. Figure 7 is the second flowchart illustrating the distribution operation that occurs when the content of the purchase data distribution system shown in Embodiment 1 is shown. Figure 8 is the explanation of the vacancy shown in Embodiment i. The third flowchart of the distribution operation that occurs when the content of the data distribution system is generated. Figure 9 is a memory area allocated by the authorization holding unit 1440 that displays the data stored in the memory i4i5 j shown in Figure 5 Conceptual diagram. Figure 10 is a conceptual diagram of memory area allocation of memory 1 4 1 5. Figure 11 is a flowchart illustrating the operation of each part during the regeneration communication period. ≪ Please read the notes on the back first (Fill in this page again). Install i — t --------- Aw. Printed by the Consumers ’Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs, Paper Size Standard for Financially Suitable Households (CNS) A4_i ^ (210 X 297) ) 5 312518 Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs 497349 A7 — ___ _ B7 ____ 5. Description of the Invention (1 2) Figure 12 is the first flowchart illustrating the execution of the moving process. FIG. 13 is a second flowchart illustrating execution of movement processing. Fig. 14 is a third flowchart illustrating execution of a movement process. Fig. 15 is a conceptual diagram showing the state of the memory information in the memory area of the memory card 110 authorization holding unit 1440 after the movement process is performed. Fig. 16 shows a memory card 11 〇 memory 14 1 5 in the memory field ► Conceptual diagram of the state of memory information. FIG. 17 is a conceptual diagram showing the state of the memory information in the memory area of the authorization holding unit 1440 of the memory card u0 after performing other movement processing. Fig. 18 is a conceptual diagram corresponding to Fig. 17 which shows the state of the memory information in the memory 1415 of the memory card ho. Fig. 19 is a block diagram showing the structure of a memory card 114 according to the second embodiment. FIG. 20 is an explanatory diagram for explaining the characteristics of the communication key and distribution data used in the data distribution system of the second embodiment. Fig. 21 is a first flowchart for explaining the distribution operation which occurs when the content of the purchase data distribution system shown in the second embodiment is distributed. Fig. 22 is a second flowchart for explaining the distribution operation which occurs when the content of the purchase data distribution system shown in the second embodiment is distributed. Fig. 23 is a third flowchart for explaining the distribution operation which occurs when the content of the purchase data distribution system shown in the second embodiment is distributed. Fig. 24 is a flowchart for explaining the operation of each part when the reproduction communication period is performed when the memory card of the second embodiment is used. Fig. 25 is a block diagram showing the configuration of the hidden card 116 of the third embodiment. ---------------------- Order --------- ί Please read the notes on the back before filling in this page) 1 This paper size applies Chinese National Standard (CNS) A4 Regulations -------- 2 31251δ ~ 497349 Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs A7 B7 V. Description of the Invention (7) Figure 26 is used to explain the implementation of The flow chart of the distribution action that occurs when purchasing the content distribution system shown below. Fig. 27 is a second flowchart for explaining the distribution operation that occurs when the content of the purchase data distribution system shown in the embodiment is used. Fig. 28 is a third flowchart for explaining the distribution operation that occurs when the content of the purchase data distribution system shown in the embodiment is used. FIG. 29 is a conceptual diagram showing a memory area allocation of the authorization holding unit 1440 corresponding to the data stored in the memory 1415 shown in FIG. 25. Fig. 30 is a conceptual diagram showing the allocation of the memory area of the memory 1 4 丨 5. Fig. 31 is a flowchart for explaining a regeneration operation using the memory card 116 of the third embodiment. Fig. 32 is a first flowchart for explaining movement processing in the third embodiment. Fig. 33 is a second flowchart for explaining the movement processing in the third embodiment. Fig. 34 is a third flowchart for explaining the movement processing in the third embodiment. Fig. 35 is a conceptual diagram showing the state of memory information in the memory area of the authorization holding unit 1440 of the memory card U6 that has completed the movement process. FIG. 36 is a conceptual diagram showing the state of the memory information in the memory 1415 of the memory 116 of the Deca 116. Fig. 37 is a conceptual diagram showing the state of memory information in the memory area of the authorization holding unit 1 · 440 of the memory card 116 after completion of other movement processing. Figure 38 corresponds to Figure 37, showing the memory ι415 of the memory card 116 (please read the precautions on the back before filling out this page). The size of this paper is applicable to China National Standard (CNS) A4 (2) 0X 297. Hair) 7 312518

5. Description of the invention (8) Conceptual diagram of the state of memory information in the field of memory. The 39th figure printed by the Ministry of Economic Affairs and the Intellectual Property Bureau's Consumer Cooperatives is the "first flow chart of distribution operation in the fourth embodiment." Figure 40 illustrates the "distribution communication period" in the fourth embodiment. The second flowchart of the operation. Figure 41 is a third flowchart illustrating the operation of the "distribution communication period" in the fourth embodiment. Fig. 42 is a fourth flowchart illustrating the operation of the "r distribution communication period" in the fourth embodiment. Fig. 43 is a flowchart illustrating the regenerating operation using the memory card 11 $ of the embodiment $. Fig. 44 is a first flowchart illustrating the movement processing shown in the fifth embodiment. Fig. 45 is a second chronological diagram for explaining the movement processing shown in the fifth embodiment. Fig. 46 is a third flowchart illustrating the movement processing shown in the fifth embodiment. [Description of component symbols] 1,2 users, memory 丨 〇 Authorization server 12 Authentication server 20 Distribution carrier (mobile phone company) 3 Distribution server 100 Mobile phone 110, 112 Memory card 13 〇 Earphone 3 〇2 Charge database 304 Information database This paper standard Reuse Compensation Standard (CNS) A4 specification; χ 297 public love) -i ——— 125lr ϋ i— nnnnnnnnn ϋ I · ϋ ϋ n ft— nnn Order- ------- line (please read the notes on the back before filling this page) A7 __ _B7__ V. Description of the invention (9) 310 Data processing section 312, 3 20, 1404, 1408, 1412, 1422, 1454, 1504, 1510, printed by the Intellectual Property Bureau of the Ministry of Intellectual Property, 1516 decoding processing unit 315 distribution control unit 316, 1418, 1508 communication key generation unit 318 > 326, 328, 1406 '1410, 1424, 1452, 1506, password Chemical processing unit 350 Communication device 1102 Antenna 1104 Transmitting and receiving unit 1106, 1420 Controller 1108 Keying unit 1110 Display 1112 Sound reproduction unit 1120 Connector 1122 External interface unit 1200 Memory interface 1202 Terminals 1400, 1 500 authentication data holding unit 1402 Kmc (l) holding 1414 authentication key holding unit 1415 memory 1416 KPm (l) holding unit 1421 Km (l) holding unit 1440 authorized holding unit 1442, 1444 switch 1450 K (l) holding unit 1502 Kp holding section 1518 music reproduction section 1525 mixing section 1530 connection terminal AC purchase condition information AC1 access control information AC2 regeneration circuit control information BS0, BS1, BS2, BS3, BS4 data bus

Kmc (x), Kp (x) secret decoding key KPma public authentication keys Ksl to Ks4 common [the best embodiment of the invention] This paper size applies the Chinese National Standard (CNS) A4 specification (210 X 297 mm) 9 312518 (Please read the precautions on the back before filling out this page) Decoration δτ * Printed by the Employees ’Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs 497349 V. Description of the invention A conceptual diagram of the overall structure of the system. The following is a description of the structure of a data distribution system that distributes music data to each user through a mobile phone network. The following description can clearly understand that the present invention is not limited to this. This situation is also applicable to the distribution of content data of other works, such as image data, day image data, reading data, textbook data, game programs, etc., and it can also be distributed through other digital information communication networks. Figure 1: Authorized server (ilcense server) for managing copyrighted music data. 10 'is to encrypt music data (hereinafter also referred to as content data) according to a predetermined encryption method. And transmit the encrypted content data to the distribution carrier 20, that is, the mobile phone company, which is mainly performing the information required to distribute the encrypted music content or reproduction (also known as the license information license informati〇n) On the other hand, the authentication feeder 12 authenticates the memory card of the user who requires distribution and access to music data to determine whether it is a regular machine. The distribution carrier 20 is through its own mobile phone network. The distribution request (distribution request) from each user is transferred to the server 10, and the server 10 receives the distribution request as soon as the user receives the distribution request. Whether the memory card is a regular machine, and then encrypt the requested Yue Yue, then distribute the content data to the mobile phone of each user through the mobile phone of the carrier. User 1's mobile phone is a copy of ^ Standard Applicable ^ Sichuan _____________ ^ -------- ^ --------- (Please read the precautions on the back before filling this page) __B7 V. Description of the invention (11 〇 Women's disassembly memory card 1 The structure of 1 0. The memory card 1 1 〇 receives the dense content data transmitted through the telephone, and the content reproduction circuit (not shown) of the mobile phone 0: confirms whether the memory card is positive or not. After the device 'decodes the dense distribution performed by the distribution, and then sends it to the content reproduction circuit. M and' for example, the user 1 can use the headset 130 connected to the mobile phone 100, etc. ' "Regenerate" to listen to music. The following will authorize the server 10, the authentication server 12, and the sub-carrier (mobile phone company) 2 as follows. Collectively referred to as the distribution server%. In addition, a processing operation of transmitting content from the distribution server 30 to each mobile phone or the like is called "distribution". : With this structure, ‘100 first’ users who have not purchased a regular mobile phone to conceal the card will not be able to easily receive and reproduce the distribution data from the distribution feeder. At the same time, the carrier's 20 orders are distributed, for example, at the time of transmission, 'calculate its points, which can be collected at the same time as the mobile phone call'-and collect the works produced by the user each time they receive content data ㈣ 'So the copyright owner can easily secure the copyright fee. In addition, since this kind of content data distribution is performed through a so-called closed system of a mobile phone network, compared with an open system such as the Internet, it has an advantage that it is easier to implement a copyright protection measure. At this time, 'for example, the user 2 who has the memory card 112 can use his mobile phone 102 to directly send the content from the distribution server 3 to the two terminals. -Prepare user 2 directly from distribution server 3. When receiving the equivalent of Chinese paper standard (CNS) A4 specification (2ιχχ 297 mm 11 312518, printed by the Consumers ’Cooperative of Intellectual Property Bureau of the Ministry of Economic Affairs, printed 497349 V. Description of the invention (12) _ Information content etc It takes a long time to collect. In this case, if the user who has received the distribution content 3 t can copy the content data in advance, the convenience of the user can be improved. However, from the viewpoint of protecting the rights of the copyright owner, any free copying is not allowed in the system structure. As shown in Fig. 1, each of them is about the data received by user 1, … Gu Xianli copied it, and reproduced the authorization information required by the user 丨 to hold the sixty-two (controversy about Mogu data (corresponding to the right to reproduce: the user 2 process said) When it is "mobile" 1 of the music data: Mobile phones 100 and 102 are moved to the memory card II0H: encrypted content data and authorization information. The so-called "/ = 讯" 'such as As mentioned later, There are: content decoding records that can be decoded in accordance with the required encryption method plus poor j content data; and works related to copyright protection: = Authorization of m = or restricted information related to access to reproduction, etc. Mill, " Only the copy of the content data itself is called "Replication I". Since the authorization information is not attached during the copying process, the user 2 will not be able to reproduce the content data. Although the description is omitted here, it can still be used only by using 2 A new distribution method that distributes the authorization information of the content decoding record to reproduce the content data. The hunter is constituted in this way, and the receiver side can flexibly use the content data received by the distribution server 30. In addition, Mobile phones 100 and 102 are PHS (PersonalHar 12 -------------- installation -------- order -------- 丨 line (please read the Please fill in this page again for attention) 4S7349 A?

V. Description of the invention (13) Phone) When the so-called dual-use function can be performed, user 1 and user 2 can talk to each other's factory 'using this [system key and data structure] P can perform the movement of information.

Fig. 2 is an explanatory diagram for explaining the characteristics of the jffl ^ '1 ^ ^. Used in the lean material distribution system of the hall for code input and distribution of funds. First of all, the 枓 ^ ^ ^ distributed by the distribution server is the content data of music materials and the like. The internal communication service will send: • As described later, at least the secret that can be decoded by the content decoding key Kc ^ 円 谷 贫 料 {Data} Kc 的 form ”and can be distributed to users by the distribution server 30. In addition, {γ 丨 X shown below is hidden — ° ~, the table cannot use the X key to transform the data Y into decodable encrypted information. In addition, when the distribution server 30 distributes the content data, it also distributes the works related to the content data, or the unencrypted = f material additional data Data_lnf which is related to the storage of the feeder. In other words, 'the additional f material detail_ ^ contains information useful for specifying content data such as a track of content data, and information for specifying which server is to be used as the distribution server 30. Printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs—installed ... (Please read the precautions on the back before filling out this page) The following instructions and content data are encrypted or decoded / reproduced, or used as a mobile phone for content reproduction circuits , Or as an input related to the authentication of the memory card of the recording device. That is, as described above, a content decoding key Kc for encrypting and decoding the content data; a content reproduction circuit (the public encryption key KPp (x) of the mobile phone; and the public encryption surplus KPmc of the memory card are separately provided) x). · The data encrypted by the public cryptographic keys KPp (x) and KPmc (x), this paper size applies the Chinese National Standard (CNS) A4 specification (210 X 297 mm) 13 312518 497349 f Ministry of Economic Affairs wisdom Printed by the Property Bureau I Consumer Cooperative A7 V. Description of the Invention (Η) The unique secret decoding key κρ (χ) of the content reproduction circuit (mobile phone 100) and the secret decoding key Kmc (x) of the memory card can be used respectively. The public cryptographic keys KPP (X) and KPmc (x) are asymmetric cryptographic keys that can be individually decoded by the secret decoding keys KP (X) and Kmc (X) respectively. These inherent secret decoding keys will There are different contents depending on the type of mobile phone and the type of memory card. The so-called type of mobile phone and memory card are mainly based on the type of manufacturer and the date of manufacture (manufacturing batch number). It is established, and the natural number χ is a number used to distinguish each type of memory card and content reproduction circuit (mobile phone). In addition, there is a public authentication key KPma shared by the overall distribution system 〇 In addition, they are set in the above The public cryptographic keys KPmc (x) and KPP (χ) of the credit card u and the content reproduction circuit can be used by the child l 'aj to obtain the public certification key KPma' as a certifiable certificate. When outputting, in the form of {KPmc (x)} KPma and {KPp (x)} KPma, eight% 丨 二 ^ 丄 刀 is not recorded on the memory card and mobile phone. The following sentence / enter p The certification data of the π h 粑 3A bifurcation key is called identification data. In addition, it is used to control the mobile phone that constitutes the banning of music, that is, the mobile phone that is the content reproduction circuit 1 〇〇戍 Unload 愔 A ~ The information of the operation of the hidden card 110 includes the following items: When the user decodes each key in the bet, the mobile phone 100 transmits a message to the distribution server 30. _ ^ ^ 疋Buying conditions: Gongxun AC; Corresponding content providers J Si Yuanxing purchases the condition information AC, which is transmitted from the tiller server 30 to the memory card 11 of each J electric dwelling machine 100. The U memory card 1 is displayed with U. The number of accesses ____ number Access control information such as restrictions " Applicable to this paper standard 1 ^ vote 312518 nn I · nnf I 1 n I OJ »ft nnn ϋ nn I (Please read the precautions on the back before filling this page) A7

V. Description of the invention (IS A C1, and the memory card ii〇m _ j women's clothing that was transmitted by the reading and writing server 30 to Anshang in the pole φ at the mobile phone 100 and 100 Content reproduction circuit: Reproduction conditions that are not supplied from the memory card II to the mobile phone reproduction circuit control information 8. Restrictions on reproduction conditions refer to, for example, the promotion of new songs, the reproduction conditions of Uchigaya reproduction circuits, etc., which are only permitted at the price of each content or free of charge In addition, the audition is transmitted within a specified period of time. There is a key key KPm1 (1: self-producing △ splitting code ..., number) according to a key called a memory card and a bucket. , And can decode the data encrypted by the public cryptographic map, and transform 鍮 KPm⑴ key Km⑴. 的 1 inherent secret decoding in the memory card of each brother ^ Km (i) Here is the self-prepared version -pH "Guang. Code.…, The number 1 table does not need to distinguish the number of each memory card. In addition, in the" Shen Zu Ba Mo "system shown in Figure 1, the following keys are used for data communication. That is, it is used to perform the transmission and reception of data outside and between the memory cards. The secrets of the time are kept by using the common key generated in the server 30, mobile phone 胄 ι〇〇 or ⑽ and memory card 11 or 112 as the contents are distributed, reproduced and moved { ^ 1 to 1 ^ 4. Here, the common keys Ksl to Ks4 are inherent to the communication unit or access unit 2 between the distribution server, mobile phone, or memory card 2 "session" These common keys Ksl to Ks4 are hereinafter referred to as "communication keys". The above-mentioned general § period keys Ks 1 to Ks4 are based on the inherent values possessed in each communication communication period, and Delivery server, mobile phone, and memory card installed (please read the precautions on the back before filling out this page) Order-Print this paper mK through the use of armored papers by the Intellectual Property Bureau of the Ministry of Economic Affairs (Consumer Cooperative) ( CNb) A4 specification (210 X 297 public love) 15 312518 Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs 5. Description of Invention (16) to manage. Specifically, the communication period Ksl is distributed in the feeder Authorized feeding — _ and occurred in the various communication periods The communication period key Ks2 is generated by the memory card in each distribution communication period and the mobile (receiving side) communication period, and the communication period key Ks3 is also generated by the memory card in each regeneration communication period and the mobile (transmitting side) ) Generated during the communication period. The communication period key KS4 is generated during each regeneration communication period of the mobile phone. In each communication period, by transmitting and receiving: waiting for the communication period key 'to receive the communication period key generated by other equipment, and After the encryption of the communication period key is performed, the implementation of the distribution method such as the authorization key can improve the security of the communication period. First, in addition, the poor material for transmission and reception between the distribution server and the mobile phone , It is useful to identify the content mountain of the content information system; and to authorize the release time and authorize the management code of who issued it; and it is generated at the middle of the month to specify each distribution communication The period code is the ID and so on. [Configuration of Authorization Server 10] Fig. 3 is a schematic block diagram showing the configuration of the authorization server 10 shown in Fig. 丨. The authorization server 10 is provided with: information data for distributing the encrypted music data (cryptized content data), additional information, and content decoding keys for decoding the encrypted content data, etc. To maintain a charge database of 302 that charges each user in accordance with the distribution of authorized information for distribution of music data; Binding · -------- Line __ _ (Please read the note on the back first Please fill in this page again for this matter) This paper size is applicable to China National Standard (CNS) A4 specification (21 × 297 mm) 16 312518 A7-~~ ---------- 5. Description of the invention (17) '' '---- ^ The data processing unit 31, which receives data from the information database 304 and the fee-based lean material library 302 via the data bus BS0 to perform the prescribed processing; and distributes it to the carrier via the communication network (Distribution camer) A communication device 350 for transmitting and receiving data to and from the breeding processing unit 31. The data processing unit 3 1 0 includes: a distribution control unit 3 丨 $ which is used to correspond to the data on the shell material bus B s〇, and controls the operation of the data processing unit 3 1 0; 2 is controlled by the distribution control unit 315 The communication key generation unit 316 used to generate the communication key Ksl when the communication period is distributed; The communication device 350 and the data stream BS1 receive the authentication data transmitted from the 5th memory card via the mobile phone {KPmc ( j)} KPma, and then the decoding processing unit si for decoding the recognition key KPm a]; using the publicly encrypted key KPmc (j) obtained from the decoding processing unit 312, the communication generated by the communication period key generating unit 316 After the period key is coded, it is output to the cryptographic processing unit 3 1 8 of the data bus BS1; and each user uses the data bus BS1 to receive the data transmitted by the communication period key Ksl after being coded The decoding processing section 320 ° which performs decoding processing, and the data processing section 3 1 0 further includes the KPm (i), which is a publicly encrypted password unique to the memory card obtained by the decoding processing section 32, and is distributed to the control section 3丨 Password I for 5 rounds of granting password I --- (Please read first (Please fill in this page again before filling out this page) Order · Printed by the Intellectual Property Bureau of the Ministry of Economic Affairs and the Consumer Cooperatives Print this paper Standard Remuneration ® National Standard (CNS) A4 X 297 mm 17 ΤΠ515 'Printed by the Intellectual Property Bureau of the Ministry of Economic Affairs and Consumer Cooperative System 497349 A7 B7

V. Description of the invention (18) Cryptographic processing unit 326; and the self-decrypting processing unit 32 ^ is called ^ 卞 之 通 ^ period key Ks2, after the output of the cryptographic processing unit 326 is encrypted, Danhan issued To the encryption processing unit 328 of the lean material confluence BS1. [Configuration of Mobile Phone 100] Fig. 4 is a schematic block diagram illustrating the configuration of the mobile phone ⑽ shown in Fig. I. In the mobile phone 1Q0, the type of the regenerative circuit is represented by Yazhu as the inner valley (the natural number of the level X is set to X = 1. The mobile phone 100 series includes: to receive mobile phone thunder. Dingle electric The antenna 1102 of the signal transmitted wirelessly by the live machine network; π converts the signal received from the antenna 1102 into a base band signal, or changes the data from the mobile phone j 00 to the antenna Sending and receiving department 1104 of 1102;

A data bus BS2 for processing data transmission and reception of each part of the mobile phone 100; and L for controlling the mobile phone 100 controller 1106 by the data bus 2. In addition, the mobile phone 100 also includes: a section 1108 for transmitting instructions from the outside to the mobile phone 100; ^ a display 1 for transmitting the information output by the controller 1106 and the like to the user as visual information 〖J 〇; Use the quiet national grave standard (CNS) A4 specification

II! ------ II * -------- (Please read the notes on the back before filling out this page) 312518 18 V. Description of the invention (19) According to the value of the data bus BS2 3 from & Receiving data transmitted by BU, in the normal call operation, the sound reproduction unit ιι2, which is used to reproduce sound, is used to carry out the diagonal connection with the outside # Α 丨 the connector U2 of the heart Beike branch. ; And I install --- f Jing first read the precautions on the back before filling out this page j will record the information from the connection | § 11 2 0 she: * .. converted into a data bus BS2 The signal is an external interface 22 that converts the lean material from Fujiji and Needle Feeder BS2 into a signal that can be transmitted to the connector 1120. In addition, 'mobile phone 100' also contains memorable and encrypted music data f 宓 派 & _ ,,, Bedin Ye (also coded content data), and stores data for decoding processing at any time, F] n ± iv memory card 110 that can be freely loaded and unloaded at the time of memory; memory interface 1200 to control the data transfer between memory card 110 and data bus BS2; and In the authentication method, the KPp (1) coded authentication data is stored in the authentication data holding unit 1 $ ⑽ of the public password set in accordance with the content reproduction circuit level of the mobile phone 1 GG. In addition, the mobile electric machine 100 also includes a Kρ holding unit ι502 which prints and holds the unique secret decoding key of the mobile phone (content reproduction circuit) 's private secret key printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economy; , Using the secret decoding key Kρ (1) to perform a decoding operation on the data from the data bus BS2 to obtain a decoding processing unit 1504 of the communication period key Ks3 generated by the memory card 11; In the regeneration communication period of the content data reproduction, it is used to encrypt the data communicated between the memory cards 110 on the data bus BS2 and generate a communication key by random numbers, etc.

V. Description of the invention () Ks4's general period generating unit 1508; printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs 312518; by decoding the communication period key Ks3 obtained by the processing unit 1504, the communication period key Ks4 performs cryptographic processing, and then outputs it to the cryptographic processing unit 1506 on the data bus BS2; and uses the communication key Ks4 to decode the data on the data bus BS2 ', and then decodes the content into Kc and the reproduction circuit The control information looks like a decoding processing unit 1510. In addition, the mobile phone 100 also includes: receiving the encrypted content data {Data} Kc from the data bus BS2, and using the content decoding key Kc obtained by the decoding processing unit 1510 to decode, and in turn decoding the content data MW / Mixing unit for receiving the rotation of the decoding processing unit 1516, and generating content for the music reproduction unit 1518; Mixing unit for receiving the output of the music reproduction unit 1518 and the sound reproduction unit 1112, and selectively rotating it according to the operation mode乂 It is used to receive the output of the mixing section 1525, and the headphone 13. Connect: Connect terminal 1530. Here, the reproduced AC2 from the decoding processing unit 1510 is transmitted to the controller via the data bus BS2. Figure 4 is a simplified illustration. In the block diagram of the telephone set, only the music related to the present invention is recorded. The parts related to the distribution and reproduction of data, and the parts related to the call * function originally provided by the mobile phone are omitted. [Configuration of Memory Card 11.0] Fig. 5 is a diagram explaining the configuration of Fig. 4 L__. The approximate Gobbon paper size of the memory card no is applicable to the Chinese National Standard (CNS) A4. ^ ---------------------- Order ------ --- line (please read the notes on the back before filling this page) A7 B7 V. Description of the invention (21) Block diagram. (Please read the precautions on the back before filling this page.) As explained, the general public key KPm (i) and the corresponding secret decoding record Km (i) are the values inherent to each memory card. In the memory card 110, the natural number is set to i = 1. In addition, in the type (level) of the memory card, KPmc (x) and Kmc (x) are provided as inherent public cryptographic remainders and secret fork decode remainders, and in the memory card 110, the natural number X is represented by x = lto show. The memory card 110 includes: a data stream 棑 BS3 for transmitting and receiving signals through the terminal 1202 between the memory interface 1200; and holding {KPmc (l)} KPma's authentication data holding unit 1400 as authentication data; The unique decoding set for each memory card type is the Kmc holding section 1402 of K mc (1); the KPm (l) holding section that holds the unique public encryption surplus KPm (1) set according to each memory card 1416; and Km (l) holding unit 1421, which is a secret decoding key Km (1) that can decode data encrypted by the publicly ciphered record KPm (1), and printed by the consumer cooperative of the Intellectual Property Bureau of the Ministry of Economy. Here, the authentication data holding unit 140 uses the authentication key Kpma to encrypt and hold the public encryption key Kpmc (1) set in accordance with the memory card level in a decodable state. The memory card 110 also includes: The data transmitted through the memory interface 1200 to the data bus BS3 will be received from the Knic (l) holding unit 1402 and set according to the type of memory card. 〇X 297 public love)

Printed by the Employees' Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs 497349 V. The inherent secret decoding key Kmc (l) of the invention description (22), and the distribution period generated by the distribution server 30 during the distribution period is Ksl, The communication key Ks3 generated by other memory cards during the mobile communication period is rounded out to the decoding processing part 1404 of the contact Pa; the authentication key holding part 1414 for holding the authentication key KPma; the output of the authentication key holding part 1414 is received, and is transmitted to The data of the data bus BS3 'is decoded by the authentication key KPma, and the decoded result is output to the controller 1420 through the data stream 棑 BS4 and the decoding processing unit 1408 of the cryptographic processing unit 1410; and by switching The switch i442 selectively obtains the key, and encrypts the data selectively obtained by the switch 1444, and then turns to the encryption processing unit 14 of the data bus BS 3. The memory card 110¾ includes: in each communication period of distribution, reproduction, and movement, a communication period key or Ks3 communication period output generation unit 1418; and a public encryption key or KPmc (X) obtained by the decoding processing unit 1408. , The communication key generated by the communication key generation unit 1418

Ks3 is encrypted, and then output to the data stream 棑 BS3's cryptographic processing unit 1 4 1 0; and receive the communication key or encrypted data from the data bus BS3, and then obtained by the communication key generation unit 1418 The common key Ks2 or Ks3 is used for decoding, and the decoding result is rotated out to the decoding processing part 14 i 2 of the data stream BS4. Grabbing Lu Jiyi card 110, including: This paper size is applicable to Chinese National Standard (CNS) A4i} M2l0x2q7 / > ^^ 312518 ------------- Installation ------ ---- Order --------- line (please read the notes on the back before filling out this page) Marriage 49 Printed by the Consumers ’Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs A7 V. Invention Description (23 by others The cryptographic key KPm (i) (i total 1) inherent to the memory card, and the cryptographic processing unit 1424 that encrypts the data on the data bus BS4; by pairing with the public cryptographic key KPm (l) The secret decoding key Km (1) inherent in the memory card 11 (), the decoding processing unit 1422 that decodes the data on the data stream 棑 bS4; and the data bus BS 4 receives and stores the publicly encrypted key KPm ( l) It is coded and contains authorization information for content decoding and drawing Kc (content decoding key Kc, content 1) 0, authorization ID, access control information AC1, regeneration circuit control poor signal AC2), and also used for data confluence 棑The BS3 receives and stores the memory 1415 of the coded content data {Data} Kc and the additional data Data_inf. The memory 1415 is not specifically limited, and may be, for example, a flash memory The memory card 110 is also composed of a semiconductor memory. The memory card 110 also includes: an authorization holding unit 144, which holds the authorization ID, content ID, and access control information AC1 obtained by the decoding processing unit 1422; Confluence # BS3 performs data transmission and reception with the outside, and receives reproduction information, etc., from the data bus BS4, and is a controller i42 for controlling the operation of the memory card 110. The authorization holding unit 1440 is connected to the data bus BS4. In between, a part of the authorization data, that is, the data of the authorization ID, content m, and access control information AC1 can be transmitted and received. The authorization holding unit 1440 has n ^ n: a self-memory bank, which will correspond to-part of each authorized reproduction information It is kept in each memory bank. ^ This paper size is in accordance with Chinese National Standard (CNS) A4 specification (210x297 mm_ 312518 (please read the precautions on the back before filling this page). 497349 31251 A7 V. Description of the invention (24 ) In addition, the area circled by the dotted line in Figure 5 is within the memory card η 〇, and is edited by internal data erasure or internal The destruction of the road can make a third party TRM impossible for the data in the circuit within this range. Such modules are generally called Tamper Resistant Modules. The memory 1415 can be arranged to be included in the module TRM. However, as shown in the structure shown in Figure 5, the data held in the memory 1415-all are encrypted data, so the third person cannot The memory 1415 is used to regenerate the music data. Therefore, it is not necessary to set the memory in the high-priced anti-selfish tampering module, which has the advantage of reducing manufacturing costs. [Distribution operation] Next, each communication period of the data distribution system according to Embodiment 1 of the present invention will be described in detail with reference to a flowchart. ▲ Figures 6, 7, and 8 are used to explain the first distribution operation (hereinafter also referred to as the distribution communication period) that occurs when purchasing the content in the data distribution system that implements H1. , Second, and third flowcharts. > Figures 6 and 7 and 8 illustrate the user! The operation when receiving the content data from the distribution server 30 via the mobile phone 100 by using the memory card 110. First, 'from the user's mobile phone 100, the user ^ uses the turn operation described by the key part to perform a song selection operation (turn in Utani ID)' and sends out a distribution request 炎 γ 达 f clothing (step S100). Then, by using the key operation and the like of the key press unit 1108, the turn-on broadcast & [__authorized purchase condition AC is turned on (step S101). 7 Paper size applicable τϋϋ ^ (-_ Α4 Page order 497349 Printed by A7, Member of the Intellectual Property Bureau of the Ministry of Economic Affairs, Consumer Cooperatives V. Description of the invention (25) In the memory card 110, the corresponding distribution request is issued, and the certification data retention unit 1400 outputs certification Data {KPmc (l)} KPma (step S102). In addition to the accepted authentication data {KPmc (l)} KPma from the memory card 110, the mobile phone 100 is used to instruct the inner valley to receive the distributed content data. ID 'Authorization of purchase condition data AC to distribution server 30 (step S104). Distribution server 30 receives content iD from mobile phone 100, authentication data {KPmc (l)} KPma, authorization The condition data ac is purchased (step S106), and the decoding process is performed using the authentication key KPma in the decoding processing unit 312 (step S108). When the publicly encrypted remainder KPmc (l) encrypted by the authentication key KPma is formally registered and encrypted , The public encryption key KPmc (l) of the memory card ιο is accepted. On the other hand, when it is not officially registered, the unregistered public encryption key KPmc (1) is not accepted. That is, the distribution control unit 3 i 5 Based on accepted public cryptographic keys KPmc (1), takes note of the authentication server （(step S110). When these public cryptographic keys are accepted in step S1 08 and registered as official keys, they are judged to be valid and move to the next processing stage ( Step S112). On the other hand, when the public cryptographic key is not accepted, or it is accepted as an unregistered key, it is judged to be invalid and the process is terminated (step S170). The decoding process performed by the authentication key KPma In the constitution, when the public key KPmc (l) is authenticated, the public key KPmc (l) is separately attached to the public key, and the certificate can be encrypted by the key Kpma in a decodable manner and then transmitted. To the distribution server 3. 〇 Applicable to China National Standard (CNS) A4 specifications (21〇 > < -297 mm) 25 31251 ^ ----------- I .— (Please read first Note on the back, please fill out this page) Order · 497349 • '. ·:. * V A7

Printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs. 5. Description of the invention (26) If the result of the note is identified as valid, the distribution control unit 3 generates a transaction ID for the specific distribution communication (step su2). Next, the communication period key generation unit 3161 1 generates a communication period key Ksl for distribution. The communication period key Ksl is a public cryptographic input corresponding to the memory card 11 0 by the bank decoding processing unit 3 1 2 & P ^ mc (l), and is encrypted by the cryptographic processing unit 318 (step si 14). > A transaction ID and the encrypted communication key {Ksi} Kmc⑴ are output to the outside through the breeding material bus BS1 and the communication device 35 (step S1 16). The mobile phone 10 receives the transaction and the When the encrypted communication key {Ksl} KmC (l) (step S118), the received data is transmitted from the memory interface 1200 to the data bus RS3 through the memory card ιι, through the decoding processing unit U04 It decodes the secret key Kmc (1) unique to the different memory card no by holding it in the holding unit 1402 to decode and extract the cipher key Ksl (step si20). When the controller 1420 confirms the acceptance of the communication period key Ksl generated by the distribution server 30, that is, for the communication period key generation unit 418, it instructs that the communication period key generated in the memory card Π0 will be generated during the distribution communication period. Ks2 〇 The cryptographic processing unit 1406 uses the contact pa of the switch 1442, uses the communication key Ksl provided by the decoding processing unit 1404, and uses the contact pc of the switch 1444 to sequentially access the connection via the switch i446. The communication period key Ks2 and the public cryptographic key KPm (l) supplied by switching between point Pe and point pf are encrypted, and {Ks2 // KPm (l)} Ksl is rounded. This paper standard applies Chinese national standards ( CNS) A4 specification (210 x 297 mm) ΤΓZ5ΤΚ (Please read the phonetic on the back? Matters before filling out this page)-Pretend magic.. Yuan. 497349 A7 B7 V. Description of the invention (27) Out to the data bus BS3 ( Step S122). In addition, the symbol of {X // Y} Z refers to the data X and the data γ, which are data that can be encrypted using a Z-key and can be decoded. (Please read the precautions on the back before filling this page) The data {Ks2 // KPm (l)} Ksl output on the data bus BS3 is transmitted from the data bus BS3 to the action through the terminal 1202 and the memory interface 1200 The telephone 100 (step S122), and after the transaction ID processing is performed on the mobile telephone 100, it is transmitted from the mobile telephone 100 to the distribution server 30 (step S124). The distribution server 30 receives the encrypted data transaction ID // {Ks2 // KPm (l)} Ksl, and executes the {Ks2 // KPm (l)} Ksl using the communication key Ksl in the decoding processing unit 32. The decoding process receives the communication key Ks2 generated in the memory card and the public encryption key KPm (l) inherent in the memory card 110 (step S126). The distribution control unit 315 generates the access control information aci and the reproduction circuit control information AC2 based on the content m obtained in step S106 and the authorized purchase condition data AC (step S130). Printed by the Consumer Affairs Cooperative of the Intellectual Property Office of the Ministry of Economic Affairs Refer to Figure 7 and send it to the control unit 315 to obtain the authorization key Kc for decoding the encrypted content data from the information database (step S1U). The distribution control unit 315 executes the formation of the authorization ID (step si34). In the distribution control unit 315, the content decoding key Kc of the authorization information and the regeneration circuit control: the message AC2, the authorization ID, the content 10, and the access control message AC1 'are encrypted by the encryption processing unit 326, and the decoding processing unit M. The publicly encrypted password Kpm⑴ inherent to the obtained memory card 110 (step S136).

Paper Rule Money Secret (21G 27 312518 4 ^ 7349

V. Description of the invention (status) Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs The coded processing unit 328 receives the output of the cryptographic processing unit 326 and encrypts it with the communication key Ks2 generated by the memory card 110. The encrypted data {{Kc // AC2 " Authorization ID // Content ID // ACl} Km (l)} Ks2 rotated by the cryptographic processing unit 328. After attaching the transaction id, it passes the data bus BS1 and communication The device 35 transmits to the mobile phone 100 (step S138). In this way, the communication period keys generated by the distribution server 30 and the memory card 110 are exchanged with each other, and the encryption is performed using the received encryption key. And send the encrypted data to the other party, and when transmitting and receiving the respective encrypted data, they can also perform actual mutual authentication, thereby improving the security of the data distribution system. The mobile phone 100 receives the transmitted transaction ID and encrypted data {{KC // AC2 // authorized id // content iD // ACl} Km (l)} Ks2, and only rotates the encrypted data into memory Card 110 (step sl40). The encrypted data supplied to the data bus B S3 is decoded in the memory card 11 through the memory interface 1200 and the decoding processing unit 1412. That is, the decoding processing unit 14-12 uses the communication period key Ks2 supplied from the communication period key generation unit 1 4 丨 8 to decode the encrypted data of the data bus BS3 and output it to the data bus BS4 (step S144). . As shown in FIG. 8, the secret decoding key Km (l) held in the Km (l) holding unit 1421 can be used for decoding, and the data {Kc // AC2 // authorization ID // content can be output to the data bus bs4. iD // AC1} Km⑴, according to the instruction of the controller 1420, in the decoding processing section 1422, the decoding is performed via the secret decoding key Km (l), and the content decoding key Kc and the reproduction circuit control information II · I I-- -i I ^ --------- (Please read the precautions on the back before filling in this page) This paper standard outline hat is fresh (CNMA4 specification (210 x 297 meals) 28 312518 / V. Description of the invention (29 or AC2, authorization ID, content id, and access control information AC1 (step S14 6)) On the other hand, the data output to the data bus BS4 {Kc // AC2 // authorization ID // content lD // ACl } Km (l), when it is in the memory 1415 outside the TRM area, it is recorded in the area corresponding to the content id (step S148). In addition, before the process of step S146 is terminated until the process of step S148 is executed, the data {Kc // AC2 // authorization ID // content ID // ACl} Km (l) will be temporarily placed in the area defined by the memory 1415. The authorization ID, content id, and access control information AC 1 is recorded in bank j, which is the j-th memory bank vacant in authorization information holding unit 144 (step S1 52). Here, the natural number j is the number corresponding to the content data, and 1 S j SN (N ·· Total number of memories). At the stage where the processing up to step S 1 52 is completed normally, the user communicates to the mobile phone 100: requesting the transmission of authorized key messages such as content decoding keys and content data, or only transmission Instruction of authorization information such as content decoding key (step S154). When requesting transmission of authorization information such as content decoding key and distribution of content data, the mobile phone 100 sends a request for distribution of content data to the distribution server 30 (step S1 56). On the other hand, if only the authorization information such as the content decoding key is required to be distributed, the process moves to step S164. When the authorization information such as the content decoding record and the content data are required to be distributed, the distribution feeder 30 will Receive the content data distribution request, obtain the encrypted content data {Data} Kc and the additional data DATA-inf from the information database 304, and then use the data bus BS1 and the communication device 350 to output these data. -------- 1 ---- 、 · -install—— (Please read the notes on the back before filling out this page) The paper size printed by the Employees' Cooperatives of the Intellectual Property Bureau of the Ministry of Economy applies the Chinese national standard ( CNS) A4 specification (2) 0x 297 mm 29 312518 4 ^ 7349 A7 B7 printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs 5. The invention description (30) is issued (step S158). The mobile phone 100 receives {Data} Kc // Data-inf, and accepts the encrypted content data {Data} Kc and the additional data DATA-inf (step S160). The encrypted content data {Data} Kc and the additional data Data-inf are transmitted to the data bus BS3 of the memory card through the memory interface 1 200 and the terminal 1 202. The memory card 110 records the received encrypted content data {Data} Kc and the additional data Data-inf directly in the memory 1415 as it is (step S162). In addition, the distribution acceptance notification is transmitted from the mobile phone i 00 to the distribution server 30 (step S164). When the distribution reception server 30 receives the distribution acceptance (step S166), the charging is accompanied by the charging of the charging database 302 Store the data and execute the processing to complete the distribution (step S168), and complete all the processing (step S170) ° In addition, the transaction ID is added to the transmission and reception of continuous distribution to identify the same distribution processing Communication. Although there is no special illustration, when the sender and receiver cannot receive the corresponding transaction ID, the distribution process ends. With this processing, only when the distribution request is confirmed, the public encryption key KPm from the content reproduction section of the mobile phone 100 and the shame card 11 is valid, and 'the content material can be distributed'. Due to the proper distribution of the machine, the security of the transmission can be improved. [Data storage status of the authorization holding unit 1440 and the memory 1415] Fig. 9. Conceptual diagram of memory area allocation of the authorization holding unit 1440 showing data stored in the memory "Η shown in Fig. 5" --- ------------------ Order · ------- * (Please read the precautions on the back before filling this page) This paper size applies Chinese national standard ( CNS) A4 specification (210 X 297 public) 30 312518 A7

Μ --------- ^ ---------_ (Please read the note on the back? Matters before filling out this page) A7 V. Description of the invention ^, ABC351654, 5 ^^^^ ^ ID ^ 0046185 ^^^ 'and as the access control information m AC1, it stores "〇〇ff," carry ------ (Please read the back first Please note this page before filling in this page) Now) In the access control information AC1 ,, 0_, the higher-level "00" indicates the "moving prohibited" of the authorization information described below. C125911 is stored in the memory bank 4 of the authorization holding unit 1440 as the authorization corresponding to the content ID = ,, and ⑺ ””, and as the access control poor signal AC1, it is stored, and the performance is carried here. The memory ID is still stored in the corresponding content 31 "31", the authorization ID, and the distribution processing corresponding to the storage bank 4 is to receive a new authorization information transmission in a state where the storage bank 1 maintains the authorization information. , Does not distribute content data. Referring to FIG. 10, in the memory 1415, the content decoding key Kc of the authorized data and the reproduction circuit control information AC2, the authorization ID, the content ID, and the line are printed by the Intellectual Property Bureau of the Ministry of Economic Affairs and the Consumer Cooperatives. AC1, according to different contents, in other words, according to the data identified by the content ID, the encrypted authorization information data {Kc // AC2 is encrypted by the secret key Km (l) held in the Km (1) holding section 1421 // Authorization ID // Content ID // AC1} Km (l) is converted into a decodable form and recorded in the area determined by the corresponding content ID. Therefore, as the authorization information corresponding to the content id = “15000913”, the encrypted authorization information corresponding to the authorization ID recorded in the memory 2 is recorded. In addition, as the authorization ID corresponding to the content ID = "10000 131", there are two authorization ids corresponding to the storage IDs in the memory bank 1 and the memory bank 4, respectively. The content decoding input and the content id must be the same, and the authorization ID The two cryptographic authorization information must be different. And presents the state that most reproduction rights correspond to one encrypted content material. 312518 This paper is in accordance with China National Standard (CNS) A4 (210 X 297) 4 ^ 7349 A7 B7 V. Description of the invention (33 With this structure, in the "mobile" process described later, other After moving the content data corresponding to the content ID = ,, side 〇i3i ,, the user of the memory card 11G cannot reproduce the content data. [Regeneration Action] Next, the description will be made in the mobile phone 100 by holding The encrypted content data on the memory card 110 is used to reproduce and output music to an external reproduction operation (hereinafter also referred to as a reproduction communication period). Fig. 11 is a diagram for explaining the operation of each part during the reproduction communication period. As shown in FIG. 11 ', a regeneration request is generated from the mobile phone 100 according to the instruction of the user 1 such as the key unit 1108 (step S2OO). The mobile phone 1Q0 corresponds to the generation of a regeneration request, and the authentication data holding unit 1500 The authentication key KPma is used to output the decodable authentication data {KPp (l)} KPma to the data bus BS2 (step S202). The encrypted encrypted data {KPp (1)} KPma is transmitted through the data bus BS2 and ashamed Transferred to the surface of the memory card 11〇 12〇〇 in the memory card 110, the terminal 1202 to communicate through the data bus BS3, and encryption for authentication information {KPp〇)} Kpma based revenue in decoding process section 1408. The decoding processing unit 1408 receives the authentication key KPma from the authentication key holding unit 1414 to perform the decoding process of the data of the data bus BS3 (step S204). When the public key Kpp (1) i encrypted with the authentication key KPma is used to log in and encrypted, that is, when the authentication key KPma can be used for decoding 'and the auxiliary data generated during decoding is recognized (step S206) The paper size is in accordance with the Chinese National Standard (CNS) A4 (210 X 297 mm) (please read the precautions on the back before filling this page). Packing.-Intellectual Property Bureau, Ministry of Economic Affairs, Consumer Cooperative, Printed by Ministry of Economic Affairs Printed by the Property Cooperative Consumer Cooperative 497349 A7 __B7 V. Description of the Invention (34 Open Code Yu K P p⑴ will accept the certification result obtained by using the certified Yu KP ma and move to step S210 for processing. On the other hand, it is impossible When decoding, or when the auxiliary data generated during the decoding process cannot be identified (step Kamakacho (step S206)), the processing is terminated without recognizing the authentication result obtained using the authentication key KPma (step S240). When the controller 1420 uses When the decoding processing unit 1408 accepts the inherently publicly encrypted input κρρ⑴ of the Uchigaya reproduction circuit of the mobile phone 100, when the authentication result is an acknowledgement action When the phone is 100, it is judged that the transmitted public cryptographic key KPP (1) is a public cryptographic input that has been supplied to a content reproduction circuit recognized by this data distribution system, and the communication period is communicated through the data bus BS4. The key generation unit 1418 instructs generation of the communication period key Ks3 in the regeneration communication period. The communication period key Ks3 generated by the communication period key generation unit 1418 is transmitted to the cryptographic processing unit 141. The cryptographic processing unit "... through the decoding processing unit The publicly-encrypted key KPp (l) of the mobile phone 100 obtained in 1408 is used to encrypt the Ks3 of the communication period and output the encrypted data {Ks3} Kp (l) to the data bus BS3 (step S21). The mobile phone 100 receives the encrypted data {Ks3} Kp (1) at the data bus BS2 through the terminal 102 and the memory interface 1200. The encrypted data {Ks3} Kp (l) is decoded by The processing unit 1504 decodes and accepts the communication period key Ks3 generated by the memory card 110 (step S212). The controller 1106 responds to the reception of the communication period key Ks3, and instructs the communication period key generation unit through the data bus BS2 to instruct. 15〇8, the communication period of Xingle telephone 100. Generated The generation of the letter period key Ks4. The generated communication period key Ks4 is transmitted to the cryptographic processing section! 506, using the decoding processing section 'paper size applies the Chinese National Standard (CNS) A4 specification (2) 0x297 mm ) --- ------------- install -------- order ii BMme > ϋ I tn i I (please read the phonetic notes on the back before filling this page) A7

f Please read the notes on the back before filling in this page.) Binding-Printing · Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economy mm A7 ^ ~ --SL__ 5. Description of the Invention (36) " ~ --- By. The so-called "best advantage" refers to the person with the most unlimited access. In addition, the selection is controlled by the controller 1 of the mobile phone 100, but the second can also be realized by the control of the controller 1420 of the memory card 110. In step S218, when it is determined that reproduction can be performed in the reproduction communication period, a decoding process for obtaining the reproduction finger curl Kc or the reproduction circuit control information AC2 recorded in the record is executed. Specifically, decoding: f According to the instruction of the controller 1420, the decoding processing unit 1422 reads the self-memory 1415 to the encrypted data of the data bus with the secret key K (l) '{KC // AC2 / / Authorization ID // content ID // AC1} Km⑴ to decode. Thereby, the content decoding key Ke and the reproduction circuit control information AC2 can be obtained (step S222). The obtained content decoding input Kc and the reproduction circuit control information AC2 are transmitted to the encryption processing unit 1406 through the contact pd of the switch 1444. The cryptographic processing unit 1406 encrypts the data Kc and AC2 received from the data bus BS4 by the communication period key Ks4 received from the decoding processing unit 1412 through the contact Pd of the switch 1442, and { Kc // AC2} Ks4 is output to the data bus BS3 (step S224). The encrypted data output to the data bus B S 3 is sent to the mobile phone 10 through the memory interface 1200. The mobile phone 100 decodes the encrypted data {Kc // AC2} Ks4 transmitted to the data bus BS2 through the memory interface 1200 through the decoding processing unit 1510, and receives the content decoding key Kc and the reproduction circuit control information. AC2 (step scale S226). The decoding processing unit 1510 sends the content decoding key Kc to the decoding processing unit 1 5 丨 6, and controls the reproduction circuit M -------- ^ ------- (Please read the precautions on the back before (Fill in this page) This paper size is in accordance with Chinese National Standard (CNS) A4 specification (210 X 297 public love) 36 312518 492349 _____B7 V. Description of the invention (37 Poor AC2 output to the data bus BS2. The controller should use data Rank BS2, accept the control circuit status AC2 of the regenerative circuit, and make a decision whether to regenerate (step s228). In step S230, when the regenerating circuit control information AC2 determines that the regenerative circuit cannot be regenerated, the regenerative communication is ended Period (in step S24〇p, when there is a possibility of reproduction), the encrypted content data {fine coffee, recorded from the memory card 11 round to the data bus BS 3 will be recorded in the memory 24, and through卞 Cover the hidden interface 〇〇 and pass it to the mobile phone 100 (step S230). In the mobile phone, the encrypted content data from the memory + 110 will be transmitted to the Guanghui bus BS2 ... Use Content Decoding Record Ke Solution in Decoding Process # 1516 Code to obtain unencrypted = content data Data (step S232). The unencrypted content f data Data after decoding is reproduced by the music reproduction unit 1518, and through the mixing unit 1525 and the terminal 153 〇 Output the reproduced music to the outside for processing (step S240). Even during the reproduction pass #, the encrypted keys generated on the mobile phone 1 and the secret: 110 are exchanged with each other, and the passwords received by each other are used The encryption key is encrypted, and the encrypted data is transmitted to the other party. As a result, similar to the distribution communication period, even during the regeneration communication period, mutual authentication can be performed during the individual transmission and reception of data, and The security of the data distribution system can be improved. [Movement Action] The following describes the place where the content data is moved between the two memory cards. 312518 Printed by the Intellectual Property Bureau Employee Consumer Cooperative of the Ministry of Economic Affairs 497349 A7 B7 _________________ V. Description of Invention 38) Figures 12, 13 and 14 are used to illustrate the use of mobile phones iQo and IQ between two memory cards 110 and 112]. Flow chart for processing of content data, keys, etc. at the time of movement, 2nd, and 3rd. Figures 12 to 14 are natural numbers used to identify mobile phones and memory cards 110 χ is set to χ = 1, and the natural number χ to identify the type of the mobile phone 102 and the memory card 112 is set to χ = 2. In addition, the natural numbers 1 ′ to identify the memory card 11 and the memory card 112 are each Expressed as i = l and ί = 2. In Figs. 12 to 14, the mobile phone ι〇〇 and the memory card u〇 are the transmitting side 'and the mobile phone 102 and the memory card 112 are the receiving side. In addition, the mobile phone 1 102 is provided with a memory card 112 having the same structure as the memory card i. Hereinafter, each component of the memory card 112 will be described by using the same symbols as those corresponding to the corresponding part of the memory card 110. Referring to FIG. 12, first, the user issues a content movement request from the mobile phone 100 of the user 1 on the transmitting side through a drawing operation or the like of the key part π08 (step S300). The generated movement request is transmitted to the memory card 112 by the mobile phone 10 of the user 2 on the receiving side. For the memory card 112, the authentication data holding unit 1500 rotates the data "Kpmc (2)" Kpma authenticated by the public encryption key KPm (2) of the corresponding memory card 112 (step S302). The data {KPmc (2)} KPma authenticated by the memory card 112 is transmitted from the user 2's mobile phone 102, and transmitted to the memory card 110 via the user 1's mobile phone 100 (step S304). ---------------------- ^ --------- Line Γ% Read the Zhuyin on the back first? (Fill in this page again)

V. Description of the invention (39) • I — (Please read the notes on the back before filling this page) The decoding process is performed on the memory card 110 by the decoding processing unit 1408. The publicly encrypted key Kpmc (2) encrypted with the authentication key KPma is officially registered and encrypted, that is, it can be decoded by the authentication key Kpma, and when the dependent data generated during decoding can be identified, The decoded public encryption key KPmc (2) is accepted as the public encryption key of the memory card 112. On the other hand, if the generated dependent data cannot be decoded or cannot be identified during the decoding process, the acquired data will not be accepted (step S306). The public cryptographic key Kpmc (2) inherent in the contents of the memory card 112 is accepted by the decoding processing unit 1408, and the controller 1420 judges the transmitted public cryptographic key KPmc (2) to be attached to the data The public encryption key of the memory card recognized by the system is distributed, and the process of step S312 is performed (step S308). On the other hand, if it is not accepted, it is judged as an improper access from an unrecognized device and the processing is terminated (step S36). Printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs When the authentication result is valid, the controller 1420 deducts the communication period key generation unit 141 8 and outputs the communication period key Ks3 generated on the distribution side during the mobile communication period. The communication period key K3 generated by the communication period key generated by the generation unit 1418 is transmitted to the encoding processing unit 1410. The cryptographic processing unit 1410 receives the publicly encoded residual KPmc (2) of the memory card 112 decoded by the decoding processing unit 1408 in step S306, and uses the publicly encrypted residual Kpmc (2) to exchange the communication period. The key Ks3 is encrypted. With this, the encrypted communication key {Ks3} Kmc (2) is output to the data bus bS3 (step S314). {〖53} 1: 111 (^ (2) which is output to the data bus ^ 83 is transmitted to the memory card through memory; 1200, mobile phone and mobile phone IQ], and the standard is suitable for financial institutions. (Cns) A4 regulations ^^ x 297 public love) TT25T »B7 V. Description of the invention (shame)-The memory card 112 receives the output from the memory card n0 and executes it through the decoding processing unit 1404.对应 corresponding to the memory card 112 (please read the precautions on the back before filling in this page) decoding process of the key Kmc (2), and then accept the communication card Ks3 generated by the sending side (step S316 ). Corresponding to the receiver s of Ks3 during the communication period, the controller 1420 of the memory card 112 instructs the remaining output peak of the communication period (Stop M18), and the communication period Ks2 generated on the receiving side when the mobile communication period is generated. The generated communication key Ks2 is transmitted to the cryptographic processing unit 146 through the contact Pf in the switch 1446 and the contact bu in the switch 1444. The cryptographic processing unit 1406 receives the communication key Ks3 from the decoding processing unit 1404 in step S316, and uses the communication key Ksl to pass the contact pc of the switch 1444 and the contact pf of the switch 1446. After the communication period key Ks2 switched with Pe is encrypted with the public encryption gun Kpm (2), {Ks2 // KPm (2)} Ks3 is output to the data bus BS3 (step S318). Encrypted data {Ks2 // KPm (2)} Ks3 printed and output to the data bus BS3 by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs is sent to the memory card 110 through the mobile phone 10 and 100 Row BS3. On the 5th memory card 110, the communication period is used to input K s 3 and the encrypted data transmitted to the data bus BS3 is decoded by the symbol processing unit 1412, and the communication period key Ks2 and public information related to the memory card 112 are received. The cipher key KPm (2) (step S320). The controller 1420 of the memory card 110 corresponds to the acceptance of the communication period 鍮 Ks2 and the public cryptographic key KPm (2). The paper size within the execution authorization holding unit 1440 applies the Chinese National Standard (CNS) A4 specification (210 X 297 public) (Centre) 312518 A7 V. Description of the invention (41 Confirmation of access control information AC1 ^ ^ Confirmation result h can move authorization H /) ° Access ㈣ is, 0 (m "night right, that is, access control information When the upper stable or the corresponding content m is not stored in the authorization holding unit 1440, that is, the movement at this stage (step S360). The confirmation result of the movement and access control information AC1 is that execution of f is permitted _ Period, it moves to the next step-step S324 for processing, and the control unit 1420 changes the access control information AC1 authorized to hold to: Su Qing corresponds to the step, and executes this in the regeneration communication period and mobile = period. Confirmation and processing of the access control information card, because each subsequent communication period is prohibited, so the memory card 11 will not be able to reproduce or move the content of the mobile memory card m. In addition, there are many different contents. Access control information When the same content data is applied, the user can move or select any of the access control information. Then, the controller 1420 obtains the corresponding content m and the authorization m from the authorization holding unit 1440 (step S325). Printed by the Intellectual Property Bureau employee consumer cooperative and instructed by the controller 142G to memory 1415 to execute the communication period theory Kc corresponding to the mobile content and the encrypted data related to the reproduction information {KC // AC2 // Authorization belongs to the content Lion ACl} The output of Km⑴. The encrypted data {Kc // AC2 // authorization⑴ " Content ID // ACl} Km (l) output from the memory 1415 is decoded by the decoding processing unit 1422, and is on the data bus BS4 Kc and AC2 are obtained (step S326). In step S325, the authorization ID 'Uchiya ID and access control information AC 1 acquired by the authorization holding unit 144〇, and the information in step 8326 are obtained.

This paper size applies to China National Standard (CNS) A4 specifications (210 A7 --------------- B7_______ V. Description of invention (42) Kc and AC2 obtained from the data bus BS4 Program to the encryption processing unit 1424 for encryption. In step S320, the encryption processing unit 1424 uses the memory card obtained by the encryption processing unit 1412. (Please read the precautions on the back before filling this page) Yes Public encryption key KPm (2), which encrypts these data, and generates {Kc // AC2 // authorization id // content ID // AC1} Km (2) (step S328). Turn to the data stream 棑The encrypted data {Kc // AC2 // authorized I ID // content ID // AC1} Km (2) of BS4 is transmitted to the cryptographic processing unit 4406 through the contact Pd in the switch 1444. And The encryption processing unit 1406 receives the communication period key Ks2 generated by the memory card 112 obtained by the decoding processing unit ι412 through the contact point pb of the switch 1442, and then uses the communication period key Ks2 to receive the data received by the contact Pd. Encryption: The encryption processing unit 1406 outputs {{Kc // AC2 // authorization ID // content ID // ACl} Km (2)} Ks2 to the data bus BS3 (step S330). In step S330, the encrypted data output to the data stream BS3 is transmitted to the memory card 112 on the receiving side of the mobile communication period through the mobile phones 100 and 102. Consumption by employees of the Intellectual Property Bureau of the Ministry of Economic Affairs Cooperatives are printed on the memory card 112, and the communication period key Ks2 generated by the communication period key generation unit 1418 of the decoding processing unit 1 4 丨 2 performs decoding and accepts {Kc // AC2 // authorization ID // content ID // AC1} Km (2) (Step S3 3 2). The data {Kc // AC2 // authorization ID // content lD // ACl} Km (2) is recorded in the memory 1415 which is not in the TRM area ( Step S334). The {Kc // AC2 // authorization ID // content ID // AC1} Km (2) encrypted by the public encryption key KPm (2) is used by the decoding processing unit 1422 via a memory card 11 The inherent secret decoding 鍮 Km (2) performs the decoding process to the Chinese paper standard (CNS) A4 specification (210 x 297 public love). 312518

A7 B7 5. Invention description (43) ^ ^ " Accept authorization ID, content ID, and access control information aci (step s336). The authorization m, content m, and access control information AC1 received by the decoding processing unit M42 are recorded in a memory designated by the authorization holding unit （(step S338). In this way, because the processing up to step S338 is normally completed, the content decoding record Kc and the reproduction information can be moved, and the content data copy request can be executed through the mobile phone! 〇2 The copy of the data in the step valley is requested via the mobile phone i 〇〇 is transmitted to the memory card no, in response to the copy request, the memory 1415 of the memory card 11 0, the corresponding encrypted content data {Data} Ke and additional data Data_ inf are output to the data bus BS3 (step S342). The data output by the data bus BS3 reaches the memory + 112 through the memory interface 1200, the mobile phone 100 and the mobile phone 102 #, and is recorded in the memory 1415 of the memory card 112. (Step S344). After the recording of the encrypted content data {Data} Kc and the additional data Data_inf is completed, the mobile acceptance is sent through the mobile phone 102 (step S346). Therefore, as long as the memory card 112 and the corresponding mobile phone 1 〇2, the normal regeneration communication period can be performed, and the mobile phone 102 and the encrypted content data {Data} Kc and the content can be recorded on the memory card 112 The code key Kc is used to listen to music through the mobile phone 102. The mobile phone 100 'on the sending side receives the mobile acceptance sent from the mobile phone 102 (step S348), and reproduces the renewable authorization information with the same content ID. Confirmation of the existence (step S349), no authorized information This paper size applies the Chinese National Standard (CNS) A4 specification (210 X 297 public love) ----------- * clothes --- (Please read first Note on the back, please fill out this page again} Ί ^ τ · Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs 43 A7 A7 Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs 5. When the invention description (44), that is, when it cannot be reproduced Then, Jiang 4 & Qikou received and instructed the user to clear or retain the content information & and instructions via the key section 1108 (step S350). At this time, 'delete the content according to the section * 1 Ί 8 The instruction of the data is stored in the memory 1415 of the memory card 110 except for the corresponding encrypted content data {Data} Kc and the additional data d and Data_lnf (step S354). On the other hand, when it is instructed to keep the content data, the data is saved. Skip step S354, At this stage, the mobile processing is ended (step S356). If there is authorization information and it can be reproduced, the process proceeds to step S356 'and the mobile processing is ended. The private mobile communication is normally performed. In the case where the mobile processing ends step S356 'or when the mobile communication period is suspended by checking the authentication and access control information A (: ι), skip steps S308 and S322, and end the processing of all mobile communication periods (step S36〇 :). In addition, since the authorization information such as the content ID corresponding to the authorization holding unit 1440 is updated in step S324, the access control information aci is updated, and the regeneration communication period and the mobile communication period are prohibited. Therefore, the situation appears to be clear. . The memory in which the reproduction information in this state is recorded is allowed to be written when the reproduction information of the new content data is distributed or moved. Therefore, in step 324, the same effect can be obtained even if all the data in the memory bank is deleted. Furthermore, in the state where the encrypted content data {Data} Kc is maintained in the memory 1415, if the transmission server 30 is accessed again and only the transmission of the reproduction information is received, the password can be reproduced again. Turn content data into listening music. • Only the distribution processing for distribution of reproduction information, please refer to the description of Figures 6 to 8. --------------------- ^ --------- ^ (Please read the notes on the back before filling this page) This paper size is applicable to China National Standard (CNS) A4 Specification (2〗 0 X 297 mm) 44 312518

V. Description of the invention (45) Printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs. With this structure, even during the mobile communication period, the inner valley regeneration circuit (mobile phone) on the receiving circuit side and the memory card can be used after authentication. The movement of encrypted data can still be performed, so the security of the system can be enhanced. [Change of Data Storage State of Authorization Holding Unit 1440] FIG. 15 is a conceptual diagram showing the state of the memory information in the memory area of the authorization holding unit 1440 after the mobile card is moved. In addition, FIG. 16 is a conceptual diagram showing the state of the memory information in the memory area 14 i 5 of the memory card 丨 丨 〇. Referring to FIG. 15 and FIG. 6 and FIG. 5, the status shown in FIG. 5 corresponds to the status after the content data has been moved with the content ID = “100%! 3 丨”. As a result, the access control information AC1 of the memory bank 4 of the authorization holding unit 1440 is changed from "'01FF" to "00". However, corresponding to the contents of the memory bank 11 :) =, 100000131, and the access control information AC1 is kept in the state of 01FF, so it can be executed after the movement process. Corresponding content ID = "10000131" Reproduction of content data. Referring to FIG. 16, after executing the corresponding content 1] [): = ,, 100, 131, and, the information stored in the memory 1415 in the memory card 110 is not changed after the content data is moved. The value of the authorization ID of the content data corresponding to content ID = "10000 131" is different from the value in the memory 14 15 after the mobile processing, and is generally different in the authorization holding unit 1440, but has no effect on the reproduction processing. Fig. 17 is a conceptual diagram showing the state of the memory information in the memory area of the memory card 14 of the other memory card n 0 after the mobile processing. 312518. I --- (Please read the precautions on the back before filling this page) Order-497349

V. Description of the Invention (46) In addition, FIG. 18 is a conceptual diagram corresponding to FIG. 17 and showing the state of the memory information in the memory area of the memory 1415 of the memory card ιι〇. (Please read the precautions on the back before filling this page.) Refer to Figure 17 and Figure 18. The status shown in Figure 17 corresponds to the content ID = ”20046185” after the content data is moved. As a result, the access control information AC1 of the memory bank 3 of the authorization holding unit 1440 is replaced with "0iff" by "0000". | Therefore, after the mobile processing, the reproduction of the content data corresponding to the content ID = "15000913" cannot be performed With reference to FIG. 18, after the content data corresponding to the content 11: > == ,, 15000091, is processed, according to step S352, if necessary, the pair in the memory 1415 will be stored. The additional data ⑽㈣f and the encrypted content data {Data} Kc of the area to be processed are deleted. Embodiment 2 Fig. 19 is a block diagram showing a memory card 4 constituting a memory card 4 of Embodiment 2. Fig. 5 is a diagram corresponding to Embodiment i. Printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs ▲ Referring to Figure 19, the memory card 114 is compared with the memory card 1 of the embodiment shown in Figure 5; the difference is that the memory card worker 14 has There are: κ⑴ holding unit 145 that holds the secret record κ⑴ inherent to the memory card. By secret recording κ⑴, a cryptographic processing unit 1452 that encrypts data on the data bus BS4, and by secret κ (1) The decoding processing unit 1454 that decodes the data on the data bus. Since the other points are the same as the structure of the memory card 11 in the embodiment! Therefore, the same parts are represented by the same symbols and will not be described repeatedly. In the data distribution system of the second embodiment, I spent time with Tongju Paper Mill. Ϋ 29ϋ

Illustrations of the characteristics of the password-related keys and data distributed during the message. (Please read the precautions on the back before filling in this page) The characteristics of the key and data distribution of the data distribution system of the embodiment i shown in Figure 2 are different. As mentioned above, the memory card is used. Inherent secret key K (i). Since the other parts are the same as those in the first embodiment, the description will not be repeated. [Distribution Processing] Figures 21, 22, and 23 are used to explain the first, second, and second distribution operations of the data distribution system that implements Form 2 when the content is purchased. 3 is a flowchart which is in contrast with FIGS. 6 to 8 of Embodiment i. 21 to 23 illustrate the operation when the user 1 receives the content data from the distribution server 30 via the mobile phone 100 using the memory card 114. The difference from the distribution process of the memory card 110 in the first embodiment is that the step S148 is omitted in the second embodiment, and after the step S146, the step s150 described below is executed. Printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs, that is, the content decoding key Kc, the reproduction circuit control information AC2, the authorization ID, the content ID, and the access control information AC1 accepted in step S146 are again inherent to the memory card 110. The secret key κ (1) is encrypted in the encryption processing unit 1452, and {Kc // AC2 // authorization ID // content ID // AC1} K (1) is recorded in a memory 1415 outside the TRM area Medium (step S150) ○ In this way, in step S146, the content decoding key Kc and the reproduction circuit control paper size apply the Chinese national standard (cn3a4 specification (2) 0: 297 mm) 47 3125 TΓ 497349 B7 V. Description of the invention ( 48): Gong Er C2, Authorized 1D, Internal I ID, and Access Control Information AC1,: = Mountain decoding key Km (l) After decoding, in step §15, the secret key K (l) is entered again.仃 After decoding, it is stored in the memory for the following reasons. Also, the combination of the public key KPm⑴ and the secret decoding key Km⑴ using the public key method performed by the asymmetric key > the time required to perform the decoding process. ^ Here is the wrong symmetric key method that can be decoded at high speed The obtained common secret key κ (1) of the $ memory card is used to re-encrypt these data, so that in the content data reproduction process corresponding to the encrypted content data, each piece of information necessary for the reproduction process can be included. Within $ Control information AC2 high-speed decoding processing. Regeneration In addition, by changing the margins during data distribution as described above, and the keys stored on the memory card, the strength of security can be improved. ► Here, the above-mentioned public keys Methods include RAS cryptography (Rivest-Shamir-Adleman crytosystem) and elliptic curve cryptography, while common key cryptography includes DES (Data Encryption), etc. In addition, although the above has been aimed at using symmetric secrets The key K (l) explains the structure of re-encrypting all the data encrypted by the key KPm (l) / Km (l) of the asymmetric public key cryptosystem, but the structure can also be changed as follows For example, for the data authorization ID, content iD, and access control poor AC 丨 held in the TRM area provided in the TRM area of the memory card 110, no cryptographic update or storage is performed. The size of this paper is suitable for 3125ΪΓ Μ -------- ^ ---------, Μ (Please read the precautions on the back before filling this page) 497349 A7 B7 V. Description of the invention (49) The body 1415, and the content decoding key Kc and the reproduction circuit control information AC2 are encrypted and updated with the symmetric secret key κ (1), and recorded in the memory 14 1 5. The other parts are the same as the distribution operation of the first embodiment, so the same symbols are used to represent the same processing, and the description will not be repeated. [Regeneration process] Fig. 24 is a flowchart for explaining the operations of each part that occurs during the regeneration communication period when the memory card of the second embodiment is used. The embodiment shown in Figure 11! The difference between the reproduction process of the memory card 110 is that in the memory card 114, instead of the process of step S222 in FIG. N, the process of step S222 in FIG. 24 is performed by the decoding processing unit 1454 in accordance with the control. The instruction of the device 1420 reads the encrypted data {Kc // AC2 // authorization_content m // AcuK⑴ ”read from the memory 1415 to the data bus BS4, and keeps the secret in the κ (1) holding unit 145. The key K (l) is decoded to obtain the content decoding key Kc & and the reproduction circuit control information AC20. Since the other parts are the same as the reproduction operation of the first embodiment, the same symbols are used to represent the same processes and will not be described repeatedly. With the above configuration, it is possible to shorten the time required to execute the decoding process for decoding the content necessary for reproduction, Ke, and the reproduction circuit control f2 AC2 to be read out by the reproduction communication memory card 110, so as to respond to the reproduction request early. Begin music regeneration. In addition, the movement operation of the childish 气 扪 忑 hidden card of the second embodiment of the second embodiment is basically the same as the movement operation of the first embodiment. However, ', _ 所 J, the steps not shown in the figure, and the paper scale are applicable to the Chinese National Standard Bamboo 312518 — printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs 312518 4 ^ 7349 The data {Kc // AC2 // authorization ID // content ID // AC1} K (1) obtained in 1415 is decoded by the secret key κ⑴. The memory card side on the receiving side does not perform step S 3 3 4 The content decoding key Kc, reproduction circuit control information aC2, authorization ID, content ID, and access control information ac 1 received in step S336 are inherent to the memory card held in the K (2) holding unit 1450. The secret key is encrypted again in the cryptographic processing unit 1452, and the encrypted {KC // AC2 // authorization ID // content ID // AC1} K (2) is recorded in a non-TRM area Memory 1 4 1 5. Embodiment 3 FIG. 25 is a block diagram showing a memory card 6 of Embodiment 3, which is a diagram in contrast with FIG. 5 of Embodiment 1. Referring to FIG. 25, a memory card Compared with the memory card m of the embodiment i shown in FIG. 5, the data record of the authorization holding unit 1440 is 116. The recording capacity is increased, and all authorization information (content decoding key Kc, reproduction circuit protection information AC2, authorization ID, content ID, and access control information ac if) can be stored. Because of the other parts and the memory card 11 of embodiment i, The structure is the same, so the same symbol is used to represent the same part, and the description will not be repeated. Figures 26, 27, and 28 are used when the content of the lean material distribution system of the third embodiment is used to purchase the content. The 1st, 2nd, and 3rd flowcharts of the split knife operation are compared with the 6th to 8th drawings of the first embodiment. Figures 26 to 28 show the user using Inge_ 思卞 11 6 and receive the content data from the distribution server _______ via the mobile phone 100. The paper size towel Θ ― Standard (CNS) A4 specification ⑵ G X 297 mm) -------- ------------- Order · -------- (Please read the notes on the back before filling out this page) A7 V. Description of the invention (51) Action when sending. This difference is different from the distribution process of the memory card ii in the first embodiment in that the memory card 116 does not execute the data {Kc // AC2 // Authorization ID // Content ID // AC1} Km (1) is recorded in the memory "^" and is replaced by step S1 52 in step S1 52. The content decoding key Kc, the reproduction circuit control information AC2, and the authorization m , The content m, and the access control information AC1 'are recorded in the bank j of the blank j · bank in the authorization holding section 144o. Since the other parts are the same as the distribution operation of the first embodiment, the same symbols are used to represent the same processing, and the description will not be repeated. [Data storage status of the authorization holding unit 144〇 and the memory 1415] FIG. 29 shows a memory area allocation concept of the authorization holding unit 1440 corresponding to the data stored in the memory “Η shown in FIG. 25. The figure is a conceptual diagram showing the memory area allocation of the memory 1415. The employee's consumer cooperative of the Intellectual Property Bureau of the Ministry of Economy printed it as shown in Figure 29 and Figure 30, and the state shown in Figure 29 is the state after receiving multiple distribution processes. As an example, the content holding key Kc, the reproduction circuit control information AC2, the authorization ID, and the access control information AC1 are written in the memory banks 1 to 4 of the authorization holding unit 1440. The memory bank * to the memory bank N , Then the content of the memory area of the access control information Aci is not "blank" without writing the content decoding surplus Kc, the reproduction circuit control information AC2, the authorization ID, and the like. In the memory bank 1 in the authorization holding unit 1440, A3F2136DDFD6 is used as the corresponding content to be output = ,, ι〇〇〇〇ΐ3ι, the content 51 ------------ install- -(Please read the notes on the back before filling out this page) The private paper size applies the Chinese National Standard (CNS) A4 Regulation H ^ 7297 Public Love) A7

497349 V. Description of the invention (52) Decode 鍮 Kc, and "01" is stored as the regeneration circuit control information aC2, ^, Hall 000123 "is stored as the authorized 10, and as the access information AC1, it is stored" 〇1FF ,, (hexadecimal performance). Regarding the access control information AC1, as in Fig. 9, "01" of the regenerative circuit control information AC2 indicates that r can be reproduced. In addition, the content ID = ,, 10000131, indicates that in other distribution periods >, the content decoding residual Ke corresponding to the content center "test", the reproduction circuit control information AC2, the authorization ID, and the access control information aci It is written in bank 2. The memory bank 3_ in the authorization holding unit 1440 is written into the content decoding wheel Kc of the corresponding content n ^, 20046, the reproduction circuit control information AC2, the authorization ID, and the access control information AC1. In the memory bank 4 in the authorization holding unit 1440, "A3F2136DDFD" is stored as the content corresponding to the content ID = "i〇〇〇〇i3i" ^ decoding㈣ and "01" is used as the reproduction circuit control information ac2 And A3BC12591 1 is used as the authorization m, and the performance is stored) as the access control information AC 1. Here, as in Figure 9, the corresponding memory is also stored in the memory; 10 = "10000131" authorization 11;) 'Corresponds to the distribution processing of the memory bank 4 and does not perform the distribution of the content data. As shown in FIG. 30, in the memory 1415_, the additional information W, the encrypted content data {Data}, The content, that is, the person identified by the content and the content ID, is recorded in the designated area according to the content. ^ -------- tl --------- line (please read the back first (Please note this page before filling out this page) Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs

497349 A7

V. Description of the invention (53) With this structure, in the "moving" process described below, ☆ users of the memory card will move the content data corresponding to the content ID = "10000 13 1" to other memory cards After that, the content data can still be reproduced. ------------ Install --- ί Please read the precautions on the back before filling out this page) [Recycling process] Figure 31 is used to explain the regeneration of the memory card He using the third embodiment Flow chart of actions. The difference from the playback operation shown in the first embodiment shown in FIG. 11 is that instead of the processing of step S222, the content decoding key of the playback request track held in the authorization holding unit 1440 can be executed in step S223] ^ And acquisition processing of the regenerative circuit control information AC2. Since the other points are the same as the distribution operation of the first embodiment, the same symbol is used to represent the same processing, and the description will not be repeated. [Movement processing] Figures 32, 33 and 34 are the first to explain the mobile processing of two memory cards 116 and 118 in the third embodiment through mobile phones} and to perform content data and key movement processing.丨, the second and third flowcharts are compared with the U-th diagram to the 14th diagram of the first embodiment. The Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs printed Figures 25 to 27. The natural number x used to identify the types of mobile phones i⑽ and memory cards Π6 is set to χ = 1, and used to identify mobile phones 〇2 and the natural number 118 of the Billion Card 118 are both set to x = 2. In addition, the natural numbers I for identifying the memory card 116 and the memory card 8 are set to Bu and id, respectively. Figures 32 to 34 use the mobile phone 100 and the memory card 116 as the transmitting side, and the mobile phone 1 i 叩 π 4 丁莉 电 occupying machine} 02 and the memory card ii 8 as the receiver Information side. (CNS) A4 secret 53 Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs 497349 V. Description of the invention (μ) The mobile phone 1 〇2 is happy ^ ^ n 〇v _ It has the same structure as the memory card 116 May 11 8. The following uses toilet ^, τι, ". The corresponding symbols of the corresponding part of the hidden card 116 are used to describe the components of the 5 hidden card 118. The differences with the implementation mode are as follows: 0 replaces step 325 in FIG. 13. Step 325 of surname plus u S325 is executed by the authorization holding unit 14 4 0 to obtain the internal | level, m decoding key Kc, regeneration circuit control information AC2, authorization ID, content m + and storage. The process of fetching the control information AC 1. ··) The data reading from the memory 1415 in step S326 is omitted. ⑴) Instead of step S328, the content decoding wheel Kc and the reproduction circuit control information ac2 obtained by the authorization holding unit 1440 will be omitted. Authorization ①, content ⑴ and access control information AC1 are encrypted by password recording to generate (KC // AC2 // Authorization 1D " Content ID // AC1} Km (2). Iv) Omit step S334 V) In step S336, which replaces step S336, the {Kc // AC2 // authorized id // content ID // AC1} Km (2), which is encrypted by the publicly encrypted Yu KPm⑺, Because the memory card m is executed by the decoding processing unit 1442 by the inherent secret decoding key Km (2) The decoding process is performed to execute the processing operations of receiving the content decoding key Kc, the reproduction circuit control information AC2, the authorization m, the content ID, and the access control information ac 1. vi) Instead of step S338 in step S338, the decoding processing unit is executed. The content decoding key Kc, reproduction circuit control information ac2, authorization ID, content ID, and access control information AC1 accepted in 1422 are recorded in a memory designated by the authorization holding unit. The other points are the same as the movement operation of Embodiment 1. Therefore, the same paper size applies the Chinese National Standard (CNS) A4 specification (210 X 297 mm 312518 ^ ^ ---------- $ (Please read the precautions on the back before filling this page)

5. Description of the invention (55) The symbol stands for homo-processing, and will not be repeated. With the above configuration, the same effects as those of the first embodiment can be obtained. [Change of Data Remaining Status of Authorization / Standby Unit 1440] FIG. 35 is a conceptual diagram showing the state of the memory information in the memory area of the authorization holding unit 1440 of the memory card 116 that has completed the movement processing.

Fig. 36 is a conceptual diagram showing the state of the memory information in the memory 1415 memory collar of the memory card 116. S Refer to FIG. 35 and FIG. 36. The state shown in FIG. 35 is the state after executing the content data corresponding to the content id = ,, i0000131 ,. By the access control information of the bank 4 of the 'authorization holding unit 1440': C1 is rewritten from "01FF" to ", 00". However, the content ID corresponding to the bank 1 = ,, 1 0000 13 1, The access control information AC1 is maintained in the state of ， 〇1FF ，， so even after the mobile process is performed, the corresponding content m = ”10000〇131” can be executed. Regeneration. Referring to FIG. 36, after executing the movement processing of the content data corresponding to the content ID = ,, 100001 31 ,, there is no change in the memory information of the memory 1415 in the memory card 116. Fig. 37 is a conceptual diagram showing the state of the memory information in the memory area of the authorization holding unit 1440 of the memory card 116 after other movement processing is not completed. Fig. 38 corresponds to Fig. 37 and shows the concept of the state of the memory information in the memory 1 415 memory area of the memory card 116. Referring to FIG. 37 and FIG. 38, the state shown in FIG. 37 is a state after the content data of the corresponding content 10 = '' 20046185 is executed. According to the table paper size 1 ^ National National Takazaki Standard (CNS) A4 specification () 10 χ 297 public issued ------------,-installed-{Please read the back, precautions before Fill in this page} Order. Printed by A7 B7, Consumer Cooperatives, Intellectual Property Bureau, Ministry of Economic Affairs

497349 V. Description of the invention (56) The access control data of the memory bank 3 of the mobile 'authorization holding unit 1440 was rewritten from' 01FF 'to,' 00 '. Therefore, after the mobile processing is completed, the reproduction of the content data corresponding to the content ID = "20046185" cannot be performed. Referring to FIG. 38, after the content data movement processing of the corresponding content ^^ 々⑽ "丨 以" is completed, a second data-lnf and encrypted content data {DaU} Kc are added to the area to be processed in the memory 1415. . At this time, by receiving the sending of authorized data such as the content decoding key Kc, the content data corresponding to the content ID = ,, 2,046,185, and the like can be executed. In addition, among the processes performed in Embodiments 1, 2 and 3, only the processing in the memory card is different, and there is no difference in the encryption of data outside the memory card. As for the movement operation, any combination of the memory cards 110, 114, and 116 in the foregoing embodiments can be used as the transmission side and the reception side to perform the movement operation. It is known that the memory cards 110, 114, and 116 are interchangeable memory cards. Embodiment 4 Only open> In states 1 to 3, distribution of authorized information such as inner valley decoding key Kc corresponding to the inner valley data designated by the same content m can be performed in multiple times in different distribution communication periods. However, when the distribution of the content data is received for the first time, when the movement of the memory card of other users is known, the distribution of the array authorization information can be received at the same time. · Figure 39, Figure 40, Figure 41, and Figure 42 are illustrations of the implementation — — — — — — — — — — — — 1111111tr ° Jtllllllt — (Please read the precautions on the back before filling out this page ) Printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs

^ The paper standard is applicable to Zhongguanzuo Standard (CNS> A4 g ^ .x 297) I25IJT 497349 A7 B7 V. Description of the invention (57) The first, second, and third actions of the "Distribution Communication Period" of state 4 And the fourth flowchart. μ (Please read the precautions on the reverse side before filling out this page) The following description describes the memory card 116 in the third embodiment, which implements this "distribution communication period" operation. However, the memory cards and 114 of the embodiments 1 and 2 can also perform the same processing. The differences between the distribution communication period processing shown in Figs. 39 to 42 and the distribution communication period described in Figs. 26 to 28 of the third embodiment are as follows. I) In step s101, which replaces the processing of step s101 in FIG. 26, processing to specify the authorized purchase condition AC and the number of authorized registrations m (m: natural number) is performed. II) Step S104, which replaces step S104 in FIG. 26, is performed by the mobile phone 100 to the distribution server 30: the authentication information {KPm (l)} Kpma accepted by the memory card ιιο, and It is used to instruct the content ID of the content data to be distributed, the authorized registration number M, and the data AC authorized to purchase conditions. Printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs (ill), instead of step S106 of FIG. 26, step S106 is executed in the distribution server 30 to receive the content m from the mobile phone ι〇〇, the number of authorized registrations M, Processing of authentication data {KPmc (l)} KPma, {KPp (l)} KPma, and authorized purchase condition data ac. iv) The processing of steps S130 to S154 is changed as follows. That is, referring to FIG. 39, the distribution control unit 3 1 5 generates access control information AC1 and reproduction circuit control information aC2 in accordance with the content id obtained in step S106 and the authorized entry condition data ac (step S130 ). This paper size applies the Chinese national standard (CNS> A4 size (210 X 297 mm) 57 312518 Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs 5. Description of the invention (58 Refer to Figure 40, distribution control unit 315 a ^ _ The data is allocated by the poor data base 304, and the authorization to decode the coded content data is ^ Kc (Step Zacan '). After that, the value of the variable n is formatted as] (step si3 = one is executed n The generation and distribution of each authorization (in the first distribution control unit 315, the content decoding map Kc and the reproduction circuit control ^ message AC2, the authorization ID⑷, the content m and the access control information ac] are generated by the fork coding processing unit 326, The public encryption key KPm (1) inherent to the memory card 110 obtained by the decoding processing unit 32 is encrypted. The value of the variable η is only incremented (step S135). Next, the distribution control The unit 315 determines whether the value of the variable 11 is smaller than the number of authorized registrations (step S136 '). When the value of the variable n is smaller than the number of authorized registrations M, the process returns to step S133', and the value ratio of the variable n When the number of authorized registrations is “large”, the process proceeds to the next step S138, that is, by The processing of step S1 32 and step S1 36, generates the required number of M authorization authorization IDs to prepare data {Kc // AC2 // authorization ID (n) // content ID (n) // ACl} Km (l), the data is the content encryption key Kc and the reproduction circuit control information AC2, and the authorization ID (n), content ID and access by the public cryptographic key KPm (l) inherent in the memory card 11 () The control information AC 1 is obtained by encryption. When the value of the variable η is more than the authorized number of registrations M, the encryption processing unit 328 will receive M output data from the encryption processing unit 326 {Kc // AC2 // .Authorization ID (n) // Content ID (n) // ACl} Km (l)} Ks2 (lgn) $ Μ), and password by the communication period 鍮 Ks2 generated in the memory card 110 ^ ^- ------- ^ (Please read the precautions on the back before filling this page) This paper size applies to China National Standard (CNS) A4 (210 X 297 mm) 58 312518 497349 A7 B7 V. Description of the invention (59) (Please read the precautions on the back before filling in this page). The μ encrypted data {Kc // AC2 // authorization ID (n) // content iD ( n) // ACl} Km (l)} Ks2, transmitted to the communication device 350 to The mobile phone 100 (step S138,). The mobile phone 100 receives the encrypted data M from the {{Kc // AC2 // authorization ID (n) // content iD (n) // ACl } Km (l)} Ks2 (step S140 '), in the memory card 11, via the memory interface 1200, and the cryptographic processing unit 1412, decode the encrypted data sent to the data bus bS3 . That is, the encryption processing unit 1412 uses the communication period key Ks2 transmitted by the communication period generation unit 1418 to decode the encrypted data of the data bus BS3 and outputs it to the data bus BS4 (step S144,). Referring to FIG. 42, the secret pine decoding map Km (l) held by the Km (l) holding unit 1421 can be used to decode and output to the data of the data bus bs4 {KC // AC2 // authorization ID (n) / / Content ID // ACl} Km (1), according to the display of the control unit 1420, in the decoding processing unit 1422, the decoding is performed by the secret decoding key Km (l), and the content decoding key regeneration circuit control information AC2 is received. Authorization ID, content ID, and access control information AC1 (step S146) 〇 Printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs, followed by the content decoding key Kc, regeneration circuit control information AC2, authorization ID, content ID, and access control information AC1 executes the processing recorded in the memory bank j of the blank memory bank of the authorization holding unit 1440 (step S14 8). The natural number here is the number corresponding to the content data, S N (N: total number of memories). Next, the value of the variable n is only! Is incremented (step sl50). After that, the distribution control unit 315 judges whether the value of the variable n is 1 paper sheet than the authorized registration number M. The Chinese national standard (CNS) A4 specification (210 X 297 public love) is applicable. ^ / 349 ^ / 349 Intellectual property of the Ministry of Economic Affairs Printed by the Bureau's Consumer Cooperatives V. Invention Description (60) Small (step S152). When the value of the variable n is smaller than the number of authorized logins M. Go to step S146, and when the value of the variable n is more than authorized to log in, go back to the next step S154. , When the processing up to step S1 52 is completed normally, — Section 1 of the People ’s Republic of China will obliquely request the phone 100 to issue authorization information such as a content decoding wheel or only the authorization information such as a content decoding key. Since the other processing is the same as the processing of the distribution communication period described in FIG. 26 to & in Embodiment 3, the same symbol is used to represent the same processing, and the description will not be repeated. With the above processing, it is easier to implement the plural reproduction information implementation of the Shape Bear 5. In the implementation form ... the corresponding array access control information AC1 and the Kujidano circuit control information corresponding to the content specified by the same content ① are used. When AC2 is different, the user's choice or the first priority message will be used first. ^ Embodiment 5 is a detailed description of the structure selected by the user when reproduction or movement processing is performed when the information corresponding to the same content m is different from the information. In the following, ^ Ύ assumes that there are ^^ licenses corresponding to the content ID to be reproduced, and distinguishes these licenses, and expresses them by the license ID (n) (1 $ N). Fig. 43 is a flowchart illustrating a reproduction operation using the memory card 116 of the fifth embodiment. It is a figure which is mutually compared with FIG. 31 of Embodiment 3. The difference from the regeneration operation of Embodiment 1 shown in Figure 31 is the degree of application + National Standard (CNS) A4 (210 X 297 mm ------------- I ^- ------- Order --------- Line (Please read the precautions on the back before filling this page) 497349 A7 B7

Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs 5. Description of the Invention (61) The processing of steps S216 to S224 is taken as follows. 12. . :: 5 Mimar: Communication period _% 3 is via memory interface. On the memory card 110 t, the decryption processing unit 1412 ′ decodes the encrypted communication key {Ks4} Ks3 of the Pui Cunhui muscle row BS3 to the data, and accepts the action light switch and electric machine 1〇 The generated communication key Ks4 (step S216). : The value of the number η is initialized to! And the value of the variable k is initialized to 0 (step S217). Corresponding to the reception of the communication period key Ks4, the control unit 1420 executes an operation to confirm the access control information aci corresponding to the authorization ID ，, which has the content I corresponding to the reproduction song in the authorization holding unit 144 (). (Step S218). In step S218, by confirming the poor access control information AC1 related to the memory access restriction, in a state where reproduction cannot be performed, the process moves to step S219 for processing, and in the case of regenerable but with regeneration When the number of times is limited, the process proceeds to step S219. In the case where there is an authorization for the unlimited reproduction, the value of the variable η is substituted into the variable m ', and the process proceeds to step S224. In step S219, only ^ is incremented with respect to the value of the variable n, and the process is moved to step S220. In step S219, the value of the variable η and the value of the variable t 1 are only " In the case of a pico increment, the process proceeds to step S220. Next, 'determine whether the value of the variable n is lower than the number of authorized logins N (step S220)' When the value of the variable n is lower than the number of authorized logins n, go back to step * Install — (Please read the precautions on the back before filling in this Page) ιδτ This "degree (21. x 297 Public Love 312518 A7 A7 Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs ------- gL ·, _ V. Description of the invention (62) " " " '— ^, Processing is performed, and the value of the “variable” exceeds the authorized registration number & then moves to step S221 for processing. It is determined whether the value of the variable 1 is 0 (step S22i). The authorization does not exist, so the processing can be terminated (step s204). If the value is not 0, it is considered that there is a renewable authorization, so the process of step S222 is performed. In step S222, the user chooses to reproduce Here, select the authorization ID (m). After that, update the data of the access control information ACi corresponding to the authorization 1 £> (111), and after updating the reproducible number of times, proceed to step S224 (step s223). When it is determined that reproduction can be performed during this reproduction communication period, it can be saved. The content decoding key Kc and the reproduction circuit control information AC2 of the reproduction designated song are reproduced in the authorization holding unit 1440 (step S224). The obtained content decoding key Kc and the reproduction circuit control information AC2 are obtained, > the contact of the switch 1444 is used The Pd is transmitted to the cryptographic processing unit 1406. The cryptographic processing unit 1406 receives the communication key Ks4 from the decoding processing unit 1406 through the contact pd of the switch 1444, and transmits the data Kc and the data from the data bus BS4. AC2 is encrypted, and {Kc // AC2} Ks4 is output to the data bus BS3 (step S225). Since other processing is the same as the processing method of the regeneration communication period described in Embodiment 31, the same processing is marked. The same symbols are used and descriptions thereof are omitted. Figures 44, 45 and 46 are the first, second and third flowcharts for explaining the movement processing of the fifth embodiment. China National Standard (CNS) A4 Specification ⑵Q χ 297 Public Love> — '62— " ΠΒΤδ- • --------------------- Order · ---- ---- C Jing first read the notes on the back before filling out this page} 4 ^ / 349 V. Description of the invention (63 of the third form Figures 3 2 to 34 are for comparison with each other. The difference from Embodiment 3 is that steps S320 to S34 are performed in the following way. (Please read the precautions on the back before filling this page) That is, The memory card 116 uses the symbol processing unit 1412 to decode the encrypted content transmitted to the data bus BS with the communication period key Ks3, and accepts the communication period key Ks2 and the public encryption key KPm (2) related to the memory card 112. (Step S320). ^ The control unit 1420 of the memory card 116 accepts the communication period key Ks2 and the publicly encrypted surplus KPm (2), and displays all authorized IDs of the content ID of the moving object with the authorization holding unit 1440. The user selects mobile authorization. The authorization ID (m) here is optional (step S322). Next, the access control information Ad corresponding to the authorization ID (m) of the authorization holding unit 1440 is checked (step S323). When it is confirmed that the access control information result is that the authorization cannot be moved, the movement is ended at this stage (step S360). On the other hand, the result of the access control information AC1 is confirmed that the authorization is removable by the Ministry of Intellectual Property Bureau employee consumer cooperatives. = The process of step S324 is performed, and the control server "obtains the content decoding record Kc, the reproduction circuit control information ACSb), the content ID and content ID (m), and the access control information person corresponding to the authorization holding unit M40. Then, The control unit 1420 is to change the access control of the authorization holding unit 1440 = poor signal AC1 (m) to 20000h (step 6). This corresponds to the confirmation during the regeneration communication period and the mobile communication period. Access control information ACl (m) and process it, and prohibit it_ κ 谷 Term communication period, memory card k paper size standard (CNS) A4 specification⑵0 x 297 63 312518 A7 B7

497349 V. Description of the invention (64) 11 It is not possible to reproduce the content data moved to the memory card 11 $ on the 6 side 戋 move it again. In addition, the control unit 1420 is a content decoding key Kc, a reproduction circuit control information AC2 (m), an authorized iD (m), an inner valley ID, and access control information AC1 (m) obtained by the authorization holding unit 144. The encrypted key Kpm (2) is encrypted to generate encrypted data {Kc // AC2 (m) // authorization ID (m) // content ID // ACl (m)} Km (2) (step S328 ). The encrypted data {Kc // AC2 (mV / authorized content ID (m) // content ID // AC1 (m)} Km (2) output to the data bus BS4 is transmitted using the contact Pd in the switch 1444 Go to the cryptographic processing unit 1406. The cryptographic processing unit 1406 uses the contact pd of the switch 1444 to receive the communication key Ks2 generated by the memory card 112 of the decoding processing part 1412, and uses the communication key Ks2 to come from the contact The data is encrypted. The encryption processing unit 1406 outputs {Kc // AC2 (m) // authorization ID (m) // content ID // ACl (m)} Km (2)} Ks2 to the data stream 汇 BS3 (Step S330) In step 330, the encrypted data output to the data bus bs3 is transmitted to the memory card 112 as the receiving side of the mobile communication period through the mobile phone 100 and i 02. Memory The card 112 executes the decoding of the communication period key Ks2 generated by the communication period generation unit 1418 in the decoding processing unit 1412, and accepts {Kc // AC2 (m) // authorization ID (m) // content lD // ACl (m)} Km (2) (step S332,). {Kc // AC2 (m) // Authorization ID (m) // Content ID // ACl (m) encrypted with the public encryption key KPm (2) )} Km (2), in the decoding processing section 1422, the paper size is appropriate China National Standard (CNS) A4 specification (2Ϊ〇x 297 public love) ^ -------- ^ --------- ^ (Please read the notes on the back before filling this page) Economy Printed by the Ministry of Intellectual Property Bureau's Consumer Cooperative Cooperative 312518 497349 ____B7 V. Description of the invention (65 by the use of ^ self-memory card! 12 inherent secret decoding key "⑺ decoding processing, receiving content decoding key Kc, reproduction circuit control information A. (melon), authorization ID (m), content m, and access control information a S336,). Content decoding key Kc accepted by the decoding processing unit 1422, reproduction circuit control information AC2, authorization ID (m), content ①, and access control information milk, are recorded in the authorization holding unit i44Q_ 定 的 步骤 S338,). Using the processing successfully completed to step S338, responding to the movement of the content decoding key Kc and reproduction information 'and using the mobile phone 1 〇2 Make a copy of the content (step S340). As the other processing methods and the mobile communication period processing described in Figure 32 to Figure 32 of the third embodiment are ordered, the same processing is marked with the same symbol and Omit its description With the processing of Embodiment 5, even if there is a plurality of reproduction circuit control information AC2 (m) and access control data ACUm corresponding to the same content (), it is still possible to carry out regeneration processing and move the economy according to the material selected by the person Printed by the Consumer Cooperatives of the Ministry of Intellectual Property Bureau. In the above description, the memory 1415 is regarded as a non-volatile semiconductor device that can be read and written at any time, such as a flash memory for illustration. However, the memory 1415 can also be configured such that a read-only semiconductor device such as a mask ROM can be used to write content data and encrypted content data decoding keys in the pre-production stage, and only distribute the storage Take control information such as aci or authorization m.

This paper size applies the Chinese National Standard (CNS) A4 specification (210 x 297 mm 312518 A7) V. Description of the invention (66) In addition, in the description of the above-mentioned embodiments 1-5, the memory 1415 is regarded as being installed in The memory in the external field of TRM will be described, but the memory 1415 can also be installed inside Ding. The points of the implementation form disclosed this time are limited to examples without any restrictions. The scope of the present invention is limited to the scope of patent applications Instead of the above description, it includes all changes within the meaning and scope of the patent claim '

up n «n · n · I · ϋ n Kf m —ϋ IV n I n §1 kte n in m n order --------- line c Please read the sound on the back first? Please fill in this page again for matters: I Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs. Thai paper sizes are applicable to China National Standard (CNS) A4 (210 X 297 mm).

Claims (1)

r: " Scope of patent application Printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economics κ A recording device for storage — 婼 次 禋 authorized Beixun, which can regenerate the content data and the aforementioned content will be recoded in the oblique pain, poverty department , Which includes: Corresponding to the external requirements of the content information recording device used to identify the aforementioned ^^-1, meaning, +,-^ within the valley data, rotation save; and then according to the aforementioned memory organization ⑽), · It is the second storage mechanism (1440) outside the recording device that can store at least a part of the plural authorization information corresponding to the same 铪, +, & ~ J respectively. According to a request from the outside of the recording device, one of the plurality of authorization information stored in the second hidden circuit is selected, and at least a part of the selected authorization information is output to a control outside the foregoing recording device. Institutions (1106, ι42〇). The recording device that declares the first item of the patent scope, wherein the recording device is provided with a first key holding mechanism corresponding to the recording device and holding a predetermined first public cryptographic key; and the first public cryptographic key is A second key holding mechanism (1421) which is asymmetric and holds a first secret decoding key for decoding the data encrypted by the aforementioned first public cryptographic key; and receives a cryptography by the aforementioned first public cryptographic key The first decoding mechanism (1422) for decoding the aforementioned authorization information using the first secret decoding key. 3. If you apply for the recording device of the second annual profit range, which is further provided with: · The first public key is encrypted and output to the outside of the recording device 1 I back I; II | f 装 Page 1-I 1 This paper ruler (210 X 297'Τϋ ") 67 312518 The first cryptographic organization (1406) with 4 patent applications. For example, the record in the second item of the patent application contains, ", Xia 'among, to, 2 memory mechanisms; the first key retention mechanism; m ^ i brother plus two round retention mechanism and the first decoding mechanism, are set in the From the outside 1 and the younger brother (tr_. M protected area 5. The recording device such as the scope of the patent application, the memory organization, more in the aforementioned authorization information, " 〇, ^ liver is used to the aforementioned password The content decoding key decoded by the Huaniu Valley data is encrypted and stored. The S recorded device also has: + a third key holding section, which is inherent to each of the aforementioned recording devices, and can hold-one The secret secret unique key (50) in the common key method, and the second third, the encoding circuit receives the rotation of the first decoding mechanism described above, and encrypts it with the secret inherent surplus. The first memory is just described The mechanism stores the content decoding key encrypted by the second cryptographic mechanism, and further includes: a second decoding that decodes the content decoding key 6 stored in the i-th memory mechanism with a secret unique key. Agency (1454). Declaration The recording device according to the patent scope, wherein the aforementioned recording device further includes: encrypting at least a part of the selected authorization information and outputting it to an output mechanism (1406, 1418) outside the recording device just described. ). 'If the recording device of item 丨 of the scope of the patent application is claimed, wherein the above-mentioned secret device 1 is a semiconductor memory, and the foregoing recording device is a memory card. 68 312518 ^ ------ -^ --------- line (Please read the notes on the back before filling out this page) Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs 6. The scope of patent application 8. A data distribution system 'The authorization information used to distribute at least reproducible cryptographic materials includes: a distribution server that the stomach uses to distribute the aforementioned authorization information, and · to receive the aforementioned authorization information that is distributed, and to encrypt the internal information. = Data Decoding 'A data reproduction device (100) that reproduces content data. The foregoing data reproduction device includes: can hold the aforementioned encrypted content data and decode the content used to decode the aforementioned encrypted content data, The data storage section (110, 114, 116) that decodes the foregoing content in a encrypted state and can be installed or removed from the aforementioned data reproduction device; and the female receives the output from the aforementioned data storage section, and then The data reproduction section of the content data reproduction. The data storage section contains: The content information of the application to identify the encrypted content data is to store the encrypted content data, and then output to the record in accordance with the external request of the shell device. The 1st organization outside the device (1415); 'Recall is distributed by the pre-record distribution server to individually store the multiple authorization information corresponding to the same content information at least one, 1 # 篥) Memory organization (1440) ; And in accordance with the external request of the aforementioned recording device, select one of the plurality of authorized information stored in the aforementioned 2 memory stick structure 'and output at least a part of the selected authorized information to 69 countries outside the aforementioned recording device. Standard specifications (210 χ 297 public love) 3Ϊ25ΪΓ Sixth, the scope of application for patent control department. 9-If the scope of the patent application is the 8th item, the Mazda * beating distribution system, in the basin, 4 枓 Jiancun. ρ has the following features: After encrypting the other information of the authorization information selected above, it is output to the above-mentioned records (1406, 1418). The wheel-out organization of the external 4 = the data distribution system and the material storage department of item 8 of the scope of the patent application, corresponding to the aforementioned data reproduction ^ Memory card installed separately. ", A detachable, group 11 · -recording device 'equipped with a device for storing coded content to regenerate the aforementioned encrypted internal data., And can be from the shore, recording, 5 of 5 The request from the recorded media and the external recording device will record the aforementioned encrypted content data and the aforementioned authorization information on the recording media: the external recording, which includes:… 3 out to execute the aforementioned recording media and The data plane mechanism and the blade sending and receiving media have recorded in the aforementioned recording medium a plurality of the aforementioned encrypted content data. The aforementioned «information request rotation of authorization information corresponding to the aforementioned encrypted content data is selected to be recorded in the aforementioned record. One of the aforementioned plurality of authorization information in the media, and at least a part of the aforementioned authorization information selected is rolled out to the control mechanism outside the recording device (1106). The paper size of the table applies the Chinese National Standard (CNS) A4 regulations (210 X 297 mm) nn I If IIII 1 III 1 * III n II n ^ nJIII —I!! I i I (Please read the precautions on the back before filling this page) Printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs 312518