WO2012172748A1 - 端末装置、サーバ装置、コンテンツ記録制御システム、記録方法及び記録許否制御方法 - Google Patents
端末装置、サーバ装置、コンテンツ記録制御システム、記録方法及び記録許否制御方法 Download PDFInfo
- Publication number
- WO2012172748A1 WO2012172748A1 PCT/JP2012/003655 JP2012003655W WO2012172748A1 WO 2012172748 A1 WO2012172748 A1 WO 2012172748A1 JP 2012003655 W JP2012003655 W JP 2012003655W WO 2012172748 A1 WO2012172748 A1 WO 2012172748A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- content
- recording medium
- unit
- recording
- key
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims description 136
- 230000005540 biological transmission Effects 0.000 claims description 91
- 238000004364 calculation method Methods 0.000 claims description 36
- 230000004044 response Effects 0.000 claims description 3
- 238000009826 distribution Methods 0.000 description 212
- 238000003860 storage Methods 0.000 description 149
- 230000008569 process Effects 0.000 description 94
- 238000004519 manufacturing process Methods 0.000 description 50
- 238000012545 processing Methods 0.000 description 42
- 238000010586 diagram Methods 0.000 description 26
- 238000012795 verification Methods 0.000 description 23
- 238000004891 communication Methods 0.000 description 15
- 230000006870 function Effects 0.000 description 14
- 239000000463 material Substances 0.000 description 9
- 238000012986 modification Methods 0.000 description 9
- 230000004048 modification Effects 0.000 description 9
- 230000005764 inhibitory process Effects 0.000 description 7
- 230000002441 reversible effect Effects 0.000 description 5
- 238000013500 data storage Methods 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 4
- 230000008929 regeneration Effects 0.000 description 4
- 238000011069 regeneration method Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 230000000153 supplemental effect Effects 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 238000004422 calculation algorithm Methods 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 239000000470 constituent Substances 0.000 description 1
- 238000002716 delivery method Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 239000013589 supplement Substances 0.000 description 1
- 230000001629 suppression Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
- G11B20/0021—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
- G11B20/00855—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving a step of exchanging information with a remote server
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/254—Management at additional data server, e.g. shopping server, rights management server
- H04N21/2541—Rights Management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/433—Content storage operation, e.g. storage operation in response to a pause request, caching operations
- H04N21/4334—Recording operations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/60—Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client
- H04N21/65—Transmission of management data between client and server
- H04N21/658—Transmission by the client directed to the server
- H04N21/6581—Reference data, e.g. a movie identifier for ordering a movie or a product identifier in a home shopping application
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/80—Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
- H04N21/83—Generation or processing of protective or descriptive data associated with content; Content structuring
- H04N21/835—Generation of protective data, e.g. certificates
- H04N21/8352—Generation of protective data, e.g. certificates involving content or source identification data, e.g. Unique Material Identifier [UMID]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N5/00—Details of television systems
- H04N5/76—Television signal recording
- H04N5/91—Television signal processing therefor
- H04N5/913—Television signal processing therefor for scrambling ; for copy protection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/60—Digital content management, e.g. content distribution
- H04L2209/605—Copy protection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N5/00—Details of television systems
- H04N5/76—Television signal recording
- H04N5/91—Television signal processing therefor
- H04N5/913—Television signal processing therefor for scrambling ; for copy protection
- H04N2005/91307—Television signal processing therefor for scrambling ; for copy protection by adding a copy protection signal to the video signal
- H04N2005/91328—Television signal processing therefor for scrambling ; for copy protection by adding a copy protection signal to the video signal the copy protection signal being a copy management signal, e.g. a copy generation management signal [CGMS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N5/00—Details of television systems
- H04N5/76—Television signal recording
- H04N5/91—Television signal processing therefor
- H04N5/913—Television signal processing therefor for scrambling ; for copy protection
- H04N2005/91357—Television signal processing therefor for scrambling ; for copy protection by modifying the video signal
- H04N2005/91364—Television signal processing therefor for scrambling ; for copy protection by modifying the video signal the video signal being scrambled
Definitions
- the present invention relates to a content protection technique when recording content on a recording medium device.
- AACS Advanced Access Content System
- TM Blu-ray Disc
- An AACS-compliant terminal device that reproduces content reads, for example, the content recorded on a BD-ROM (read-only media) and the MKB (Media Key Block) necessary for decoding the content, By decrypting the content using the issued device key and the read MKB, the content can be reproduced.
- BD-ROM read-only media
- MKB Media Key Block
- the content protected by AACS acquired by the terminal device is copied or moved to a recording medium device (for example, an SD memory) (hereinafter referred to as “copy or the like”), for example, in order to reproduce the content on a device different from the terminal device.
- a recording medium device for example, an SD memory
- the present invention has been made in view of such problems, and provides a terminal device capable of suppressing the recording of content that is not permitted to be recorded on a recording medium device, such as illegally copied content. With the goal.
- a terminal device is a terminal device that records content permitted to be recorded on a recording medium device by a server device.
- a generating unit that generates a value reflecting the content of the target content for which permission of recording to the recording medium device is reflected; and information indicating the value generated by the generating unit is transmitted to the server device.
- Information transmitting means for requesting permission to record the target content on the recording medium device, and signature data of the target content transmitted from the server device when recording the target content on the recording medium device is permitted.
- Signature receiving means for receiving the signature content received by the signature receiving means and the target content as plain text or encrypted data Characterized by comprising a recording means for recording into the recording medium device.
- the illegally copied content is recorded on the recording medium device. Can be suppressed.
- a block diagram showing a system configuration of a content distribution system 1000 according to an embodiment The block diagram which shows the function structure of the principal part of the content production apparatus 100 which concerns on embodiment
- the flowchart which shows the content production process by the content production apparatus 100 which concerns on embodiment
- the block diagram which shows the function structure of the principal part of the key issuing apparatus 200 which concerns on embodiment.
- the flowchart which shows the key issuing process by the key issuing apparatus 200 which concerns on embodiment
- the block diagram which shows the function structure of the principal part of the content delivery authentication apparatus 300 which concerns on embodiment
- the figure which shows the data structural example and content example of the writing start authentication request data which the content delivery authentication apparatus 300 which concerns on embodiment receives.
- the flowchart which shows the authentication process by the content delivery authentication apparatus 300 which concerns on embodiment The block diagram which shows the function structure of the principal part of the key distribution apparatus 400 which concerns on embodiment
- FIG. 2 is a block diagram showing a functional configuration of main parts of a recording medium device 600 according to an embodiment.
- 7 is a flowchart showing write processing by the recording medium device 600 according to the embodiment.
- the block diagram which shows the structure of the content recording control system 2000 which concerns on one Embodiment of this invention, the server apparatus 2400, and the terminal device 2500.
- 6 is a flowchart for explaining a recording method according to an embodiment of the invention. 6 is a flowchart for explaining a recording permission / inhibition control method according to an embodiment of the present invention.
- the flowchart which shows the delivery process by the key delivery apparatus which concerns on a modification.
- the flowchart which shows the reception and writing process by the terminal device which concerns on a modification The flowchart which shows the reproduction
- a content distribution system 1000 including a key distribution device and a terminal device will be described as an embodiment of a content recording control system according to the present invention including a server device and a terminal device according to the present invention.
- a recording medium device for example, an SD memory
- a copyright protection technology different from that of AACS in order to play back the content protected by AACS acquired by the terminal device on a device different from the terminal device. You may want to copy it.
- a terminal device decrypts AACS-protected content (encrypted content) to acquire plain text content, and a copyright protection technique different from AACS It is conceivable that plaintext content is encrypted by a method compliant with the above and written to the recording medium device.
- the key distribution device determines whether or not the terminal device is allowed to record content in the recording medium device, and generates signature data only when recording is permitted. Then, the terminal device records the content on the recording medium device together with the generated signature data. Further, by preventing the content that is not recorded together with the signature data from being played back by the regular playback device, even if the terminal device is hacked and only the content is recorded on the recording medium device, the regular playback device Does not allow playback of this content.
- FIG. 1 is a block diagram showing a system configuration of a content distribution system 1000 according to the embodiment.
- the content distribution system 1000 includes a content production device 100, a key issuing device 200, a content distribution authentication device 300, a key distribution device 400, a terminal device 500, and a recording medium device 600.
- the terminal device 500 is a DVD / BD player capable of reproducing a recording medium such as an optical disc such as a DVD or a BD, can be connected to a network, and is installed at the home of a user who views the content.
- the recording medium device 600 is a memory card such as an SD card, for example, and is used by being inserted into a card slot of the terminal device 500.
- the content distribution authentication device 300 corresponds to an AACS managed copy authentication server.
- the content production device 100 and the content distribution authentication device 300 between the key issuing device 200 and the key distribution device 400, between the content distribution authentication device 300, the key distribution device 400, and the terminal device 500, for example, Connected via network.
- FIG. 2 is a block diagram illustrating a functional configuration of a main part of the content production apparatus 100.
- the content production device 100 includes a production device private key / certificate storage unit 111, a material storage unit 120, an editing unit 121, a title key storage unit 130, a title key generation unit 131, a content storage unit 140, It comprises an encryption unit 141, a content identification information storage unit 150, a content identification information generation unit 151, a signature unit 152, a content delivery unit 160, a UR storage unit 170, a UR input unit 171, and a content identification information / UR registration unit 180.
- the content production apparatus 100 includes a processor, a memory, and a NIC (Network Interface Card), and includes an editing unit 121, a title key generation unit 131, an encryption unit 141, a content identification information generation unit 151, and a signature unit 152. These functions are realized by the above-described processor executing a program stored in the above-described memory. Further, the transmission of data by the content identification information / UR registration unit 180 is performed using the above-described NIC.
- NIC Network Interface Card
- the production device private key / certificate storage unit 111 is a memory area for storing a production device private key and production device certificate pair. A detailed description of the method for writing the production device private key and production device certificate is omitted.
- the material storage unit 120 is a memory area for storing video and audio materials such as movies. A detailed description of how to produce video and audio itself is omitted.
- the editing unit 121 edits the material stored in the material storage unit 120 and sends it to the encryption unit 141.
- the title key storage unit 130 is a memory area for storing a title key.
- the title key generation unit 131 generates a title key and stores it in the title key storage unit 130.
- the title key is, for example, a 128-bit random number.
- the content storage unit 140 is a memory area for storing encrypted content.
- the encrypted content is simply referred to as “content”, and the unencrypted content is referred to as “plaintext content”.
- the encryption unit 141 encrypts the material sent from the editing unit 121 using the title key stored in the title key storage unit 130 to generate content, and stores the content in the content storage unit 140.
- the content identification information storage unit 150 is a memory area for storing content identification information with a signature.
- the content identification information generation unit 151 generates content identification information for identifying the content based on the content stored in the content storage unit 140, and sends the content identification information to the signature unit 152.
- the content identification information may be any information as long as it can identify the content.
- the content identification information can be generated as follows. That is, a hash value is calculated for each part obtained by dividing the content into a plurality of parts, and a hash table including the calculated hash values is generated. Furthermore, a hash value can be calculated for this hash table, and this hash value can be used as content identification information.
- the content identification information for example, in the case of a BD, a CCID that is a part of a Content Cert defined by AACS can be used.
- the signature unit 152 signs the content identification information sent from the content identification information generation unit 151 with the production device private key stored in the production device private key / certificate storage unit 111, and the content identification information storage unit 150.
- the content delivery unit 160 delivers the content stored in the content storage unit 140 and the hash table and the like generated by the content identification information generation unit 151 to the terminal device 500.
- the delivery method to the terminal device 500 is not particularly limited, in the present embodiment, the content delivery unit 160 records the content or the like on a recording medium such as an optical disc such as a DVD or a BD, and the recording in which the content or the like is recorded. It is assumed that the medium is sold via a physical distribution market and delivered to the terminal device 500 installed at the user's home.
- the hash table is used for verifying content recorded on a recording medium such as an optical disc when the content is delivered and played back on the terminal device 500.
- the terminal device calculates a hash value for seven randomly selected portions of each portion obtained by dividing the content into a plurality of portions at the start of reproduction. Then, the playback device compares the calculated hash value with the hash value of the corresponding part in the delivered hash table, and if all seven locations match, playback is permitted.
- the UR storage unit 170 is a memory area for storing UsageRule (hereinafter referred to as “UR”), which is a condition for reproducing and moving content.
- UR UsageRule
- the UR input unit 171 includes an input device such as a keyboard, receives UR input from an operator of the content production device 100, and stores it in the UR storage unit 170 in a predetermined format.
- the content identification information / UR registration unit 180 transmits the content identification information stored in the content identification information storage unit 150 and the UR stored in the UR storage unit 170 to the content distribution authentication device 300 via the network, sign up.
- FIG. 3 is a flowchart showing content production processing by the content production device 100.
- step S110 to S190 constituting the content production process shown in the figure is an example.
- the process of step S110 shown in the figure is performed before the process of step S160 is started
- the processes of steps S120 and S130 are performed before the process of step S140 is started
- the processes of steps S160 and S180 are the processes of step S190. It is only necessary to complete the process before the start, and the execution order of the processing of each step is not limited to the case shown in FIG.
- the production device private key / production device certificate pair of the content production device 100 is stored in the production device private key / certificate storage unit 111 (step S110).
- the editing unit 121 edits the material stored in the material storage unit 120 (step S120), and the title key generation unit 131 generates a title key and stores it in the title key storage unit 130 (step S130).
- the encryption unit 141 generates content by encrypting the material edited by the editing unit 121 with the title key stored in the title key storage unit 130, and stores the content in the content storage unit 140 (step S140).
- the content identification information generation unit 151 generates content identification information based on the content stored in the content storage unit 140.
- the signature unit 152 signs the content identification information generated by the content identification information generation unit 151 and stores the signature in the content identification information storage unit 150 (step S160).
- the content delivery unit 160 delivers the content stored in the content storage unit 140 and the hash value generated by the content identification information generation unit 151 in the process of generation to the terminal device 500 (step S170).
- the UR input unit 171 receives an UR input from an operator of the content production apparatus 100 and stores it in the UR storage unit 170 (step S180).
- the content identification information / UR registration unit 180 transmits the content identification information stored in the content identification information storage unit 150 and the UR pair stored in the UR storage unit 170 to the content distribution authentication device 300. Registration (step S190), the content production apparatus 100 ends the content production processing.
- FIG. 4 is a block diagram illustrating a functional configuration of a main part of the key issuing device 200.
- the key issuing device 200 includes a root key pair storage unit 210, a root key pair generation unit 211, a root public key transmission unit 212, a key distribution device private key / certificate storage unit 220, and a key distribution device key.
- the key issuing device 200 includes a processor, a memory, and a NIC, and includes a root key pair generation unit 211, a key distribution device key pair generation unit 221, a certificate generation unit 222, and a terminal device key pair generation unit 231.
- the functions of the certificate generation unit 232, the recording medium device key pair generation unit 241, and the certificate generation unit 242 are realized by the above-described processor executing the program stored in the above-described memory.
- the transmission of data by the root public key transmission unit 212, the key distribution device private key / certificate transmission unit 223, the terminal device private key / certificate transmission unit 233, and the recording medium device private key / certificate transmission unit 243 is described above. This NIC is used.
- the root key pair storage unit 210 is a memory area for storing the key pair of the root public key and the root secret key of the key issuing device 200.
- the root secret key forms the basis of security in the content distribution system 1000 according to the present embodiment.
- the root key pair generation unit 211 generates a key pair of the root public key and the root secret key of the key issuing device 200, and stores the key pair in the root key pair storage unit 210.
- the route public key transmission unit 212 transmits the route public key stored in the route key pair storage unit 210 to the key distribution device 400, the terminal device 500, and the recording medium device 600 via the network.
- the key distribution device private key / certificate storage unit 220 is a memory area for storing a pair of the key distribution device private key and the key distribution device certificate 10.
- the key distribution device key pair generation unit 221 generates a key pair of the key distribution device public key and the key distribution device private key of the key distribution device 400, and sends the generated key distribution device public key to the certificate generation unit 222.
- the generated key distribution device private key is stored in the key distribution device private key / certificate storage unit 220.
- the certificate generation unit 222 uses the root secret key stored in the root key pair storage unit 210 to give a signature to the key distribution device public key sent from the key distribution device key pair generation unit 221 and The distribution device certificate 10 is generated and stored in the key distribution device private key / certificate storage unit 220.
- FIG. 5A is a diagram illustrating a data configuration example and content example of the key distribution device certificate 10.
- the key distribution device certificate 10 includes a key distribution device ID 11, a key distribution device public key 12, attached information 13, and a signature 14.
- the key distribution device ID 11 is identification information of the key distribution device 400
- the key distribution device public key 12 is the key distribution device public key generated by the key distribution device key pair generation unit 221
- the attached information 13 Is information indicating the issuance date and expiration date of the key distribution device certificate 10, for example.
- the signature 14 is a signature generated by the certificate generation unit 222 for the key distribution device ID 11, the key distribution device public key 12, and the attached information 13.
- the key distribution device private key / certificate transmission unit 223 uses a key distribution device private key and key distribution device certificate 10 stored in the key distribution device private key / certificate storage unit 220 as a key via the network. Transmit to distribution device 400.
- the terminal device private key / certificate storage unit 230 is a memory area for storing a pair of the terminal device private key and the terminal device certificate 20.
- the terminal device key pair generation unit 231 generates a key pair of the terminal device public key and the terminal device private key of the terminal device 500, sends the generated terminal device public key to the certificate generation unit 232, and generates the generated terminal device secret
- the key is stored in the terminal device private key / certificate storage unit 230.
- the certificate generation unit 232 uses the root secret key stored in the root key pair storage unit 210 to give a signature to the terminal device public key and the like sent from the terminal device key pair generation unit 231 and to verify the terminal device certificate
- the certificate 20 is generated and stored in the terminal device private key / certificate storage unit 230.
- terminal device certificate 20 will be described.
- FIG. 5B is a diagram showing a data configuration example and content example of the terminal device certificate 20.
- the terminal device certificate 20 includes a terminal device ID 21, a terminal device public key 22, attached information 23, and a signature 24.
- the terminal device ID 21 is identification information of the terminal device 500
- the terminal device public key 22 is a terminal device public key generated by the terminal device key pair generation unit 231
- the attached information 23 is, for example, a terminal This is information indicating the issue date and expiration date of the device certificate 20.
- the signature 24 is a signature generated by the certificate generation unit 232 for the terminal device ID 21, the terminal device public key 22, and the attached information 23.
- the terminal device private key / certificate transmission unit 233 transmits the pair of the terminal device private key and the terminal device certificate 20 stored in the terminal device private key / certificate storage unit 230 to the terminal device 500 via the network. To do.
- the recording medium device private key / certificate storage unit 240 is a memory area for storing a pair of the recording medium device private key and the recording medium device certificate 30.
- the recording medium device key pair generation unit 241 generates a key pair of the recording medium device public key and the recording medium device private key of the recording medium device 600, and sends the generated recording medium device public key to the certificate generation unit 242.
- the generated recording medium device private key is stored in the recording medium device private key / certificate storage unit 240.
- the certificate generation unit 242 uses the root secret key stored in the root key pair storage unit 210 to give a signature to the recording medium device public key or the like sent from the recording medium device key pair generation unit 241 and record it.
- the medium device certificate 30 is generated and stored in the recording medium device private key / certificate storage unit 240.
- FIG. 5C is a diagram showing a data configuration example and content example of the recording medium device certificate 30.
- the recording medium device certificate 30 includes a recording medium device ID 31, a recording medium device public key 32, attached information 33, and a signature 34.
- the recording medium device ID 31 is identification information of the recording medium device 600
- the recording medium device public key 32 is a recording medium device public key generated by the recording medium device key pair generation unit 241, and attached information 33. Is, for example, information indicating the issuance date and expiration date of the recording medium device certificate 30.
- the signature 34 is a signature generated by the certificate generation unit 242 for the recording medium device ID 31, the recording medium device public key 32, and the attached information 33.
- the recording medium device private key / certificate transmission unit 243 records the pair of the recording medium device private key and the recording medium device certificate 30 stored in the recording medium device private key / certificate storage unit 240 via the network. Transmit to media device 600.
- FIG. 6 is a flowchart showing a key issuing process performed by the key issuing device 200.
- step S210 the execution order of the processes in steps S210 to S250 that constitute the key issuing process shown in the figure is an example.
- the process of step S210 shown in the figure may be completed before the processes of steps S220, S240, and S250 are started.
- the process of step S220, S240, S250 shown to the same figure should just be performed after the process of step S210, and the execution order of the process of step S220, S240, S250 is not limited to the case shown in the figure. That is, after the process of step S240, the processes of steps S220 and S250 may be performed in this order or reverse order, and after the process of step S250, the processes of steps S220 and S240 may be performed in this order or reverse order. .
- the root key pair generation unit 211 of the key issuing device 200 generates a root key pair of a root public key and a root secret key, and stores the root key pair in the root key pair storage unit 210. Further, the route public key transmission unit 212 transmits the generated route public key to the key distribution device 400, the terminal device 500, and the recording medium device 600 (step S210).
- the key distribution device key pair generation unit 221 generates a key pair of a key distribution device public key and a key distribution device private key, and stores the generated key distribution device private key in the key distribution device private key / certificate storage unit 220. To do. Further, the certificate generation unit 222 gives a signature to the key distribution device public key generated by the key distribution device key pair generation unit 221 by using the root secret key stored in the root key pair storage unit 210. The key distribution device certificate 10 is generated and stored in the key distribution device private key / certificate storage unit 220. The key distribution device private key / certificate transmission unit 223 transmits the key distribution device private key and the key distribution device certificate 10 stored in the key distribution device private key / certificate storage unit 220 to the key distribution device 400. (Step S220).
- the terminal device key pair generation unit 231 generates a key pair of the terminal device public key and the terminal device private key, and stores the generated terminal device private key in the terminal device private key / certificate storage unit 230. Also, the certificate generation unit 232 uses the root secret key stored in the root key pair storage unit 210 to give a signature to the terminal device public key generated by the terminal device key pair generation unit 231 and the terminal The device certificate 20 is generated and stored in the terminal device private key / certificate storage unit 230. Further, the terminal device private key / certificate transmission unit 233 transmits the terminal device private key and the terminal device certificate 20 stored in the terminal device private key / certificate storage unit 230 to the terminal device 500 (step S240). .
- the recording medium device key pair generation unit 241 generates a key pair of the recording medium device public key and the recording medium device private key, and stores the generated recording medium device private key in the recording medium device private key / certificate storage unit 240. To do.
- the certificate generation unit 242 gives a signature to the recording medium device public key generated by the recording medium device key pair generation unit 241 using the root secret key stored in the root key pair storage unit 210.
- the recording medium device certificate 30 is generated and stored in the recording medium device private key / certificate storage unit 240.
- the recording medium device private key / certificate transmission unit 243 transmits the recording medium device private key and the recording medium device certificate 30 stored in the recording medium device private key / certificate storage unit 240 to the recording medium device 600. (Step S250), the key issuing device 200 ends the key issuing process.
- FIG. 7 is a block diagram illustrating a functional configuration of a main part of the content distribution authentication device 300.
- the content distribution authentication apparatus 300 includes a content identification information / UR storage unit 310, a content identification information / UR reception unit 320, a write authentication request reception unit 330, an authentication determination / authentication ID generation unit 340, an authentication result.
- An authentication ID notification unit 350 and an authentication ID / UR registration unit 360 are included.
- the content distribution authentication apparatus 300 includes a processor, a memory, and a NIC, and the function of the authentication determination / authentication ID generation unit 340 of the content distribution authentication apparatus 300 is a program stored in the memory. This is implemented by executing the above-described processor. Further, the data exchange by the content identification information / UR receiving unit 320, the writing authentication request receiving unit 330, the authentication result / authentication ID notification unit 350, and the authentication ID / UR registration unit 360 is performed using the above-described NIC.
- the content identification information / UR storage unit 310 is a memory area for storing a pair of content identification information and UR.
- the content identification information / UR receiving unit 320 receives the content identification information and UR from the content production apparatus 100 via the network and stores them in the content identification information / UR storage unit 310.
- the writing authentication request receiving unit 330 receives the writing authentication request data 40 from the terminal device 500 via the network, and sends it to the authentication determination / authentication ID generating unit 340.
- FIG. 8 is a diagram illustrating a data configuration example and content example of the write start authentication request data 40.
- the write-out authentication request data 40 includes content identification information 41, a coupon code 42, and supplementary information 43.
- the content identification information 41 is the content identification information of the content that the terminal device 500 intends to record in the recording medium device 600, and the figure shows an example in which the content identification information is “0008”. .
- the authentication determination / authentication ID generation unit 340 stores the same content identification information as the content identification information 41 of the writing authentication request data 40 sent from the writing authentication request receiving unit 330 in the content identification information / UR storage unit 310. And generation processing corresponding to the determination result is performed. Specifically, when the same content identification information as the content identification information 41 is stored, the authentication determination / authentication ID generation unit 340 generates and stores an authentication result and an authentication ID indicating that the authentication is successful. If not, an authentication result indicating that the authentication has failed is generated and sent to the authentication result / authentication ID notification unit 350. The authentication determination / authentication ID generation unit 340 also sends the generated authentication ID to the authentication ID / UR registration unit 360.
- the authentication result / authentication ID notification unit 350 transmits the authentication result sent from the authentication determination / authentication ID generation unit 340 to the terminal device 500 via the network. Is sent to the terminal device 500 via the network.
- the authentication ID / UR registration unit 360 sends the authentication ID sent from the authentication determination / authentication ID generation unit 340 and the UR pair stored in the content identification information / UR storage unit 310 to the key distribution device 400 via the network. Send to.
- FIG. 9 is a flowchart showing an authentication process by the content distribution authentication apparatus 300.
- execution order of the processes in steps S310 to S350 constituting the authentication process shown in the figure is an example.
- the process of step S310 shown in the figure only needs to be completed before the start of the process of step S320, and the execution order of the processes in each step is not limited to the case shown in the figure.
- the content identification information / UR receiving unit 320 of the content distribution authentication device 300 receives the content identification information and the UR from the content production device 100 and stores them in the content identification information / UR storage unit 310 (step S310).
- the writing authentication request receiving unit 330 receives the writing authentication request data 40 from the terminal device 500 (step S320). Subsequently, the authentication determination / authentication ID generation unit 340 includes the content identification information 41 of the writing authentication request data 40 received by the writing authentication request receiving unit 330 and the content identification information stored in the content identification information / UR storage unit 310. Are matched (step S330).
- step S330 When both pieces of content identification information match (step S330: YES), the authentication determination / authentication ID generation unit 340 generates an authentication result and an authentication ID indicating that the authentication is successful, and the authentication result / authentication ID notification unit 350 This authentication result and authentication ID are transmitted to the terminal device 500 (step S340). Subsequently, the authentication ID / UR registration unit 360 transmits the authentication ID generated by the authentication determination / authentication ID generation unit 340 and the UR pair stored in the content identification information / UR storage unit 310 to the key distribution device 400. The content distribution authentication apparatus 300 ends the authentication process (step S350).
- step S330 determines whether the two pieces of content identification information do not match in step S330 (step S330: NO).
- the authentication determination / authentication ID generation unit 340 generates an authentication result indicating that the authentication has failed, and notifies the authentication result / authentication ID notification.
- the unit 350 transmits the authentication result to the terminal device 500 (step S345), and the content distribution authentication device 300 ends the authentication process.
- FIG. 10 is a block diagram illustrating a functional configuration of a main part of the key distribution device 400.
- the key distribution device 400 includes a route public key storage unit 410, a route public key reception unit 411, a key distribution device private key / certificate storage unit 415, and a key distribution device private key / certificate reception unit 416.
- the key distribution device 400 includes a processor, a memory, and a NIC, and includes a mutual authentication unit 440, a recording medium device ID acquisition unit 441, a determination unit 442, a title key generation unit 450, a MAC calculation unit 451, a title.
- the functions of the key calculation unit 453, the encryption / decryption unit 455, the position designation unit 460, the verification unit 462, and the signature unit 470 are realized by the above-described processor executing the program stored in the above-described memory.
- a root public key receiving unit 411 a key distribution device private key / certificate receiving unit 416, an authentication ID / UR receiving unit 421, a write request receiving unit 430, a mutual authentication unit 440, a MAC / UR transmitting unit 452, a title key transmission Data exchange by the unit 454, the encryption / decryption unit 455, the position designation unit 460, the unsigned data / content reception unit 461, and the signature data transmission unit 471 is performed using the above-described NIC.
- the root public key storage unit 410 is a memory area for storing the root public key.
- the route public key receiving unit 411 receives the route public key transmitted from the key issuing device 200 via the network and stores it in the route public key storage unit 410.
- the key distribution device private key / certificate storage unit 415 is a memory area for storing a pair of a key distribution device private key and a key distribution device certificate.
- the key distribution device private key / certificate receiving unit 416 receives a pair of the key distribution device private key and the key distribution device certificate transmitted from the key issuing device 200 via the network, and receives the key distribution device private key / certificate. Stored in the document storage unit 415.
- the authentication ID / UR storage unit 420 is a memory area for storing a pair of authentication ID and UR.
- the authentication ID / UR receiving unit 421 receives the authentication ID / UR pair transmitted from the content distribution authentication device 300 via the network, and stores it in the authentication ID / UR storage unit 420.
- the write request receiving unit 430 receives the write request data 50 from the terminal device 500 via the network and sends it to the determination unit 442.
- FIG. 11 is a diagram showing a data structure and example contents of the write request data 50. As shown in FIG.
- the write request data 50 includes an authentication ID 51 and a recording medium device ID 52.
- the authentication ID 51 is an authentication ID received by the terminal device 500 from the content distribution authentication device 300
- the recording medium device ID 52 is identification information of the recording medium device 600 that the terminal device 500 intends to record content.
- the mutual authentication unit 440 performs mutual authentication between the terminal device 500 and the recording medium device 600, and shares a common key with each of the terminal device 500 and the recording medium device 600.
- FIG. 12 is a block diagram for explaining a procedure example of mutual authentication between the host / server authentication A and the host / server authentication B.
- the host / server authentication A is, for example, the key distribution device 400
- the host / server authentication B is, for example, the terminal device 500 or the recording medium device 600.
- the mutual authentication unit of host / server authentication A includes a random number generation unit A10, a decryption unit A20, a random number comparison unit A30, and an encryption unit A40
- the mutual authentication unit of host / server authentication B includes an encryption unit B10 and a random number generation Part B20, decryption part B30, and random number comparison part B40.
- the encryption unit B10 of the host / server authentication B receives the random number R1 from the host / server authentication A, encrypts it with the unique key Ksc (E (Ksc, R1)), and encrypts the random number R1 ( E (Ksc, R1)) is transmitted to the host / server authentication A.
- E Keration, R1
- D Ksc, (E (Ksc, R1))
- the random number comparison unit A30 of the host / server authentication A determines that the result D (Ksc, (E (Ksc, R1))) decrypted in (c) matches the random number R1 generated in (a).
- the authentication result that the host / server authentication B is a legitimate module is obtained.
- the random number generator B20 of the host / server authentication B generates a random number R2 and sends it to the host / server authentication A.
- the encryption unit A40 of the host / server authentication A receives the random number R2 from the host / server authentication B, encrypts it with the unique key Ksc (E (Ksc, R2)), and encrypts the random number R2 ( E (Ksc, R2)) is transmitted to the host / server authentication B.
- E Keration, R2
- the random number comparison unit B40 of the host / server authentication B determines that the result D (Ksc, (E (Ksc, R2))) decrypted in (g) matches the random number R2 generated in (e).
- the authentication result that the host / server authentication A is a regular module is obtained.
- the recording medium device ID acquisition unit 441 acquires the recording medium device ID 31 described in the recording medium device certificate 30 received in the mutual authentication with the recording medium device 600 by the mutual authentication unit 440, and determines the determination unit 442 and the MAC operation. To the unit 451.
- the determination unit 442 determines whether to permit a write request from the terminal device 500. Specifically, the determination unit 442 determines whether the same authentication ID as the authentication ID included in the write request data 50 transmitted from the write request receiving unit 430 is stored in the authentication ID / UR storage unit 420. judge. In addition, the determination unit 442 determines whether the recording medium device ID included in the write request data 50 sent from the write request receiving unit 430 and the recording medium device ID sent from the recording medium device ID acquisition unit 441 match. Determine. When the authentication ID is stored and the recording medium device IDs match, the determination unit 442 sends a determination result indicating that the write request is permitted to the title key generation unit 450. On the other hand, when the authentication ID is not stored or the recording medium device IDs do not match, the determination unit 442 sends a determination result indicating that the write request is not permitted to the title key generation unit 450.
- the title key generation unit 450 When the determination result sent from the determination unit 442 indicates that the write request is permitted, the title key generation unit 450 generates a title key, and performs the MAC operation unit 451, the title key operation unit 453, and the verification To the unit 462. When the title key generation unit 450 receives a determination result indicating that the write request is not permitted from the determination unit 442, the title key generation unit 450 transmits the determination result to the MAC / UR transmission unit 452 via the MAC calculation unit 451. To do.
- the MAC calculation unit 451 uses the title key sent from the title key generation unit 450 to calculate the MAC (Message Authentication Code) value of the recording medium device ID sent from the recording medium device ID acquisition unit 441.
- the data is sent to the UR transmitter 452.
- the MAC / UR transmission unit 452 transmits the MAC value of the recording medium device ID sent from the MAC operation unit 451 and the UR stored in the authentication ID / UR storage unit 420 to the terminal device 500 via the network. To do. When the MAC / UR transmission unit 452 receives a determination result indicating that the write request is not permitted from the title key generation unit 450 via the MAC operation unit 451, the MAC / UR transmission unit 452 sends the determination result to the terminal device 500. Also do.
- the title key calculation unit 453 calculates a hash value of the UR stored in the authentication ID / UR storage unit 420, and reversible such as XOR between the calculated hash value and the title key transmitted from the title key generation unit 450. A simple combination calculation that can be calculated is performed to generate a calculation title key. The title key calculation unit 453 sends the generated calculation title key to the title key transmission unit 454.
- the title key transmission unit 454 transmits the calculated title key sent from the title key calculation unit 453 via the encryption / decryption unit 455 to the recording medium device 600 via the network.
- the recording medium device 600 is used by being mounted in a card slot of the terminal device 500, the computation title key is actually transmitted to the recording medium device 600 via the terminal device 500 as described later. Will be done.
- the terminal device 500 merely serves as a transmission path between the key distribution device 400 and the recording medium device 600, and in principle does not know the contents of the communication data. That is, although communication is performed via the terminal device 500, it is handled in the same manner as when direct communication is performed between the key distribution device 400 and the recording medium device 600.
- the encryption / decryption unit 455 encrypts the calculated title key generated by the title key calculation unit 453 using the common key generated by the mutual authentication process by the mutual authentication unit 440 and transmits the encrypted key to the recording medium device 600.
- the calculated title key is securely transmitted to the recording medium device 600.
- partial content a part of content (hereinafter also referred to as “partial content”) that is a target of hash value comparison of the content by the verification unit 462 is stored in the recording medium device 600 by the terminal device 500.
- the position designation information designated by the position and size in the content to be written is generated and transmitted to the terminal device 500 via the network.
- the position specifying unit 460 also sends the generated position specifying information to the verification unit 462.
- the position specifying unit 460 may select a position in the content randomly or according to some rule.
- the unsigned data / content receiving unit 461 receives the unsigned data 70 from the terminal device 500 via the network, sends the received unsigned data 70 to the verification unit 462, and sends the received unsigned data 70 to the position specifying unit 460. Notify that received.
- the unsigned data / content receiving unit 461 receives the partial content designated by the location designation information transmitted by the location designation unit 460 from the terminal device 500 and sends it to the verification unit 462.
- FIG. 13A is a diagram illustrating a data configuration example of the unsigned data 70.
- the unsigned data 70 includes hash data 1 71, hash data 2 72,..., Hash data N 73, supplemental information 74, and signature reservation portion 75.
- Each hash data (71 to 73) is a hash value of each part when the encrypted content is divided into a plurality of parts.
- each hash data (71 to 73) is a hash value calculated from encrypted content, but may be a hash value calculated from plaintext content before encryption.
- the signature reservation portion 75 is a reserved area for storing a signature 78 of signature data 76 to be described later.
- the supplementary information 74 is used, for example, to describe information specifying the content or information related to the content and associate it with the content.
- the verification unit 462 verifies the validity of the unsigned data 70 sent from the unsigned data / content receiving unit 461. Specifically, the verification unit 462 encrypts the partial content transmitted from the unsigned data / content reception unit 461 with the title key transmitted from the title key generation unit 450 and calculates a hash value. Then, the verification unit 462 determines whether or not the calculated hash value matches the hash value of the part corresponding to the partial content described in the unsigned data 70. If the determination result that 70 is correct does not match, the determination result that the unsigned data 70 is incorrect is sent to the signature unit 470. The verification unit 462 receives the position designation received from the position designation unit 460 as to which of the hash values described in the unsigned data 70 is the hash value of the part corresponding to the partial content. Identify based on information.
- the signature unit 470 uses the key distribution device private key stored in the key distribution device private key / certificate storage unit 415 when the verification unit 462 sends a determination result indicating that the unsigned data 70 is correct.
- the signature target part of the unsigned data 70 is signed, and signature data 76 is generated.
- the signature unit 470 sends the generated signature data 76 to the signature data transmission unit 471.
- the signature unit 470 receives a determination result indicating that the unsigned data 70 is incorrect from the verification unit 462
- the signature unit 470 transmits the determination result to the signature data transmission unit 471.
- FIG. 13B is a diagram illustrating a data configuration example of the signature data 76.
- the signature data 76 includes hash data 1 71, hash data 2 72,..., Hash data N 73, supplementary information 77, and signature 78.
- each hash data (71 to 73) is the same as each hash data included in the unsigned data 70.
- the signature 78 is a signature generated by using each key data (71 to 73) and supplementary information 77 as a signature target and using a key distribution device private key.
- the supplementary information 77 may include data indicating the calculation source of each hash data, or information indicating the position and size in the content indicating the data that is the calculation source of each hash data. Further, the supplementary information 77 may include not only partial content but also information specifying that other than partial content may be included, or information other than partial content may be specified.
- the signature data transmission unit 471 transmits the signature data 76 transmitted from the signature unit 470 to the terminal device 500 via the network.
- the signature data transmission unit 471 receives a determination result indicating that the unsigned data 70 is incorrect from the signature unit 470, the signature data transmission unit 471 also transmits the determination result to the terminal device 500.
- FIG. 14 is a flowchart showing pre-distribution processing by the key distribution apparatus 400.
- step S410 and S420 constituting the pre-distribution process shown in the figure is an example, and the execution order of the processes in each step is not limited to the case shown in the figure. That is, the process of step S420 shown in the figure may be executed before the process of step S410.
- the route public key receiving unit 411 of the key distribution device 400 receives the route public key from the key issuing device 200 and stores it in the route public key storage unit 410.
- the key distribution device private key / certificate receiving unit 416 receives a pair of the key distribution device private key and the key distribution device certificate from the key issuing device 200 and stores them in the key distribution device private key / certificate storage unit 415. (Step S410).
- the authentication ID / UR receiving unit 421 receives the authentication ID / UR pair from the content distribution authentication device 300 and stores the authentication ID / UR pair in the authentication ID / UR storage unit 420 (step S420). Exit.
- FIG. 15 is a flowchart showing distribution processing by the key distribution apparatus 400.
- the write request reception unit 430 of the key distribution device 400 receives the write request data 50 from the terminal device 500 (step S440), and the determination unit 442 determines the terminal based on the write request data 50 received by the write request reception unit 430. It is determined whether or not the write request from the device 500 is permitted (step S445). Specifically, the determination unit 442 stores the authentication ID identical to the authentication ID 51 of the write request data 50 received by the write request receiving unit 430 in the authentication ID / UR storage unit 420 and the recording medium of the write request data 50 It is determined whether the device ID 52 matches the recording medium device ID acquired by the recording medium device ID acquisition unit 441.
- step S445 NO
- the determination unit 442 When the authentication ID is not stored or when the recording medium device IDs do not match (step S445: NO), the determination unit 442 generates a title key with a determination result indicating that the writing request from the terminal device 500 is not permitted.
- step S445 when the authentication ID is stored and the recording medium device IDs match (step S445: YES), the mutual authentication unit 440 performs mutual authentication with the recording medium device 600, and the recording medium device 600 can be trusted. Are generated, and at the same time, a common key is generated, and in the subsequent communication, the data is encrypted by using the common key to protect the data (step S450).
- the title key generation unit 450 generates a title key
- the MAC operation unit 451 uses the title key generated by the title key generation unit 450 to store the recording medium device ID acquired by the recording medium device ID acquisition unit 441. Calculate the MAC value.
- the MAC / UR transmission unit 452 transmits the MAC value of the recording medium device ID calculated by the MAC calculation unit 451 and the UR stored in the authentication ID / UR storage unit 420 to the terminal device 500 (step S455). .
- the title key calculation unit 453 calculates a hash value of the UR stored in the authentication ID / UR storage unit 420, and reversible such as XOR between the calculated hash value and the title key generated by the title key generation unit 450 A simple combination calculation that can be calculated is performed to generate a calculation title key.
- the title key transmission unit 454 transmits the calculated title key generated by the title key calculation unit 453 to the recording medium device 600 via the encryption / decryption unit 455 (step S460).
- the unsigned data / content receiving unit 461 receives the unsigned data 70 from the terminal device 500 (step S465), and the position specifying unit 460 generates position specifying information for the partial content to be determined in step S470 described later. And transmitted to the terminal device 500 (step S467).
- the unsigned data / content receiving unit 461 receives the partial content designated by the location designation information transmitted from the location designation unit 460 from the terminal device 500 (step S469), and the verification unit 462 receives the unsigned data / contents.
- the validity of the unsigned data 70 received by the receiving unit 461 is verified (step S470).
- the verification unit 462 encrypts the partial content received by the unsigned data / content reception unit 461 with the title key generated by the title key generation unit 450 in step S455, and calculates a hash value.
- the verification unit 462 determines whether the calculated hash value matches the hash value of the part corresponding to the partial content described in the unsigned data 70.
- step S470 determines that the two hash values do not match
- the verification unit 462 sends a determination result that the unsigned data 70 is incorrect via the signature unit 470 and the signature data transmission unit 471 to the terminal.
- the key distribution apparatus 400 ends the distribution process (step S490).
- step S470 determines that the two hash values match (step S470: YES)
- the signature unit 470 stores the key distribution device private key stored in the key distribution device private key / certificate storage unit 415. Is used to sign the signature target portion of the unsigned data 70 to generate signature data 76. Further, the signature data transmission unit 471 transmits the signature data 76 generated by the signature unit 470 to the terminal device 500 (step S475), and the key distribution device 400 ends the distribution process.
- FIG. 16 is a block diagram showing a functional configuration of the main part at the time of reception and writing processing of the terminal device 500
- FIG. 17 is a block diagram showing a functional configuration of the main part at the time of playback processing of the terminal device 500. is there.
- the terminal device 500 cooperates with the content distribution authentication device 300 and the key distribution device 400 to receive content and data such as a key necessary for content protection and reproduction, and a recording medium device
- the configuration related to the reception and writing processing to be written in 600 will be described.
- the terminal device 500 reads and reproduces the content and key data from the recording medium device 600.
- a configuration related to processing will be described.
- symbol are allocated to the structure which overlaps between receiving and writing processing, and reproduction
- the terminal device 500 includes a terminal device private key / certificate storage unit 510, a root public key storage unit 511, a content acquisition unit 520, a content identification information acquisition unit 521, and a writing authentication request transmission unit.
- the terminal device 500 includes a processor, a memory, and a NIC, and includes a write authentication request transmission unit 522, a mutual authentication unit 530, a recording medium device ID acquisition unit 531, a write request transmission unit 532, and an encryption / decryption unit 533.
- Each function of 591 is realized by the above-described processor executing a program stored in the above-described memory.
- a write authentication request transmission unit 522, an authentication result / authentication ID reception unit 523, a mutual authentication unit 530, a write request transmission unit 532, a MAC / UR / signature data reception unit 541, an unsigned data / content transmission unit 561, and a transmission unit Data exchange by 570 is performed using the above-mentioned NIC.
- the terminal device private key / certificate storage unit 510 is a memory area for storing a pair of the terminal device private key and the terminal device certificate 20.
- the terminal device private key and the terminal device certificate 20 are written to the terminal device private key / certificate storage unit 510 in practice by the terminal manufacturing device that manufactures the terminal device 500 and the terminal generated by the key issuing device 200. This is realized by writing the device private key and the terminal device certificate 20.
- a detailed description of the method for writing the terminal device private key and the terminal device certificate 20 is omitted.
- the root public key storage unit 511 is a memory area for storing the root public key.
- the writing of the route public key to the route public key storage unit 511 is actually realized by the terminal manufacturing device that manufactures the terminal device 500 writing the route public key generated by the key issuing device 200. A detailed description of the root public key writing method is omitted.
- the content acquisition unit 520 acquires the content delivered from the content production device 100.
- the content acquisition unit 520 transmits the acquired content to the content identification information acquisition unit 521 and transmits plaintext content obtained by decrypting the acquired content to the encryption unit 550 and the unsigned data / content transmission unit 561.
- the content delivery from the content production apparatus 100 is performed by inserting a recording medium such as a DVD or a BD on which the content is recorded into the disk drive of the terminal device 500, for example. Realized.
- the content identification information acquisition unit 521 acquires content identification information from the content transmitted from the content acquisition unit 520 and transmits the content identification information to the writing authentication request transmission unit 522. Note that the content identification information acquisition unit 521 acquires content identification information by generating content identification information by the same method as the content identification information generation unit 151 of the content production apparatus 100 described above.
- the document authentication request transmission unit 522 generates document authentication request data 40 (see FIG. 8) including the content identification information sent from the content identification information acquisition unit 521 and transmits the data to the content distribution authentication device 300.
- the authentication result / authentication ID receiving unit 523 receives the authentication result based on the writing authentication request data 40 transmitted by the writing authentication request transmitting unit 522 from the content distribution authentication apparatus 300.
- the received authentication result indicates that the authentication has succeeded.
- the authentication ID is further received, and the received authentication ID is sent to the write request transmission unit 532.
- AACS a mechanism similar to the mechanism for transmitting the writing authentication request data and receiving the authentication result is employed (managed copy).
- the mutual authentication unit 530 performs mutual authentication between the key distribution device 400 and the recording medium device 600, shares a common key with each of the key distribution device 400 and the recording medium device 600, and also recognizes each other's certificate (key distribution device).
- the certificate 10, the terminal device certificate 20, and the recording medium device certificate 30) are exchanged.
- the mutual authentication procedure is as described above (see FIG. 12).
- the recording medium device ID acquisition unit 531 acquires the recording medium device ID 31 described in the recording medium device certificate 30 received in the mutual authentication with the recording medium device 600 by the mutual authentication unit 530 and sends it to the write request transmission unit 532. Send it out.
- the write request transmission unit 532 includes write request data 50 including the authentication ID transmitted from the authentication result / authentication ID reception unit 523 and the recording medium device ID transmitted from the recording medium device ID acquisition unit 531 (see FIG. 11). Is transmitted to the key distribution device 400.
- the encryption / decryption unit 533 encrypts communication data with the recording medium device 600 at the time of transmission and decrypts the data at the time of reception by using a common key generated by the mutual authentication process by the mutual authentication unit 530. , Give and receive safely.
- the encryption / decryption unit 533 receives the operation title key encrypted with the common key from the recording medium device 600, and decrypts the operation title key with the common key, thereby securely obtaining the operation title key from the recording medium device 600. Receive.
- the title key acquisition unit 540 acquires the calculated title key from the recording medium device 600 via the encryption / decryption unit 533 and sends it to the title key recalculation unit 546.
- the MAC / UR / signature data receiving unit 541 includes the MAC value of the recording medium device ID of the recording medium device 600, the content UR and signature data corresponding to the authentication ID 51 included in the write request data 50 transmitted by the write request transmitting unit 532. Is sent from the key distribution apparatus 400 to the MAC / UR / signature data recording unit 542. Also, the MAC / UR / signature data receiving unit 541 sends the received UR to the title key recalculation unit 546. Note that the MAC / UR / signature data receiving unit 541 also receives a determination result indicating that the write request is not permitted from the key distribution apparatus 400.
- the MAC / UR / signature data recording unit 542 records the MAC value, UR and signature data transmitted from the MAC / UR / signature data receiving unit 541 in the recording medium device 600.
- the title key storage unit 545 is a memory area for storing a title key.
- the title key recalculation unit 546 calculates the hash value of the UR, performs a simple combination operation that can be calculated reversibly such as XOR between the calculated hash value and the calculated title key sent from the title key acquisition unit 540, Are acquired and stored in the title key storage unit 545.
- the UR used to calculate the hash value is the UR sent from the MAC / UR / signature data receiving unit 541 during the reception and write processing, and sent from the UR reading unit 581 during the reproduction processing. UR.
- the encryption unit 550 encrypts the plaintext content sent from the content acquisition unit 520, and converts the content generated by the content recording unit 551 and the hash calculation Each data is sent to the signature data generation unit 560.
- the content recording unit 551 records the content transmitted from the encryption unit 550 in the recording medium device 600.
- the hash calculation / unsigned data generation unit 560 calculates a hash value for each part when the content transmitted from the encryption unit 550 is divided into a plurality of parts, and each calculated hash value is converted to each hash data (71 to 71). 73) is generated and sent to the unsigned data / content transmission unit 561. Note that supplemental information 74 is also set as appropriate in the unsigned data 70 generated by the hash calculation / unsigned data generation unit 560.
- the unsigned data / content transmission unit 561 transmits the unsigned data 70 sent from the hash calculation / unsigned data generation unit 560 to the key distribution apparatus 400. Further, the unsigned data / content transmission unit 561 receives the position designation information from the key distribution device 400, cuts out the partial content designated by the received position designation information from the plain text content sent from the content acquisition unit 520. And transmitted to the key distribution apparatus 400.
- the transmission unit 570 relays communication data between the key distribution device 400 and the recording medium device 600.
- the transmission unit 570 relays communication between the key distribution device 400 and the recording medium device 600 with the contents of the communication data being unknown except for data related to control such as communication end notification information.
- the operation title key is encrypted with the common key generated in the mutual authentication process between the key distribution device 400 and the recording medium device 600. Will be transmitted in the transmitted state. Since this common key is shared only between the key distribution device 400 and the recording medium device 600, it cannot be decrypted and referenced when relaying the calculated title key data as well as the terminal device 500. That is, the calculated title key is transmitted in a protected state.
- the MAC reading unit 580 reads the MAC value from the recording medium device 600 in which the content is recorded, and sends it to the first reproduction determination unit 582.
- the UR reading unit 581 reads the UR for the content to be reproduced from the recording medium device 600 that records the content, and sends it to the title key recalculation unit 546.
- the first reproduction determination unit 582 calculates the MAC value of the recording medium device ID sent from the recording medium device ID acquisition unit 531 using the title key stored in the title key storage unit 545, and the MAC reading unit 580. It is determined whether or not it matches the MAC value recorded in the recording medium device 600 sent out from.
- the first playback determination unit 582 allows the content reading unit 586 to read the content to be played back when the MAC values match, and to read the content to be played back when the MAC values do not match. not allowed. That is, whether or not to reproduce the content is controlled by the determination result of the first reproduction determination unit 582.
- the first reproduction determination unit 582 displays an indication that the content cannot be reproduced on an output device such as a television via the content decoding unit 590 and the content reproduction unit 591. Notify the user.
- the signature data reading unit 585 reads the signature data 76 regarding the content to be reproduced from the recording medium device 600 in which the content is recorded, and sends the signature data 76 to the second reproduction determination unit 587.
- the content reading unit 586 reads the content to be played from the recording medium device 600 when the first playback determination unit 582 permits reading of the content, and sends the content to the second playback determination unit 587 and the content decryption unit 590, respectively. .
- the second reproduction determination unit 587 verifies the signature 78 of the signature data 76 recorded in the recording medium device 600 sent from the signature data reading unit 585, and the root public key stored in the root public key storage unit 511.
- the key distribution device public key described in the key distribution device certificate 10 received in the mutual authentication with the key distribution device 400 is used. Further, the second reproduction determination unit 587, when the signature 78 is correct, the hash value for each part when the content recorded in the recording medium device 600 sent from the content reading unit 586 is divided into a plurality of parts. It is determined whether each calculated hash value matches each hash value (71 to 73) of the signature data 76.
- the second playback determination unit 587 allows the content decryption unit 590 to decrypt the content if the hash values match, and does not permit the content decryption if the hash values do not match. That is, whether or not to reproduce the content is controlled not only by the determination result of the first reproduction determination unit 582 but also by the determination result of the second reproduction determination unit 587.
- the second playback determination unit 587 displays that the content cannot be played back on an output device such as a television via the content decryption unit 590 and the content playback unit 591. Notify the user.
- the content decryption unit 590 decrypts the content recorded in the recording medium device 600 sent from the content reading unit 586 with the title key stored in the title key storage unit 545 to obtain plain text content, and the content reproduction unit 591.
- the content playback unit 591 plays back the plaintext content sent from the content decryption unit 590 and outputs it to an output device such as a television.
- FIG. 18 is a flowchart showing reception and writing processing by the terminal device 500.
- step S530 the execution is started upon receiving a write request operation including the designation of the content to be written from the user of the terminal device 500.
- the process in step S510 is performed before the start of the process in step S530. As long as it is completed, it may be executed at any timing.
- the terminal manufacturing apparatus that manufactures the terminal apparatus 500 stores the terminal apparatus private key and the terminal apparatus certificate 20 in the terminal apparatus private key / certificate storage unit 510 of the terminal apparatus 500, and the route public key.
- the root public key is stored in the storage unit 511 (step S510).
- the content acquisition unit 520 acquires the content delivered from the content production device 100. Assuming the case where the content recorded on the BD with the AACS protection method is acquired and copied to a memory card such as an SD card protected by another protection method, such as AACS managed copy The content encrypted on the BD and encrypted by the AACS protection method is decrypted, and the obtained plaintext content is acquired.
- the content identification information acquisition unit 521 acquires content identification information from the content acquired by the content acquisition unit 520.
- the writing authentication request transmission unit 522 generates writing authentication request data 40 including the content identification information acquired by the content identification information acquisition unit 521, and transmits it to the content distribution authentication device 300 (step S530).
- the authentication result / authentication ID receiving unit 523 receives the result of authentication performed by the content distribution authentication apparatus 300 from the content distribution authentication apparatus 300 based on the writing start authentication request data 40 transmitted in step S530, and the received authentication result is It is determined whether or not the authentication is successful (step S531).
- step S531 failure
- the authentication result / authentication ID receiving unit 523 displays that the content cannot be written on the display unit (not shown) of the terminal device 500. Then, the user is notified (step S549), and the terminal device 500 ends the reception and writing process.
- the authentication result / authentication ID receiving unit 523 further receives the authentication ID. Further, the write request transmission unit 532 is acquired by the recording medium device ID acquisition unit 531 through mutual authentication between the authentication ID received by the authentication result / authentication ID reception unit 523 and the recording medium device 600 by the mutual authentication unit 530. Write request data 50 including the recording medium device ID is generated, and the generated write request data 50 is transmitted to the key distribution device 400 (step S535).
- the MAC / UR / signature data receiving unit 541 repeatedly determines whether data has been received from the key distribution device 400 (step S536), and if a determination result indicating that the write request is not permitted is received (step S536: As a result of the determination, the display unit (not shown) of the terminal device 500 displays that the content cannot be written and notifies the user (step S549), and the terminal device 500 ends the reception and writing process.
- the MAC / UR / signature data receiving unit 541 receives the MAC value of the recording medium device ID of the recording medium device 600 and the UR of the content corresponding to the authentication ID of the write request data 50 transmitted in step S536. (Step S536: MAC value, etc.), the received MAC value and UR are sent to the MAC / UR / signature data recording unit 542.
- the MAC / UR / signature data recording unit 542 records the MAC value and UR sent from the MAC / UR / signature data receiving unit 541 in the recording medium device 600.
- the title key acquisition unit 540 acquires the calculated title key from the recording medium device 600 via the encryption / decryption unit 533 (step S540).
- the title key recalculation unit 546 calculates the hash value of the UR sent from the MAC / UR / signature data receiving unit 541, XOR of the calculated hash value and the calculated title key acquired by the title key acquisition unit 540, or the like
- the original title key is calculated by performing a simple combination operation that can be calculated reversibly, and the original title key is stored in the title key storage unit 545.
- the encryption unit 550 encrypts the plaintext content acquired by the content acquisition unit 520 using the title key stored in the title key storage unit 545 (step S541).
- the hash calculation / unsigned data generation unit 560 calculates a hash value for each part when the content encrypted by the encryption unit 550 is divided into a plurality of parts, and uses the calculated hash value for each hash data (71 73) is generated.
- the unsigned data / content transmission unit 561 transmits the unsigned data 70 generated by the hash calculation / unsigned data generation unit 560 to the key distribution apparatus 400.
- the unsigned data / content transmission unit 561 receives the location designation information from the key distribution device 400, cuts out the partial content designated by the location designation information from the plain text content acquired by the content acquisition unit 520, and distributes the key. It transmits to the apparatus 400 (step S542).
- the MAC / UR / signature data receiving unit 541 repeatedly determines whether data has been received from the key distribution device 400 (step S543), and if a determination result indicating that the unsigned data 70 is incorrect is received (step S543). : Determination result), the display unit (not shown) of the terminal device 500 displays that the content cannot be written and notifies the user (step S549), and the terminal device 500 ends the reception and writing process.
- the MAC / UR / signature data receiving unit 541 receives the signature data 76 (step S543: signature data)
- the MAC / UR / signature data recording unit 542 transmits the received signature data 76 to the recording medium device 600.
- the content recording unit 551 records the content obtained in step S541 in the recording medium device 600 (step S545), and the terminal device 500 ends the reception and writing process.
- FIG. 19 is a flowchart showing the playback process by the terminal device 500.
- the reproduction process shown in the figure is started when a reproduction request operation including designation of the content to be reproduced is received from the user of the terminal device 500, for example.
- the UR reading unit 581 of the terminal device 500 reads the UR for the content from the recording medium device 600 in which the content to be reproduced is recorded.
- the mutual authentication unit 530 performs mutual authentication with the recording medium device 600 and shares a common key.
- the title key acquisition unit 540 acquires the calculated title key from the recording medium device 600 via the encryption / decryption unit 533 (step S550).
- the title key recalculation unit 546 calculates the hash value of the UR read by the UR reading unit 581 and can perform reversible calculation of the calculated hash value, the calculated title key acquired by the title key acquisition unit 540, and XOR. A simple combination operation is performed to calculate the original title key and store it in the title key storage unit 545. Further, the MAC reading unit 580 reads the MAC value corresponding to the content to be reproduced from the recording medium device 600 (step S551).
- the first reproduction determination unit 582 calculates the MAC value of the recording medium device ID acquired by the recording medium device ID acquisition unit 531 using the title key stored in the title key storage unit 545, and the MAC reading unit 580. It is determined whether or not it matches the MAC value of the recording medium device ID read out by (step S552).
- the first reproduction determination unit 582 inhibits the content reading unit 586 from reading the content to be reproduced, thereby preventing the content reproduction.
- the first reproduction determination unit 582 displays on the output device such as a television via the content decryption unit 590 and the content reproduction unit 591 that the content cannot be reproduced, and notifies the user (step S580).
- the terminal device 500 ends the reproduction process.
- the signature data reading unit 585 reads the content from the recording medium device 600 that records the content to be reproduced.
- the signature data 76 corresponding to is read.
- the content reading unit 586 reads the content to be reproduced from the recording medium device 600 (step S555).
- the second reproduction determination unit 587 receives the verification of the signature 78 of the signature data 76 read out in step S555 in mutual authentication with the root public key stored in the root public key storage unit 511 and the key distribution device 400.
- the key distribution device public key described in the key distribution device certificate 10 is used.
- the second reproduction determination unit 587 further calculates a hash value for each part when the content read in step S555 is divided into a plurality of parts, Then, it is determined whether or not the hash values (71 to 73) of the signature data 76 read in step S555 match (step S556).
- step S556 NO
- the second reproduction determination unit 587 does not permit the content decryption unit 590 to decrypt the content and suppresses the content reproduction.
- the second reproduction determination unit 587 displays, on the output device such as a television, that the content cannot be reproduced via the content decoding unit 590 and the content reproduction unit 591 and notifies the user that the content cannot be reproduced (step S580).
- the terminal device 500 ends the reproduction process. Even if the signature 78 is not correct in step S556, the second reproduction determination unit 587 performs the process of step S580, and the terminal device 500 ends the reproduction process.
- step S556 determines that the hash values match (step S556: YES)
- the content decryption unit 590 converts the content read in step S555 to the original calculated in step S551. Decrypt with title key.
- the content playback unit 591 plays back the decrypted content and outputs it to an output device such as a television (step S560), and the terminal device 500 ends the playback process.
- FIG. 20 is a block diagram illustrating a functional configuration of a main part of the recording medium device 600.
- the recording medium device 600 includes a recording medium device private key / certificate storage unit 610, a root public key storage unit 611, a mutual authentication unit 620, a title key storage unit 630, an encryption / decryption unit 640, and content storage.
- the recording medium device 600 includes a processor and a memory, and each function of the mutual authentication unit 620 and the encryption / decryption unit 640 is executed by the above-described processor by executing a program stored in the above-described memory. It is realized by.
- the recording medium device private key / certificate storage unit 610 is a memory area for storing a pair of the recording medium device private key and the recording medium device certificate 30.
- the recording medium apparatus private key and the recording medium apparatus certificate 30 are written into the recording medium apparatus private key / certificate storage unit 610 in practice by the recording medium manufacturing apparatus that manufactures the recording medium apparatus 600. This is realized by writing the recording medium device private key 200 and the recording medium device certificate 30 generated by 200. A detailed description of the method for writing the recording medium device private key and the recording medium device certificate 30 is omitted.
- the root public key storage unit 611 is a memory area for storing the root public key.
- the writing of the root public key to the root public key storage unit 611 is actually realized by the recording medium manufacturing apparatus that manufactures the recording medium apparatus 600 writing the root public key generated by the key issuing apparatus 200.
- the A detailed description of the root public key writing method is omitted.
- the mutual authentication unit 620 performs mutual authentication between the key distribution device 400 and the terminal device 500, shares a common key with each of the key distribution device 400 and the terminal device 500, and also recognizes each other's certificate (key distribution device certificate). 10. Exchange the terminal device certificate 20 and the recording medium device certificate 30). The mutual authentication procedure is as described above (see FIG. 12).
- the title key storage unit 630 is a memory area for storing the calculated title key, and is an area that cannot be read by a normal file system from the viewpoint of protection. That is, the calculated title key stored in the title key storage unit 630 can be read only from the terminal device 500 that has been successfully authenticated by the mutual authentication unit 620.
- the encryption / decryption unit 640 generates communication data between the recording medium device 600 and the key distribution device 400 and between the recording medium device 600 and the terminal device 500 by a mutual authentication process by the mutual authentication unit 620. By using, we encrypt and encrypt at the time of transmission and decrypt at the time of reception. In particular, the encryption / decryption unit 640 receives an operation title key encrypted from the key distribution device 400 using a common key with the key distribution device 400, decrypts it with this common key, and stores it in the title key storage unit 630. .
- the encryption / decryption unit 640 encrypts the calculated title key stored in the title key storage unit 630 with a common key with the terminal device 500 based on a request from the terminal device 500 and transmits the encrypted key to the terminal device 500. By doing in this way, a calculation title key can be safely exchanged between each of the key distribution device 400 and the terminal device 500.
- the content storage unit 660 is a memory area for storing content, and content is written and read by the terminal device 500 in this area.
- the UR storage unit 670 is a memory area for storing the UR, and the terminal device 500 writes and reads the UR in this area.
- the MAC storage unit 680 is a memory area for storing the MAC value of the recording medium apparatus ID, and the terminal apparatus 500 writes and reads the MAC value in this area.
- the signature data storage unit 690 is a memory area for storing the signature data 76, and the terminal device 500 writes and reads the signature data 76 in this area.
- FIG. 21 is a flowchart showing the writing process by the recording medium device 600.
- the execution order of the processes in steps S610 to S670 constituting the write process shown in the figure is an example, and the execution order of the processes in each step is not limited to the case shown in the figure.
- the process of step S610 shown in FIG. 5 only needs to be completed before the start of the process of step S620, and the process of step S630 needs to be performed after the process of step S620, but steps S630 to S650 are performed.
- the order of the processes may be changed.
- the processes in steps S660 and S670 need to be performed after the processes in steps S630 to S650, but the order of the processes in steps S660 and S670 may be switched.
- the recording medium manufacturing apparatus that manufactures the recording medium apparatus 600 stores the recording medium apparatus private key and the recording medium apparatus certificate 30 in the recording medium apparatus private key / certificate storage unit 610 of the recording medium apparatus 600, and stores the root public key.
- the root public key is stored in the part 611 (step S610).
- the mutual authentication unit 620 executes mutual authentication with the accessed device, confirms whether the device is a reliable partner, and simultaneously uses the common key. In the subsequent communication, this common key is used to protect the data by encrypting and decrypting the data (step S620).
- the mutual authentication unit 620 is a list of revoked devices in which the terminal device ID of the terminal device 500 included in the terminal device certificate 20 acquired in the mutual authentication process is separately distributed and held. It is determined whether or not it matches the information described in a certain revoke file. If they match, the mutual authentication unit 620 determines that the terminal device 500 that is trying to communicate is an unauthorized device, stops the subsequent processing, and ends the writing processing.
- step S620 the encryption / decryption unit 640 receives the calculated title key from the key distribution device 400 and stores it in the title key storage unit 630 (step S630).
- the terminal device 500 stores the UR in the UR storage unit 670 and the MAC value of the recording medium device ID in the MAC storage unit 680 (steps S640 and S650).
- the terminal device 500 stores the content in the content storage unit 660 and the signature data 76 in the signature data storage unit 690 (steps S660 and S670), and the recording medium device 600 ends the writing process.
- reading process by the recording medium device 600 is not particularly illustrated and described, but is performed at any time in response to an access request (reading request) from the terminal device 500.
- the calculated title key stored in the title key storage unit 630 is read by the terminal device 500 via the encryption / decryption unit 640 after mutual authentication by the mutual authentication unit 620. Further, the terminal device 500 stores the content stored in the content storage unit 660, the UR stored in the UR storage unit 670, the MAC value stored in the MAC storage unit 680 and the signature data storage unit 690. The existing signature data 76 is read as needed.
- the recording medium device 600 is described as a memory card such as an SD card, but this is an example.
- the recording medium device 600 may be a device in which a control LSI (Large Scale Integration) is incorporated in a storage device such as an HDD (Hard Disk Drive), or not a removable type such as a memory card.
- a configuration may be adopted in which a control LSI is incorporated in a memory device incorporated in a mobile phone, a dedicated terminal for browsing electronic books, or other mobile terminals.
- data exchanged between the terminal device 500 and the key distribution device 400, between the terminal device 500 and the recording medium device 600, and between the key distribution device 400 and the recording medium device 600 is It has been described as being protected by a common key shared during mutual authentication. However, this is merely an example, and instead of protecting data with a common key, a technique for securing secure communication such as HTTPS (Hypertext Transfer Protocol over Secure Socket Layer) may be used.
- HTTPS Hypertext Transfer Protocol over Secure Socket Layer
- the terminal device 500 transmits, but the present invention is not limited to this. Instead of transmission by the terminal device 500, it is instructed to transmit to the key distribution device 400 or the recording medium device 600, and communication data is transmitted by a terminal device different from the terminal device 500. Good.
- the first reproduction determination unit 582 of the terminal device 500 uses the MAC value of the recording medium device ID of the recording medium device 600 to determine whether to reproduce or suppress the content.
- this is merely an example, and for example, an arithmetic title key may be used.
- the calculated title key is generated by performing an XOR operation between the hash value of the UR and the title key, the calculated title key and the recording medium of the recording medium device 600 are further recorded. You may use the result of having performed XOR operation with apparatus ID or the hash value of this recording-medium apparatus ID.
- the key issuing device 200 or the key distribution device 400 simply adds a signature to the recording medium device ID of the recording medium device 600, and the first reproduction determination unit 582 verifies the signature, thereby reproducing or suppressing the content. You may make it determine whether to do.
- the signature unit 152 of the content production apparatus 100 signs the content identification information in order to protect the content identification information from falsification.
- the key issuing device 200 may perform the signature together with the signature by the signature unit 152 or instead of the signature by the signature unit 152.
- the terminal device 500 is a DVD / BD player, and the content produced by the content production device 100 is described as being delivered to the terminal device 500 via a recording medium such as a BD. .
- the content produced by the content production device 100 may be modified so that the content is delivered to the terminal device 500 via the Internet.
- the content distribution system 1000 described in the embodiment is modified to include a content distribution device.
- the terminal device 500 is not limited to a DVD / BD player, but may be a personal computer that can be connected to the Internet.
- the content produced by the content production device 100 may be registered in the content distribution device, and the content may be delivered from the content distribution device to the terminal device 500 by a method such as streaming or download.
- the content distribution authentication device 300 generates an authentication ID when the authentication of the write authentication request data 40 from the terminal device 500 is successful (step S330: YES). Then, it has been described as transmitting to the terminal device 500 (step S340) and transmitting the authentication ID / UR pair to the key distribution device 400 (step S350).
- step S340 instead of generating an authentication ID in step S340, it may be performed in advance, and in steps S340 and S350, an authentication ID generated in advance may be transmitted.
- the content distribution authentication apparatus 300 may perform the processes of steps S340 and S350 each time content is downloaded.
- the position specifying information generated by the position specifying unit 460 of the key distribution device 400 is the recording medium device 600 of the partial content that is the target of hash value comparison of the content by the verification unit 462. It has been described as indicating one position and size in the content to be written to.
- the position designation information may designate the partial content to be compared with the hash value by a plurality of positions and sizes in the content that the terminal device 500 intends to write into the recording medium device 600. That is, the partial content may be composed of a plurality of portions in the content that the terminal device 500 intends to write to the recording medium device 600.
- the position designation information is not limited to a part of the content that the terminal device 500 intends to write into the recording medium device 600 as the content to be compared with the hash value, and may indicate the entire content.
- the content reproduction unit 586 does not permit the reproduction of the content to be reproduced, thereby reproducing the content. It was described as suppressing the above. However, the content by the first reproduction determination unit 582 is not allowed by allowing the content decoding unit 590 not to decode the content or allowing the content reproduction unit 591 to decode the content or output to the output device. Suppression of reproduction may be realized.
- the second reproduction determination unit 587 of the terminal device 500 suppresses the reproduction of the content by not permitting the content decryption unit 590 to decrypt the content when the hash values do not match.
- the content playback unit 587 may not be allowed to decode content or output to an output device, thereby suppressing content playback by the second playback determination unit 587.
- the title key storage unit 630 of the recording medium device 600 has been described as storing the calculated title key, but the pre-calculation generated by the title key generating unit 450 in the key distribution device 400
- the raw title key may be transmitted to the recording medium device 600, and the raw title key before calculation may be stored in the recording medium device 600 (hereinafter, a key distribution device according to this modification,
- the terminal device and the recording medium device are referred to as “modified key distribution device”, “modified terminal device”, and “modified recording medium device”).
- the modified key distribution apparatus performs the process of step S460a instead of the process of step S460 by the key distribution apparatus 200 according to the embodiment illustrated in FIG. That is, the title key transmission unit of the modified key distribution device transmits the title key generated by the title key generation unit 450 to the recording medium device 600 via the encryption / decryption unit 455 (step S460a).
- the modified terminal device performs the processing of steps S540a and S541a instead of the processing of steps S540 and S541 by the terminal device 500 according to the embodiment shown in FIG. That is, the MAC / UR / signature data recording unit 542 of the modified terminal device records the MAC value and UR transmitted from the MAC / UR / signature data receiving unit 541 in the recording medium device 600. Further, the title key acquisition unit of the modified terminal device acquires the title key from the recording medium device 600 via the encryption / decryption unit 533 (step S540a) and stores it in the title key storage unit 545. Also, the encryption unit 550 encrypts the plaintext content acquired by the content acquisition unit 520 using the title key stored in the title key storage unit 545 (step S541a).
- the modified terminal device performs the processing of steps S550a and S551a instead of the processing of steps S550 and S551 by the terminal device 500 according to the embodiment shown in FIG. That is, the title key acquisition unit of the modified terminal device acquires the title key from the recording medium device 600 via the encryption / decryption unit 533 and stores it in the title key storage unit 545 (step S550a). Further, the MAC reading unit 580 reads the MAC value corresponding to the content to be reproduced from the recording medium device 600 (step S551a).
- the modified recording medium apparatus performs the process of step S630a instead of the process of step S630 by the recording medium apparatus 600 according to the embodiment shown in FIG. That is, the encryption / decryption unit 640 of the modified recording medium device receives the title key from the key distribution device 400 and stores it in the title key storage unit 630 (step S630a).
- the encryption / decryption unit 640 of the modified recording medium device receives the title key from the key distribution device 400 and stores it in the title key storage unit 630 (step S630a).
- all or a part thereof may be realized by an integrated circuit of one chip or a plurality of chips, may be realized by a computer program, or any other method. It may be realized in any form.
- each component described in the embodiment includes each device (content production device 100, key issuing device 200, content distribution authentication device 300, key distribution device 400, terminal device 500, and recording medium device 600 including each component. )
- the function is realized by cooperating with each processor.
- a program for causing the processor to execute 9, 14, 15, 18, 19, and 21) may be recorded on a recording medium or distributed and distributed via various communication paths.
- a recording medium includes an IC card, a hard disk, an optical disk, a flexible disk, a ROM, a flash memory, and the like.
- the distributed and distributed program is used by being stored in a memory or the like that can be read by a processor in the device, and each processor (content production device) shown in the embodiment by the processor executing the program. 100, the key issuing device 200, the content distribution authentication device 300, the key distribution device 400, the terminal device 500, and the recording medium device 600).
- the terminal device 2500 records content permitted to be recorded on the recording medium device 2600 by the server device 2400 on the recording medium device 2600.
- the device 2500 includes a generating unit 2510 that generates a value reflecting the content of the target content that is requested to be recorded on the recording medium device 2600, and information indicating the value generated by the generating unit 2510 is the server.
- the server device 2400 is allowed to record the target content on the recording medium device 2600 and information transmitting means 2520 that requests the recording of the target content to the recording medium device 2600.
- the signature data of the target content transmitted from the server device 2400 is received. That includes a signature receiving means 2530, the target content as the data to which the signature receiving means 2530 is the signature data and the plaintext or encrypted received, and recording means 2540 for recording to the recording medium apparatus 2600.
- the server device 2400, the terminal device 2500, and the recording medium device 2600 correspond to, for example, the key distribution device 400, the terminal device 500, and the recording medium device 600 according to the embodiment.
- the generation unit 2510 here is, for example, the hash calculation / unsigned data generation unit 560 according to the embodiment
- the information transmission unit 2520 is, for example, the unsigned data / content transmission unit 561 according to the embodiment.
- the signature receiving unit 2530 is, for example, the MAC / UR / signature data receiving unit 541 according to the embodiment
- the recording unit 2540 is, for example, the MAC / UR / signature data recording unit 542 and the content recording unit according to the embodiment. This corresponds to the part 551.
- the terminal device 2500 Since the terminal device 2500 records the target content on the recording medium device 2600 when the server device 2400 permits the recording of the target content on the recording medium device 2600, the terminal device 2500 records the illegally copied content or the like. Recording of content that is not permitted to be recorded in 2600 can be suppressed.
- the terminal device 2500 records the signature data and the target content transmitted from the server device 2400 in the recording medium device 2600. Therefore, by controlling the content not recorded with the signature data not to be played back by the regular playback device, if the terminal device 2500 is hacked and the target content is stored in the recording medium device without permission from the server device 2400 Even if recorded in 2600, reproduction of the target content can be suppressed.
- the generation means may generate a hash value of the target content as the value.
- this terminal device transmits information indicating the hash value of the target content
- the server device can specify the target content for which permission for recording on the recording medium device is requested. This is because the hash value is usually different if the contents are different.
- the generation means calculates a hash value for each of a plurality of parts constituting the target content
- the information transmission means is further configured so that the server device sends the target content to the recording medium device.
- This terminal device transmits the portion of the target content indicated by the designation information received from the server device to the server device. Therefore, the server device calculates the hash value of the target content portion, and compares the calculated hash value with the hash value corresponding to the target content portion received from the terminal device. Based on the result, it can be determined whether or not recording of the target content on the recording medium device is permitted.
- the data recorded by the recording unit on the recording medium device may be data obtained by encrypting the target content using the title key of the target content.
- this terminal device Since this terminal device encrypts the target content using the title key of the target content and records it on the recording medium device, the target content can be protected.
- a server apparatus is a server apparatus 2400 that performs permission / rejection of content recording on a recording medium apparatus 2600 by a terminal apparatus 2500, as shown in FIG. Based on the value indicated by the information received by the information receiving means 2410 and the information receiving means 2410 for receiving information indicating the value reflecting the content of the target content for which permission to record to 2600 is reflected. Deciding means 2420 for deciding whether or not to record the target content on the recording medium device 2600; and signature means 2430 for generating signature data of the target content when the deciding means 2420 decides to permit the recording. And signature transmission for transmitting the signature data generated by the signature means 2430 to the terminal device 2500. And it means 2440.
- the information receiving unit 2410 corresponds to, for example, the unsigned data / content receiving unit 461 according to the embodiment
- the determining unit 2420 corresponds to, for example, the verification unit 462 according to the embodiment
- the signature unit 2430 corresponds to, for example, the signature unit 470 according to the embodiment
- the signature transmission unit 2440 corresponds to, for example, the signature data transmission unit 471 according to the embodiment.
- the server device 2400 determines whether to permit recording of the target content on the recording medium device 2600 based on information indicating a value reflecting the content of the target content. Therefore, the server apparatus 2400 can specify the target content permitted to be recorded on the recording medium apparatus 2600.
- the information indicating the value received by the information receiving unit indicates a hash value calculated for each of a plurality of parts constituting the target content
- the server device further includes the information receiving unit.
- the information receiving means includes designation means for generating designation information indicating the part and transmitting the designation information to the terminal device.
- the portion of the target content transmitted from the terminal device is received according to the designation information transmitted by the designation unit, and the determination unit includes the hash values indicated by the information received by the information reception unit.
- the hash value of the part indicated by the designation information generated by the designation unit and the part of the target content received by the information reception unit are calculated. Determining whether the Mesh values match, if they match, it may be determined to permit recording on the recording medium device of the target content.
- the designation means corresponds to the position designation unit 460 according to the embodiment.
- This server device calculates a hash value of the portion of the target content designated by the own device, and when the calculated hash value matches the hash value of the portion indicated by the information received from the terminal device, Recording to the recording medium device is permitted. Therefore, for example, it is possible to suppress the occurrence of a situation in which content whose content has been replaced by the terminal device is recorded on the recording medium device.
- the designation unit may generate, as the designation information, information indicating a position in the target content of at least one portion randomly selected from a plurality of portions constituting the target content.
- This server device selects a target content portion at random. Therefore, for example, it is possible to suppress the occurrence of a situation in which content whose contents are partially replaced by the terminal device is recorded on the recording medium device.
- the server device may further automatically recognize the target content from an authentication device that authenticates whether the target content is registered in advance in response to a request from the terminal device.
- Authentication information receiving means for receiving authentication information transmitted to the terminal device and the terminal device, and when the authentication information is received from the terminal device, the authentication information and the authentication information received by the authentication information receiving means match.
- a title key generating means for generating a plaintext or an encrypted title key of the target content to be used when the terminal device records the target content as encrypted data on the recording medium device, and the title key The title key generated by the generation unit or the calculated title key obtained by performing a predetermined calculation on the title is transmitted to the recording medium device. It may further include a title key transmission means for recording.
- the authentication device here corresponds to, for example, the content distribution authentication device 300 according to the embodiment. Further, the authentication information receiving unit here transmits the title key to the authentication ID / UR receiving unit 421 according to the embodiment, for example, and the title key generating unit transmits the title key to the title key generating unit 450 according to the embodiment, for example.
- the means corresponds to, for example, the title key transmission unit 454 according to the embodiment.
- the server device generates a title key when the authentication device authenticates that the target content is pre-registered, and generates a title key or a calculated title key obtained by performing a predetermined calculation on the title key. Recording is performed on a recording medium device. Accordingly, by causing the terminal device to encrypt the target content using the title key or the calculated title key recorded in the recording medium device and record the encrypted content in the recording medium device, the server device It is possible to suppress the recording of the target content on a recording medium on which no calculated title key is recorded.
- the content recording control system includes a server device 2400 for permitting recording of content in the recording medium device 2600, and a recording medium device using the server device 2400.
- the content recording control system 2000 includes a terminal device 2500 that records content permitted to be recorded on the recording medium device 2600 on the recording medium device 2600, and the terminal device 2500 permits recording on the recording medium device 2600.
- a generating unit 2510 that generates a value reflecting the content of the target content to be calculated, an information transmitting unit 2520 that transmits information indicating the value generated by the generating unit 2510 to the server device 2400, and Signature receiver who receives the signature data of the target content to be transmitted 2530 and recording means 2540 for recording the target content as plain text or encrypted data with the signature data received by the signature receiving means 2530 on the recording medium device 2600, and the server device 2400
- Information receiving means 2410 for receiving information indicating the value transmitted from the terminal device 2500, and recording of the target content on the recording medium device 2600 based on the value indicated by the information received by the information receiving means 2410
- Determining means 2420 for determining whether to permit the recording
- signature means 2430 for generating signature data of the target content when the determining means 2420 determines to permit the recording
- Signature sending means 2440 for sending to the terminal device 2500.
- the terminal device 2500 of the content recording control system 2000 records the target content on the recording medium device 2600 when the server device 2400 permits the recording of the target content on the recording medium device 2600, the terminal device 2500 is illegally copied. Recording of content such as content that is not permitted to be recorded on the recording medium device 2600 can be suppressed.
- the terminal device 2500 records the signature data and the target content transmitted from the server device 2400 in the recording medium device 2600. Therefore, by controlling the content not recorded with the signature data not to be played back by the regular playback device, if the terminal device 2500 is hacked and the target content is stored in the recording medium device without permission from the server device 2400 Even if recorded in 2600, reproduction of the target content can be suppressed.
- the server device 2400 of the content recording control system 2000 determines whether to permit recording of the target content on the recording medium device 2600 based on information indicating a value reflecting the content of the target content. Therefore, the server apparatus 2400 can specify the target content permitted to be recorded on the recording medium apparatus 2600.
- a recording method is a recording method in a terminal device that records content permitted to be recorded in a recording medium device by the server device, as shown in FIG.
- a generation step S10 for generating a value reflecting the content of the target content for which permission to record to the recording medium device is generated, and information indicating the value generated in the generation step S10 is stored in the server device.
- Information transmission step S11 for requesting the server device to permit recording of the target content on the recording medium device, and from the server device when permitting recording of the target content on the recording medium device.
- the signature reception step S12 for receiving the signature data of the target content to be transmitted, and the signature reception step S12. Was the target content the as signature data and the plaintext or encrypted data, and a recording step S13 to be recorded on the recording medium device.
- the processing in the generation step S10 and the information transmission step S11 here corresponds to, for example, the generation and transmission processing of unsigned data in step S542 shown in FIG.
- the processing of the signature reception step S12 and the recording step S13 corresponds to, for example, the reception determination processing of step S453 shown in FIG. 18 and the recording processing of the signature data and content of step S545.
- the terminal device since the terminal device records the target content on the recording medium device when the server device permits recording of the target content on the recording medium device, the terminal device records the illegally copied content or the like. Recording of content that is not permitted to be recorded on the medium device can be suppressed.
- the terminal device records the signature data and the target content transmitted from the server device on the recording medium device. Therefore, by controlling the content that is not recorded together with the signature data in the regular playback device, if the terminal device is hacked and the target content is recorded in the recording medium device without permission from the server device Even if it is done, the reproduction of the target content can be suppressed.
- a recording permission / inhibition control method is a recording permission / inhibition control method in a server device that performs permission / prohibition of recording of content on a recording medium device by a terminal device, as shown in FIG.
- Information receiving step S20 for receiving information indicating the value reflecting the content of the target content for which permission to record to the recording medium device is received, and the value indicated by the information received in the information receiving step S20 If the decision is made in step S21 to decide whether or not to permit the recording of the target content on the recording medium device, and the decision step S21 decides to permit the recording (step S22a: YES), the target content
- the signature step S22b for generating the signature data of the signature and the signature data generated in the signature step S22b And a signature transmission step S23 of transmitting the end device.
- the process of the information reception step S20 here corresponds to, for example, the unsigned data reception process of step S465 shown in FIG. 15, and the process of the determination step S21 is a determination process for the hash value of step S470 shown in FIG. Equivalent to.
- the processing in the signature step S22b and the signature transmission step S23 corresponds to, for example, the signature data generation and transmission processing in step S475 illustrated in FIG.
- the server device determines whether to permit recording of the target content on the recording medium device based on information indicating a value reflecting the content of the target content. Therefore, according to this recording permission / inhibition control method, the server device can specify the target content permitted to be recorded on the recording medium device.
- this recording permission / inhibition control method when the server device permits recording of the target content on the recording medium device, the signature data of the target content is generated and transmitted to the terminal device. Therefore, according to this recording permission / inhibition control method, the terminal device is hacked and authorized by the server device by controlling so that the content that is not recorded with the signature data is not played back by the legitimate playback device. Even if the target content is recorded on the recording medium device, the reproduction of the target content can be suppressed.
- the terminal device can be used for suppressing recording of illegally duplicated content on a recording medium device.
Landscapes
- Engineering & Computer Science (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Multimedia (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Storage Device Security (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
Description
<概要>
端末装置が取得したAACSで保護されたコンテンツを、例えば、その端末装置とは異なる装置で再生するために、AACSとは異なる著作権保護技術を採用している記録媒体装置(例えば、SDメモリ)にコピー等したい場合がある。
図1は、実施の形態に係るコンテンツ配信システム1000のシステム構成を示すブロック図である。
図2は、コンテンツ制作装置100の主要部の機能構成を示すブロック図である。
図3は、コンテンツ制作装置100によるコンテンツ制作処理を示すフローチャートである。
図4は、鍵発行装置200の主要部の機能構成を示すブロック図である。
図6は、鍵発行装置200による鍵発行処理を示すフローチャートである。
図7は、コンテンツ配信認証装置300の主要部の機能構成を示すブロック図である。
図9は、コンテンツ配信認証装置300による認証処理を示すフローチャートである。
図10は、鍵配信装置400の主要部の機能構成を示すブロック図である。
(a)ホスト/サーバ認証Aの乱数生成部A10は、乱数R1を生成し、ホスト/サーバ認証Bに送信する。
(e)ホスト/サーバ認証Bの乱数生成部B20は、乱数R2を生成し、ホスト/サーバ認証Aに送信する。
まず、鍵配信装置400による配信前処理について説明する。
図16は、端末装置500の受信及び書込み処理の際の主要部の機能構成を示すブロック図であり、図17は、端末装置500の再生処理の際の主要部の機能構成を示すブロック図である。
まず、端末装置500による受信及び書込み処理について説明する。
図20は、記録媒体装置600の主要部の機能構成を示すブロック図である。
図21は、記録媒体装置600による書込み処理を示すフローチャートである。
(1)実施の形態では、記録媒体装置600は、SDカード等のメモリカードであるものとして説明したが、これは一例である。例えば、記録媒体装置600は、HDD(Hard Disk Drive)のようなストレージデバイスに制御LSI(Large Scale Integration)が組み込まれた構成のデバイスであってもよいし、メモリカードのような脱着式でなく、携帯電話機、電子書籍を閲覧するための専用端末その他の携帯端末に内蔵されたメモリデバイスに制御LSIが組み込まれた構成であってもよい。
200 鍵発行装置
300 コンテンツ配信認証装置
400 鍵配信装置
421 認証ID・UR受信部
450 タイトル鍵生成部
454 タイトル鍵送信部
460 位置指定部
461 未署名データ・コンテンツ受信部
462 検証部
470 署名部
471 署名データ送信部
500 端末装置
560 ハッシュ計算・未署名データ生成部
541 MAC・UR・署名データ受信部
542 MAC・UR・署名データ記録部
551 コンテンツ記録部
561 未署名データ・コンテンツ送信部
600 記録媒体装置
1000 コンテンツ配信システム
Claims (11)
- 記録媒体装置への記録がサーバ装置により許可されたコンテンツを、当該記録媒体装置に記録する端末装置であって、
前記記録媒体装置への記録の許可を求める対象コンテンツの内容を反映させた値を生成する生成手段と、
前記生成手段が生成した前記値を示す情報を前記サーバ装置に送信することにより、当該サーバ装置に前記対象コンテンツの前記記録媒体装置への記録の許可を求める情報送信手段と、
前記対象コンテンツの前記記録媒体装置への記録を許可する場合に前記サーバ装置から送信される前記対象コンテンツの署名データを受信する署名受信手段と、
前記署名受信手段が受信した前記署名データと平文又は暗号化されたデータとして前記対象コンテンツを、前記記録媒体装置へ記録する記録手段とを備える
ことを特徴とする端末装置。 - 前記生成手段は、前記値として、前記対象コンテンツのハッシュ値を生成する
ことを特徴とする請求項1記載の端末装置。 - 前記生成手段は、前記対象コンテンツを構成する複数の部分毎にハッシュ値を算出するものであり、
前記情報送信手段は、更に
前記サーバ装置が前記対象コンテンツの前記記録媒体装置への記録を許可するかを判定するために送信した、前記対象コンテンツを構成する少なくとも1つの部分を示す指定情報を受信した場合に、当該指定情報が示す前記対象コンテンツの部分を当該サーバ装置に送信する
ことを特徴とする請求項2記載の端末装置。 - 前記記録手段が、前記記録媒体装置へ記録する前記データは、前記対象コンテンツのタイトル鍵を用いて当該対象コンテンツを暗号化したものである
ことを特徴とする請求項1記載の端末装置。 - 端末装置による記録媒体装置へのコンテンツの記録の許否を行うサーバ装置であって、
前記記録媒体装置への記録の許可を求める対象コンテンツの内容を反映させた値を示す情報を前記端末装置から受信する情報受信手段と、
前記情報受信手段が受信した前記情報が示す値に基づいて、前記対象コンテンツの前記記録媒体装置への記録の許否を決定する決定手段と、
前記決定手段が前記記録を許可すると決定した場合に、前記対象コンテンツの署名データを生成する署名手段と、
前記署名手段が生成した前記署名データを前記端末装置に送信する署名送信手段とを備える
ことを特徴とするサーバ装置。 - 前記情報受信手段が受信する前記値を示す情報は、前記対象コンテンツを構成する複数の部分毎に算出したハッシュ値を示すものであり、
前記サーバ装置は、更に
前記情報受信手段が前記情報を受信すると、前記対象コンテンツを構成する少なくとも1つの部分を送信させるために、当該部分を示す指定情報を生成し、前記端末装置に送信する指定手段を備え、
前記情報受信手段は、更に
前記指定手段が送信した前記指定情報に応じて前記端末装置から送信された前記対象コンテンツの部分を受信し、
前記決定手段は、
前記情報受信手段が受信した前記情報が示す各ハッシュ値のうち、前記指定手段が生成した前記指定情報が示す部分のハッシュ値と、当該情報受信手段が受信した前記対象コンテンツの部分について算出したハッシュ値とが一致するか否かを判定し、一致する場合に、前記対象コンテンツの前記記録媒体装置への記録を許可すると決定する
ことを特徴とする請求項5記載のサーバ装置。 - 前記指定手段は、前記対象コンテンツを構成する複数の部分からランダムに選択した少なくとも1つの部分の、当該対象コンテンツ中の位置を示す情報を前記指定情報として生成する
ことを特徴とする請求項6記載のサーバ装置。 - 前記サーバ装置は、更に
前記端末装置からの要求に応じて前記対象コンテンツが予め登録されたものかを認証する認証装置から当該対象コンテンツが予め登録されたものである場合に自装置及び前記端末装置に送信される認証情報を受信する認証情報受信手段と、
前記端末装置から認証情報を受信した場合において、当該認証情報と前記認証情報受信手段が受信した認証情報とが一致したときに、当該端末装置が前記対象コンテンツを暗号化したデータとして前記記録媒体装置に記録する際に用いる当該対象コンテンツの平文又は暗号化されたタイトル鍵を生成するタイトル鍵生成手段と、
前記タイトル鍵生成手段が生成した前記タイトル鍵又は当該タイトル鍵に所定の演算を施した演算タイトル鍵を前記記録媒体装置に送信し、記録させるタイトル鍵送信手段を備える
ことを特徴とする請求項5記載のサーバ装置。 - 記録媒体装置へのコンテンツの記録の許否を行うサーバ装置と、当該サーバ装置により記録媒体装置への記録が許可されたコンテンツを、前記記録媒体装置に記録する端末装置とからなるコンテンツ記録制御システムであって、
前記端末装置は、
前記記録媒体装置への記録の許可を求める対象コンテンツの内容を反映させた値を生成する生成手段と、
前記生成手段が生成した前記値を示す情報を前記サーバ装置に送信する情報送信手段と、
前記サーバ装置から送信される前記対象コンテンツの署名データを受信する署名受信手段と、
前記署名受信手段が受信した前記署名データと平文又は暗号化されたデータとして前記対象コンテンツを、前記記録媒体装置へ記録する記録手段とを備え、
前記サーバ装置は、
前記端末装置から送信された前記値を示す情報を受信する情報受信手段と、
前記情報受信手段が受信した前記情報が示す値に基づいて、前記対象コンテンツの前記記録媒体装置への記録の許否を決定する決定手段と、
前記決定手段が前記記録を許可すると決定した場合に、前記対象コンテンツの署名データを生成する署名手段と、
前記署名手段が生成した前記署名データを前記端末装置に送信する署名送信手段とを備える
ことを特徴とするコンテンツ記録制御システム。 - 記録媒体装置への記録がサーバ装置により許可されたコンテンツを、当該記録媒体装置に記録する端末装置における記録方法であって、
前記記録媒体装置への記録の許可を求める対象コンテンツの内容を反映させた値を生成する生成ステップと、
前記生成ステップで生成された前記値を示す情報を前記サーバ装置に送信することにより、当該サーバ装置に前記対象コンテンツの前記記録媒体装置への記録の許可を求める情報送信ステップと、
前記対象コンテンツの前記記録媒体装置への記録を許可する場合に前記サーバ装置から送信される前記対象コンテンツの署名データを受信する署名受信ステップと、
前記署名受信ステップで受信された前記署名データと平文又は暗号化されたデータとして前記対象コンテンツを、前記記録媒体装置へ記録する記録ステップとを含む
ことを特徴とする記録方法。 - 端末装置による記録媒体装置へのコンテンツの記録の許否を行うサーバ装置における記録許否制御方法であって、
前記記録媒体装置への記録の許可を求める対象コンテンツの内容を反映させた値を示す情報を前記端末装置から受信する情報受信ステップと、
前記情報受信ステップで受信された前記情報が示す値に基づいて、前記対象コンテンツの前記記録媒体装置への記録の許否を決定する決定ステップと、
前記決定ステップで前記記録を許可すると決定された場合に、前記対象コンテンツの署名データを生成する署名ステップと、
前記署名ステップで生成された前記署名データを前記端末装置に送信する署名送信ステップとを含む
ことを特徴とする記録許否制御方法。
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201280007846.7A CN103380589B (zh) | 2011-06-13 | 2012-06-04 | 终端装置、服务器装置、内容记录控制系统及记录方法 |
JP2013520418A JP5947295B2 (ja) | 2011-06-13 | 2012-06-04 | 端末装置、サーバ装置、コンテンツ記録制御システム、記録方法及び記録許否制御方法 |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US201161496188P | 2011-06-13 | 2011-06-13 | |
US61/496,188 | 2011-06-13 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2012172748A1 true WO2012172748A1 (ja) | 2012-12-20 |
Family
ID=47294303
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2012/003655 WO2012172748A1 (ja) | 2011-06-13 | 2012-06-04 | 端末装置、サーバ装置、コンテンツ記録制御システム、記録方法及び記録許否制御方法 |
Country Status (4)
Country | Link |
---|---|
US (2) | US8726030B2 (ja) |
JP (1) | JP5947295B2 (ja) |
CN (1) | CN103380589B (ja) |
WO (1) | WO2012172748A1 (ja) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2019509650A (ja) * | 2015-12-17 | 2019-04-04 | フレゼニウス ヴィアル エスアーエスFresenius Vial SAS | サーバーと医療デバイスとの間の鍵配布のための方法及びシステム |
Families Citing this family (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP5947295B2 (ja) * | 2011-06-13 | 2016-07-06 | パナソニック株式会社 | 端末装置、サーバ装置、コンテンツ記録制御システム、記録方法及び記録許否制御方法 |
US9521032B1 (en) * | 2013-03-14 | 2016-12-13 | Amazon Technologies, Inc. | Server for authentication, authorization, and accounting |
US9787648B2 (en) * | 2014-06-25 | 2017-10-10 | Samsung Electronics Co., Ltd. | System and method for trustzone attested authenticators |
EP3295362B1 (en) * | 2016-05-13 | 2018-07-11 | Nchain Holdings Limited | A method and system for verifying ownership of a digital asset using a distributed hash table and a peer-to-peer distributed ledger |
US10890966B2 (en) * | 2017-07-27 | 2021-01-12 | Arm Limited | Graphics processing systems |
AU2018320435B9 (en) * | 2017-08-22 | 2021-06-17 | Nippon Telegraph And Telephone Corporation | Agreement system, agreement apparatus, program, and recording medium |
WO2019098895A1 (en) * | 2017-11-17 | 2019-05-23 | Telefonaktiebolaget Lm Ericsson (Publ) | Method and arrangement for detecting digital content tampering |
CN112367165A (zh) * | 2020-10-19 | 2021-02-12 | 珠海格力电器股份有限公司 | 串口通信方法、装置、电子设备和计算机可读介质 |
CN112632571B (zh) * | 2020-12-04 | 2024-04-09 | 翰顺联电子科技(南京)有限公司 | 数据加密方法、解密方法与装置及存储装置 |
US11711555B1 (en) * | 2021-03-31 | 2023-07-25 | Amazon Technologies, Inc. | Protecting media content integrity across untrusted networks |
CN118250685B (zh) * | 2024-05-30 | 2024-08-02 | 江西斐耳科技有限公司 | 一种应用于电子设备的密钥管理方法及系统 |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2001127988A (ja) * | 1999-10-29 | 2001-05-11 | Sony Corp | 情報処理装置、データ再生装置、データ記録装置及びそれらの方法、並びにプログラム格納媒体 |
JP2006209705A (ja) * | 2005-01-31 | 2006-08-10 | Toshiba Corp | コンテンツ再生装置、コンテンツ再生方法及びプログラム |
JP2008021350A (ja) * | 2006-07-11 | 2008-01-31 | Toshiba Corp | コンテンツ記録装置、方法およびプログラム |
JP2008159233A (ja) * | 2006-11-27 | 2008-07-10 | Sony Corp | 情報処理装置、情報記録媒体、および情報処理方法、並びにコンピュータ・プログラム |
WO2008096543A1 (ja) * | 2007-02-07 | 2008-08-14 | Panasonic Corporation | 記録装置、サーバ装置、記録方法、コンピュータプログラムを記録した記録媒体、及び集積回路 |
JP2009193623A (ja) * | 2008-02-13 | 2009-08-27 | Toshiba Corp | 記録装置、再生装置、記録プログラム及び再生プログラム |
JP2009199490A (ja) * | 2008-02-25 | 2009-09-03 | Sony Corp | コンテンツ利用管理システム、情報処理装置、および方法、並びにプログラム |
JP2010134578A (ja) * | 2008-12-03 | 2010-06-17 | Fujitsu Microelectronics Ltd | 情報処理装置、およびコンテンツ保護方法 |
Family Cites Families (24)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7110984B1 (en) * | 1998-08-13 | 2006-09-19 | International Business Machines Corporation | Updating usage conditions in lieu of download digital rights management protected content |
JP4010482B2 (ja) * | 1999-08-30 | 2007-11-21 | 富士通株式会社 | データ再生装置およびデータ再生モジュール |
JP2001118332A (ja) * | 1999-10-20 | 2001-04-27 | Sony Corp | データ配信システムとその方法、データ処理装置、データ使用制御装置および配信用データが記録された機械読み取り可能な記録媒体 |
CN1260724C (zh) * | 2000-05-25 | 2006-06-21 | 日本胜利株式会社 | 一种内容重放方法 |
TW569130B (en) * | 2000-05-29 | 2004-01-01 | Sony Corp | Data providing device and method, data processing device and method and program storage media |
US8032542B2 (en) * | 2000-10-26 | 2011-10-04 | Reynolds Mark L | Creating, verifying, managing, and using original digital files |
US20080021936A1 (en) * | 2000-10-26 | 2008-01-24 | Reynolds Mark L | Tools and techniques for original digital files |
JP3778009B2 (ja) * | 2001-06-13 | 2006-05-24 | ソニー株式会社 | データ転送システム、データ転送装置、データ記録装置、データ管理方法 |
CN1783139A (zh) * | 2003-01-08 | 2006-06-07 | Kddi株式会社 | 内容文件制作者的认证方式及其方法 |
JP4239741B2 (ja) * | 2003-07-30 | 2009-03-18 | ソニー株式会社 | 情報記録媒体製造管理システム、情報処理装置、および方法、並びにコンピュータ・プログラム |
KR101067613B1 (ko) | 2004-04-02 | 2011-09-28 | 파나소닉 주식회사 | 비인증 콘텐츠 검출시스템 |
JP4387962B2 (ja) * | 2005-02-18 | 2009-12-24 | 株式会社東芝 | コンテンツ再生装置、コンテンツ再生方法及びプログラム |
JP4901164B2 (ja) * | 2005-09-14 | 2012-03-21 | ソニー株式会社 | 情報処理装置、情報記録媒体、および方法、並びにコンピュータ・プログラム |
JP4140624B2 (ja) * | 2005-09-16 | 2008-08-27 | ソニー株式会社 | 情報処理装置、情報記録媒体製造装置、情報記録媒体、および方法、並びにコンピュータ・プログラム |
US7933870B1 (en) * | 2005-10-12 | 2011-04-26 | Adobe Systems Incorporated | Managing file information |
KR100888594B1 (ko) * | 2006-03-15 | 2009-03-16 | 삼성전자주식회사 | 라이센스 생성 방법 및 이를 이용한 컨텐츠 제공 방법 및 그 장치 |
JP4757179B2 (ja) * | 2006-11-30 | 2011-08-24 | ソニー株式会社 | 情報処理装置、情報記録媒体、および情報処理方法、並びにコンピュータ・プログラム |
JP4461183B2 (ja) * | 2008-02-22 | 2010-05-12 | 株式会社東芝 | 情報記録媒体、再生装置 |
JP4620158B2 (ja) * | 2009-03-31 | 2011-01-26 | 株式会社東芝 | コンテンツ保護装置およびコンテンツ保護方法 |
US8620879B2 (en) * | 2009-10-13 | 2013-12-31 | Google Inc. | Cloud based file storage service |
JPWO2011111213A1 (ja) * | 2010-03-11 | 2013-06-27 | 株式会社東芝 | コンテンツ配信システム、配信サーバ、及びユーザ端末 |
EP2619680A1 (en) * | 2010-09-23 | 2013-07-31 | Hewlett-Packard Development Company, L.P. | Methods, apparatus and systems for monitoring locations of data within a network service |
JP5947295B2 (ja) * | 2011-06-13 | 2016-07-06 | パナソニック株式会社 | 端末装置、サーバ装置、コンテンツ記録制御システム、記録方法及び記録許否制御方法 |
US8745403B2 (en) * | 2011-11-23 | 2014-06-03 | Verance Corporation | Enhanced content management based on watermark extraction records |
-
2012
- 2012-06-04 JP JP2013520418A patent/JP5947295B2/ja active Active
- 2012-06-04 CN CN201280007846.7A patent/CN103380589B/zh active Active
- 2012-06-04 WO PCT/JP2012/003655 patent/WO2012172748A1/ja active Application Filing
- 2012-06-07 US US13/490,866 patent/US8726030B2/en active Active
-
2014
- 2014-03-25 US US14/224,122 patent/US9037863B2/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2001127988A (ja) * | 1999-10-29 | 2001-05-11 | Sony Corp | 情報処理装置、データ再生装置、データ記録装置及びそれらの方法、並びにプログラム格納媒体 |
JP2006209705A (ja) * | 2005-01-31 | 2006-08-10 | Toshiba Corp | コンテンツ再生装置、コンテンツ再生方法及びプログラム |
JP2008021350A (ja) * | 2006-07-11 | 2008-01-31 | Toshiba Corp | コンテンツ記録装置、方法およびプログラム |
JP2008159233A (ja) * | 2006-11-27 | 2008-07-10 | Sony Corp | 情報処理装置、情報記録媒体、および情報処理方法、並びにコンピュータ・プログラム |
WO2008096543A1 (ja) * | 2007-02-07 | 2008-08-14 | Panasonic Corporation | 記録装置、サーバ装置、記録方法、コンピュータプログラムを記録した記録媒体、及び集積回路 |
JP2009193623A (ja) * | 2008-02-13 | 2009-08-27 | Toshiba Corp | 記録装置、再生装置、記録プログラム及び再生プログラム |
JP2009199490A (ja) * | 2008-02-25 | 2009-09-03 | Sony Corp | コンテンツ利用管理システム、情報処理装置、および方法、並びにプログラム |
JP2010134578A (ja) * | 2008-12-03 | 2010-06-17 | Fujitsu Microelectronics Ltd | 情報処理装置、およびコンテンツ保護方法 |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2019509650A (ja) * | 2015-12-17 | 2019-04-04 | フレゼニウス ヴィアル エスアーエスFresenius Vial SAS | サーバーと医療デバイスとの間の鍵配布のための方法及びシステム |
Also Published As
Publication number | Publication date |
---|---|
US20140237624A1 (en) | 2014-08-21 |
JP5947295B2 (ja) | 2016-07-06 |
US9037863B2 (en) | 2015-05-19 |
US8726030B2 (en) | 2014-05-13 |
CN103380589A (zh) | 2013-10-30 |
CN103380589B (zh) | 2016-04-27 |
JPWO2012172748A1 (ja) | 2015-02-23 |
US20120317661A1 (en) | 2012-12-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP5947295B2 (ja) | 端末装置、サーバ装置、コンテンツ記録制御システム、記録方法及び記録許否制御方法 | |
JP6119741B2 (ja) | 情報処理装置、情報記憶装置、サーバ、情報処理システム、および情報処理方法、並びにプログラム | |
US7542568B2 (en) | Encryption device a decrypting device a secret key generation device a copyright protection system and a cipher communication device | |
JP4555046B2 (ja) | データ転送システム及びデータ転送方法 | |
TWI257798B (en) | System for identification and revocation of audiovisual titles and replicators | |
US9081726B2 (en) | Controller to be incorporated in storage medium device, storage medium device, system for manufacturing storage medium device, and method for manufacturing storage medium device | |
JP2008021350A (ja) | コンテンツ記録装置、方法およびプログラム | |
JP2004072721A (ja) | 認証システム、鍵登録装置及び方法 | |
JP2004362547A (ja) | スマートカードを用いた装置認証によりホームドメインを構成する方法、及びホームドメインを構成するためのスマートカード | |
JP2012008756A (ja) | 情報処理装置、および情報処理方法、並びにプログラム | |
JP2012249035A (ja) | 情報処理装置、および情報処理方法、並びにプログラム | |
JP5929921B2 (ja) | 情報記憶装置、情報処理システム、および情報処理方法、並びにプログラム | |
JP4239741B2 (ja) | 情報記録媒体製造管理システム、情報処理装置、および方法、並びにコンピュータ・プログラム | |
JP4268673B1 (ja) | 著作権保護システム、再生装置、及び再生方法 | |
WO2005121980A1 (ja) | 情報取得装置、情報取得方法、情報取得プログラム | |
JP2012008755A (ja) | 情報処理装置、および情報処理方法、並びにプログラム | |
JP4461183B2 (ja) | 情報記録媒体、再生装置 | |
JP2010097502A (ja) | 暗号化・復号システム、暗号化装置、復号装置、および暗号化・復号方法 | |
JP5975098B2 (ja) | 情報処理装置、情報記憶装置、情報処理システム、および情報処理方法、並びにプログラム | |
JP2013150179A (ja) | 情報処理装置、情報記憶装置、情報処理システム、および情報処理方法、並びにプログラム | |
JP5318241B2 (ja) | コンテンツ再生装置、方法およびプログラム | |
JP2013141171A (ja) | 情報処理装置、および情報処理方法、並びにプログラム | |
TW201313010A (zh) | 資訊處理裝置及資訊處理方法,以及程式 | |
JP2009093767A (ja) | 情報処理装置、ディスク、および情報処理方法、並びにコンピュータ・プログラム | |
JP2008181342A (ja) | デジタルデータ記録装置及びデジタルデータ再生装置並びに記録媒体 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 201280007846.7 Country of ref document: CN |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 12801370 Country of ref document: EP Kind code of ref document: A1 |
|
DPE1 | Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101) | ||
ENP | Entry into the national phase |
Ref document number: 2013520418 Country of ref document: JP Kind code of ref document: A |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 12801370 Country of ref document: EP Kind code of ref document: A1 |