WO2006068152A1 - 鍵情報生成方法 - Google Patents
鍵情報生成方法 Download PDFInfo
- Publication number
- WO2006068152A1 WO2006068152A1 PCT/JP2005/023397 JP2005023397W WO2006068152A1 WO 2006068152 A1 WO2006068152 A1 WO 2006068152A1 JP 2005023397 W JP2005023397 W JP 2005023397W WO 2006068152 A1 WO2006068152 A1 WO 2006068152A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- data
- key information
- pieces
- content key
- content
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0637—Modes of operation, e.g. cipher block chaining [CBC], electronic codebook [ECB] or Galois/counter mode [GCM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/60—Digital content management, e.g. content distribution
Definitions
- Key information generation method and device key information update method, falsification detection method and device, data structure of key information
- the present invention relates to a method and apparatus for detecting whether or not confidential information stored in a target device or the like is falsified, a method and apparatus for generating confidential information to be detected whether or not falsification is detected, and whether or not falsification is detected. It relates to the data structure of confidential information.
- Content related to copyrighted works and personal information (for example, content represented by music data and video data) needs to be prevented from being illegally copied or leaked to the outside.
- Such content is stored in the target device in an encrypted state.
- the host device executes an authentication process with the target device. If this authentication fails, the host device cannot obtain the content key for decrypting the encrypted content by the target device. On the other hand, if this authentication is successful, the host device can access the content stored in the target device and use the content. With this configuration, it is possible to prevent decryption of encrypted content by an unauthorized host device.
- the target device is, for example, a memory card such as an SD card.
- the host device is a semiconductor integrated circuit that reads data from a memory card, a set device that includes the semiconductor integrated circuit, or a content distribution device that distributes content to a target device.
- confidential information refers to information (for example, key information) necessary for reproducing content.
- a storage area in the target device is divided into a system area 901, a protection area 902, and a normal area 903.
- the system area 901 is an area for storing information for performing authentication between the target device and the host device. Host device goes to system area 901 The system area 901 cannot be accessed unless the specified process is permitted to be accessed.
- the protected area 902 is an area that cannot be accessed arbitrarily by the user (host device) and can only be accessed after successful authentication.
- the normal area 903 is an area that the user can arbitrarily access.
- the system area 901 stores an authentication key.
- the protected area 902 stores an encrypted content key. In the normal area 903, encrypted content is stored.
- the storage size of the normal area 903 for storing content is set larger than the storage size of the protection area 902 so that a large amount of content can be stored in the target device. Therefore, the amount of data that can be stored in the protected area 902 is smaller than the amount of data that can be stored in the normal area 903.
- the host device performs authentication using the authentication key stored in itself and the authentication key stored in the target device. If the authentication is successful, the host device generates an authentication intermediate key using these authentication keys.
- This authentication intermediate key is defined as a key for decrypting the encrypted content key. Therefore, the host device obtains the encrypted content key from the target device, decrypts the encrypted content key with the authentication intermediate key, and indicates the plaintext (encrypted, indicating the state. ) Content key. Furthermore, the host device also acquires the encrypted content from the target device, decrypts the encrypted content using the plaintext content key V, and generates plaintext content. Thereby, the content can be used. By executing the processing as described above, only the host device that has succeeded in authentication can use the encrypted content stored in the target device for IJ.
- an authentication intermediate key is generated if the authentication is successful. Therefore, if the authentication is successful, the encrypted content can be decrypted. That is, the encrypted content stored in the target device can be used if it is a valid host device.
- the confidential information stored in the storage area in the target device when the domain key is set in this way will be described. Even if a domain key is set, in order to maintain compatibility with the conventional target device, the method of dividing the area in the target device must be the same. If both the domain key and the content key are stored in the protection area 902, the domain key is a key for decrypting the content key, but the same security as the content key is used. It will be stored in the level area. Therefore, when a domain key is set to maintain security and compatibility, the domain key is stored in the protected area 902 in an encrypted state. The content key is stored in the normal area 903 in an encrypted state.
- the protected area 902 in the target device stores n (n is an integer of 1 or more) encrypted domain keys Ku (l) to Ku (n).
- the domain keys Ku (l) to Ku (n) are assigned n pieces of domain key management information UR [u] (l) to UR [u] (n) on a one-to-one basis.
- a plurality of content keys are stored in the normal area 903 of the target device.
- Each content key corresponds to one of the domain keys Ku (l) to Ku (n). That is, a plurality of encrypted content keys can be decrypted using a single domain key.
- m is an integer of 1 or more
- content keys Kt (l-l) to Kt (l-m) correspond to the domain key Ku (l).
- Content keys Kt (l-l) to Kt (l-m) have m content key management information U R [t] (l-l) to UR [t] (l-m) and m pieces of additional information info (l-l) to info (l-m) are assigned on a one-to-one basis.
- the set of domain keys Ku (l) to Ku (n) and domain key management information UR [u] (l) to UR [u] (n) is expressed as “domain key group UKUREJ and Content key Kt (l-l) to Kt (l-m), content key management information UR [t] (l-l) to UR [t] (l-m), and additional information info (l-l ) ⁇ Info (l-m) is indicated as "Content key group TKURE (1)"! /
- a domain key is required to decrypt the encrypted content key. To quickly search which content key can be decrypted by which domain key
- a key correspondence table Address List is also stored.
- the key correspondence table Add ress List describes the correspondence between domain keys and content keys. For example, the content key Kt (l-l) to Kt (l-m) that can be decrypted using the domain key is associated with the domain key Ku (l).
- the encrypted content key is stored in the normal area 903. Since the normal area 903 is an area that can be accessed arbitrarily by the user, it is possible to guarantee the validity of the encrypted content key stored in the normal area 903, in other words, to check falsification. It becomes important.
- EncKt (l-l) to EncKt (lm) that can be decrypted with the domain key Ku (l), and their encrypted content keys EncKt (ll) to EncKt (lm)
- Hash operation is executed by concatenating all the corresponding attached information info (l-l) to info (l-m). The hash obtained by the hash operation The value Hash (K U (l) is stored in the domain key management information UR [u] (l).
- the host device when checking the falsification in the encrypted content key EncKt l-1), the host device refers to the key correspondence table Address List, and the content key group from the normal area 903 in the target device. Reads TKURE (l) and executes no / sh operation. On the other hand, the host device decrypts the encryption domain key management information En C UR [ U ] (l) stored in the protection area 902 in the target device, using the authentication intermediate key obtained by the authentication. . Next, the host device extracts the hash value Hash (K u (l) from the domain key management information UR [u] (l) obtained by the decryption key.
- the hash value calculated by the hash operation is compared with the hash value extracted from the domain key management information UR [u] (l), and the host device determines that the two are identical and has been tampered with. On the other hand, if the two do not match, the host device does not decrypt the encrypted content as if it has been altered.
- Patent Document 1 Japanese Patent Laid-Open No. 2001-203686
- the host device in order to check whether one content key (content key Kt (ll)) has been tampered with, the host device must have all the content keys that can be decrypted with the same domain key and all the accompanying information ( It is necessary to read the content key group TKURE (l)) from the target device and perform a hash operation on the read information.
- the number of contents stored in the target device increases, the number of content keys increases accordingly.
- the content key associated with one domain key increases, and the processing time further increases.
- a hash operation is not performed on all the content keys that can be decrypted with the same domain key and all the information (content key group TKURE (l)) that accompanies it.
- a hash value is calculated in advance by performing a no-shush operation on each of the plurality of content keys associated with the domain key, and the calculated multiple no-shash values are embedded in the domain key management information.
- a method is also conceivable.
- an object of the present invention is to reduce the amount of data stored in a predetermined area and reduce the amount of processing when tampering is detected. More specifically, the amount of data stored in a given area is small and the amount of processing when tampering is detected! /,
- the data structure of the key information, the method and apparatus for generating the key information, and the key information The purpose is to provide a method and device for detecting tampering in the system and a method for updating the key information.
- key information is generated by the host device.
- the key information includes domain key information and m pieces of content key information (m is a natural number).
- the key information is detected for tampering.
- the host device includes a data generation unit and a data writing unit.
- the data generation unit generates key information.
- the data writing unit writes the key information generated by the data generation unit to the target device.
- the target device includes a first storage area and a second storage area having a higher security level than the first storage area.
- Each of the m pieces of content key information includes a content key used for encrypting and decrypting the content.
- the domain key information includes a domain key used for encrypting and decrypting m pieces of content key information.
- the generation method includes steps (A) to (E).
- step (A) the data generation unit receives m pieces of content key information. First data is added to each piece of information, and each of the m pieces of content key information is chain encrypted using a domain key. The first data corresponds to the partial inspection data used for falsification detection processing.
- step (B) the data generation unit extracts the medium first data of each of the m pieces of content key information encrypted in step (A) in an encrypted state.
- step (C) the data generation unit executes a predetermined operation on the concatenated data including the m pieces of first data extracted in step) to generate second data.
- step (D) the data generation unit adds the second data generated in step (C) to the domain key information as overall inspection data.
- step (E) the data writing unit writes the m pieces of encrypted content key information in the first storage area, and writes the domain key information in the second storage area.
- data used for falsification detection processing is generated in a plurality of stages. Also, not all the data used for falsification detection processing is stored in a predetermined area (second storage area with a relatively high security level), but the final stage inspection data is stored in a predetermined area. The As a result, the amount of data stored in the predetermined area can be reduced. Further, by comparing the first data obtained by executing predetermined processing on one piece of content key information and the partial inspection data prepared in advance, it is possible to detect the presence or absence of falsification in the content key information. Further, by comparing the second data generated based on the m pieces of first data with the overall verification data, it is possible to detect whether or not the entire key information has been tampered with. Therefore, since it is not necessary to perform processing on the entire key information, the processing amount at the time of falsification detection processing can be reduced.
- key information is generated by the host device.
- the key information includes domain key information and m pieces of content key information.
- the key information is detected for tampering.
- the host device includes a data generation unit and a data writing unit.
- the data generation unit generates key information.
- the data writing unit writes the key information generated by the data generation unit to the target device.
- the target device includes a first storage area and a second storage area having a security level higher than that of the first storage area.
- Each of the m content key information includes a content key used for encrypting and decrypting the content.
- Domain key The information includes a domain key used to encrypt and decrypt m pieces of content key information.
- the generation method includes steps (A) to (E).
- step (A) the data generation unit adds the first data to each of the m pieces of content key information, and uses the domain key to add each of the m pieces of content key information to the chain encryption key. To do.
- the first data corresponds to partial inspection data used for falsification detection processing.
- step (B) the data generation unit extracts the first data from the m pieces of content key information encrypted in step (A) in an encrypted state.
- step (C) the data generation unit performs chain ciphering on the concatenated data including the second data and the m first data extracted in step (B) using the domain key, and encrypts the encrypted data.
- the second data is extracted from the concatenated data in an encrypted state.
- step (D) the data generation unit adds the second data extracted in step (C) to the domain key information as overall inspection data.
- the data writing unit writes m encrypted first data included in the concatenated data encrypted in step (C) to the first storage area.
- the data writing unit writes the m pieces of encrypted content key information in the first storage area, and writes the domain key information in the second storage area.
- key information is generated by the host device.
- the key information includes domain key information and m pieces of content key information.
- the key information is detected for tampering.
- the host device includes a data generation unit and a data writing unit.
- the data generation unit generates key information.
- the data writing unit writes the key information generated by the data generation unit to the target device.
- the target device includes a first storage area and a second storage area having a security level higher than that of the first storage area.
- Each of the m content key information includes a content key used for encrypting and decrypting the content.
- the domain key information includes a domain key used for encrypting and decrypting m pieces of content key information.
- the generation method includes steps (A) to (E).
- step (A) the data generation unit encrypts each of the m pieces of content key information using the domain key.
- step (B) the data generation unit performs a first operation on each of the m content key information encrypted in step (A) to generate m first data.
- step (C) the data generation unit performs a second operation on the concatenated data including the m first data generated in step) to generate second data.
- step (D) the data generation unit adds the second data generated in step (C) to the domain key information as overall verification data.
- step (E) the data writing unit writes the m pieces of first data as m pieces of partial inspection data in the first storage area.
- the data writing unit writes the m encrypted content key information in the first storage area, and writes the domain key information in the second storage area.
- the key information is updated by the host device.
- the key information is detected for tampering.
- the host device includes a data updating unit and a data writing unit.
- the data updating unit adds new content key information to the key information and updates the key information.
- the data writing unit writes the key information updated by the data updating unit to the target device.
- the target device includes a first storage area and a second storage area having a higher security level than the first storage area.
- the key information includes domain key information and m pieces of content key information.
- Each of the m pieces of content key information includes a content key used for encrypting and decrypting the content, and first data corresponding to partial inspection data used for falsification detection processing.
- the domain key information includes a domain key used for encrypting and decrypting the m pieces of content key information and data for overall inspection.
- Each of the m pieces of content key information is encrypted.
- the update method includes steps (A) to (E).
- step (A) the data updating unit adds the first data to the new content key information, and performs chain encryption on the content key information using the domain key.
- step (B) the data updating unit extracts the first key data of the content key information encrypted in step (A) in an encrypted state.
- step (C) the data updating unit applies to the concatenated data including the first data extracted in step (B) and the first data included in each of the m pieces of encrypted content key information. Execute the specified operation to generate the second data.
- step (D) the data updating unit rewrites the entire inspection data included in the domain key information with the second data generated in step (C).
- step (E) the data writing unit performs the encrypted content key information and the encrypted new key information. The content key information is written in the first storage area, and the domain key information is written in the second storage area.
- the key information update method when the key information is updated, it is not necessary to perform predetermined processing on the entire key information. Therefore, it is possible to reduce the processing amount when updating the key information.
- the updated key information all of the data used for falsification detection processing is not stored in the specified area (secondary storage area with a relatively high security level). Data is stored in a predetermined area. Thereby, the amount of data stored in the predetermined area can be reduced. Further, when falsification detection processing is executed for the updated key information, it is not necessary to perform processing on the entire key information, so that the amount of processing when falsification is detected can be reduced.
- the key information is updated by the host device. Key information is detected for tampering.
- the host device includes a data updating unit and a data writing unit.
- the data updating unit adds new content key information to the key information and updates the key information.
- the data writing unit writes the key information updated by the data updating unit to the target device.
- the target device includes a first storage area and a second storage area having a higher security level than the first storage area.
- the key information includes domain key information, m pieces of content key information, m pieces of encrypted first data, and second data. Each of the m pieces of content key information includes a content key used for encrypting and decrypting the content, and first data corresponding to partial inspection data used for falsification detection processing. Including.
- the domain key information includes a domain key used for encrypting and decrypting m pieces of content key information, and whole inspection data. Each of the m pieces of content key information is encrypted.
- the update method includes steps (A) to (E).
- step (A) the data updating unit adds the first data to the new content key information, and performs chain encryption on the content key information using the domain key.
- step (B) the data updating unit extracts the first data from the content key information encrypted in step (A) in an encrypted state.
- step (C) the data update unit links the concatenated data including the second data, the m encrypted first data, and the first data extracted in step (B) using the domain key. Encryption The second data is extracted from the encrypted concatenated data in an encrypted state.
- step (D) the data updating unit rewrites the entire inspection data included in the domain key information with the second data extracted in step (C).
- step (E) the data writing unit writes (m + 1) pieces of first data included in the concatenated data encrypted in step (C) to the first storage area.
- step (E) the data writing unit writes the m pieces of encrypted content key information and the new encrypted content key information to the first storage area, and the domain key Write information to the second storage area.
- the key information is updated by the host device. Key information is detected for tampering.
- the host device includes a data updating unit and a data writing unit.
- the data updating unit adds new content key information to the key information and updates the key information.
- the data writing unit writes the key information updated by the data updating unit to the target device.
- the target device includes a first storage area and a second storage area having a higher security level than the first storage area.
- the key information includes domain key information, m pieces of content key information, and m pieces of partial inspection data. Each of the m content key information includes a content key used to encrypt and decrypt the content.
- the domain key information includes a domain key used for encrypting and decrypting m pieces of content key information, and data for overall inspection.
- the update method includes steps (A) to (E).
- step (A) the data updating unit encrypts new content key information.
- step (B) the data updating unit executes the first calculation on the new content key encrypted in step (A) to generate first data.
- step (C) the data updating unit performs a second operation on the concatenated data including the m pieces of partial inspection data and the first data generated in step (B) to obtain the second data. Generate.
- step (D) the data updating unit rewrites the entire inspection data included in the domain key information with the second data generated in step (C).
- step (E) the data writing unit writes m partial inspection data and the first data as (m + 1) partial inspection data in the first storage area.
- step (E) the data writing unit The content key information and the new encrypted content key information are written in the first storage area, and the domain key information is written in the second storage area.
- the key information is updated by the host device. Key information is detected for tampering.
- the host device includes a data updating unit and a data writing unit.
- the data updating unit deletes any one piece of content key information from the key information that can detect the presence or absence of falsification, and updates the key information.
- the data writing unit writes the key information updated by the data updating unit to the target device.
- the target device includes a first storage area and a second storage area having a higher security level than the first storage area.
- the key information includes domain key information and m pieces of content key information. Each of the m pieces of content key information includes a content key used for encrypting and decrypting the content, and a first data corresponding to partial inspection data used for falsification detection processing.
- the domain key information includes a domain key used for encrypting and decrypting the m pieces of content key information, and overall inspection data. Each of the m pieces of content key information is encrypted.
- the updating method includes steps (A) to (E). In step (A), the data updating unit deletes one of the m encrypted content key information. In step (B), the data updating unit encrypts the first data included in each of the (m-1) encrypted content key information that has not been deleted in step (A). Extract as is. In step (C), the data updating unit performs a predetermined operation on the concatenated data including the (m ⁇ 1) pieces of first data extracted in step) to generate second data.
- step (D) the data updating unit rewrites the entire inspection data included in the domain key information with the second data generated in step (C).
- step (E) the data writing unit writes the (m ⁇ 1) pieces of encrypted content key information in the first storage area, and writes the domain key information in the second storage area.
- the key information is updated by the host device.
- Key information is detected for tampering.
- the host device includes a data updating unit and a data writing unit.
- the data updating unit deletes any one piece of content key information from the key information that can detect the presence or absence of tampering, and updates the key information.
- the target device is O
- the key information includes domain key information, m pieces of content key information, and m pieces of encrypted first pieces of information, including a first storage area and a second storage area having a higher security level than the first storage area. Data and second data.
- Each of the m pieces of content key information includes a content key used for encrypting and decrypting the content, and first data corresponding to partial inspection data used for falsification detection processing. .
- the domain key information includes a domain key used for encrypting and decrypting m pieces of content key information and data for overall inspection.
- the m encrypted first data has a one-to-one correspondence with the m content key information.
- Each of the m pieces of content key information is encrypted.
- the updating method includes steps (A) to (E).
- step (A) the data updating unit deletes one of the m pieces of content key information.
- step (B) the data updater encrypts the first data contained in each of the (m-1) encrypted content key information that was not deleted in step (A). Extract as is.
- step (C) the data updating unit deletes the first data corresponding to the content key information deleted in step (A) from the m encrypted first data.
- step (C) the data updating unit uses the domain key to generate the concatenated data including the second data and the (m-1) encrypted first data that has not been deleted in step (B).
- a chain cipher is used to extract the second data of the encrypted concatenated data as it is.
- step (D) the data updating unit rewrites the entire inspection data included in the domain key information with the second data extracted in step (C).
- step (E) the data writing unit writes (m ⁇ 1) pieces of first data included in the concatenated data encrypted in step (C) to the first storage area.
- step (E) the data writing unit writes the (m ⁇ 1) pieces of encrypted content key information in the first storage area, and writes the domain key information in the second storage area.
- the key information is updated by the host device. Key information is detected for tampering.
- the host device includes a data updating unit and a data writing unit.
- the data updating unit deletes any one piece of content key information from the key information that can detect the presence or absence of falsification, and updates the key information.
- the target device includes a first storage area and a second storage area having a higher security level than the first storage area.
- the key information includes domain key information, m pieces of content key information, and m pieces of partial inspection data. Each of the m pieces of content key information includes a content key used for encrypting and decrypting the content.
- the domain key information includes a domain key used for encrypting and decrypting m pieces of content key information, and data for overall inspection.
- the m partial inspection data correspond one-to-one with the m content key information.
- Each of the m pieces of content key information is encrypted.
- the updating method includes steps (A) to (E).
- step (A) the data updater deletes one of the m encrypted content key information.
- step (B) the data updating unit deletes the partial inspection data corresponding to the content key information deleted in step (A) from the m partial inspection data.
- step (C) the data updating unit performs the second operation on the concatenated data including the (m-1) partial inspection data that has not been deleted in step (B), and the second data Is generated.
- step (D) the entire data for inspection contained in the data update domain key information is rewritten with the second data generated in step (C).
- step (E) the data writing unit writes (m ⁇ 1) pieces of partial inspection data that were not deleted in step) to the first storage area.
- step (E) the data writing unit writes the (m-1) encrypted content key information in the first storage area, and the domain key information in the second storage area. Write.
- the host device detects whether or not the key information stored in the target device is falsified.
- the key information includes domain key information and m pieces of content key information (m is a natural number).
- Each of the m pieces of content key information includes a content key used for encrypting and decrypting the content, and first data corresponding to partial inspection data used for falsification detection processing.
- the domain key information includes a domain key used for encrypting and decrypting m pieces of content keys, and overall inspection data.
- Each of the m pieces of content key information is encrypted.
- the detection method includes steps (A) to (E).
- step (A) any one of m encrypted content key information is chain-decrypted using a domain key, and the first data is extracted from the decrypted content key information. Extract.
- step (B) the first data extracted in step (A) is compared with the partial inspection data prepared in advance.
- step (C) the first data is extracted from each of the m pieces of content key information in an encrypted state, and the extracted concatenated data including the m pieces of first data is predetermined. Perform the operation to generate the second data.
- step (D) the second data generated in step (C) is compared with the overall inspection data included in the domain key information.
- step (E) if the first data and the partial inspection data match in step (B) and the second data and the whole inspection data match in step (D), Judge that the key information has not been tampered with.
- the host device detects whether or not the key information stored in the target device is falsified.
- the key information includes domain key information, m pieces of content key information, m pieces of encrypted first data, and second data.
- Each of the m pieces of content key information includes a content key used for encrypting and decrypting the content, and first data corresponding to partial inspection data used for falsification detection processing.
- the domain key information includes a domain key used for encrypting and decrypting m pieces of content keys, and overall inspection data.
- Each of the m pieces of content key information is encrypted.
- the detection method includes steps (A) to (E).
- step (A) any one of the m encrypted content key information is chain-decrypted using the domain key, and the first data is obtained from the middle of the decrypted content key information. Extract.
- step (B) the first data extracted in step (A) is compared with the partial inspection data prepared in advance.
- step (C) the domain key is converted into the concatenated data including the whole inspection data included in the domain key information and the m encrypted first data. Using this, chain decoding is performed, and the entire inspection data is extracted from the decoded linked data.
- step (D) the second data is compared with the whole examination data extracted in step (C).
- step (E) if the first data matches the partial inspection data in step), and the second data and the whole inspection data match in step (D), the key information is falsified. Judged to be obscene.
- the host device detects whether or not the key information stored in the target device is falsified.
- the key information includes domain key information, m pieces of content key information, and m pieces of partial inspection data.
- Each of the m content key information includes a content key used for encrypting and decrypting the content.
- the domain key information includes a domain key used for encrypting and decrypting m pieces of content keys, and overall inspection data.
- the m pieces of partial inspection data correspond one-to-one with the m pieces of content key information.
- Each of the m pieces of content key information is encrypted.
- the detection method includes steps (A) to (E).
- step (A) a first operation is performed on any one of the m pieces of encrypted content key information to generate first data.
- step (B) the first data generated in step (A) and the partial inspection data corresponding to the content key information for which the first calculation was performed in step (A) among the m partial inspection data And compare.
- step (C) the second operation is performed on the concatenated data including the m pieces of partial detection data to generate the second data.
- step (D) the second data generated in step (C) is compared with the overall inspection data included in the domain key information.
- step (E) if the first data and the partial inspection data match in step (B), and if the second data and the whole inspection data match in step (D), the key information is Judge that it has not been tampered with.
- the data structure of the key information includes m pieces of content key information and domain key information.
- the key information is stored in the target device.
- the key information is detected by the host device as to whether or not the key information has been tampered with.
- the target device includes a first storage area and a second storage area having a higher security level than the first storage area.
- m pieces of content key information are stored in the first storage area.
- the domain key information is stored in the second storage area.
- Each of the m pieces of content key information encrypts and decrypts the content.
- a first key corresponding to partial inspection data used for falsification detection processing by the host device.
- the domain key information includes a domain key used for encrypting and decrypting m pieces of content key information and overall inspection data used for falsification detection processing by the host device.
- Each of the m pieces of content key information is encrypted.
- the whole inspection data is extracted from each of the m encrypted content key information that has not been tampered with.
- the first data is extracted in an encrypted state, and the first m pieces of the extracted first data are encrypted. This corresponds to data obtained by executing a predetermined operation on concatenated data including data.
- the data structure of the key information includes m pieces of content key information, domain key information, m pieces of encrypted first data, and second data.
- Key information is stored in the target device.
- the key information is detected by the host device as to whether or not it has been tampered with.
- the target device includes a first storage area and a second storage area having a higher security level than the first storage area.
- m pieces of content key information, m pieces of encrypted first data, and second data are stored in the first storage area.
- the domain key information is stored in the second storage area.
- Each of the m pieces of content key information is a first corresponding to a content key used for encrypting and decrypting the content and partial inspection data used for falsification detection processing by the host device. Data.
- the domain key information includes the domain key used for encrypting and decrypting the m pieces of content key information and falsification inspection by the host device. And overall inspection data used for outgoing processing.
- the m pieces of encrypted first data correspond one-to-one with the m pieces of content key information.
- Each of the m pieces of content key information is encrypted.
- the whole inspection data is obtained by chain-ciphering the concatenated data including the unencrypted m encrypted first data and second data using the domain key, and then encrypting the concatenated data. This is equivalent to the second data extracted from the encrypted data.
- the data structure of the key information includes m pieces of content key information, domain key information, and m pieces of partial inspection data.
- the key information is stored in the target device.
- the key information is detected by the host device for tampering.
- the target device includes a first storage area and a second storage area having a higher security level than the first storage area.
- m content key information and m partial inspection data are stored in the first storage area.
- Domain key information is stored in the second storage area.
- Each of the m content key information includes a content key used for encrypting and decrypting the content.
- the domain key information includes a domain key used for encrypting and decrypting m pieces of content key information, and overall inspection data used for falsification detection processing by the host device.
- the m partial inspection data correspond one-to-one with the m content key information.
- Each of the m partial inspection data corresponds to data obtained by executing the first operation on the content key information that has not been tampered with corresponding to the partial inspection data.
- the overall inspection data corresponds to the data obtained by executing the second operation on concatenated data including m partial inspection data that has not been tampered with.
- FIG. 1 is a block diagram showing an overall configuration of a confidential information processing system according to a first embodiment of the present invention.
- FIG. 2 is a diagram showing confidential information stored in the target device according to the first embodiment of the present invention.
- FIG. 3 is a diagram for explaining the domain key encryption key Z decryption key and the content key encryption key Z decryption key.
- FIG. 4 is a diagram for explaining a procedure for generating the hash list and overall inspection data shown in FIG. 2.
- FIG. 5 is a schematic flowchart of the operation by the confidential information processing system.
- FIG. 6 is a diagram for explaining the authentication process.
- FIG. 7 is a flowchart regarding the falsification detection method according to the first embodiment of the present invention.
- FIG. 8 is a diagram for explaining a procedure for updating a hash list and overall inspection data when content key information is added.
- FIG. 9 is a diagram for explaining a procedure for updating the hash list and the entire inspection data when the content key information is deleted.
- FIG. 10 is a diagram for explaining a modification of the confidential information shown in FIG.
- FIG. 11 is a diagram for explaining a modified example of the confidential information shown in FIG.
- FIG. 12 is a diagram for explaining a chained cryptosystem.
- FIG. 13 is a block diagram showing an overall configuration of a confidential information processing system according to a second embodiment of the present invention.
- FIG. 14 is a diagram showing confidential information stored in the target device shown in FIG.
- FIG. 15 is a diagram for explaining a procedure for generating the entire inspection data shown in FIG.
- FIG. 16 is a diagram for explaining a procedure of falsification detection processing using a check value.
- FIG. 17 is a flow chart for a falsification detection method according to the second embodiment of the present invention.
- FIG. 18 is a diagram for explaining a procedure for updating the entire inspection data when content key information is added.
- FIG. 19 is a diagram for explaining a procedure for updating the entire inspection data when the content key information is deleted.
- FIG. 20 is a diagram for explaining a one-way function type hash operation (DES HASH).
- FIG. 21 is a diagram showing an algorithm for executing the hash operation shown in FIG.
- FIG. 22 is a diagram for explaining a one-way function type hash operation (C2).
- FIG. 23 is a diagram for explaining a chained cryptosystem (DES E-CBC).
- FIG. 24 is a diagram showing an algorithm for executing the chained cryptosystem shown in FIG.
- FIG. 25 is a diagram for explaining a chained cryptosystem (C2 E-CBC).
- FIG. 26 is a diagram for explaining an example of modification of the confidential information shown in FIG.
- FIG. 27 is a diagram showing confidential information stored in the target device according to the third embodiment of the present invention.
- FIG. 28 is a diagram for explaining the procedure for generating the check value list and the entire inspection data shown in FIG. 27.
- FIG. 29 is a diagram for explaining the procedure of falsification detection processing using the entire check value and the check value list.
- FIG. 30 is a diagram for explaining a procedure for updating a check value list and overall inspection data when content key information is added.
- FIG. 31 is a diagram for explaining a procedure for updating a check value list and overall inspection data when content key information is deleted.
- FIG. 32 is a diagram showing confidential information stored in a conventional target device.
- FIG. 33 is a diagram showing confidential information stored in the target device when the domain key is set.
- FIG. 34 is a diagram showing in more detail the confidential information stored in the target device.
- FIG. 1 shows the overall configuration of a confidential information processing system according to the first embodiment of the present invention.
- This confidential information processing system includes a target device 10 and a host device 11.
- the target device 10 is, for example, a portable storage device such as a memory card represented by an SD card. A device that stores data including key information.
- the host device 11 is connected to the target device 10, and reads and writes key information with the target device 10.
- the target device 10 and the host device 11 may be integrated.
- the target device 10 includes a system area 101, a protection area 102, and a normal area 103.
- the storage sizes of the system area 101, the protection area 102, and the normal area are set in advance. For example, it is ideal that about 1% of the entire storage area (for example, 512 MB) of the target device 10 is allocated to the system area 101 and the protection area 102 and the rest is allocated to the normal area 103.
- the system area 101 is divided into an area that can be accessed from the host device 11 and an area that cannot be accessed from the host device 11.
- Information necessary for authentication processing (target device authentication key) executed between the target device 10 and the host device 11 is stored in an area accessible from the host device 11 in the system area 101.
- An authentication intermediate key A obtained as a result of mutual authentication is stored in advance in an area that cannot be accessed from the host device 11 in the system area 101.
- Information to be stored in the system area 101 is written in advance at the manufacturing stage and cannot be rewritten after being shipped as a product.
- the protected area 102 is an area that can be accessed by the host device 11 only after the authentication process executed between the target device 10 and the host device 11 is successful.
- the protected area 102 stores at least one domain key information.
- the domain key information includes a domain key.
- the domain key information may include domain key management information. In the domain key management information, information for specifying a host device that can use this domain key is written.
- the normal area 103 is an area that the host device 11 can arbitrarily access.
- the normal area 103 stores a plurality of content key information and a plurality of contents.
- Each of the plurality of content key information corresponds to any one of the domain key information stored in the protected area 102.
- Each of the plurality of content key information includes a content key.
- Each of the plurality of content key information may include content key management information.
- the content key management information includes information such as the maximum number of content reproductions, the maximum number of copies, and copyright information about the content. Multiple contents correspond one-to-one with multiple content key information.
- the domain key information is encrypted using the authentication intermediate key A.
- Each of the plurality of pieces of content key information is encrypted using a corresponding domain key.
- the content is encrypted using the corresponding content key.
- the host device 11 includes an internal bus 111, a target IZF unit 112, a confidential information processing unit 113, a host I / F unit 114, a host CPU 115, a ROM 116, and a RAMI 17.
- the target HZF unit 112 inputs / outputs data to / from the target device 10.
- the confidential information processing unit 113 performs authentication with the target device 10 according to a predetermined sequence.
- the confidential information processing unit 113 performs encryption key Z decryption of confidential information stored in the target device 10.
- the host IZF unit 114 inputs / outputs data with the target IZF unit 112, with the confidential information processing unit 113, and with the host CPU 115.
- the host CPU 115 causes the confidential information processing unit 113 to execute a predetermined sequence.
- the ROM 116 stores a host device authentication key.
- the RAMI 17 is used as a work area for temporarily storing data in the host CPU 115 and the confidential information processing unit 113.
- the confidential information processing unit 113 When reading confidential information Z is performed between the target device 10 and the host device 11, it is necessary to perform authentication between the target device 10 and the host device 11.
- the confidential information processing unit 113 is activated by the host CPU 115, and the confidential information processing unit 113 performs an authentication process. If the authentication is successful, the host device 11 reads the confidential information from the target device 10 via the target IZF unit 112 and decrypts it by the confidential information processing unit 113.
- the confidential information processing unit 113 is concealed hardware. Further, when the confidential information processing unit 113 is activated by the host CPU 115, the security information processing unit 113 or the security information processing unit 113 is secured. Only a predetermined sequence that requires less utility is executed.
- the normal area 103 stores a key-corresponding tape address Address List, a content key group TKURE (i), and a hash list Hash List (i). It should be noted that encrypted content is also stored in the normal area 103, but is omitted in FIG.
- the domain key group UKURE consists of n encryption domain keys EncKu (l) to Enc Ku (n) and n encryption domain key management information EncUR [u] (l) to EncUR [u] (n).
- Each of the encryption domain keys EncKu (l) to EncKu (n) is associated with a plurality of encrypted content keys (one content key group). Also, as shown in FIG. 3, the encryption key keys En cKu (l) to EncKu (n) are decrypted using the authentication intermediate key A, so that the domain keys Ku (l) to Ku ( n). Each of the domain keys Ku (l) to Ku (n) is used for encryption / decryption of a plurality of content keys associated therewith. That is, one domain key can be used for encryption, and a plurality of content keys can be encrypted or decrypted.
- the encryption domain key management information EncUR [u] (l) to EncUR [u] (n) has a one-to-one correspondence with the encryption domain keys EncKu (l) to EncKu (n). Also, as shown in FIG. 3, the encryption key domain key management information EncUR [u] (l) to EncUR [u] (n) is decrypted using the authentication intermediate key A, so that the domain Key management information UR [u] (l) to UR [u] (n). Further, the entire inspection data is stored at predetermined positions of the encryption domain key management information EncUR [u] (l) to EncUR [u] (n). The whole inspection data is generated based on a content key group corresponding to the encryption key domain key management information.
- the i-th encryption key key management information EncURMG) (i is an integer and 1 ⁇ i ⁇ n ) Stores the entire inspection data DATAll (i) generated based on the content key group TKURE (i).
- the content key group TKURE (i) is a set of content keys that can be encrypted / decrypted using the domain key Ku (i) and a blueprint associated with the content key.
- the content key group TKURE (i) consists of m (m is an integer of 1 or more) encrypted content keys EncKt (i-l) to EncK t (im), and m encrypted content key management information EncUR [t] (i-l) to EncUR [t] (im) are included.
- the encrypted content keys EncKtG-l) to EncKt (im) are decrypted by using the domain key Ku (i), so that the content keys Kt (il) to Kt (im).
- Each of the content keys Kt (i-l) to Kt (i-m) is used for encrypting and decrypting content (not shown) corresponding to the content key Kt (i-l) to Kt (i-m).
- the encrypted content key management information EncUR [t] (i-l) to EncUR [t] (im) has a one-to-one correspondence with the encrypted content keys EncKt (i-l) to EncKt (i-m). Also, as shown in FIG. 3, the encrypted content key management information EncUR [t] (i-l) to EncUR [t] (im) are decrypted using the domain key Ku (i). Accordingly, the content key management information becomes UR [t] Gl) to UR [t] Gm).
- the key correspondence table Address List includes n encryption domain key addresses Ku addr (l) to Ku addr (n) and n content key tables Kt addr list (l) to Kt addr list (n). It is associated.
- Each of the n content key tables has a one-to-one correspondence with n content groups (only the content key group TKURE (i) is illustrated in FIG. 2).
- the address of the encrypted content key included in the corresponding content key group is written.
- the content key group TKURE (i) (corresponding to the domain key Ku (i) by referring to the content key tape Kt addr list (i) corresponding to the address Ku addr (0 corresponding to the address of the domain key Ku (i) Specifically, the encrypted content keys EncKtG-l) to EncKt (im)) can be searched.
- the key management table Address List the correspondence between the domain key and the content key can be quickly searched.
- the hash list Hash List (i) corresponds to the content key group TKURE (i). Also, nossyuri
- the list Hash List (i) includes m hash values Hash (i-l) to Hash (im).
- the hash values Hash (i-l) to Hash (im) correspond one-to-one with the encrypted content keys EncKtGl) to EncKt (im).
- FIG. 2 only the hash list Hash List (i) corresponding to the content key group TKURE (i) is shown, but each content key group (not shown) other than the content key group TKURE (i) is shown. There may be a hash list corresponding to.
- the encrypted content key EncKtG-1) and the encrypted content key management information EncUR [t] (i-1) are concatenated into one.
- the encrypted content keys EncKt (i-2) to EncKt (im) are one. Connected to As a result, m pieces of concatenated data are generated.
- Step ST101-4 First, m hash values Hash (i-l) to Hash (im) existing in the hash list Hash List (i) are concatenated into one. As a result, one hash concatenated data is generated.
- the concatenated hash value Hash (i) calculated in step ST101-5 is stored in a predetermined position of the entire verification data DATA11 (0 as encryption key domain key management information EncUR [u] (i).
- the encryption key management information EncUR [u] (i) corresponds to the hash list Hash List (i).
- the encryption key domain management information EncURMG when the encryption key domain management information EncURMG is updated (for example, when new content key information is associated with the existing encryption key domain key EncKu (i), If the content key information associated with the encryption key domain key EncKu (i) has been deleted), the encryption key management key (EncURMG) will return the concatenated hash value Hash (i). Before being stored, it is decrypted and becomes domain key management information UR [u] (i). When the concatenated hash value HashG) is stored in the domain key management information UR [u] (i), the domain key management information UR [u] (i) is encrypted and encrypted. Return to Information (EncURMG). In this way, the entire inspection data DATA11 (0 is updated.
- the system of the target device 10 is The authentication key for the target device stored in the system area 101 is read.
- the host device 11 executes an authentication process using the target device authentication key read from the target device 10 and the host device authentication key that the host device 11 has.
- the host device 11 determines that the access is unauthorized and executes abnormal termination. On the other hand, if the host device 11 succeeds in authentication, the process proceeds to step ST14.
- the host device 11 generates an authentication intermediate key based on the target device authentication key read from the target device 10 and the host device authentication key that the host device 11 has.
- the generated authentication intermediate key is stored in the authentication intermediate key storage area in the confidential information processing unit 113. As a result, the preparation for the subsequent exchange between the target device 10 and the host device 11 is completed.
- the host device 11 determines whether or not a user or the like is required to decrypt the encrypted content stored in the target device 10. If it is determined that it is required, the process proceeds to step ST16.
- the host device 11 reads out confidential information (encrypted content key, encrypted domain key, and information associated therewith) necessary for decrypting the encrypted content from the target device 10. Specifically, the host device 11 first extracts a content ID from an information card attached to the encrypted content, and based on the content ID, the content key required for decrypting the encrypted content is obtained. Is identified. The correspondence between content ID and content key is prepared as a table. Next, the host device 11 refers to the key correspondence table stored in the normal area 103 in the target device 10 based on the identified content key, and identifies the necessary domain key. When the content key and domain key are specified, the necessary key information is read out. [0084] [Step ST17]
- the host device 11 decrypts the encrypted domain key read out in step ST16 using the authentication intermediate key generated in step ST14. This generates a plaintext domain key.
- the host device 11 performs a tampering check on the encrypted content key read in step ST16.
- the host device 11 determines that it is an unauthorized access and executes abnormal termination. On the other hand, if no alteration of the encryption key is detected, the process proceeds to step ST20.
- the host device 11 uses the domain key generated in step ST17 to decrypt the encryption key content key. As a result, the host device 11 acquires a plaintext content key.
- the host device 11 decrypts the encrypted content using the plaintext content key acquired in step ST20. Thereby, the content can be used.
- the host device 11 reads the target device authentication key stored in the system area 101 of the target device 10.
- the host device 11 reads the host device authentication key stored in the ROM 116.
- the host device 11 is based on the target device authentication key and the host device authentication key.
- Authentication intermediate key A Specifically, the host device 11 generates the authentication intermediate key A by multiplying the target device authentication key and the host device authentication key.
- each of the host device 11 and the target device 10 generates a predetermined function (for example, a random number) individually and exchanges the generated predetermined functions with each other.
- a predetermined function for example, a random number
- the host device 11 performs the predetermined function generated in the host device 11 and the predetermined device generated in the target device 10 in step ST34.
- the authentication intermediate key B is generated by multiplying the functions.
- the target device 10 (specifically, a processing unit (not shown) in the target device 10) reads the authentication intermediate key A stored in the system area 101, and performs step ST34 on the read authentication intermediate key A. Then, the authentication intermediate key B is generated by multiplying the predetermined function generated by the target device 10 and the host device 11 by the predetermined function generated.
- the target device 10 encrypts the encryption key information stored in the protection area 102 (here, the encryption key key EncKu (i), the encryption key key management information EncUR [u] (i)). And the encrypted domain key information read out is encrypted using the authentication intermediate key B generated in step ST36.
- the target device 10 sends the encrypted domain key information to the host device 10.
- the host device 11 decrypts the domain key information sent from the target device 10 using the authentication intermediate key B generated in step ST34.
- the host device 11 uses the authentication intermediate key A generated in step ST33.
- the domain key information decrypted in step ST39 is further decrypted.
- domain key information in this case, domain key Ku (i), domain key management information UR [u] (i)
- domain key information in this case, domain key Ku (i), domain key management information UR [u] (i)
- the domain key information is exchanged between the target device 10 and the host device 11, the domain key information is encrypted twice using the authentication intermediate key A and the authentication intermediate key B. Be deceived.
- the host device 11 is the content key KtG- of the j-th content key (j is an integer and l ⁇ j ⁇ m) among the content keys KtG-l) to KtG-m) corresponding to the domain key Ku (i). j) is subject to falsification detection.
- the host device 11 concatenates the encrypted content key EncKt (i-j) and the accompanying encrypted content key management information EncUR [t] (i-j). As a result, one piece of concatenated data is generated.
- the host device 11 performs a hash operation on the concatenated data generated in step ST102-1, and calculates a hash value Hash (i-j).
- the host device 11 uses the hash value Hash (i-j) calculated in step ST102-2 and the hash value HashG- in the hash list Hash List (i) stored in the normal area 103 of the target device 10. Compare j).
- step ST102-3 As a result of the comparison in step ST102-3, it is determined that the hash value Hash (ij) calculated in step ST102-2 and the hash value Hash (ij) of the hash list Hash List (i) do not match. Then, the host device 11 determines that the encrypted content key EncKt (H) or the encrypted content key management information EncUR [t] Gj) has been tampered with, and executes abnormal termination. On the other hand, if it is determined that they match, the process proceeds to step ST102-5. [0106] [Step ST102-5]
- the host device 11 removes the hash value Hash (ij) corresponding to the content key Kt (ij) from the hash list Hash List (i) stored in the target device 10 and obtains (m ⁇ 1) items.
- Hash (i- (j + l) to Hash (im) are obtained.
- En Domain key EncKu (i) corresponding to the encryption key ⁇ Content key EncKtG-1) to EncKt (im) (m-1) encrypted content keys other than the encrypted content key EncKt (ij)
- the host device 11 does not execute the no-shash operation, and the host device 11 then compares the hash value Hash (Hj-l)) and the hash value Hash (ij ),
- the hash value Hash (ij) calculated in step ST102-2 is placed between the hash value Hash (i- (j + l)) immediately after).
- Hash (i- l) ⁇ Hash (iO '-D), Hash (ij), Hash (i- (j + l) to Hash (im) are concatenated into one, which generates hash concatenated data. Then, out of the m hash values Hash (i-l) to Hash (i-m) existing in the hash list Hash List (i), the hash value Hash (i-j) is transferred to step ST102-2! / The hash value Hash (i-j) calculated in this way is replaced with!
- the hash list Hash List ( i) may be concatenated to generate hash concatenated data.
- the host device 11 further performs a hash operation on the hash concatenated data generated in Step ST102-5 to calculate a concatenated hash value Hash (i). Then go to step ST102-9.
- the host device 11 refers to the key correspondence table Address List and detects the encryption key domain key EncKu (i) necessary for decryption of the encryption content key EncKt (i-j). Then, the host device 11 uses the authentication intermediate key A to decrypt the detected encrypted domain key EncKu (i) and encrypted domain key management information EncURMG). As a result, the domain key Ku (i) and the domain key management information UR [u] (i) are generated.
- Step ST102-8 Next, the host device 11 extracts the entire inspection data DATA11 (0 stored in the predetermined bit position from the domain key management information UR [u] (i). Next, go to step ST102-9. move on.
- the host device 11 compares the concatenated hash value Hash (i) calculated in step ST102-6 with the overall inspection data DATA11 (0) extracted in step ST102-8.
- step ST102-9 if it is determined that the concatenated hash value Hash (i) calculated in step ST102-6 and the overall inspection data DATA11 (0 extracted in step ST102-8 do not match, the host The device 11 determines that the hash list Hash List (i) has been tampered with, and performs abnormal termination, whereas if it is determined that the two match, the process proceeds to step ST20.
- content keys may be added or deleted by distribution via the network.
- the node list, hash list Hash List (i), and overall inspection data DATA11 (0) are updated.
- the encrypted content key information including the encrypted content key EncKt (i-a) and the encrypted content key management information EncUR [t] (ia) is added.
- the content key information including the content key Kt (ia) and the content key management information UR [t] (ia) is encrypted using the domain key Ku (i). Generated by.
- the encrypted content key information including the encrypted content key EncKt (i-2) and the encrypted content key management information EncUR [t] (i-2) is deleted.
- the hash value Hash (i-2) corresponding to the deleted encrypted content key EncKt (i-2) among the encrypted content keys EncKt (il) to EncKt (im) is stored in the hash list Hash List (i ) Middle power is deleted.
- a hash operation is performed on the concatenated data generated in step ST104-2 to generate a new concatenated hash value Has h (i ").
- the calculated new concatenated hash value HashG ") is stored at a predetermined position in the new global inspection data DATA11 (0 as encryption key domain key management information EncUR [u] (i).
- a hash operation on one content key information and a hash operation on concatenated data consisting of m hash values existing in the node list are executed. Is done. In this way, since it is not necessary to perform a hash operation on the entire content key group TKURE (i), the amount of processing in the falsification detection process can be reduced.
- each hash value of m encrypted content key information is calculated, and then one whole inspection data is calculated from the m hash values. Is generated. In this way, data used for falsification detection processing (hash list, overall inspection data) is generated in multiple stages. Then, the final inspection data (entire inspection data) is stored in the protection area. In this way, the amount of data stored in the protected area can be reduced.
- the added content key information power also calculates a new hash value, and the calculated hash value and m hash values in the hash list are calculated. A new whole inspection data is generated. When the content key information is deleted, the node list is updated and new whole inspection data is generated from the updated hash list. In this way, since it is not necessary to perform a hash operation on the entire content key group TKURE (i), the amount of processing when updating confidential information can be reduced. Togashi.
- an area in which the content key is stored is reserved in advance in the form of an entry.
- Each entry is associated with one of a plurality of domain keys. That is, each domain key is associated with a plurality of entries.
- the encrypted content key stored in the entry can be decrypted with the domain key associated with the entry.
- there is a concept of a hash list that summarizes the hash values corresponding to each entry. That is, regardless of whether or not the content key is actually stored, the hash values for all entries associated with the same domain key may be stored in the normal area 103 as a nose list.
- the hash values of all entries associated with the same domain key are concatenated into one, a hash operation is performed on the concatenated data, and a hash value is calculated.
- a hash list is generated by performing a hash operation only on the entry where the content key is actually stored, and a hash operation is performed on the concatenation of the hash values of the hash list. It is preferable to store the calculated hash value in the domain key management information.
- m additional information info (il) to info (im) has a one-to-one correspondence with m encrypted content keys EncKt (i-l) to EncKt (im). It's okay to be attached.
- Each of the m pieces of additional information infoG-l) to infoG-m) is not encrypted and stores information with relatively low confidentiality (for example, song title).
- the additional information may be the target of the hash calculation. For example, by performing a hash operation on concatenated data that also has additional information info (ij), encrypted key content key EncKt (ij), and encrypted key content key management information EncUR [t] ('). , No, or the hash value Hash (i -j) may be calculated.
- the encrypted content is not necessarily stored in the same target device as the target device that stores the encrypted content key, but may be stored in a separate recording medium. good. In that case, the host device acquires the encryption key content stored in the other recording medium via a network or the like, and the content key whose validity is guaranteed by the falsification check method of this embodiment. The encrypted content is decrypted using.
- a set of content keys decrypted with the same domain key (one hash list Hash List (i) is provided for the content key group TKURE (O))
- P subset hash lists (P is an integer of 2 or more) and one whole set hash list for one content key group.
- the subset hash list and the entire set hash list will be described by taking the content key group TKURE (i) as an example with reference to Fig. 11.
- decryption can be performed using the domain key Ku (i).
- Multiple encrypted key content keys are P parts (P is an integer of 2 or more) Divided into subsets, P subsets with P subset hashes Strike Hash ListG - Grl) ⁇ Hash ListG- GrP) is a one-to-one correspondence.
- the subset of the j-th content key Kt (i-j) force up to the k-th (k is an integer, and j ⁇ k ⁇ m) content key Kt (iK) includes a subset hash list Hash List ( GrJ) corresponds to Ci, which is an integer and 1 ⁇ J ⁇ P).
- the subset hash list Hash List (i-GrJ) includes (k ⁇ j) hash values Hash (i ⁇ j) to Has h (i ⁇ k). Further, the subset hash lists Hash List (i-Grl) to Hash List (i-GrP) are associated with the whole set hash list Hash List G-ALL).
- Hash List (i-ALL) is a P subset hash value Hash (Hash (1) corresponding to P subset hash lists Hash List (i-Grl) to Hash List (i-GrP). i-Grl) to Hash (i-GrP).
- the whole hash value ALL Hash (i) is generated based on the whole set hash list Hash List (i-ALL).
- the entire hash value ALL Hash (i) is stored in the encryption domain key management information EncURMG) as the entire inspection data ALL DATAll (i).
- the concatenated data key consisting of the encrypted content key EncKt (ij) and the encrypted content key management information EncUR [t] (ij) Hash operation (hash operation 1), hash operation (hash operation 2) for subset hash list G-GrJ) corresponding to the subset to which the content key Kt (ij) belongs, and whole hash list Hash List (i -ALL) will perform hash operation (Nosh operation 3).
- the total processing amount of the Noh, Shush operation 2 and Hash operation 3 is smaller than the processing amount in the processing shown in FIG. Therefore, further increase in processing speed can be expected.
- the content key and the content key management information are encrypted and decrypted by the concatenated encryption method (chained encryption and chained decryption).
- the encryption key is the content key Kt (i-j) and the content key management information UR [t] (i-j).
- the content key Kt (ij) and the content key management information UR [t] (ij) are concatenated into one, and then the leading force is also divided in units of 8 bytes in order to obtain “data 1”, “data 2”. ", ⁇ , "data
- X (X is an integer greater than or equal to 2). Needless to say, it can be divided arbitrarily, not 8 bytes.
- the set of ') is also divided into 8 bytes in order and becomes “encrypted data 1”, “encrypted data 2”, ..., “encrypted data X”.
- “encrypted data 1” is decrypted using the domain key Ku (i) to become “data 1”.
- “encrypted data 2” is decrypted using the decryption result of “encrypted data 1” to become “data 2”.
- the first 8 bytes of “encryption data 1” is decrypted using the domain key Ku (i).
- Each of the second and subsequent encrypted data is sequentially decrypted using the result of the decryption for the previous encrypted data.
- FIG. 13 shows the overall configuration of a confidential information processing system according to the second embodiment of the present invention.
- the ROM 116 further stores partial inspection data DATA21.
- FIG. 14 shows confidential information stored in the target device 10 shown in FIG.
- the domain key group UKURE is stored in the protected area 102.
- the normal area 103 stores a key correspondence table Address List and a content key group TKURE (i). Note that the encrypted content is also stored in the normal area 103, but it is omitted in FIG.
- the domain key group UKURE consists of n encrypted domain keys EncKu (l) to EncKu (n) and n encrypted domain key management information En C UR [u] (l) to E nc UR [u] ( n ).
- the entire inspection data is stored in predetermined positions of the encryption domain key management information EncUR [u] (l) to EncUR [u] (n).
- the whole inspection data is generated based on the content key group corresponding to the encryption key domain key management information. For example, the entire inspection data DATA22G) generated based on the content key group TKURE (i) is stored in a predetermined position of the encryption domain key management information EncUR [u] (i). .
- the content key group TKURE (i) includes m encrypted check values EncCheck (i-l) to EncCheck (i-m) in addition to the content key group TKURE (i) shown in FIG.
- the encryption check values EncHeck (i-l) to EncCheck (im) correspond one-to-one with the encrypted content keys EncKt (i-l) to EncKt (im).
- Each of the check values Check (i-l) to Check (i-m) in the plaintext state corresponds to partial inspection data DATA21 stored in the ROM 116 of the host device 11.
- the key correspondence table Address List is the same as the key correspondence table Address List shown in FIG.
- the content key Kt (i-j) and the content key management information UR [t] (i-j) are concatenated.
- a check value Check (i-j) is embedded at a predetermined position of the concatenated data composed of the content key Kt (i-j) and the content key management information UR [t] (i-j).
- a check value is embedded in the LSB.
- the concatenated data power encryption with the check value Check (H) embedded is encrypted.
- the encrypted concatenated data is converted into an encrypted content key EncKt (ij), encrypted content key management information EncUR [t] (ij), and an encrypted key check value EncCheck (ij).
- the content key, content key management information, and check value are encrypted.
- the position where the check value is embedded can be specified by a designated byte instead of the fixed position, the position where the check value is embedded can be concealed, and security is improved.
- each of the encrypted content key management information EncUR [t] (i-l) to EncUR [t] (im) is connected to the subsequent stage of the corresponding encrypted content key
- Each of the encryption check values EncCheckG-l) to EncCheck (im) is assumed to be linked to the subsequent stage of the corresponding encrypted content key management information.
- Each of the encryption key check values EncCheck (i-l) to EncCheck (im) is assumed to be 8-byte data.
- the medium key m encryption check values (EncCheckG-l) to EncCheck (im) are extracted from the content key group TKURE (i). For example, a predetermined position from a set of an encrypted content key EncKt (ij) and accompanying information (encrypted content key management information EncUR [t] (ij) and an encryption check value EncCheck (ij)) Data (here, 8-byte data existing immediately after the encrypted content key management information EncUR [t] (ij)) is extracted. As a result, the encryption key check value EncCheck (ij) is extracted. Such extraction process Are executed for each of the encrypted content keys EncKt (il) to EncKt (im), so that m encryption check values EncCheck (i-l) to EncCheck (im) are extracted. Is done.
- step ST201-2 a hash operation is performed on the check value concatenated data generated. As a result, a chain hash value Chain Hash (i) is calculated.
- step ST201-3 the chain hash value Chain Hash (i) calculated in step ST201-3 is stored as a whole inspection data DATA22G) at a predetermined position of the encryption domain key management information EncURMG).
- the encryption domain key management information EncUR [u] (i) is the chain hash value Chain Hash (i ) Before being stored, it is decrypted into domain key management information UR [u] (i).
- the chain hash value Chain Hash (i) is stored in the domain key management information UR [u] (i)
- the domain key management information UR [u] (i) is encrypted and encrypted. ⁇ Return to domain key management information EncUR [u] (i). In this way, the overall inspection data DATA22G) is updated.
- the check value does not have to be 8 bytes, but an arbitrary number of bytes.
- the encrypted content key EncKtG-j), the encrypted content key management information EncUR [t] G-j), and the encrypted key check value EncCheck (i-j) are combined into one. As a result, one piece of concatenated data is generated.
- the concatenated data is decrypted by a chain encryption method.
- the content key is decrypted by a chain encryption method.
- Kt (i-j), content key management information UR [t] (i-j), and check value Check (i-j) Connected data is generated.
- This concatenated data has a structure in which a check value Check (i-j) is embedded at a predetermined position.
- the content data KtG-j), content key management information UR [t] (ij), and the check value Check (ij) are the intermediate powers of the concatenated data according to the specified byte (information indicating the predetermined bit position).
- a check value Check (ij) is extracted.
- step ST202-3 the check value Check (ij) extracted at! / In step ST202-3 is compared with the partial inspection data DATA21 stored in the ROM 116 of the host device 11.
- each of the content keys Kt (il) to Kt (im) is! /, The intermediate value of the decrypted concatenated data, and the partial check stored in the ROM 116. The legitimacy of the content key is verified by comparing the data.
- the check value is preferably added immediately after the content key management information.
- the LSB of the concatenated data is preferably a check value.
- the validity of the entire data to be decrypted can be verified by checking the LSB.
- the falsification detection method processing in step ST22 in FIG. 5 in the confidential information processing system shown in FIG. 13 will be described.
- the domain key Ku (i) The corresponding content key Kt (ij) is targeted for falsification detection.
- the check value Check (ij) is 8-byte data added immediately after the content key management information UR [t] Gj).
- the host device 11 decrypts the encrypted content key EncKt (i-j), the encrypted content key management information EncUR [t] (ij), and the encryption check value EncCheckG-j). Since these are encrypted as one piece of concatenated data by the above-mentioned chain cipher, the concatenated data is decrypted in order from the MSB (first 8 bytes).
- the host device 11 decrypts the concatenated data (content key Kt (ij), content key management information UR [t] (ij), and check value CheckG-) according to the specified byte.
- j) Extract 8 bytes of data from the concatenated data).
- the check value Check (i-j) is added immediately after the content key management information UR [t] (i-j)
- the designated byte indicates the LSB (last 8 bytes).
- the check value Check (i-j) is extracted from the consolidated data in plain text.
- the process proceeds to step ST203-4.
- the host device 11 extracts the partial inspection data DATA21 stored in the ROM 116.
- the host device 11 compares the check value Check (i-j) extracted in step ST203-2 with the partial inspection data DATA21 extracted in step ST203-3. In this way, by comparing the two, it is possible to verify the validity of the data up to the position where the check value is embedded in the content key, the content key management information, and the concatenated data that is the check value power.
- step ST203-4 If it is determined as a result of the comparison in step ST203-4 that the check value Check (ij) extracted in step ST203-2 and the partial inspection data D ATA21 extracted in step ST203-3 do not match, the host device 11 , Encryption key content key EncKt (') Therefore, it is determined that the encrypted content key management information EncUR [t] (ij) or the encryption check value EncCheck (i -j) has been tampered with, and the abnormal termination is executed. On the other hand, if it is determined that both match, the process proceeds to step ST203-6.
- the host device 11 extracts the medium m encryption check values EncCheckG-l) to EncCheck (im) from the content key group TKURE (i) according to the designated byte. For example, the host device 11 connects the encrypted data content key EncKtG-j), encrypted content key management information EncUR [t] (ij), and encryption check value EncCheck (ij) according to the specified byte. Extract 8 bytes of data from. As a result, the encryption key check value EncCheck (i-j) is extracted. The host device 11 extracts m encryption check values EncCheck (i-l) to EncCheck (i-m) by executing such extraction processing on each piece of concatenated data.
- the host device 11 concatenates the encryption check values EncCheck (i-l) to EncCheck (im) extracted in step ST203-6. As a result, one check value concatenated data is generated.
- Step ST203-7 the host device 11 performs a hash operation on the check value concatenated data generated in Step ST203-7. As a result, a chain hash value Chain Hash (i) is calculated. Next, the process proceeds to step ST203-11.
- the host device 11 refers to the key correspondence table Address List and detects the encryption key domain key EncKu (i) necessary for decryption of the encryption content key EncKt (i-j). Then, the host device 11 uses the authentication intermediate key A to decrypt the detected encrypted domain key EncKu (i) and encrypted domain key management information EncURMG). Thereby, the host device 11 acquires the domain key Ku (i) and the domain key management information UR [u] (i). The decrypted domain key is used for decrypting the content key in step ST203-1.
- Step ST203-10 Next, the host device 11 extracts the entire inspection data DATA22G) stored in a predetermined bit position from the domain key management information UR [u] (i).
- the host device 11 compares the chain hash value Chain Hash (i) calculated in step ST203-8 with the entire inspection data DATA22 (i) extracted in step ST203-10.
- step ST203-11 the chain hash value Chain Hash (i) calculated in step ST203-8! / Does not match the whole detection data DATA22G) extracted in step ST203-10 If it is determined, the host device 11 determines that the encryption check values EncCheckG-l) to EncCheckG-m) have been tampered with! And executes abnormal termination. On the other hand, if it is determined that both match, the process proceeds to step ST20.
- the host device 11 decrypts the encrypted content.
- content keys may be added or deleted by distribution via the network.
- the whole inspection data (DATA22G) is updated as content key information is added or deleted.
- the encrypted content key information including the encrypted content key EncKt (ia), the encrypted content key management information EncUR [t] (ia), and the encrypted key check value EncCheckG-a) is added.
- This encrypted content key information is added to the content key information including the content key Kt (ia) and the content key management information UR [t]
- Content key information is generated by chain encryption using the domain key Ku (i).
- the ability to execute falsification detection processing on existing content key information by the above-described method is described here. Omitted.
- the encrypted content values EncKt (il) to EncKt (im) are added to the encrypted check values EncCheckG-l) to EncCheck (im) and the added encrypted content key EncKtG-a).
- the accompanying check value EncCheck (ia) is extracted.
- a hash operation is performed on the check value concatenated data generated in step ST204-2 to calculate a new chain hash value Chain Hash (i '). Is done.
- the calculated new chain hash value Chain Hash (i ′) is stored as new whole inspection data DATA22G) at a predetermined position of encryption domain key management information EncUR [t] (0).
- the encrypted content key including the encrypted content key EncKt (i-2), the encrypted content key management information EncUR [t] (i-2), and the encryption key check value EncCheckG-2) Information is deleted.
- Step ST201-3 Next, similarly to the processing in step ST201-3, a hash operation is performed on the check value concatenated data generated in step ST205-2, and a new chain hash value Chain HashG ") is calculated.
- the calculated new chain hash value Chain Hash (i ) is stored as new whole inspection data DATA22G) at a predetermined position of encryption key management information EncUR [t] (0).
- FIG. 20 is a conceptual diagram showing an encryption algorithm for a one-way function type hash operation (DES HASH).
- FIG. 21 is a flowchart showing an encryption algorithm for a one-way function type hash operation (DES HASH).
- FIG. 22 is a conceptual diagram showing a cryptographic algorithm for a one-way function type hash operation (C2 HASH).
- FIG. 23 is a conceptual diagram showing an encryption algorithm for the chained encryption method (DES E-CBC).
- FIG. 24 is a flowchart showing an encryption algorithm for the chain encryption method (DES E-CBC).
- FIG. 25 is a conceptual diagram showing an encryption algorithm for the chained encryption method (C2 E-CBC).
- the check value is extracted from one piece of content key information and the hash operation is performed on the concatenated data that is the power of m encryption check values. Is done. In this way, since it is not necessary to perform a hash operation on the entire content key group TKURE (i), the amount of processing during the falsification detection process can be reduced.
- each force check value of the m encrypted content key information is extracted, and one whole inspection data is extracted from the m encryption check values. Is generated. In this way, data (check value, overall inspection data) used for falsification detection processing is generated in multiple stages. Then, the final inspection data (entire inspection data) is stored in the protection area. In this way, the amount of data stored in the protected area can be reduced.
- the falsification detection process for each piece of content key information and the falsification detection process for all check values are performed in different ways. That is, in the falsification detection process for each content key, the decryption process using the chain encryption method is executed for the content key information, and the extraction process is executed. On the other hand, in the falsification detection process for all check values, a hash operation is executed for all cryptographic key check values. In this way, since the inspection means at the time of tampering detection are different from each other, the security level can be improved.
- the partial inspection data DATA21 does not need to be stored in the ROM 116 or a register (not shown). If the constant of the partial inspection data DATA21 has a certain regularity, it can be realized by a combination of arithmetic units without providing a register. In general, it is more advantageous as a circuit area to implement constants by combining arithmetic units than providing registers.
- a check value may be embedded in the domain key management information.
- the check value Check (i) may be embedded in the domain key management information UR [t] (i).
- the encrypted content key information including the encrypted content key EncKt (H), the encrypted content key management information EncUR [t] G-j), and the encrypted key check value EncCheckG-j) is modified. If the same process as the detection process (see Fig. 16) is executed, alteration of the domain key information including the encryption domain key EncKu (i) and the encryption domain key management information En C UR [t] (i) The presence or absence can be detected.
- m additional information info (il) to info (im) are associated with m encrypted content keys EncKt (i-l) to EncKt (im). I don't mind.
- Each additional information info (i-l) to info (i-m) has a check value corresponding to itself among the encrypted check values EncCheck (i-l) to EncCheck (i-m) in plain text.
- the check value Check (ij) is shown as a representative.
- the additional information info (ij) stores a plain text check value Check (ij). In this case, a different check value can be set for each content key, and security can be improved.
- the check value Check (i-j) may be stored at a predetermined position of the corresponding additional information info (') according to the designated byte.
- the partial inspection data DATA21 is extracted from the additional information info (ij) according to the specified noite (ST202-5) .
- the check value Check (ij) obtained by the processing in steps 202-4 and ST202-1 to ST202-3 and the partial inspection extracted in steps ST202-5! /! Data for data DATA21 is compared. In this way, the presence / absence of alteration in the B-sound content key EncKt (i-j) is checked.
- the area where the content key is stored is reserved in advance in the form of an entry.
- Each entry is associated with a domain key.
- the encrypted content key stored in the entry can be decrypted with the domain key associated with the entry.
- the concept of performing a hash operation by concatenating check values corresponding to each entry arises.
- the data at a predetermined position is extracted in accordance with the central designated byte of all entries associated with the same domain key,
- the extracted data may be concatenated into one to perform a hash operation, and the calculated hash value may be stored in the domain key management information.
- the amount of hash calculation is small. Therefore, data extraction according to the specified byte is executed only for entries where the content key is actually stored, the extracted data is concatenated into one, a hash operation is performed, and the calculated hash value is converted to the domain key. It is preferable to store it in management information.
- the encrypted content is not necessarily stored in the same target device as the target device that stores the encrypted content key, but may be stored in a separate recording medium. good.
- the host device acquires the encryption key content stored in the other recording medium via a network or the like, and the content whose validity is guaranteed by the falsification detection method of this embodiment.
- the encrypted content is decrypted using the key.
- the position where the check value is embedded need not be specified by a specified byte, and may be fixed. For example, if LSB 8 bytes are fixed and embedded, it is possible to check all data (content key, content key management information) for tampering.
- falsification detection is executed using the entire check value.
- the chain encryption method is the same as that shown in FIG. Further, the method for detecting whether or not the content key Kt (i-j) and the accompanying information UR [t] (i-j) have been tampered with is the same as in the second embodiment.
- the overall configuration of the confidential information processing system according to the third embodiment of the present invention is the same as that shown in FIG. However, the confidential information stored in the target device 10 is different.
- FIG. 27 shows confidential information stored in the target device 10 in the present embodiment. Protection In the protected area 102, the domain key group UKURE is stored.
- the normal area 103 stores a key correspondence table Address List, a content key group TKURE (i), a check value list Check List (i), and an overall check value Check (i). Note that the encrypted content is also stored in the normal area 103, which is omitted in FIG.
- the domain key group UKURE includes n encryption domain keys EncKu (l) to EncKu (n) and n encryption key domain key management information EncUR [u] (l) to EncUR [ u] (n).
- the entire verification data is stored at predetermined positions of the encryption key domain key management information EncUR [u] (l) to EncUR [u] (n).
- the overall inspection data is generated based on the content key group corresponding to the domain key and the overall check value. For example, the entire inspection data generated based on the content key group TKURE (i) and the overall check value Check (i) is placed at a predetermined position of the encryption key domain key management information EncUR [u] (i). DATA32 (i) is stored.
- the content key group TKURE (i) and the key correspondence table Address List are the same as those shown in FIG.
- the check value list Check List (i) corresponds to the content key group TKURE (i). Further, home click value list Check List (i) includes m double-encrypted check values Enc 2 Check (i- l) ⁇ Enc 2 Check (i- m). Double-encrypted check values Enc 2 Check (i- l) ⁇ Enc 2 Check (i- m) the encrypted check value EncCheck (i- l) ⁇ EncCheck included in the content key group TKURE (i) (i- There is a one-to-one correspondence with m).
- the overall check value Check (i) corresponds to the content key group TKUREG).
- FIG. 27 only the overall check value Check (i) corresponding to the content key group TKURE (i) is shown, but each content key group (not shown) other than the content key group TKURE (i) is shown. There is also an overall check value corresponding to
- the medium key m encryption check values (EncCheckG-l) to EncCheck (im) are extracted from the content key group TKURE (i).
- the encryption key check value EncCheck (ij) is extracted from the concatenated data consisting of the encrypted content key EncKt (ij), the encrypted content key management information EncUR (ij), and the encryption check value EncCheckG-j).
- m encryption check values EncCheck (i-l) to EncCheck (i-m) are extracted.
- the check value concatenated data is encrypted using the domain key Ku (i) according to the chain encryption method.
- the set of double encrypted Chiwekku value Enc 2 Check (il) ⁇ Enc 2 Check (im) and encryption I ⁇ body check value EncCheckG) is generated.
- step ST301-4! / The entire encryption check value retrieved EncCheck (i) Is stored in a predetermined position of the domain key management information UR [u] (i) as overall inspection data DATA32G).
- the encryption key management information EncURMG when the encryption key management information EncURMG is updated (for example, when new content key information is associated with the existing encryption key domain key EncKu (i), When the content key information associated with the encryption domain key EncKu (i) is deleted), the encryption domain key management information EncUR [u] (i) Before storing the entire check value EncCheck (i), it is decrypted and becomes domain key management information UR [u] (i). When the entire encryption key check value EncCheck (i) is stored in the domain key management information UR [u] (i), the domain key management information UR [u] (i) is encrypted and encrypted. ⁇ Return to domain key management information EncUR [u] (i). In this way, the entire inspection data DATA32G) is updated.
- the falsification detection method using the overall check value Check (i) shown in FIG. 27 will be described.
- the encryption domain key EncKu (i), the check value list Check List (i), and the overall check value Check (i) will be described as examples.
- the falsification detection method using the check values Check (i-l) to Check (i-m) shown in FIG. 27 is the same as the method shown in FIG.
- EncURMG encryption key domain key management information
- domain key management information UR [u] (i) is generated.
- the entire inspection data DATA32G) extracted at a predetermined position of the domain key management information UR [u] (i) is extracted.
- step ST302-1 The extracted overall inspection data DATA32G) is further linked to the subsequent stage of the m pieces of double encryption key check values Enc 2Check (il) to Enc 2 Check (im).
- one check value concatenated data is generated.
- step ST302-6 data at a predetermined position (here, 8-byte data which is the LSB of the set) is extracted from the decoded check value concatenated data. As a result, the data corresponding to the overall check value Check (0 is extracted. Then, the process proceeds to step ST302-6.
- step ST302-6 the entire check value Check (i) stored in the normal area 103 of the target device 10 is extracted according to the designated byte.
- the process proceeds to step ST302-6.
- step ST302-4 the data extracted in step ST302-4 is compared with the overall check value Check (i) extracted in step ST302-5.
- the check value list Check List (i) or the overall check value Check (i) has not been falsified.
- the check value list Check List (i) or the overall check value CheckG) has been tampered with, and the abnormal termination is executed.
- the validity of the check value list Check List (i) can be verified. If the check value list has not been tampered with, it can be detected whether or not the encrypted content key has been tampered with. For example, when it is desired to check for alteration of the encryption key content key EncKt (ij), the encryption key corresponding to the content key Kt (ij) is checked from the check value list Check List (i) decrypted in step ST302-3. ⁇ Extract check value EncCheck (ij). On the other hand, the encryption check value EncCheck (ij) is extracted from the content key group TKURE (i).
- the extracted encryption check value EncCheckG-j) is compared. In this way, it is verified whether the encrypted content key EncKt (ij) and the information accompanying it (encrypted content key management information EncUR [t] (ij), etc.) have been altered. It can be done.
- step ST22 the falsification check method shown in FIG. 16 (falsification check method using check values Check (il) to Check (im)) and the falsification check method shown in FIG. 29 (overall check value).
- the validity of the content key is verified by executing the falsification check method using CheckG).
- content keys may be added or deleted by distribution via the network.
- the check value list Check List (i) and the entire inspection data DATA32G) are updated.
- the encrypted content key information including the encrypted content key EncKt (ia), the encrypted content key management information EncUR [t] (i-a), and the encrypted key check value EncCheckG-a) is added.
- the This encrypted content key information is stored in the content key information including the content key Kt (ia) and the content key management information UR [t] (ia).
- Information is generated by chain ciphering using the domain key Ku (i).
- the encrypted content keys EncKt (il) to EncKt (im) are added to the encrypted check values EncCheckG-l) to EncCheck (im) and the added encrypted content key EncKtG-a).
- the accompanying encryption check value EncCheck (ia) is extracted.
- Step ST303-2 Next, the extracted encryption check values EncCheck (i-l) to EncCheck (im), EncCheck (i-a) and the overall check value CheckG) are concatenated into one. As a result, one check value concatenated data is generated.
- step ST303-2 the check value concatenated data generated in step ST303-2 is encrypted according to the chain encryption method.
- Step ST303- 4 double-encrypted check values Enc 2 Chec k (i- l) ⁇ Enc 2 Check (i- m), Enc 2 Check (i- a) and WDE
- the entire encryption check value EncCheck (i ') is extracted from the set with the check value EncCheck (i).
- the extracted encryption key overall check value EncCheck (i ') is used as the new whole inspection data D ATA32G) as the domain key management information UR [u] (i ) Is stored in a predetermined position.
- check value list Check List (i) and the overall inspection data DATA32 (i) are updated.
- the encrypted content key including the encrypted content key EncKt (i-2), the encrypted content key management information EncUR [t] (i-2), and the encryption key check value EncCheckG-2) Information is deleted.
- EncCheck (i-3) to EncCheck (im) are extracted.
- Step ST304-2 Next, the extracted (m-1) encrypted check values EncCheck (il), EncCheck (i-3) to EncCheckG-m) and the overall check value Check (i) are combined into one. . As a result, check value concatenated data is generated.
- step ST205-2 the check value concatenated data generated in step ST205-2 is encrypted according to the chain encryption method. From this, a set of double encryption check values Enc 2 Check (il), Enc 2 Check (i-3) to Enc 2 Check (im) and an encryption overall check value EncCheckG ”) is generated.
- Step ST301- 4 double-encrypted check values Enc 2 Chec k (il), Enc 2 Check (i- 3) ⁇ Enc 2 Check (i- m) and the encrypted whole Chiwekku value
- the entire encryption key check value EncCheck O is extracted from the set with EncCheck (i ").
- the set of Check (im) becomes a new check value list Check List, and then, as in the process in step ST301-5, the extracted encrypted key total check value EncCheck O is the new total check value.
- Data (DATA32G) is stored at a predetermined location in the domain key management information UR [u] (i).
- each force check value of m encrypted content key information is extracted, and 1 is determined from the entire check value and m encrypted key check values.
- One whole inspection data is generated.
- the data used for falsification detection processing (check value, overall inspection data) is generated in multiple stages.
- most Final inspection data (overall inspection data) is stored in the protected area. In this way, the amount of data stored in the protected area can be reduced.
- the encrypted content is not necessarily stored in the same target device as the target device that stores the encrypted content key, but may be stored in a separate recording medium. good.
- the host device acquires the encryption key content stored in the other recording medium via a network or the like, and the content whose validity is guaranteed by the falsification detection method of this embodiment.
- the encrypted content is decrypted using the key.
- the position where the check value is embedded need not be specified by the specified byte, and may be fixed. For example, if the LSB is fixedly embedded at 8 bytes, it is possible to detect whether all data (content key, content key management information) has been tampered with.
- the overall check value Check (i) may also be stored as a constant in the ROM 116, a register (not shown) or the like, like the partial inspection data DATA21.
- the constant has a certain regularity, it can be realized by combining arithmetic units without providing a register. It is also possible to do. In general, it is more advantageous in terms of circuit area to implement constants by combining arithmetic units than providing registers.
- the schematic flowchart shown in Fig. 5 may be appropriately changed according to the content key tampering check method (processing in step ST22) according to each embodiment. .
- a person skilled in the art can easily change the schematic flowchart of FIG. 5 as appropriate according to each embodiment.
- the present invention can be used in a confidential information processing system configured by a target device and a host device.
Abstract
Description
Claims
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/793,702 US20080212770A1 (en) | 2004-12-20 | 2005-12-20 | Key Information Generating Method and Device, Key Information Updating Method, Tempering Detecting Method and Device, and Data Structure of Key Information |
JP2006549011A JP4606421B2 (ja) | 2004-12-20 | 2005-12-20 | 鍵情報生成方法および装置,鍵情報更新方法,改竄検出方法および装置,鍵情報のデータ構造 |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2004-367187 | 2004-12-20 | ||
JP2004367187 | 2004-12-20 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2006068152A1 true WO2006068152A1 (ja) | 2006-06-29 |
Family
ID=36601752
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2005/023397 WO2006068152A1 (ja) | 2004-12-20 | 2005-12-20 | 鍵情報生成方法 |
Country Status (3)
Country | Link |
---|---|
US (1) | US20080212770A1 (ja) |
JP (1) | JP4606421B2 (ja) |
WO (1) | WO2006068152A1 (ja) |
Families Citing this family (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8341415B1 (en) * | 2008-08-04 | 2012-12-25 | Zscaler, Inc. | Phrase matching |
US9342621B1 (en) | 2008-08-04 | 2016-05-17 | Zscaler, Inc. | Phrase matching |
WO2014055148A2 (en) | 2012-07-09 | 2014-04-10 | Massachusetts Institute Of Technology | Cryptography and key management device and architecture |
US10148430B1 (en) | 2013-04-17 | 2018-12-04 | Amazon Technologies, Inc | Revocable stream ciphers for upgrading encryption in a shared resource environment |
EP2884692B1 (en) * | 2013-12-13 | 2020-05-20 | Nxp B.V. | Updating software on a secure element |
US10284534B1 (en) * | 2015-06-26 | 2019-05-07 | EMC IP Holding Company LLC | Storage system with controller key wrapping of data encryption key in metadata of stored data item |
US10754960B2 (en) * | 2017-11-17 | 2020-08-25 | Intel Corporation | Support for increased number of concurrent keys within multi-key cryptographic engine |
US11038672B2 (en) * | 2018-06-01 | 2021-06-15 | Duality Technologies, Inc. | Secure and distributed management of a proxy re-encryption key ledger |
US11128460B2 (en) | 2018-12-04 | 2021-09-21 | EMC IP Holding Company LLC | Client-side encryption supporting deduplication across single or multiple tenants in a storage system |
US11019033B1 (en) | 2019-12-27 | 2021-05-25 | EMC IP Holding Company LLC | Trust domain secure enclaves in cloud infrastructure |
CN115544530A (zh) * | 2021-06-30 | 2022-12-30 | 阿里巴巴新加坡控股有限公司 | 密钥管理系统及其实现密钥管理的方法和计算节点 |
US20230031380A1 (en) * | 2021-07-30 | 2023-02-02 | APPDIRECT, Inc. | Encryption key rotation |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH09200199A (ja) * | 1995-12-22 | 1997-07-31 | General Instr Corp Of Delaware | ハッシュキーを使用した暗号サインの生成方法及び装置 |
JP2004194271A (ja) * | 2002-10-18 | 2004-07-08 | Toshiba Corp | 暗号化記録装置、再生装置及びプログラム |
JP2004259262A (ja) * | 2003-02-07 | 2004-09-16 | Matsushita Electric Ind Co Ltd | 端末装置及びそれを備えたデータ保護システム |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5673316A (en) * | 1996-03-29 | 1997-09-30 | International Business Machines Corporation | Creation and distribution of cryptographic envelope |
JP2001209583A (ja) * | 2000-01-26 | 2001-08-03 | Sony Corp | データ記録再生器およびセーブデータ処理方法、並びにプログラム提供媒体 |
US20020157002A1 (en) * | 2001-04-18 | 2002-10-24 | Messerges Thomas S. | System and method for secure and convenient management of digital electronic content |
JP4190253B2 (ja) * | 2002-10-31 | 2008-12-03 | 大日本印刷株式会社 | コントラスト向上シートおよび背面投射型スクリーン |
JP2004199138A (ja) * | 2002-12-16 | 2004-07-15 | Matsushita Electric Ind Co Ltd | メモリデバイスとそれを使用する電子機器 |
JP3810425B2 (ja) * | 2004-12-16 | 2006-08-16 | 松下電器産業株式会社 | 改竄検出用データ生成方法、および改竄検出方法及び装置 |
-
2005
- 2005-12-20 US US11/793,702 patent/US20080212770A1/en not_active Abandoned
- 2005-12-20 WO PCT/JP2005/023397 patent/WO2006068152A1/ja active Application Filing
- 2005-12-20 JP JP2006549011A patent/JP4606421B2/ja not_active Expired - Fee Related
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH09200199A (ja) * | 1995-12-22 | 1997-07-31 | General Instr Corp Of Delaware | ハッシュキーを使用した暗号サインの生成方法及び装置 |
JP2004194271A (ja) * | 2002-10-18 | 2004-07-08 | Toshiba Corp | 暗号化記録装置、再生装置及びプログラム |
JP2004259262A (ja) * | 2003-02-07 | 2004-09-16 | Matsushita Electric Ind Co Ltd | 端末装置及びそれを備えたデータ保護システム |
Also Published As
Publication number | Publication date |
---|---|
JP4606421B2 (ja) | 2011-01-05 |
JPWO2006068152A1 (ja) | 2008-06-12 |
US20080212770A1 (en) | 2008-09-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP4606421B2 (ja) | 鍵情報生成方法および装置,鍵情報更新方法,改竄検出方法および装置,鍵情報のデータ構造 | |
JP3810425B2 (ja) | 改竄検出用データ生成方法、および改竄検出方法及び装置 | |
JP4140863B2 (ja) | 暗号によって保護されたページング・システム | |
JP5306465B2 (ja) | セキュアなメモリに応用するメッセージ認証コードの事前計算 | |
US6834333B2 (en) | Data processing device, data storage device, data processing method, and program providing medium for storing content protected under high security management | |
US7734920B2 (en) | Information processing apparatus, information processing method, information providing medium, information decryption apparatus, and information recording medium | |
US20030084308A1 (en) | Memory encryption | |
US20020073326A1 (en) | Protect by data chunk address as encryption key | |
WO2001078298A1 (fr) | Systeme et procede de traitement d'informations | |
CN110289946A (zh) | 一种区块链钱包本地化文件的生成方法及区块链节点设备 | |
JP4843563B2 (ja) | 情報記録媒体のセキュリティ方法、情報処理装置及びプログラム | |
CN113434876A (zh) | 一种数据加密方法、装置、内存控制器、芯片及电子设备 | |
WO2022003327A1 (en) | Integrity tree for memory security | |
JP6205272B2 (ja) | デジタル情報の保護方法、装置およびコンピュータによるアクセス可能な記録媒体 | |
JP4864456B2 (ja) | 改竄検出用データ生成方法 | |
JP2002290395A (ja) | 情報端末装置 | |
JPH10293724A (ja) | ユニット装置、復号化ユニット装置、暗号化ユニット装置、暗号処理システム、暗号化方法及び復号化方法 | |
WO2021044465A1 (ja) | 暗号化装置、復号装置、コンピュータプログラム、暗号化方法、復号方法及びデータ構造 | |
CN100571135C (zh) | 窜改检测用数据的生成方法、窜改检测方法及装置 | |
JP2000305850A (ja) | 電子化データ保護システム、使用許諾者側装置および使用者側装置 | |
JP2021092634A (ja) | 平文暗号化復号化方法および平文暗号化復号化装置 | |
JP2004145905A (ja) | ソフトウェアコピー処理装置、ソフトウェアコピー処理方法およびソフトウェアをコピーするプログラムを記録したコンピュータ読み取り可能な記録媒体 | |
Book et al. | Content Protection for Recordable Media Specification | |
JP2000349749A (ja) | 秘密鍵管理装置及びコンピュータ読み取り可能な記録媒体 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KM KN KP KR KZ LC LK LR LS LT LU LV LY MA MD MG MK MN MW MX MZ NA NG NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU LV MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2006549011 Country of ref document: JP |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 05819454 Country of ref document: EP Kind code of ref document: A1 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 11793702 Country of ref document: US |