WO2001043342A1 - Systeme de distribution de donnees et enregistreur utilise avec ce systeme - Google Patents
Systeme de distribution de donnees et enregistreur utilise avec ce systeme Download PDFInfo
- Publication number
- WO2001043342A1 WO2001043342A1 PCT/JP2000/008593 JP0008593W WO0143342A1 WO 2001043342 A1 WO2001043342 A1 WO 2001043342A1 JP 0008593 W JP0008593 W JP 0008593W WO 0143342 A1 WO0143342 A1 WO 0143342A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- data
- unit
- key
- decryption
- information
- Prior art date
Links
- 238000009826 distribution Methods 0.000 title claims description 236
- 238000003860 storage Methods 0.000 claims description 80
- 230000015654 memory Effects 0.000 claims description 58
- 238000000034 method Methods 0.000 claims description 39
- 230000008569 process Effects 0.000 claims description 34
- 238000004891 communication Methods 0.000 claims description 27
- 230000004044 response Effects 0.000 claims description 27
- 238000000605 extraction Methods 0.000 claims description 2
- 239000000284 extract Substances 0.000 claims 3
- 238000006243 chemical reaction Methods 0.000 claims 2
- 230000003362 replicative effect Effects 0.000 claims 1
- 230000033458 reproduction Effects 0.000 abstract description 137
- 238000010586 diagram Methods 0.000 description 12
- 230000010076 replication Effects 0.000 description 9
- 230000005540 biological transmission Effects 0.000 description 5
- 230000008859 change Effects 0.000 description 5
- 230000006866 deterioration Effects 0.000 description 3
- 230000000694 effects Effects 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 230000000717 retained effect Effects 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 230000014759 maintenance of location Effects 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 125000002066 L-histidyl group Chemical group [H]N1C([H])=NC(C([H])([H])[C@](C(=O)[*])([H])N([H])[H])=C1[H] 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/109—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by using specially-adapted hardware at the client
Definitions
- the present invention relates to a data distribution system for distributing information to a terminal such as a mobile phone, and more particularly, to a data distribution system that enables copyright protection of copied information and a data distribution system capable of protecting the copyright. It concerns the memory card used. Background art
- CDs compact discs
- Copying of music data to a music player can be freely performed in principle as long as the copied music is stopped for personal use.
- individual users who make digital recordings, etc. indirectly pay a certain amount of money for the digital recording equipment itself or media such as MDs as a deposit to the copyright holder.
- music data that is a digital signal is copied from a CD to an MD
- the music data is copied from a recordable MD to another MD in consideration of the fact that the information is digital data with almost no copy deterioration. Doing so cannot be done due to copyright protection due to equipment configuration.
- An object of the present invention is to provide a data distribution system capable of distributing content data through an information communication network, for example, an information communication network such as a mobile phone, and a recording device used in the data distribution system. It is to provide.
- a data distribution system includes a plurality of terminals and a content supply device.
- the content supply device includes: a first interface unit for exchanging data with an external device; and, when distribution is requested, generating access restriction information, and reproducing information including at least a license key and access restriction information.
- a distribution control unit for outputting the data via the first interface unit.
- Each terminal has a second interface for exchanging data with the outside, and a second interface. Received encrypted content data, playback information, and access restriction information via the source part?
- the distribution data decryption unit stores the encrypted content data, the playback information, and the access restriction information in the storage unit, and the access restriction information recorded in the storage unit when the output of the playback information is instructed from outside. And a control unit for determining whether output is possible based on the information.
- each terminal further includes a content reproduction unit, and when the reproduction operation of the content data is instructed from outside, the content reproduction unit receives the reproduction information and the encrypted content from the distribution data decryption unit. And a content data reproducing unit for decrypting and reproducing the encrypted content data using the license key.
- the access restriction information includes reproduction control information for restricting the number of times of outputting reproduction information from the distribution data decoding unit to the content reproduction unit.
- the control unit determines whether or not the reproduction information can be output based on the reproduction control information, and updates the reproduction control information as necessary after outputting the reproduction information.
- the access restriction information includes copy restriction information for restricting the number of times reproduction information can be copied from a distribution data decryption unit to another distribution data decryption unit.
- the control unit determines whether or not the reproduction information can be output based on the copy restriction information when a copy operation for copying the reproduction information is externally instructed to another distribution data decoding unit. In, the number of owned licenses can be updated as needed.
- access restriction information on the number of reproducible times and the number of owned licenses can be held and updated in a distribution data decoding unit, more specifically, in a memory card, without going through a distribution server. Therefore, it is possible to adopt a configuration in which the access restriction information cannot be falsified from a higher level by a file system, an application program, or the like. As a result, it is possible to issue a limited playback right for the playback circuit as playback information, such as distribution of music data (content data) for trial listening, inexpensive sales with limited number of playbacks, etc. Distribution of reproduction rights enables services such as collective purchases to be provided, providing a data distribution system that is highly convenient for users and ensuring sufficient security for copyright protection. The rights of the copyright holder Will be able to protect their interests.
- a recording device includes an interface unit, a storage unit, and a control unit.
- the interface exchanges data with the outside.
- the storage unit records storage data and access restriction information (AC1) for controlling output of the storage data from the recording device, which is input through the interface unit.
- the control unit determines whether or not the output of the stored data can be performed based on the access restriction information when an instruction to output the stored data is issued from outside.
- the access restriction information includes output number control information for limiting the number of output times of the stored data from the recording device to another device, and the control unit is instructed to output the stored data to the other device. In this case, it is possible to determine whether output is possible based on the output count control information and to update the output count control information as needed after output.
- the access restriction information includes duplication restriction information for restricting the number of times the stored data can be duplicated to another recording device, and the control unit outputs an instruction to duplicate the stored data to the other recording device from outside. In this case, it is possible to determine whether the stored data can be output based on the number of owned licenses, and after the output, the copy restriction information can be updated as necessary.
- the access restriction information such as the copy restriction information and the output count control information can be retained and updated in the storage area without passing through the distribution server. Therefore, the configuration is such that the access restriction information cannot be falsified from a higher level by a file system, an application program, or the like. As a result, it is possible to issue a limited playback right for the playback circuit, and to distribute music data (content data) for trial listening, sell at a limited number of playbacks, etc., and further distribute multiple playback rights. Services such as collective purchasing can be provided, providing a data distribution system that is highly convenient for users, and ensuring sufficient security for copyright protection. You can also protect your rights. BRIEF DESCRIPTION OF THE FIGURES
- FIG. 1 is a schematic diagram for schematically explaining the overall configuration of the data distribution system of the present invention. It is a reminder.
- FIG. 2 is a diagram illustrating characteristics of data, information, and the like for communication used in the data distribution system according to the first embodiment.
- FIG. 3 is a diagram collectively describing characteristics of key data and the like used in the data distribution system according to the first embodiment.
- FIG. 4 is a schematic block diagram showing the configuration of the license server shown in FIG.
- FIG. 5 is a schematic block diagram showing the configuration of the mobile phone shown in FIG.
- FIG. 6 is a schematic block diagram showing the configuration of the memory card shown in FIG.
- FIG. 7 is a conceptual diagram illustrating a configuration of information stored in a license information holding unit.
- FIG. 8 is a diagram for explaining the contents of the access restriction information AC1.
- FIG. 9 is a first flowchart for explaining an operation at the time of a distribution session in the data distribution system according to the first embodiment.
- FIG. 10 is a second flowchart for describing an operation at the time of a distribution session in the data distribution system according to the first embodiment.
- FIG. 11 is a flowchart for explaining an operation at the time of a reproduction session according to the first embodiment.
- FIG. 12 is a first flowchart illustrating an operation during a replication session between two memory cards according to the first embodiment.
- FIG. 13 is a second flowchart for illustrating an operation at the time of a replication session between two memory cards according to the first embodiment.
- FIG. 14 is a third flowchart for illustrating an operation during a replication session between two memory cards according to the first embodiment.
- FIG. 15 is a schematic block diagram showing a configuration of the license server according to the second embodiment.
- FIG. 16 is a schematic block diagram showing a configuration of the mobile phone according to the second embodiment.
- FIG. 17 is a flowchart for explaining a distribution operation in the data distribution system according to the second embodiment.
- FIG. 18 is a flowchart illustrating a reproducing operation according to the second embodiment.
- m 19 is a first flowchart for describing the operation of the data distribution system according to the second embodiment during the duplication session of two memory cards.
- FIG. 20 is a second flowchart illustrating an operation at the time of a replication session between two memory cards in the data distribution system according to the second embodiment.
- FIG. 21 is a schematic block diagram showing a configuration of a memory card according to the third embodiment.
- FIG. 22 is a conceptual diagram illustrating a configuration of information stored in a reproduction information holding unit and a license information holding unit.
- a configuration of a data distribution system for distributing digital music data to each mobile phone user via a mobile phone network will be described as an example.
- the present invention provides such a configuration.
- Distribution of other content data such as image data, video data, educational material data, text data, reading (audio) data, game programs, and other content data via other information and communication networks, without limitation. It is also applicable to the case where
- license server 10 which manages copyrighted music information distributes data after encrypting music data (hereinafter also referred to as content data) according to a predetermined symbol system.
- content data music data
- the authentication server 12 authenticates whether or not the mobile phone and the memory card of the mobile phone user who has accessed for distribution of music data are authorized devices.
- the distribution carrier 20 relays a distribution request (delivery request) from each mobile phone user to the license server 10 through its own mobile phone network.
- a distribution request delivery request
- the license server 10 uses the authentication server 12 to carry the mobile phone user. Confirm that the mobile phone and memory card are legitimate devices, further encrypt the requested content data, and deliver the data via the mobile carrier network of the carrier 20. To distribute the content data.
- a removable memory card 110 is attached to a mobile phone 100 of a mobile phone user 1.
- the memory card 110 receives the encrypted content data received by the mobile phone 100, decrypts the encryption performed for the above-described distribution, and then executes the music playback unit in the mobile phone 100. (Not shown).
- the mobile phone user 1 can "play" and listen to such content data via a mobile phone 130 or the like connected to the mobile phone 100.
- a license server 10 an authentication server 12, and a distribution carrier 20 are collectively referred to as a distribution server 30.
- the process of transmitting content data from the distribution server 30 to each mobile phone or the like is referred to as “distribution”.
- the distribution carrier 20 counts the frequency each time content data for one song is distributed, for example, so that a mobile phone user receives (downloads) content data and receives a copyright fee. If the distribution carrier 20 collects the charge along with the mobile phone call fee, the copyright holder can easily secure the copyright fee.
- the mobile phone user 2 having the memory card 112 can receive the distribution of the content data directly from the distribution server 30 by using his / her mobile phone 102.
- content data with a considerable amount of information If the mobile phone user 2 receives the information from the distribution server 30 directly, it may take a relatively long time for this reception. In such a case, if the content data can be copied from the mobile phone user 1 already receiving the content data, the convenience for the mobile phone user is improved.
- the memory card 110 is connected via the mobile phones 100 and 102.
- the encrypted content data (music data) and the information necessary for playback (playback information) are copied between 1 and 2.
- the “reproduction information” is, as described later, a license key capable of decrypting content data decrypted according to a predetermined encryption method, and a license ID key that is information related to copyright protection. It has restriction information on access reproduction.
- the receiver can flexibly use the content data once distributed by the distribution server 30.
- the mobile phones 100 and 102 are PHS (Personal Handy Phone), so-called transceiver mode communication is possible. It is possible to duplicate information between 1 and the mobile phone user 2.
- PHS Personal Handy Phone
- the system in order for the mobile phone user to be able to reproduce the content data that has been decrypted and distributed, the system requires the following:
- the second is the method itself for decoding the content data to be distributed
- the third is the prevention of unauthorized copying of the content data distributed in this way. This is a configuration that realizes decryption protection for decryption.
- Data is content data such as music data.
- the content data Data is encrypted with a license key — Kc.
- the encrypted content data ⁇ Data ⁇ Kc which has been encrypted and can be decrypted by the license key Kc, is distributed to the mobile phone user from the distribution server 30 in this format.
- the notation ⁇ Y ⁇ X indicates that the data Y is data that has been subjected to encryption that can be decrypted by decryption X.
- the distribution server distributes the encrypted content data and additional information Data_inf as plain text information relating to the content data or the access to the server.
- the license includes a content ID, which is a code for identifying the content data, a license ID, which is a management code that can specify the issuance of the license, and the number of licenses and functions that are determined by the user.
- the recirculation circuit control information AC 2 includes information indicating the number of licenses that can be reproduced and the number of licenses that can be copied (moved), and is managed and updated in the memory card.
- FIG. 3 shows characteristics such as key data (key data) used in the data distribution system shown in FIG.
- the content playback circuit (mobile phone) and memory card A unique public key ⁇ KPp ( ⁇ ) and KPmc (m) are provided, respectively, and the public encryption keys KPp ( ⁇ ) and KPmc (m) are used as class-specific secret decryption keys Kp ( ⁇ ) of the content reproduction circuit (mobile phone). ) And the private decryption key Kmc (m) specific to the class of the memory card.
- the public encryption key and the secret key i have different values for each type of mobile phone and each memory card class.
- Cp (n) and Cmc (m) are provided as class certificates for the memory card and the reproduction circuit, respectively.
- the natural number m represents the number of the memory card
- the natural number n represents the number for distinguishing the class of the content reproduction circuit (mobile phone).
- the public encryption key and class certificate specific to these memory cards and content playback units are of the form ⁇ KPmc (rn) // Cmc (m) ⁇ KPma and ⁇ KPp (n) // Cp (n) ⁇ KPma
- KPma is a common authentication key for the entire distribution system.
- the authentication key KPma is the key used to approve the class-specific public encryption key and its class certificate.
- the encryption for creating the authentication data is performed using an asymmetric secret key paired with the authentication key.
- the server 30 and the mobile phone 100 or 100 are used every time distribution, reproduction, and duplication of the content data are performed. 2.
- the common keys Ks1 to Ks4 generated in the memory card 110 or 112 are used.
- the common keys Ksl to Ks4 are unique common keys generated for each “session” which is a unit of communication or access between the server, the mobile phone, or the memory card.
- the keys Ks1 to Ks4 are also called "session keys.”
- session keys Ksl to Ks4 are managed by the distribution server, the mobile phone, and the memory card by having a unique value for each communication session. Specifically, the session key Ksl is generated by the distribution server for each distribution session. Session key Ks 2 is delivered by memory card Also, a session key Ks 3 is generated for each of the playback session and the replication (sending) session in the memory card as well. Session key Ks 4 is generated for each playback session on the mobile phone. In each session, these session keys are given and received, a session key generated by another device is received, encryption is performed using this session key, and a license key is transmitted. Security strength can be improved.
- KPm (i) i: ⁇ -number
- KPm (i) i: ⁇ -number
- KPm (i) i: ⁇ -number
- KPm (i) i: ⁇ -number
- KPm (i) i: ⁇ -number
- KPm (i) i: ⁇ -number
- KPm (i) i: ⁇ -number
- KPm (i) i: ⁇ -number
- KPm i: ⁇ -number
- Other keys are used mainly as license keys as a secret key common to the playback circuit.
- the secret key Kcom is stored in both the distribution server and the mobile phone, and is used for decryption processing for encrypting and obtaining the license key Kc and the like, respectively.
- the public key key KPcom is stored in the distribution server and used to encrypt the license key Kc
- the secret decryption key Kcom is stored in the mobile phone and used to obtain the license key Kc.
- license server 10 includes an information database 304 for storing data obtained by decoding content data according to a predetermined method and distribution information such as a license ID, and a mobile phone user.
- a charge database 302 for holding the charge information in accordance with the start of access to the content data, and data from the information database 304 and the charge database 302 via the data bus BS1,
- a data processing unit 310 for performing predetermined processing and a communication device 350 for exchanging data between the distribution carrier 20 and the data processing unit 310 via a communication network are provided.
- the data processing unit 310 is controlled by a distribution control unit 315 for controlling the operation of the data processing unit 310 according to data on the data bus BS1, and a distribution control unit 315.
- the session key generator 316 for generating the session key Ks1 during the distribution session, and the authentication data (KPmc (ra) // Cmc (m ) ⁇ KPma and ⁇ KPp (n) // Cp (n) ⁇ receive the KPma via the communication device 350 and the data bus BS 1 and perform the decryption processing with the decryption processing unit 3 1 2 using the authentication key KPma. Including.
- the data processing unit 310 further encrypts the session key Ksl generated by the session key generation unit 316 using the public encryption key KPrac (m) obtained by the decryption processing unit 312.
- An encryption processing unit 3 18 for outputting to the data bus BS 1, and a decryption process for receiving data transmitted after being encoded by the session key Ks 1 and receiving the data from the data bus BS 1 and performing a decryption process It includes a processing unit 320 and a Kcom holding unit 322 for holding a secret key Kcom common to the reproduction circuit.
- the data processing unit 310 further encrypts the license key Kc and the reproduction circuit control information AC 2 given from the distribution control unit 3 15 with a secret key Kcom common to the reproduction circuits.
- An encryption processing unit 3 2 6 for encrypting the data output from the encryption processing unit 3 2 4 with the public key KPm (i) unique to the memory card obtained by the decryption processing unit 3 20;
- An encryption processing unit 328 for further encrypting the output of the encryption processing unit 326 by the session key Ks2 given from the decryption processing unit 320 and outputting the encrypted data to the data bus BS1 is included.
- the public key is used in the part corresponding to the Kcom holding unit 3222. KPcom is retained. Further, the encryption processing section 3 2 4 performs decryption using the public decryption key KPcom.
- natural number n 1 representing a class of the mobile phone
- natural number i 1 for individually identifying the mobile phone.
- the mobile phone 100 is used to receive a signal wirelessly transmitted by the mobile phone network.
- a transmitter / receiver 1104 for receiving signals from the antenna 1102 and the antenna 1102 and converting it to a baseband signal, or modulating data from a mobile phone and providing the data to the antenna 1102.
- a data bus BS 2 for exchanging data of each section of the mobile phone 100, and a controller 110 6 for controlling the operation of the mobile phone 100 via the data bus BS 2.
- the mobile phone 100 further provides a touch key unit 1108 for giving external instructions to the mobile phone 100, and information output from the controller 1106 or the like to the mobile phone user.
- a display 111 for giving information as information, an audio reproducing unit 111 for reproducing audio based on received data supplied via the database BS2 in a normal call operation, and an external Data from connector 1120 and connector 1120 for exchanging data between connectors are converted into a signal that can be supplied to data bus BS2, or data from data bus BS2 is converted to a connector.
- an external interface section 112 for converting the signal into a signal that can be given to 112.
- the mobile phone 100 further includes a removable memory card 110 for storing content data (music data) from the distribution server 30 and decoding the content data, a memory card 110 and a data bus BS.
- a certificate and certificate data holding unit for holding data encrypted in a state that can be decrypted by KPma] 500 is included.
- the mobile phone 100 further includes a ⁇ holding unit 1502 that holds a decryption key Kp (1) unique to the mobile phone (content reproduction circuit), and ⁇ (1 ) To obtain a session key Ks 3 generated by the memory card, and a decryption processing unit 1504 for obtaining a session key Ks 3, and a memory card 110 for reproducing a content data recorded on the memory card 110.
- a ⁇ holding unit 1502 that holds a decryption key Kp (1) unique to the mobile phone (content reproduction circuit), and ⁇ (1 )
- Ks 3 generated by the memory card
- a decryption processing unit 1504 for obtaining a session key Ks 3
- a memory card 110 for reproducing a content data recorded on the memory card 110.
- the session key generator 1508 which generates a session key Ks4 using random numbers, etc., and decrypts the generated session key Ks4
- An encryption processing unit 1506 which encrypts with the session key Ks3 obtained by the unit 1504 and outputs it to the data bus BS2;
- a decryption processing unit 1510 for decrypting the data on the tabus BS2 with the session key Ks4 and outputting the decrypted data.
- the mobile phone 100 further stores a Kcom holding unit 1512 holding a secret key Kcom commonly set in the reproduction circuit, and ⁇ Kc ⁇ AC 2 ⁇ Kcom output by the decryption processing unit 15010.
- the decryption processing unit 15 decrypts with the secret key Kcom and outputs the license key Kc; and the reproduction circuit control information AC2.
- the decryption processing unit 15 receives the encrypted content data ⁇ Data ⁇ Kc from the data bus BS2. And a decryption processing unit that decrypts with the license key Kc and outputs the content data.
- the mobile phone 100 further includes a music reproduction unit 15 18 for receiving the output of the decryption processing unit 15 16 to reproduce the content data, a music reproduction unit 15 18 and a sound reproduction unit 1.
- Switching section 1525 for receiving the output of 1 1 2 and selectively outputting according to the operation mode, and connection for connecting to the headphone 1 30 receiving the output of the switching section 1 5 2 5 Terminals 1530 are included.
- the secret decryption key Kcom is stored in a portion corresponding to the Kcom storage unit 1512. . Further, the decryption is performed by the decryption processing section 1514 using the secret decryption key Kcom.
- FIG. 5 for simplicity of description, only blocks related to the distribution and reproduction of the content data of the present invention are shown in the mobile phone, and only the block related to the call function originally provided in the mobile phone is shown. I omit the club.
- antenna 1 102 transmitting / receiving section 1 104, controller 1 106, key 1 1 08, display 1 1 1 0, audio playback section 1 1 1 2, connector 1 1 20, external interface 1 1 2 2, switching section 1 5 25 and connection terminal 1 5 30 except for blocks related to call processing or blocks shared with call processing, content playback section related to content data distribution and playback Is equivalent to
- a block group corresponding to the content playback unit of the mobile phone 100 is configured as a detachable module as a music playback module. is there.
- the public encryption key KPm (i) and the corresponding secret decryption key Km (i) are unique values for each memory card.
- this natural number i 1.
- KPrac (m) and Kmc (m) are provided as the memory card's unique public key and private decryption key
- Cmc (m) is provided as the memory card class certificate.
- the memory card 1 10 has an authentication data holding unit ⁇ 400 that holds the authentication data ⁇ KPmc (1) // Croc (1) ⁇ KPma.
- the authentication data holding unit 1400 includes a memory card 1 Public key set corresponding to 10 KPmc (1) can be authenticated by decrypting with the authentication key KPma And it holds the encrypted state.
- the memory card 110 further includes a data bus BS3 for transmitting and receiving signals to and from the memory interface 1200 via the terminal 1202, and data supplied from the memory interface 1200 to the data bus BS3.
- a unique secret decryption key Kmc (1) for each type is received from the Kmc (1) holding unit 1402, and the session key Ksl generated by the distribution server 30 in the distribution session or the session key generated by another memory card in the duplication session.
- a decryption processing unit 1404 that outputs one Ks 3 to the contact point Pa.
- the memory card 110 further receives the authentication key KPma from the KPma holding unit 1414, executes a decryption process using the authentication key KPma from the data supplied to the data bus BS3, and outputs the decryption result to the encryption processing unit 1410.
- the decryption processing unit 1408 and the key selectively given by the switching switch 1442 And an encryption processing unit 1406 for encrypting the data selectively given by and outputting the data to the data bus BS3.
- the memory card 110 further obtains a session key generation unit 1418 that generates a session key in each of the distribution, reproduction, and duplication sessions, and a session key Ks 3 output from the session key generation unit 1418 by the decryption processing unit 1408.
- An encryption processing unit 1410 that encrypts with the public encryption key KPp ( ⁇ ) or KPtnc (m) and sends it to the data bus BS3, and a session key generation unit that receives data encrypted with the session key Ks3 from BS3 14 includes a decryption processing unit 1412 for decrypting with the session key Ks3 obtained from 18 and transmitting the decryption result to the data bus BS4.
- the memory card 110 further includes an encryption processing unit 1424 for encrypting data on the data bus BS4 at the time of “duplication” with the public key key KPm (i) (i ⁇ 1) of another memory card, A decryption processing unit 1 422 for decrypting the data on the bus BS 4 with a secret decryption key Km (1) unique to the memory card 1 10 paired with the public signature key KPm (1); and a public signature key KPm ( The license key and the reproduction circuit control information AC2 encrypted in 1) are received and stored from the data bus BS4, and the encrypted content data ⁇ Data ⁇ Kc and the additional information Data-inf are received from the data bus BS3. And a memory 1415 for storing.
- the memory card 110 further includes a license information holding unit 1440 for holding the license ID, the content ID, and the access restriction information AC1 obtained by the decryption processing unit 1422, and an external communication via the data bus BS3. And a controller 1420 for transmitting and receiving data, receiving reproduction information and the like with the data bus BS4, and controlling the operation of the memory card 110.
- the license information holding unit 1440 can exchange data of the license ID, the content ID, and the access restriction information AC1 with the data bus BS4.
- license information holding unit 1440 has N (N: natural number) banks, and includes license ID, data content ID data, and access restriction information AC, which are license information corresponding to each license. 1 is stored for each bank.
- access restriction information AC1 includes reproduction count restriction information Sub-Play and owned license number Sub-Move.
- the reproduction count restriction information Sub-Play is 8-bit data as an example. If the value of Sub_Play is FF (h), it indicates that there is no restriction on the number of times of reproduction, and if the value is 0 (h), it indicates that reproduction is no longer possible. Also, the value of Sub_Play is 10! ) If the range of ⁇ 7F (h), this value indicates the number of playable, the value of Sub_Pl a y each to be reproduced is reduced. (H) means 16 hexadecimal notation.
- the number of owned licenses Sub-Move is similarly shown as 8-bit data as an example. If the value of Sub Jove is FF (h), it indicates that duplication is prohibited. Also, if the value of Subjlove is in the range of ⁇ (h) to 7F (h), this value indicates the number of owned licenses. Is decremented, and if it becomes 0 (h), it indicates that there are no more licenses to duplicate.
- the access restriction information AC 1 is issued by the distribution server 30 at the time of the distribution operation according to the license purchase condition AC generated according to the specification from the user side at the time of the license purchase, and the reproduction and copy operations are performed. Every time it is updated and stored in the memory card 110.
- the area surrounded by the solid line indicates that, if the memory card 110 is subjected to an unauthorized opening process from the outside, etc., the internal data will be erased or the internal circuit will be destroyed.
- the module is incorporated in the module TRM for disabling the reading of data in the circuit existing in the area.
- such modules are tamper-resistant modules that use technology that physically and logically protects against internal analysis and tampering, and that cannot be directly accessed from the outside.
- the configuration including the memories 14 and 15 may be incorporated in the module TRM ⁇ .
- the configuration shown in FIG. 6 since all of the playback information stored in the memories 14 and 15 required for playback is encrypted data, a third party It is impossible to play music only with the data in this memory 14 15 and the memory is stored in an expensive tamper resistant module. Since there is no need to provide 1415, there is an advantage that manufacturing cost is reduced.
- a delivery request is made from the mobile phone 100 of the [mobile phone user] by operating the key buttons of the touch panel 1108 by the mobile phone user (step S100).
- the authentication data ⁇ KPmc (1) // Cmc (1) ⁇ Pma is output from the authentication data holding unit 1400 in response to the distribution request (step S102).
- the mobile phone 100 receives the authentication data ⁇ KPmc (1) // Cmc (l) ⁇ for the authentication received from the memory card 110 and the authentication data ⁇ ( 1) // Cp (1) ⁇ KPma, content), and license purchase condition data AC are transmitted to distribution server 30 (step S104).
- the distribution server 30 sends the content ID and authentication data ⁇
- step S 106 the decryption processing unit 312 performs decryption processing with the authentication key KPma, and the public card of the memory card 110 and the class certificates KPmc (1) and Cmc (1) and the mobile phone
- the public key of the content reproduction circuit of the device 100 and the class certificates KPp (1) and Cp (1) are received (step S108).
- the distribution control unit 315 makes an inquiry to the authentication server 12 based on the received class certificate data Cmc (1) and Cp (1), and if these class certificates are valid, the device is authenticated by an authorized device. Yes, these public encryption keys are confirmed to be valid. If the public encryption key is valid, proceed to the next process (step S112), and if these public key are invalid, terminate the process (step S160) ( Step S 110).
- the authentication data (KPmc (1) ⁇ KPma and the authentication data ⁇ Pp (1) ⁇ KPma are each decrypted by the authentication KPma, so that their validity can be determined.
- the configuration may be such that the distribution control unit 315 of the license server 10 performs authentication independently from the result of decryption using the authentication key KPma without making an inquiry to the authentication server 12.
- the session key generating unit 3 16 in the distribution server 30 Generate a session key Ks 1 for The session key Ksl is decrypted by the encryption processing unit 318 using the public key key KPmc (1) corresponding to the memory card 110 obtained by the decryption processing unit 312 (step S11). 2)
- the decrypted session key Ks 1 is expressed as ⁇ Ksl ⁇ Kmc (1) as the data bus
- the data is output to the outside via the BS1 and the communication device 350 (step S114).
- the mobile phone 100 receives the encrypted session key ⁇ Ksl ⁇ Kmc (1) (step S116)
- the memory card 110 connects to the data bus BS3 via the memory interface 1200.
- the session key Ksl is decrypted by decrypting the given received data with the secret key Kmc (1) unique to the memory code 110 stored in the decryption processing unit 1404 and the storage unit 1402. Extraction (step S 1 ⁇ 8).
- the controller 1420 When the controller 1420 confirms the reception of the session key Ksl generated by the distribution server 30, the controller 1420 instructs the session key generator 1418 to generate the session key Ks2 generated during the distribution operation in the memory card. .
- the encryption processing unit 1406 uses the session key Ks1 provided from the decryption processing unit 1404 via the contact point Pa of the switching switch 1442 to sequentially switch the contact points of the switching switches 1444 and 1446 and the public key. No. encrypts key KPtn (1) as a single data sequence, 5 2 // KPm (1) ⁇ Ksl is output to the data bus BS3 (step S120).
- the signal data ⁇ Ks2 ⁇ Ki1 ⁇ 2 (1) ⁇ output to the data bus BS3 is transmitted from the data bus BS3 to the mobile phone 100 via the terminal 1202 and the memory interface 1200, and distributed from the mobile phone 100. It is transmitted to the server 30 (step S122).
- the distribution server 30 receives the encrypted data s2 ⁇ KPm (1) ⁇ Ksl, executes a decryption process using the session key Ks1 in the decryption processing unit 320, and outputs the session key KS2 generated in the memory card 110. Then, the public key key KPm (1) unique to the memory card 110 is received (step S124).
- the distribution control unit 315 generates a license ID, access restriction information AC1, and reproduction circuit control information AC2 in accordance with the content ID and the license purchase condition AC acquired in step S106 (step S126). Further, a license key Kc for decrypting the encrypted content is obtained from the information database 304 (step S128).
- distribution control section 3 15 gives acquired license key Kc and reproduction circuit control information AC 2 to encryption processing section 324.
- the encryption processing unit 324 encrypts the license key Kc and the reproduction circuit control information AC2 with the secret key Kcom common to the reproduction circuits obtained from the Kcom holding unit 322 (step S130).
- the encrypted data c ⁇ AC2 ⁇ Kcom output from the encryption processing unit 324 and the license ID, content ID, and access restriction information AC1 output from the distribution control unit 3 15 are decrypted by the encryption processing unit 326. Encrypted with the public key key KPm (1) unique to the memory card 110 obtained by the unit 320 (step S132).
- the encryption processing unit 328 receives the output of the encryption processing unit 326, and decrypts it with the session key Ks2 generated in the memory 110.
- the encrypted data output from encryption processing section 328 is transmitted to mobile phone 100 via data bus BS1 and communication device 350 (step S134).
- the encryption keys generated by the distribution server and the memory card are exchanged, the encryption is performed using the encryption keys received by each other, and the encrypted data is transmitted to the other party.
- transmitting and receiving each encrypted data Can effectively perform mutual authentication and improve the security of the data distribution system.
- the mobile phone 100 receives the transmitted encrypted data ⁇ c // AC2 ⁇ Kcom ⁇ License ID ⁇ Content ID ⁇ AC 1 ⁇ Km (1) ⁇ Ks2 (step S136), and stores the memory card 1 In 10, the received data provided to the data bus BS 3 via the memory interface 1200 is decoded by the decoding processing unit 14 12.
- the decryption processing unit 1412 decrypts the received data on the data bus BS3 using the session key Ks2 given from the session key generation unit 1418, and outputs it to the data bus BS4 (step S138).
- the data bus BS4 contains ⁇ (Kc // AC2 ⁇ Kcom ⁇ license ID ⁇ content: HV /, which can be decrypted by the secret decryption key Kra (1) held in the Km (1) holding unit 1421.
- AC1 ⁇ Km (1) is output
- ⁇ Kc // AC2 ⁇ Kcom ⁇ License ID ⁇ Content ID ⁇ AC1 ⁇ Kra (1) is recorded in the memory ⁇ 4 15 (Step S140)
- ⁇ Kc // AC2 ⁇ Kcom ⁇ License ID ⁇ Content ID ⁇ AC1 ⁇ Km (1) is decrypted by the decryption processing unit 1422 using the secret decryption key Km (1). Only the license ID, content ID, and access restriction information AC1 are accepted (step S142).
- the license, the content ID, and the access restriction information AC1 are recorded in the license information holding unit 1440 (step S144).
- a request for distribution of the content data is made from the mobile phone 100 to the distribution server 30 (step S146).
- Distribution server 30 receives the content data distribution request, obtains encrypted content data ⁇ Data ⁇ Kc and additional information Data-inf from information database 304, and transmits these data to data bus BS1 and communication device. Output via 350 (step S 1.48).
- the mobile phone 100 receives ⁇ Data ⁇ Kc // Data-inf and receives the encrypted content data ata ⁇ Kc and Data-inf (step S150).
- the encrypted content data ⁇ Data ⁇ Kc and additional information Data-inf are the memory interface 1
- the data is transmitted to the data bus BS3 of the memory card 110 via the terminal 200 and the terminal 1202.
- the received ⁇ Data ⁇ Kc and the additional information Data-inf are recorded in the memory 1415 as they are (step S152).
- a notification of the reception of the distribution is transmitted from the memory card 110 to the distribution server 30 (step S 154).
- the distribution server 30 receives the charge data to the charge database 302 .
- the processing of ending distribution is executed with the storage of (Step S158), and the entire processing ends (Step S160).
- a reproduction request is generated according to an instruction of mobile phone user 1 from touch key section 1108 or the like of mobile phone 100 (step S200).
- the mobile phone 100 converts the authentication data ⁇ (1) // Cp (1) ⁇ KPma, which can be authenticated from the authentication data holding unit 1500 by decrypting with the authentication key KPma.
- Output to the bus BS2 step S202).
- Authentication data ⁇ KPp (1) // Cp (1) ⁇ KPma is transmitted to the memory card 110 via the data bus BS 2 and the memory interface 1200.
- the encrypted data ⁇ KPp (1) // Cp (1) ⁇ KPma transmitted to the data bus BS3 via the terminal 1202 is transmitted to the decryption processing unit 1408.
- the decryption processing unit 1408 decrypts the data on the data bus BS3, and issues a public encryption ⁇ KPp (1) and a class that are specific to the type of the content reproduction unit, ie, the mobile phone 100. certificate obtain C P (1).
- Controller 1420 is exposed via data bus BS3 It receives the encryption key KPp (1) and the class certificate Cp (1) (step S204).
- the controller 1420 Based on the decryption result of the decryption processing unit 1408, the controller 1420 authenticates the received content reproduction circuit of the mobile phone 100, and if the content reproduction circuit of the mobile phone 100 is approved, The process proceeds to the next step (step S208) (step S206). On the other hand, if the content reproduction circuit of the mobile phone 100 is not approved, the processing of the reproduction session is terminated (step S240).
- the controller 1420 instructs the session key generator 1418 to generate the session key Ks3 in the reproduction session via the data bus BS4.
- the session key Ks3 generated by the session key generation unit 1418 is sent to the encryption processing unit 1410.
- the encryption processing unit 141 ⁇ encrypts the session key Ks 3 using the public key KPp (1) of the mobile phone 100 obtained by the decryption processing unit 1408, and encrypts the session key Ks 3 corresponding to KPp (1).
- the encrypted data ⁇ Ks3 ⁇ Kp (1) that can be decrypted in 1) is output to the data bus BS3 (step S208).
- the mobile phone 100 receives the encrypted data ⁇ Ks3 ⁇ Kp (1) on the data bus BS via the terminal 1202 and the memory interface 1200.
- the encrypted data ⁇ Ks3 ⁇ Kp (1) is decrypted by the decryption processing unit # 504, and the session key Ks3 generated by the memory card 110 is received (step S210).
- Controller 1106, in response to receiving session key Ks3, instructs session key generator 1508 via data bus BS2 to generate session key Ks4 generated by mobile phone 100 in the playback session. I do.
- the generated session key Ks 4 is sent to the encryption processing unit 1 506, and ⁇ Ks 4 ⁇ Ks 3 coded by the session key Ks 3 obtained by the decryption processing unit 504 is received by the data bus BS 2 (Step S212).
- the decoded session key ⁇ Ks 4 ⁇ Ks 3 is transmitted to the memory card 110 via the memory interface 1200.
- the decrypted session key ⁇ Ks4 ⁇ Ks3 transmitted to the data bus BS3 is decrypted by the decryption processing unit 1412, and the session key Ks4 generated by the mobile phone 100 is received.
- the controller 144 checks the corresponding access restriction information AC1 in the license information holding unit 144.
- the controller 14420 first confirms the number of owned licenses Sub-Move, and when this value is 0, there is no license already and ends the reproduction session (step S240). On the other hand, if the value of the number of owned licenses Sub—Move is not 0, the process proceeds to the next step (step S216).
- the controller 2 420 checks the number-of-reproductions-restriction information Sub_Play, and if this value is 0, the reproduction session is already terminated because the reproduction is impossible (step S). 240). If the number of times of reproduction limit information Sub_Play is from 1 (h) to 7F (h), the value of Sub-Play, that is, the number of reproducible times is reduced by 1 (step S220), and the processing of the reproduction session is performed. Proceed. On the other hand, if the value of the play count restriction information Sub_Play is FF (h), it means that there is no limit on the play count for the license, and therefore the play session is performed without executing step S220. Is executed (step S218).
- step S218 If it is determined in step S218 that playback is possible in the playback session, decryption processing of the license key Kc and playback circuit control information AC2 of the playback request music recorded in the memory is executed. . Specifically, in accordance with the instruction from the controller 144, the decoded data ⁇ Kc // AC2 ⁇ Kcoiti ⁇ license ID ⁇ read from the memory 1415 to the data bus BS4 The content ID ⁇ AC 1 ⁇ Km (1) is decrypted by the decryption processing unit 14 2 2 using the secret decryption key Km (1) unique to the memory card 110, and the encrypted data ⁇ decryptable by the common secret key Kcom ⁇ Kc ⁇ AC 2 ⁇ Kcom is obtained on the data bus BS4 (step S2222).
- the obtained encrypted data ⁇ Kc ⁇ AC 2 ⁇ Kcom is sent to the encryption processing section 144 through the contact Pd of the switching switch 144 4.
- the encryption processing unit 1446 further converts the encrypted data received from the data bus BS4 by the session key Ks4 received from the decryption processing unit 1412 via the contact Pb of the switching switch 1442. It encrypts and outputs ⁇ Kc // AC2 ⁇ Kcom ⁇ Ks4 to the data bus BS3 (step S224).
- the encrypted data output to the data bus BS3 is transmitted to the mobile phone 100 via the memory interface 1200.
- the encrypted data ⁇ Kc // AC2 ⁇ Kcom ⁇ Ks4 transmitted to the data bus BS2 via the memory interface 1200 is decrypted by the decryption processing unit 1510. Processing is performed, and the decrypted license key Kc and reproduction circuit control information AC2 are received (step S226).
- the decryption processing unit] 5 1 4 stores the encrypted data ⁇ Kc ⁇ AC 2 ⁇ Kcom in the Kcom holding unit 1 5
- the decryption circuit receives the license key Kc and the reproduction circuit control information AC2 by decrypting with the secret key Kcom common to the reproduction circuits received from step 12 (step S228).
- the decryption processing section 1514 transmits the license key Kc to the decryption processing section 1516, and outputs the reproduction circuit control information AC2 to the data bus BS2.
- the controller 1106 receives the reproduction circuit control information AC2 via the data bus BS2 and checks whether or not reproduction is possible (step S230).
- step S2 3 # If it is determined in step S2 3 # that reproduction is not possible by the reproduction circuit control information AC2, the reproduction session is terminated (step S240). On the other hand, if the content can be reproduced, the encrypted content data ⁇ Data ⁇ Kc of the request music recorded in the memory from the memory card 110 is output to the data bus BS3, and the memory interface 1 It is transmitted to the mobile phone 100 via the “0” (step S2 32).
- the decryption processing unit 1516 decrypts the encrypted content data ⁇ Data ⁇ Kc output from the memory card 210 and transmitted to the data bus BS2 using the license key Kc. It is possible to obtain plain-text content data (step S2334).
- the decrypted plain culture content data Data is converted into a music signal by the music playback unit 1518 (step S2336), and is played back to the outside through the mixing unit 1525 and the terminal 1530. The process is completed by outputting the music (step S240).
- the memory card 110 can authenticate the mobile phone 100 as a content reproduction circuit and then prohibit the reproduction process. In addition, it is possible to execute a reproduction operation reflecting the access restriction information updated and held in the memory card.
- the mobile phone 100 and memory card 110 The generated key is exchanged with each other, encryption is performed using the keys received by each other, and the encrypted data is transmitted to the other party.
- the mutual authentication can be effectively performed both in the reproduction session and in the transmission and reception of data, and the security of the data distribution system can be improved.
- FIG. 12 FIG. 13 and FIG. 14, the copying operation of content data and key data between the two memory cards 110 and 112 via the mobile phones 100 and 102 is shown. Is explained.
- the mobile phone 100 and the memory card 110 are on the transmitting side, and the mobile phone 102 and the memory card 112 are on the receiving side. It is also assumed that the mobile phone 102 has a memory card 112 having the same configuration as that of the memory card 110. Hereinafter, each component of the memory card 112 will be described using the same reference numeral as the corresponding part of the memory card 110.
- Step S300 content is copied from the mobile phone 100 of the mobile phone user 1 on the transmission side by operating the key button of the part 1 108 by the mobile phone user 1. A request is made. (Step S300).
- the generated copy request is sent to the mobile phone user 2 of the receiving side, mobile phone 1
- the authentication data in which the public encryption key KP mc (2) and the class certificate Cmc (2) corresponding to the memory card 1 2 ⁇ KPmc (2) // Cmc (2) ⁇ KPma is output (step S302).
- Authentication data of the memory card 1 12 ⁇ KPmc (2) // Cmc (2) ⁇ KPma is transmitted from the mobile phone # 02 of the mobile phone user 2 and stored in the memory via the mobile phone 100 of the mobile phone user 1. It is received by the card 110 (step S304).
- the decryption processing unit 1408 decrypts the authentication data of the memory card 112 and receives the class certificate Cmc (2) and the public key key KPtnc (2) for the memory card 112. (Step S306).
- the controller 1420 executes an authentication operation based on the decryption result of the decryption processing unit 1408 via the data bus BS3 (Step S308).
- the controller 1420 sends the authentication data ⁇ KPmc (2) from the decryption result obtained by decrypting the authentication data ⁇ KPmc (2) // Cmc (2) ⁇ KPma with the authentication key KPma.
- ⁇ Cmc (2) ⁇ It is possible to confirm that KPma is authentication data output from a legitimate key. Perform this check, and if it is valid authentication data output from a legitimate key, approve the public key KPmc (2) and class certificate Cmc (2), and then proceed to the next step. Execute S310. On the other hand, if it is invalid authentication data that cannot be confirmed to have been output from the legitimate key, the duplication session is terminated (step S370).
- controller 1420 instructs session key generating section 1418 to output a session key Ks 3 generated on the transmission side during the replication session.
- the session key-s 3 generated by the session key generation unit 1418 is transmitted to the encryption processing unit 1410.
- the encryption processing unit 1410 further receives the public encryption key KPmc (2) of the memory card 112 decrypted by the decryption processing unit 1408 in step S306, and encrypts the session key Ks3 with KPmc (2). I do.
- the encrypted session key ⁇ Ks3 ⁇ Kmc (2) is output to the data bus BS3 (step S312).
- ⁇ Ks 3 ⁇ Kmc (2) output to data bus BS 3 is transmitted to memory card 112 via mobile phone 100 and mobile phone 102.
- the memory card 112 receives ⁇ Ks 3 ⁇ Kmc (2) output from the memory card] 10, and the decryption processing unit 14 ⁇ 4 performs secret decryption corresponding to the memory card 112. Performs decryption processing using key Kmc (2), and sends Then, the generated session key Ks3 is received (step S314).
- the controller 1420 of the memory card 112 Upon receipt of the session key Ks3, the controller 1420 of the memory card 112 instructs the session key generator 1418 to generate a session key Ks2 to be generated on the receiving side in the replication session. I do.
- the generated session key Ks2 is transmitted to the encryption processing unit 1406 via the contact point Fi in the switching switch 1446 and the contact point Pc in the switching switch 1444.
- the encryption processing unit 1406 receives the session key Ks 3 obtained in step S3 16 from the decryption processing unit 1404, and receives the session key Ks 3 obtained by switching the contact Pc of the switching switch 1444 and the contact of the switching switch 1446.
- Ks2 and the public key KPm (2) are encrypted with the session key Ks1, and ⁇ Ks2 ⁇ KFm (2) ⁇ Ks3 is output to the data bus BS3 (step S316).
- the encrypted data ⁇ Ks2 ⁇ KPm (2) ⁇ output to the data bus BS3 is transmitted to the data bus BS3 of the memory card 110 via the mobile phones 102 and 100.
- the encrypted data transmitted to the data bus BS3 is decrypted by the decryption processing unit 1412 using the session key Ks3, and the session key Ks2 and the public key ⁇ Accept KPm (2) (Step S3 18).
- controller 1420 of memory card 110 restricts access in license information holding unit 144 °. Perform information AC 1 check.
- the corresponding reproduction number restriction information Sub_Play stored in the license information holding unit 1440 is checked. If this value is 0, the corresponding license is already in a state where reproduction is impossible, and the copy session is terminated. Yes (step S370). On the other hand, if the value of the reproduction count restriction information Sub-Play is not 0, the processing of the replication session proceeds (step S320).
- the controller 1420 checks the corresponding number of owned licenses Sub-Move stored in the license information holding unit 1440, and when this value is 0 or FF (h), there is no license, or Since the license is in a state where copying is prohibited from the beginning, the copying session is terminated (step S370). on the other hand, When the value of the number of owned licenses Sub-Move is other than 0 and FF (h) 0, the process proceeds to the next step (step S322).
- step S324 the input instruction of the number of duplicate licenses is executed, and if all the remaining licenses are instructed to be duplicated (step S326), the controller 1420 sends the access restriction information AC1 from the license information holding unit 1440. And updates the value of the number of owned licenses Sub—Move to 0 (step S328).
- the controller 1420 After updating the owned license number Subjove, the controller 1420 acquires the corresponding content ID and license ID from the license information holding unit 1440 (step S332).
- the controller 1420 outputs the session key Kc corresponding to the content data to be copied and the encrypted data ⁇ Kc: ⁇ AC2 ⁇ Kcom ⁇ license ID ⁇ content ID ⁇ AC1 ⁇ Km (1) relating to the reproduction information. Instructs memory 14 and 15.
- the encrypted data ⁇ Kc // AC2 ⁇ Kcom ⁇ License ID ⁇ Content ID ⁇ AC1 ⁇ Km (1) output from the memory 1415 is decrypted by the decryption processing unit 1422, and ⁇ Kc ⁇ AC2 ⁇ Kcom is Obtained on the data bus BS4 (step S334).
- the license ID, content ID, and access restriction information AC1 obtained from the license information holding unit 1440 in step S332 and ⁇ Kc ⁇ AC2 ⁇ Kcom obtained in step S334 are transmitted from the data bus BS4 to the encryption processing unit 1424. And is converted into a symbol.
- the encryption processing unit 1424 performs the decryption processing in step S320. These data are decrypted by the public key key KPm (2) unique to the memory card 1 1 2 obtained in the part 14 12 and ⁇ Kc // AC2 ⁇ Kc om ⁇ license ID ⁇ content ID // AC 1 ⁇ Km (2) is output (step S336).
- the encrypted data ⁇ Kc // AC2 ⁇ Kcom ⁇ License ID ⁇ Content ID ⁇ AC1 ⁇ Km (2) output to the data bus BS4 is sent to the encryption processing unit 1406 via the contact Pd in the switch 1444. Is transmitted.
- the encryption processing unit 1406 receives the session key Ks2 generated by the memory card 112 obtained by the decryption processing unit 1412 via the contact Pb of the switching switch 1442, and receives the data received from the contact Pd through the session key Ks2. By encrypting.
- the encryption processing unit 1406 outputs ⁇ Kc // AC2 ⁇ Kcom ⁇ License ID ⁇ Content ID ⁇ AC1 ⁇ Km (2) ⁇ Ks2 to the data bus BS3 (Step S338) .
- the encrypted data output to the data bus BS3 in step S338 is transmitted to the memory card 112, which is the receiving side of the duplication session, via the mobile phones 10 and 102.
- the decryption processing unit 141 in the memory card 112, the decryption processing unit 141
- step 2 decryption is performed using the session key Ks2 generated by the session key generation unit 1418, and ⁇ Kr7 / AC2 ⁇ Kcom Klicense ID ⁇ content ID // AC1 ⁇ Km (2) is accepted. (Step S340).
- the ⁇ Kc // AC2 ⁇ Kcom ⁇ License ID ⁇ Content ID ⁇ AC1 ⁇ Km (2) decrypted with the public key KPm (2) is recorded in the memory 1415 (step S3 42). Further, in the decryption processing unit 1422, the license ID, the content ID, and the access restriction information AC1 are received by performing the decryption process using the secret decryption ⁇ Km (2) unique to the memory card 112 (Ste S344). The license ID, the content ID, and the access restriction information AC1 obtained by the decryption processing unit 1422 are recorded in the license information holding unit 1440 via the data bus BS4 (step S346).
- step S 338 ends normally, and in response to the reproduction information being copied,
- a data duplication request is further performed (step S348).
- the request to copy the content data is transmitted to the memory card 110 via the mobile phone 100, and in response to this, the corresponding encrypted content data is read from the memory 144 in the memory card 110.
- ⁇ Data ⁇ Kc and additional information Data-inf are output to the data bus BS3 (step S350).
- step S354 When the recording of the encrypted content data ⁇ Data ⁇ Kc and the additional information Data-inf is completed, a copy acceptance is transmitted via the mobile phone 102 (step S354). As a result, if a normal playback session is performed on memory card 112 and corresponding mobile phone 102, mobile phone 102 plays back the encrypted content data recorded on memory card 112. To listen to music.
- the mobile phone 100 on the transmitting side receives the copy acceptance transmitted from the mobile phone 102 (step S 356).
- the memory card 110 Upon receiving the copy acceptance, the memory card 110 checks the number of owned licenses Sub-Move in the license information storage unit 144 (Step S358), and if this value is 0, That is, when the license is lost, it is requested that either the erasure or the retention of the encrypted content data ⁇ Data ⁇ Kc and the additional information Data-inf is input from the touch key section 11 8 (step S36). 0).
- an instruction to delete the content data can be made from the touch key section 1108 (step S3662), so that the contents of the memory 1415 in the memory card 110 can be deleted.
- the corresponding encrypted content data ⁇ Data ⁇ Kc and additional information Data-inf can be deleted (step S364).
- step S 3 Step 6 is skipped, and the duplication processing ends at this stage (step S366).
- the license key and the encrypted content data are copied after the authentication of the content reproduction circuit (mobile phone) and the memory card on the receiving circuit side is checked in advance. Therefore, it is possible to prohibit copying of content data to an unauthorized playback circuit (mobile phone) or memory card.
- the structure is such that the memory card uniquely reflects the change in license during the duplication operation on the access restriction information AC 1 (Sub-Move) held in the memory card. Therefore, it is possible to prevent reproduction information and encrypted content data from being copied without limitation.
- a distribution service that can newly access the distribution server 30 and receive only the reproduction information only from the state where the encrypted content data ⁇ Data ⁇ Kc is recorded in the memory 14 15 is considered. Can be In this way, if only the playback information is received, the encrypted content data ⁇ Data ⁇ Kc can be played again to listen to the music.
- steps S146, S148, S148 relating to the transmission and reception of the encrypted content data are performed. The detailed description will not be repeated here, since it corresponds to the processing that does not execute 150 and S152.
- step S328 the license information holding unit 1 is used for duplication.
- the value of the Sub Move in the access restriction information AC 1 is updated to 0, but the data is deleted from the license information holding unit 144 0. The same effect can be obtained by leaving.
- access restriction information such as the number of owned licenses and the number of reproducible times can be retained and updated in the TKM area in the memory card without passing through the distribution server. it can.
- a configuration in which the access restriction information cannot be falsified from a higher level by a file system, an application program, or the like can be provided, so that the copyright protection for the content data can be further strengthened.
- the data distribution system according to the second embodiment is characterized in that, unlike the configuration of the data distribution system according to the first embodiment, decoding that cannot be decrypted by the secret Kcom common to reproduction circuits is performed.
- the data distribution system of the second embodiment differs from the data distribution system of the first embodiment in that a license server 11 is provided instead of the license server 10 in the distribution server 30 provided in the data distribution system of the first embodiment.
- the configuration of the mobile phone in the data distribution system according to the second embodiment employs the configuration of the mobile phone 101 instead of the configuration of the mobile phone 100 described in FIG.
- license server ⁇ 1 has a secret key Kcom holding unit 322 common to the reproduction circuit and an encryption processing unit 324 with secret ⁇ Kcora. Not the same. That is, in the license server 11, the license key Kc and the reproduction circuit control information AC 2 output from the distribution control unit 3 15 are directly transmitted to the encryption processing unit 3 26. Other circuit configurations and operations are the same as those of license server 10 shown in FIG. 4, and thus description thereof will not be repeated.
- the license server 11, the authentication server 12, and the distribution carrier 20 are collectively referred to as a distribution server 31.
- mobile phone 1001 used in the data distribution system according to the second embodiment is different from the configuration of mobile phone 100 described in the first embodiment in that a reproduction circuit The difference is that a Kcom holding unit 1512 holding a common secret key Kcom and a decryption processing unit 1514 using a secret key Kcotn are not provided.
- the secret key is used in the distribution server 31.
- the license key Kc is directly obtained by the decryption processing unit 1510 that performs the decryption processing by the session key Ks4.
- the configuration is directly applied to 1510.
- Other circuit configurations and operations are the same as those of mobile phone 100, and therefore description thereof will not be repeated.
- a memory card used in the data distribution system according to the second embodiment has the same configuration as memory card 110 shown in FIG. 6, and therefore description thereof will not be repeated.
- the flow chart explains the difference in operation in each session of distribution, reproduction, and duplication by omitting the encryption using the secret key Kcom common to the reproduction circuits.
- a mobile phone user receives distribution of content data, which is music data, from distribution server 31 according to Embodiment 2 via mobile phone 101 by using memory card 110. The operation in the case will be described.
- the license key Kc and the reproduction circuit control information AC2 obtained in step S128 are secret from the memory card 110 without being encrypted by Kcom.
- Step S130 is omitted because it is encrypted by the public key key KPm (1).
- steps S128, steps S132a to S142a are executed instead of steps S132 to S142.
- steps S1332a to S1422a the license key Kc and reproduction circuit control information AC2 handled in steps S132 to S142 are converted to a symbolized form ⁇ Kc ⁇ AC 2 ⁇
- Kcom is replaced by Kc and AC2 in their original form.
- the other encryption and decryption processes are the same as those already described with reference to FIG. 10, and thus description thereof will not be repeated.
- FIG. 18 shows a flow of a reproducing operation in the data distribution system according to the second embodiment.
- the playback operation by mobile phone 101 used in data distribution system according to Embodiment 2 is compared with the playback operation according to Embodiment 1 shown in FIG. 11. However, the difference is that steps S 222 a to S 226 a are executed instead of steps S 222 to S 226.
- steps S2 2 2a to S2 26a steps S2 2 2 to
- the license key Kc and reproduction circuit control information AC2 handled in S226 are changed from the symbolized form ⁇ Kc ⁇ AC2 ⁇ Kcom to Kc ⁇ AC2 in its original form. different.
- the other encryption and decryption processes are the same as those already described with reference to FIG. 11 and will not be described again.
- other steps are the same as those in FIG. 11, and thus description thereof will not be repeated.
- FIGS. 19 and 20 show the flow of the duplication operation in the data distribution system according to the second embodiment.
- FIGS. 19 and 20 between two memory cards 110 and 112, content data, key data, and the like are transmitted via mobile phones 101 and 103 according to the second embodiment.
- the following describes a process of performing the duplication.
- FIGS. 19 and 20 differences from the flowchart of the duplication operation according to the first embodiment shown in FIGS.
- steps S 334 to S 344 shown in FIG. 13 and FIG. The difference is that steps S334a to S344a are performed and that step S228 is omitted.
- step S3334a to S3444a the license key Kc and the reproduction circuit control information AC2 handled in steps S3344 to S344 are used; the encrypted form ⁇ Kc ⁇ AC 2 ⁇ The difference is that Kcom is replaced by Kc and AC 2 as they are. Also, since the license key Kc and the reproduction restriction information AC2 are given without being encrypted by the secret key Kcom, step S228 is omitted.
- the license key Kc and the reproduction circuit control information AC2 are written in plain text without being decoded in the memory card. It is characterized by being recorded by
- the distribution system according to the third embodiment is different in that a memory card 210 is provided instead of memory card 110 in the second embodiment.
- Distribution server 31 and mobile phone 101 have the same configuration, and therefore description thereof will not be repeated.
- memory card 210 is different from memory card 110 in that data is not transmitted to and received from memory 144 via data bus BS4, and Playback information controller 1 4 that stores license key Kc and playback circuit control information AC2 It differs in that it has 30.
- the reproduction information holding unit 1440 is always provided in the TRM area, and can exchange data with the data bus BS4.
- the license key Kc and the reproduction circuit control information AC2 which are transmitted to the memory card in a state of being decoded by the public signal KPm (l), are stored in the memory 14. 1 Not stored directly in 5. That is, the license key Kc and the reproduction control information AC2 are decrypted by the decryption processing section 142 and then stored in the reproduction information storage section 144 in plain text via the data bus BS4.
- reproduction information holding section 144 has N banks corresponding to license information holding section 144, and license key Kc and reproduction circuit control information corresponding to each license. AC2 is held for each bank. At this time, the bank corresponding to the bank holding the license ID, the content ID, and the access restriction information AC1 for the same license stored in the license information holding unit 144 is used.
- the other configuration is the same as that of the memory card 10 and will not be described in detail.
- step S140a the encrypted data (Kc ⁇ ACl ⁇ license ID ⁇ content ID ⁇ AC2 ⁇ Km (l) is decrypted in the decryption processing section 1442 2 by the secret decryption key Km (l ), And the obtained license key Kc and the reproduction circuit control information AC2 are recorded in the reproduction information holding unit 144. Further, step S 1
- the license ID, the content ID, and the access restriction obtained in the decryption processing in the step corresponding to step S140a The information AC1 is recorded in a bank corresponding to the reproduction information holding unit 144 in the license holding unit information holding unit 144.
- the processing in the other steps of the reproducing operation is the same as that in the second embodiment, and therefore the description will not be repeated.
- Step S222-2a for acquiring control information AC2
- the processing content is changed. That is, in a step corresponding to step S222 a, the license key Kc and the reproduction circuit control information AC2 are acquired from the reproduction information holding unit 144.
- the processing in the other steps of the reproducing operation is the same as that in the second embodiment, and thus the description will not be repeated.
- the distribution system according to the third embodiment differs from the distribution system according to the second embodiment only in the internal processing of memory card 210, is compatible with the second embodiment, and is mutually compatible. Can be operated.
- the flow chart at the time of the copying operation in FIGS. 19 and 20 in the second embodiment is similar to the distribution operation and the reproducing operation.
- step 2 decryption is performed using the secret decryption key Km (2), and the obtained license key Kc and the reproduction circuit control information AC2 are recorded in the reproduction information holding unit 144. Further, in step S3444a In the corresponding step, the license ID, the content ID, and the access restriction information AC1 obtained in the decryption processing in the step corresponding to step S3422a are reproduced in the license holding section information holding section 1440. The information is stored in the bank corresponding to the information storage unit 144.
- the memory card 110 of the second embodiment is compatible with the memory card 210 of the third embodiment.
- a memory card, in that sense The distribution systems of Embodiment 2 and Embodiment 3 can be operated by the same distribution system.
- application of memory card 210 according to the third embodiment can also be performed in combination with the distribution system according to the first embodiment. That is, the license key Kc and the reproduction circuit control information AC2 can be recorded in the reproduction information holding unit 14430 in the state of ⁇ Kc // AC2 ⁇ Kcom encrypted by the key Kcom.
- the encrypted data ⁇ Kc // AC2 ⁇ Kcom ⁇ license ID ⁇ contents; UV / AC1 ⁇ Km (1) is kept secret in decryption processing section 1442.
- Decryption is performed using the decryption key Km (l), and the obtained license key Kc and reproduction circuit control information AC2 are recorded in the reproduction information holding unit 144.
- the license ID, the content ID and the access restriction information AC1 obtained in the decryption process in the step corresponding to step S140 are stored in the license holding section information holding section.
- the recorded information is stored in the bank corresponding to the reproduction information holding unit 144 0 in the 144 0.
- the processing in the other steps of the reproducing operation is the same as that in the first embodiment, and thus the description will not be repeated.
- step S222 of acquiring control information AC2 The content of the process in step S222 of acquiring control information AC2 is changed. That is, in a step corresponding to step S222, the license key Kc and the reproduction circuit control information AC2 are obtained from the reproduction information holding unit 14430 in the form of ⁇ Kc ⁇ AC2 ⁇ Kcom.
- the processing in the other steps of the reproducing operation is the same as that in the first embodiment, and thus description thereof will not be repeated.
- the license key Kc and the reproduction circuit control information AC2 are stored in the memory 1415 as (Kc : ⁇ AC 2 ⁇ ).
- the process in step S334 to acquire in the form of Kcom, the step to record a license in steps S3342 and S344 may be changed.
- the encrypted data ⁇ Kc // AC 2 ⁇ Kcom ⁇ license ID ⁇ content ID ⁇ ACl ⁇ Km (2) is decrypted by decryption processing section 144 2 2
- Decryption is performed using the secret decryption key Km (2), and the obtained ⁇ Kc // AC 2 ⁇ Kcom is recorded in the reproduction information holding unit 144.
- the license ID, the content ID, and the access restriction information AC1 obtained in the decryption processing in the step corresponding to step S324 are stored in the license holding section information holding section. The information is stored in the bank corresponding to the reproduction information holding unit 144 0 in the 144 0.
- the distribution system according to the third embodiment differs from the distribution system according to the first embodiment only in the internal processing of memory card 210, is compatible with the first embodiment, and is mutually compatible. Can be operated.
- the memory card 110 of the first embodiment and the memory card 210 of the third embodiment are different from each other. It is a compatible memory card, and in that sense, the first embodiment and the third embodiment can be combined and operated in the same distribution system.
- the reproduction information storage unit 144 and the license storage unit information storage unit 144 arranged in the TRM area are shown as blocks having independent functions. It is also possible to arrange as a memory. Further, as described in the first embodiment, the memory 1415 can be arranged in the TRM area. In this case, the memory 1415, the reproduction information holding unit 1440, and the license The holding unit information holding unit 144 0 can be provided on the same common memory. In all of the embodiments described above, a configuration in which a plurality of licenses can be copied at a time during a copying operation has been described. However, in a single copying operation, one license can be copied. It is also possible. This place In this case, step S324 is omitted from the flowchart shown in FIG. 13 in the first embodiment and FIG. 20 in the second and third embodiments, and in step S326, the number of copy licenses is "1". It may be a process to determine that it is.
- the content reproduction circuit does not necessarily have to be the mobile phone 100 to which distribution has been made. Further, since the authentication processing is performed by the authentication data ⁇ KPp (l) ⁇ Cp (l) ⁇ KPma of the content reproduction circuit reproduced by the memory card 100 in the reproduction operation, the distribution server 10 performs the authentication processing of the content reproduction circuit. Pp (l) ⁇ Cp (l) ⁇ Even if the authentication process of the content reproduction circuit (mobile phone 100) is not performed by KPma, it does not lead to a decrease in security.
- the authentication data of the memory card 100 is transmitted to the distribution server 10.
- the data distribution system and the recording device according to the present invention can be used for data distribution using a mobile communication terminal such as a mobile phone.
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Description
Claims
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/148,178 US7945517B2 (en) | 1999-12-06 | 2000-12-05 | Data distribution system and recording device for use therein |
EP00979088A EP1237326A4 (en) | 1999-12-06 | 2000-12-05 | DATA DISTRIBUTION DEVICE AND ASSOCIATED RECORDING DEVICE |
JP2001542929A JP3930321B2 (ja) | 1999-12-06 | 2000-12-05 | データ配信システムおよびそれに使用される記録装置 |
AU16517/01A AU1651701A (en) | 1999-12-06 | 2000-12-05 | Data distribution system and recorder for use therein |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP34686199 | 1999-12-06 | ||
JP11/346861 | 1999-12-06 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2001043342A1 true WO2001043342A1 (fr) | 2001-06-14 |
Family
ID=18386310
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2000/008593 WO2001043342A1 (fr) | 1999-12-06 | 2000-12-05 | Systeme de distribution de donnees et enregistreur utilise avec ce systeme |
Country Status (7)
Country | Link |
---|---|
US (1) | US7945517B2 (ja) |
EP (1) | EP1237326A4 (ja) |
JP (1) | JP3930321B2 (ja) |
CN (1) | CN100471108C (ja) |
AU (1) | AU1651701A (ja) |
TW (1) | TW493334B (ja) |
WO (1) | WO2001043342A1 (ja) |
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2004129227A (ja) * | 2002-07-30 | 2004-04-22 | Fujitsu Ltd | 情報再生装置、セキュアモジュールおよび情報再生方法 |
JP2004133576A (ja) * | 2002-10-09 | 2004-04-30 | Sony Corp | 情報処理装置、コンテンツ配信サーバ、ライセンスサーバ、および方法、並びにコンピュータ・プログラム |
JP2006127485A (ja) * | 2004-09-30 | 2006-05-18 | Sanyo Electric Co Ltd | コンテンツ再生装置およびコンテンツ再生方法 |
JP2007004650A (ja) * | 2005-06-27 | 2007-01-11 | Nec Corp | ライセンス管理システム、ホストデバイス、ライセンス管理方法及びプログラム |
CN1297911C (zh) * | 2002-03-29 | 2007-01-31 | 松下电器产业株式会社 | 内容重放设备和内容重放控制方法 |
JP2007529835A (ja) * | 2004-03-22 | 2007-10-25 | サムスン エレクトロニクス カンパニー リミテッド | デバイスと携帯用保存装置との間に権利客体を移動またはコピーする方法及び装置 |
CN100388240C (zh) * | 2004-09-30 | 2008-05-14 | 三洋电机株式会社 | 内容再生装置和内容再生方法 |
JP2010183571A (ja) * | 2005-01-07 | 2010-08-19 | Apple Inc | 電子デバイスのためのアクセサリ認証 |
US7873839B2 (en) | 2002-07-30 | 2011-01-18 | Fujitsu Limited | Method of and apparatus for reproducing information, and security module |
EP2372596A1 (en) | 2003-10-16 | 2011-10-05 | Sharp Kabushiki Kaisha | Content use control device, recording device, reproduction device, recording medium, and content use control method |
US8509691B2 (en) | 2008-09-08 | 2013-08-13 | Apple Inc. | Accessory device authentication |
US8590036B2 (en) | 2006-06-27 | 2013-11-19 | Apple Inc. | Method and system for authenticating an accessory |
US8634761B2 (en) | 2008-09-08 | 2014-01-21 | Apple Inc. | Cross-transport authentication |
Families Citing this family (29)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6735297B1 (en) * | 2001-01-12 | 2004-05-11 | 3Com Corporation | System for maintaining PBX license key information in the event of a hardware failure reducing MTTR |
US6754642B2 (en) * | 2001-05-31 | 2004-06-22 | Contentguard Holdings, Inc. | Method and apparatus for dynamically assigning usage rights to digital works |
US20030009681A1 (en) * | 2001-07-09 | 2003-01-09 | Shunji Harada | Digital work protection system, recording medium apparatus, transmission apparatus, and playback apparatus |
JP2003124923A (ja) * | 2001-10-15 | 2003-04-25 | Nec Infrontia Corp | バッテリに暗号鍵を格納する方式 |
JP4323745B2 (ja) * | 2002-01-15 | 2009-09-02 | 三洋電機株式会社 | 記憶装置 |
JP3971941B2 (ja) * | 2002-03-05 | 2007-09-05 | 三洋電機株式会社 | データ記憶装置 |
JP4387087B2 (ja) * | 2002-07-25 | 2009-12-16 | 三洋電機株式会社 | データ記憶装置 |
US20090174525A1 (en) * | 2004-03-02 | 2009-07-09 | Shinnichiro Yamauchi | Communication system and communication method |
KR20050096036A (ko) * | 2004-03-29 | 2005-10-05 | 삼성전자주식회사 | 휴대형 저장장치 및 휴대형 저장장치의 파일 관리 방법 |
US9219729B2 (en) | 2004-05-19 | 2015-12-22 | Philip Drope | Multimedia network system with content importation, content exportation, and integrated content management |
JPWO2005124573A1 (ja) * | 2004-06-15 | 2008-04-17 | 松下電器産業株式会社 | データ処理装置 |
JP4622334B2 (ja) * | 2004-06-23 | 2011-02-02 | 日本電気株式会社 | コンテンツデータ利用システム及びその方法並びに移動通信端末及びプログラム |
US8363835B2 (en) * | 2004-07-21 | 2013-01-29 | Sanyo Electric Co., Ltd. | Method for transmission/reception of contents usage right information in encrypted form, and device thereof |
US7578436B1 (en) * | 2004-11-08 | 2009-08-25 | Pisafe, Inc. | Method and apparatus for providing secure document distribution |
CN101208952B (zh) * | 2005-06-23 | 2011-06-15 | 汤姆森特许公司 | 多媒体访问设备注册系统和方法 |
US7720767B2 (en) * | 2005-10-24 | 2010-05-18 | Contentguard Holdings, Inc. | Method and system to support dynamic rights and resources sharing |
EP1989690A1 (en) * | 2006-02-22 | 2008-11-12 | Koninklijke Philips Electronics N.V. | Method for redistributing drm protected content |
JP5162931B2 (ja) * | 2007-03-19 | 2013-03-13 | 富士通株式会社 | コンテンツ配信方法、中継ノード、データ通信プログラム、および該プログラムを記録した記録媒体 |
KR101098091B1 (ko) * | 2007-04-23 | 2011-12-26 | 엘지전자 주식회사 | 보안 레벨을 기반으로 하는 컨텐츠 사용 방법, 컨텐츠 공유 방법 및 디바이스 |
CN101682505B (zh) * | 2007-05-07 | 2013-10-23 | Lg电子株式会社 | 用于安全通信的方法和系统 |
US20080319771A1 (en) * | 2007-06-19 | 2008-12-25 | Microsoft Corporation | Selective data feed distribution architecture |
CN102405648B (zh) * | 2007-08-10 | 2014-12-31 | Lg电子株式会社 | 共享内容的方法 |
US20100057911A1 (en) * | 2008-08-27 | 2010-03-04 | C&C Group, Inc. | Enhanced User Control Over Processing Parameters |
JP2011081764A (ja) * | 2009-09-14 | 2011-04-21 | Panasonic Corp | コンテンツ受信機、コンテンツ再生機、コンテンツ再生システム、コンテンツ書き出し方法、視聴期限判定方法、プログラム、および記録媒体 |
US20110110516A1 (en) * | 2009-11-06 | 2011-05-12 | Kensuke Satoh | Content receiver, content reproducer, management server, content use system, content use method, method of write-out from content receiver, method of possible viewing time management on content reproducer, method of time limit fixation in management server, and program |
US8826459B2 (en) * | 2011-11-29 | 2014-09-02 | Jason Swist | Systems and methods of automatic multimedia transfer and playback |
JP2013210708A (ja) * | 2012-03-30 | 2013-10-10 | Hitachi-Lg Data Storage Inc | 記録再生システム、サーバ |
US10171230B2 (en) | 2014-02-28 | 2019-01-01 | Empire Technology Development Llc | Homomorphic encryption scheme |
US10880279B2 (en) * | 2018-11-02 | 2020-12-29 | Sony Corporation | Virtual broadcast of unicast data stream in secured wireless local area network |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH103745A (ja) * | 1996-06-12 | 1998-01-06 | Sony Corp | 記録媒体、デジタルコピー管理方法、再生装置、及び記録装置 |
JPH11164058A (ja) * | 1997-11-26 | 1999-06-18 | Hitachi Electron Service Co Ltd | 携帯型音楽選曲視聴システム |
JPH11328850A (ja) * | 1998-05-11 | 1999-11-30 | Sony Corp | 情報配信システム |
Family Cites Families (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP3073590B2 (ja) * | 1992-03-16 | 2000-08-07 | 富士通株式会社 | 電子化データ保護システム、使用許諾者側装置および使用者側装置 |
US5689560A (en) | 1994-04-25 | 1997-11-18 | International Business Machines Corporation | Method and apparatus for enabling trial period use of software products: method and apparatus for allowing a try-and-buy user interaction |
US5473692A (en) * | 1994-09-07 | 1995-12-05 | Intel Corporation | Roving software license for a hardware agent |
US5892900A (en) * | 1996-08-30 | 1999-04-06 | Intertrust Technologies Corp. | Systems and methods for secure transaction management and electronic rights protection |
CN101359350B (zh) * | 1995-02-13 | 2012-10-03 | 英特特拉斯特技术公司 | 用于安全地管理在数据项上的操作的方法 |
US5671412A (en) * | 1995-07-28 | 1997-09-23 | Globetrotter Software, Incorporated | License management system for software applications |
US5765152A (en) * | 1995-10-13 | 1998-06-09 | Trustees Of Dartmouth College | System and method for managing copyrighted electronic media |
CA2242596C (en) * | 1996-01-11 | 2012-06-19 | Mrj, Inc. | System for controlling access and distribution of digital property |
US5790664A (en) * | 1996-02-26 | 1998-08-04 | Network Engineering Software, Inc. | Automated system for management of licensed software |
US6073124A (en) * | 1997-01-29 | 2000-06-06 | Shopnow.Com Inc. | Method and system for securely incorporating electronic information into an online purchasing application |
US5925127A (en) * | 1997-04-09 | 1999-07-20 | Microsoft Corporation | Method and system for monitoring the use of rented software |
US6056786A (en) * | 1997-07-11 | 2000-05-02 | International Business Machines Corp. | Technique for monitoring for license compliance for client-server software |
US6009401A (en) * | 1998-04-06 | 1999-12-28 | Preview Systems, Inc. | Relicensing of electronically purchased software |
US6226618B1 (en) * | 1998-08-13 | 2001-05-01 | International Business Machines Corporation | Electronic content delivery system |
US6289455B1 (en) * | 1999-09-02 | 2001-09-11 | Crypotography Research, Inc. | Method and apparatus for preventing piracy of digital content |
-
2000
- 2000-12-05 CN CNB008188416A patent/CN100471108C/zh not_active Expired - Fee Related
- 2000-12-05 AU AU16517/01A patent/AU1651701A/en not_active Abandoned
- 2000-12-05 WO PCT/JP2000/008593 patent/WO2001043342A1/ja active Application Filing
- 2000-12-05 EP EP00979088A patent/EP1237326A4/en not_active Withdrawn
- 2000-12-05 JP JP2001542929A patent/JP3930321B2/ja not_active Expired - Fee Related
- 2000-12-05 US US10/148,178 patent/US7945517B2/en not_active Expired - Fee Related
- 2000-12-06 TW TW089125946A patent/TW493334B/zh not_active IP Right Cessation
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH103745A (ja) * | 1996-06-12 | 1998-01-06 | Sony Corp | 記録媒体、デジタルコピー管理方法、再生装置、及び記録装置 |
JPH11164058A (ja) * | 1997-11-26 | 1999-06-18 | Hitachi Electron Service Co Ltd | 携帯型音楽選曲視聴システム |
JPH11328850A (ja) * | 1998-05-11 | 1999-11-30 | Sony Corp | 情報配信システム |
Non-Patent Citations (2)
Title |
---|
TARO YOSHIO: "Jitsuyoki no haishin system; chosakuken kanri ga kagi wo nigiru", NIKKEI ELECTRONICS, no. 738, March 1999 (1999-03-01), pages 94 - 98, XP002937813 * |
TARO YOSHIO: "Kogata memory card de ingaku chosakuken wo mamoru", NIKKEI ELECTRONICS, no. 739, March 1999 (1999-03-01), pages 49 - 53, XP002937812 * |
Cited By (27)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1297911C (zh) * | 2002-03-29 | 2007-01-31 | 松下电器产业株式会社 | 内容重放设备和内容重放控制方法 |
US7873839B2 (en) | 2002-07-30 | 2011-01-18 | Fujitsu Limited | Method of and apparatus for reproducing information, and security module |
JP2004129227A (ja) * | 2002-07-30 | 2004-04-22 | Fujitsu Ltd | 情報再生装置、セキュアモジュールおよび情報再生方法 |
US8055909B2 (en) | 2002-07-30 | 2011-11-08 | Fujitsu Limited | Method of and apparatus for reproducing information, and security module |
JP4576100B2 (ja) * | 2002-07-30 | 2010-11-04 | 富士通株式会社 | 情報再生装置、セキュアモジュールおよび情報再生方法 |
US8046591B2 (en) | 2002-07-30 | 2011-10-25 | Fujitsu Limited | Method of and apparatus for reproducing information, and security module |
US7930562B2 (en) | 2002-07-30 | 2011-04-19 | Fujitsu Limited | Method of and apparatus for reproducing information, and security module |
JP2004133576A (ja) * | 2002-10-09 | 2004-04-30 | Sony Corp | 情報処理装置、コンテンツ配信サーバ、ライセンスサーバ、および方法、並びにコンピュータ・プログラム |
US7996335B2 (en) | 2002-10-09 | 2011-08-09 | Sony Corporation | Information processing device, contents distribution server, license server, and method and computer program |
US9064095B2 (en) | 2003-10-16 | 2015-06-23 | Sharp Kabushiki Kaisha | Content use control device, recording device, reproduction device, recording medium, and content use control method |
US8108314B2 (en) | 2003-10-16 | 2012-01-31 | Sharp Kabushiki Kaisha | Content use control device, recording device, reproduction device, recording medium, and content use control method |
EP2372596A1 (en) | 2003-10-16 | 2011-10-05 | Sharp Kabushiki Kaisha | Content use control device, recording device, reproduction device, recording medium, and content use control method |
JP2007529835A (ja) * | 2004-03-22 | 2007-10-25 | サムスン エレクトロニクス カンパニー リミテッド | デバイスと携帯用保存装置との間に権利客体を移動またはコピーする方法及び装置 |
JP4664352B2 (ja) * | 2004-03-22 | 2011-04-06 | サムスン エレクトロニクス カンパニー リミテッド | デバイスと携帯用保存装置との間に権利客体を移動またはコピーする方法及び装置 |
CN100388240C (zh) * | 2004-09-30 | 2008-05-14 | 三洋电机株式会社 | 内容再生装置和内容再生方法 |
JP2006127485A (ja) * | 2004-09-30 | 2006-05-18 | Sanyo Electric Co Ltd | コンテンツ再生装置およびコンテンツ再生方法 |
JP2010183571A (ja) * | 2005-01-07 | 2010-08-19 | Apple Inc | 電子デバイスのためのアクセサリ認証 |
JP2014053966A (ja) * | 2005-01-07 | 2014-03-20 | Apple Inc | 電子デバイスのためのアクセサリ認証 |
US8763079B2 (en) | 2005-01-07 | 2014-06-24 | Apple Inc. | Accessory authentication for electronic devices |
US9223958B2 (en) | 2005-01-07 | 2015-12-29 | Apple Inc. | Accessory authentication for electronic devices |
US9754099B2 (en) | 2005-01-07 | 2017-09-05 | Apple Inc. | Accessory authentication for electronic devices |
US10049206B2 (en) | 2005-01-07 | 2018-08-14 | Apple Inc. | Accessory authentication for electronic devices |
JP2007004650A (ja) * | 2005-06-27 | 2007-01-11 | Nec Corp | ライセンス管理システム、ホストデバイス、ライセンス管理方法及びプログラム |
US8590036B2 (en) | 2006-06-27 | 2013-11-19 | Apple Inc. | Method and system for authenticating an accessory |
US9160541B2 (en) | 2006-06-27 | 2015-10-13 | Apple Inc. | Method and system for authenticating an accessory |
US8509691B2 (en) | 2008-09-08 | 2013-08-13 | Apple Inc. | Accessory device authentication |
US8634761B2 (en) | 2008-09-08 | 2014-01-21 | Apple Inc. | Cross-transport authentication |
Also Published As
Publication number | Publication date |
---|---|
JP3930321B2 (ja) | 2007-06-13 |
CN1433612A (zh) | 2003-07-30 |
EP1237326A1 (en) | 2002-09-04 |
US20020191764A1 (en) | 2002-12-19 |
EP1237326A4 (en) | 2007-09-05 |
US7945517B2 (en) | 2011-05-17 |
CN100471108C (zh) | 2009-03-18 |
AU1651701A (en) | 2001-06-18 |
TW493334B (en) | 2002-07-01 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP3930321B2 (ja) | データ配信システムおよびそれに使用される記録装置 | |
JP3677001B2 (ja) | データ配信システムおよびそれに用いられる記録装置 | |
JP3759455B2 (ja) | データ再生装置 | |
JP3980355B2 (ja) | ライセンス情報記憶装置、コンテンツ再生装置およびライセンス情報配信システム | |
JP3873090B2 (ja) | データ記録装置、データ供給装置およびデータ配信システム | |
JP4010481B2 (ja) | データ配信システムおよびそれに用いるデータ供給装置、端末装置ならびに記録装置 | |
JP2002094499A (ja) | データ端末装置およびヘッドホン装置 | |
WO2002075550A1 (fr) | Enregistreur de donnees restituant des donnees originales autorisees a n'exister qu'en un seul exemplaire | |
JP2002101192A (ja) | シェル型データ端末装置 | |
JP2010267240A (ja) | 記録装置 | |
JP2004072721A (ja) | 認証システム、鍵登録装置及び方法 | |
JP3934941B2 (ja) | 記録装置 | |
JP2007124717A (ja) | デジタルコンテンツ無断複製防止システム | |
JP4553472B2 (ja) | データ端末装置 | |
JP3782356B2 (ja) | 記録装置およびそれを用いたデータ配信システム | |
JP4201566B2 (ja) | 記憶装置およびサーバ装置 | |
JP2002094500A (ja) | データ端末装置 | |
JP2002009763A (ja) | データ再生装置、それを用いた端末装置、および再生方法 | |
JP2002149061A (ja) | レンタルコンテンツ流通システムおよびその方法 | |
JP2002099509A (ja) | 携帯端末装置 | |
JP2002091456A (ja) | 携帯電話機およびそれに用いるアダプタ | |
JP2002099743A (ja) | データ再生装置およびライセンス管理方法 | |
WO2001063834A1 (fr) | Enregistreur et systeme de distribution utilisant celui-ci | |
JP2002026890A (ja) | データ記録装置、およびデータ再生装置 | |
JP2002099342A (ja) | コンテンツ端末回路および端末装置 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
ENP | Entry into the national phase |
Ref country code: JP Ref document number: 2001 542929 Kind code of ref document: A Format of ref document f/p: F |
|
WWE | Wipo information: entry into national phase |
Ref document number: 10148178 Country of ref document: US |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2000979088 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 008188416 Country of ref document: CN |
|
WWP | Wipo information: published in national office |
Ref document number: 2000979088 Country of ref document: EP |
|
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |