WO2004064317A1 - 相互認証方法、再生装置及び情報処理装置 - Google Patents
相互認証方法、再生装置及び情報処理装置 Download PDFInfo
- Publication number
- WO2004064317A1 WO2004064317A1 PCT/JP2003/016226 JP0316226W WO2004064317A1 WO 2004064317 A1 WO2004064317 A1 WO 2004064317A1 JP 0316226 W JP0316226 W JP 0316226W WO 2004064317 A1 WO2004064317 A1 WO 2004064317A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- information
- key
- random number
- information processing
- playback device
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
- G11B20/0021—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier
- G11B20/00217—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier the cryptographic key used for encryption and/or decryption of contents recorded on or reproduced from the record carrier being read from a specific source
- G11B20/00253—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier the cryptographic key used for encryption and/or decryption of contents recorded on or reproduced from the record carrier being read from a specific source wherein the key is stored on the record carrier
- G11B20/00362—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier the cryptographic key used for encryption and/or decryption of contents recorded on or reproduced from the record carrier being read from a specific source wherein the key is stored on the record carrier the key being obtained from a media key block [MKB]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/10—Digital recording or reproducing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
- H04L9/3273—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response for mutual authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/60—Digital content management, e.g. content distribution
- H04L2209/605—Copy protection
Definitions
- the present invention relates to a mutual authentication method, a program, a recording medium, a signal, and the like, which are applied when, for example, an encrypted content is recorded on a disk medium by a drive connected to a personal computer, and the encrypted content is reproduced from the disk medium.
- the present invention relates to a processing system, a playback device, and an information processing device. Background art
- D VD -Video uses CSS (Content Scrambling System) as copy protection technology.
- CSS Content Scrambling System
- CSS is only approved for DVD-R ⁇ M media, and the use of CSS in recordable DVDs such as DVD-R, DVD-RW, DVD + R, and DVD + RW is prohibited by the CSS contract. ing. Therefore, copying the contents of a DVD-Video that is copyright protected by the CSS method onto a recordable DVD in whole (bit-by-bit copy) is not an approved act under the CSS contract.
- a software called “D e CSS” has been distributed on the Internet, which allows you to easily copy the contents of a DVD-Video to a hard disk by decrypting CSS.
- CPPM Content Protection for Pre-Recorded Media
- DVD-R0M such as DVD-Audio
- CP RM Content Protection Technology for copyright protection for recordable DVD and memory cards Protection for Recordable Media
- PC personal computer
- the PC and the drive are connected by a standard interface, so it is known that the data must be kept confidential at the standard interface. Day and night may be altered.
- Application software May be reverse engineered and confidential information may be stolen or tampered with. Such danger rarely occurs in the case of an electronic device in which a recording / reproducing device is integrally formed.
- An object of the present invention is to provide a mutual authentication method, a program, a recording medium, a signal processing system, a playback device, and an information processing device that can ensure the security of copyright protection technology even in a PC environment. is there. Disclosure of the invention
- a first aspect of the present invention is to read and reproduce content information from a recording medium which is provided in advance with revocation information for identifying an unauthorized electronic device and information unique to the recording medium.
- the playback device includes information representing the playback device and revocation information.
- the information processing apparatus has a second determination step of determining whether to invalidate the information processing apparatus using information representing the information processing apparatus and revocation information,
- a mutual authentication step characterized by having a mutual authentication step for mutually authenticating the playback device and the information processing device using the key information (1) and (2).
- a reproducing apparatus having a reproducing unit for reading content information from a recording medium which is provided with revocation information for identifying an unauthorized electronic device and information unique to the recording medium in advance.
- a program for a mutual authentication method in which an apparatus transmits and receives content information via a transmission means, and mutually authenticates with an information processing apparatus which processes the information.
- the playback device has a first determination step of determining whether to invalidate the playback device using information representing the playback device and revocation information,
- the information processing device includes information indicating the information processing device and revocation information.
- the third aspect of the present invention is a program for a mutual authentication method characterized by having a mutual authentication step in which a playback device and an information processing device mutually authenticate using the key information and A playback device having a playback unit for reading content information from a recording medium previously provided with revocation information for identifying an electronic device and information unique to the recording medium, and a playback device for transmitting the content information.
- a storage medium storing a mutual authentication method program for mutually authenticating with an information processing apparatus which transmits, receives, and processes through the information processing apparatus.
- the information processing apparatus has a second determination step of determining whether to invalidate the information processing apparatus using information representing the information processing apparatus and revocation information,
- a storage medium storing a program of a mutual authentication method, characterized by having a mutual authentication step for mutually authenticating a playback device and an information processing device using the key information and
- a reproducing apparatus having a reproducing unit for reading out content information from a recording medium previously provided with revocation information for identifying an unauthorized electronic device and information unique to the recording medium;
- a signal processing system comprising: an information processing device for transmitting and receiving content information via a transmission unit, and processing the content information.
- the playback device has a first determination unit that determines whether or not the playback device should be invalidated using information representing the playback device and revocation information,
- the information processing apparatus has a second determination unit that determines whether or not the information processing apparatus should be invalidated using information representing the information processing apparatus and revocation information,
- a mutual authentication means for mutually authenticating the reproducing apparatus and the information processing apparatus using the key information of (2), and a common key for generating a common key common to the reproducing apparatus and the information processing apparatus after mutual authentication by the mutual authentication means.
- a signal processing system comprising: a generation unit.
- a reproducing unit for reading out content information from a recording medium previously provided with revocation information for identifying an unauthorized electronic device and information unique to the recording medium; Is a playback device in the signal processing system, which is transmitted to the information processing device via the transmission means and processed.
- the information processing apparatus has first determining means for determining whether to invalidate the reproducing apparatus by using the information representing the reproducing apparatus and the revocation information, and the first determining means determines that the reproducing apparatus should be invalidated. Place that was not First key information generated when
- the information processing apparatus should be invalidated by the second determination unit that determines whether or not the information processing apparatus should be invalidated by using information representing the information processing apparatus and revocation information provided in the information processing apparatus.
- Mutual authentication means for mutually authenticating with the information processing device using the second key information generated when no determination is made;
- a reproducing apparatus comprising: an information processing apparatus; and a common key generating means for generating a common common key after mutual authentication by the mutual authenticating means.
- the playback device reads the content information from a recording medium that is provided with revocation information for recording and information unique to the recording medium in advance, and the content information is received via a transmission unit and processed.
- the first determination means provided in the playback device determines whether or not the playback device should be invalidated using the information representing the playback device and the revocation information, and the first determination device disables the playback device.
- First key information that is generated if no
- a second determining unit that determines whether or not the information processing apparatus should be invalidated using information representing the information processing apparatus and revocation information
- Mutual authentication means for mutually authenticating with the playback device using the first key information and the second key information generated when the determination to invalidate is not made by the second determination means.
- An information processing device comprising: a common key generation unit that generates a common key common to a playback device after mutual authentication by the mutual authentication unit.
- the key information (MKB) recorded on the medium and the key information (media key) derived as the same value from the key information (device key) stored in each device or each application are used.
- Mutual authentication is performed. Therefore, in the present invention, a specific authentication key prepared only for the authentication is not required, the secret information can be reduced, and the device key can be made different depending on the device or application. The risk of unauthorized reading of information can be reduced.
- the recording / reproducing device has a device key as information unique to the electronic device, so that the recording / reproducing device itself can be revoked.
- random number information required for calculating the content key in the information processing device can be generated by, for example, an LSI in the recording / reproducing device. Compared to generating, it is possible to generate a random number that is true or close to a true random number. Therefore, the possibility that the random number is replaced with a fixed value can be reduced.
- Figure 1 shows the previously proposed recorder, player and DVD media. It is a block diagram for explaining the system which consists of media.
- FIG. 2 is a block diagram for explaining a PC-based DVD media recording / reproducing system.
- FIG. 3 is a schematic diagram for explaining a processing procedure of the DV drive 4 and the host 5 in the system of FIG.
- FIG. 4 is a flowchart for explaining an authentication operation in the system of FIG.
- FIG. 5 is a block diagram showing a configuration for mutual authentication according to an embodiment of the present invention.
- FIG. 6 is a flowchart for explaining a procedure of processing of a drive authentication operation in one embodiment of the present invention.
- FIG. 7 is a flowchart for explaining a procedure of a host authentication operation process according to an embodiment of the present invention.
- FIG. 8 is a block diagram showing an example of a configuration of a recorder in which a drive and a host are combined according to an embodiment of the present invention.
- FIG. 9 is a schematic diagram for explaining a communication procedure of an example of the recorder.
- FIG. 10 is a block diagram showing an example of the configuration of a player combining a drive and a host according to an embodiment of the present invention.
- FIG. 11 is a schematic diagram for explaining a communication procedure of an example of a player.
- FIG. 12 is a block diagram showing another example of the configuration of a recorder in which a drive and a host are combined according to an embodiment of the present invention.
- FIG. 13 is a schematic diagram for explaining a communication procedure of another example of the recorder. BEST MODE FOR CARRYING OUT THE INVENTION
- Recording medium Media, for example, disk, playback device: drive, information processing device: host, transmission means: drive-host interface, signal processing system: drive and host for playing back media drive-host interface Is a system that is connected via First transmission means: means for transmitting information from the drive to the host using a common key cryptosystem using the session key as a common key. Second transmission means: conversely, the session key is used as a common key from the host. A means for sending information to the drive.
- Content information Information recorded on media or information to be recorded is defined as content information.
- Revocation information MKB (Media Key Blocks) pre-recorded on the media, information specific to the recording medium: Media ID, Device key: Information indicating the playback device or information processing device, invalidating the device Judgment means for determining whether or not it should be: Process MKB.
- the drive is not invalidated by the first determination means on the drive side, the first key information is generated as a media key on the drive side, and the host is invalidated by the second determination means on the host side Otherwise, a second key information is generated as a media key on the host side.
- the drive and host can be deactivated independently, and if deactivated, the expected media key cannot be obtained, so they are classified as "first" and "second.”
- Mutual authentication means AKE (Authentication and Key Exchange) (Process
- the drive side consists of random number exchange after MKB, MAC calculation, and comparison.
- the first confirmation means and the second confirmation means on the host side mutually confirm the operation of each other.
- the order in which the drive side or the host side checks first is arbitrary. Therefore, in order to unify the terms, the drive side checking means is set to “first”. )
- Session key (The session key and content key used for reliable encryption and decryption are “keys” and the rest are “key information.” After authentication is completed, the same encryption key as the common key is used. However, since the name of the key information is changed from that of the generating device, the generating means on the drive side is the first common key generating means, and the generating means on the host side is the It is a common key generation means of 2.)
- Random number generator for generating random numbers: Random Number Generator (RNG) (Random number generator on the drive side is the first random number generator, random number generator on the host side is the second random number generator, In the claims, the generated random numbers are numbered in the order in which they appear in the claims.)
- RNG Random Number Generator
- Calculation means for performing a predetermined calculation MAC (Message Authentic cat on code) calculation block (The means for calculating on the drive side using the random numbers exchanged by the random number exchange means is the first calculation means, and the host side is The calculation means is the second calculation means.)
- MAC Message Authentic cat on code
- Comparison means comparison (The comparison on the drive side is the first comparison means, and the comparison on the host side is the second comparison means.)
- Key information unique to the recording medium Media unique key (In this embodiment, since the generation of the media unique key is all performed on the drive side in order to impart tamper resistance, the key information unique to the recording medium ( The intermediate key generation means for generating the media unique key is only on the drive side.) Key information that is the basis of the content information encryption key or content information decryption key: (The title key used for recording is the third key information, and the title key used for playback is the fourth key information. Media unique key — The means for encrypting the title key with the key information encryption means and the means for decrypting the key information are the key information decryption means The means for recording the title key encrypted with the media unique key on the recording medium are the encryption key This is used as information recording means.)
- Content key (The content key used during recording is used as the content information encryption key, and the content key used during playback is used as the content information decryption key.
- Content information encryption key The means for generating the encrypted content information is referred to as the final encryption key generation means, and the means for generating the content information decryption key is referred to as the final decryption key generation means.
- Means for decrypting the encrypted content information is referred to as content information decryption means.
- reference numeral 1 denotes a recordable DVD medium such as a DVD-R / M DVD or the like conforming to the CPRM standard, for example.
- Reference numeral 2 indicates, for example, a recorder conforming to the CPRM standard.
- Reference numeral 3 indicates, for example, a player conforming to the CPRM standard.
- the recorder 1 and the player 3 are devices or application software.
- a media ID 11 is provided in an area called a BCA (Burst Cutting Area) or an NB CA (Narrow Burst Cutting Area) in the lead-in area on the innermost peripheral side of the DVD medium 1.
- a media key block (hereinafter abbreviated as MKB) 11 is recorded in advance in the embossed or pre-recorded data zone of the reader.
- the media ID 11 is a different number for each media unit, for example, for each disc, and is composed of a media manufacturer code and a serial number.
- Media ID 11 is required when converting a media key to a different media unique key for each media.
- the media key block MKB is a key ring for deriving the media key and revoking (invalidating) the device.
- An encrypted content 13 encrypted with the content is recorded in a rewritable or recordable data area of the disc 1.
- C2 Cheptomeria Ciphering
- the DVD media 1 records an encrypted title 14 and CCI (Copy Control Information) 15.
- the encrypted title key 14 is encrypted title key information, and the title key information is key information added for each title.
- CCI is copy control information such as copy no more, copy once, and copy bee.
- Recorder 2 is composed of device key 11, process MKB 2, C 2-G 2 3, random number generator 24, C 2-E 25, C 2-G 26 and C 2-ECBC 27 Having.
- the player 3 has components of a device key 31, a process MKB 32, a C 2 _G 3 3.C 2 _D 3 5.C 2 _G 36 and a C 2 —DBC 37.
- the device keys 21 and 31 are identification numbers issued for each device or application software vendor.
- the device key must be authorized by the license administrator — Information specific to the electronic device or application software provided only to the software.
- the player 3 calculates the MKB 12 and the device key 31 in the process MKB 32 to determine whether or not the revocation has been performed.
- a media key is calculated from MKB 12 and device keys 21 and 31. If the device key of recorder 2 or player 3 is not in MKB 12 and the calculated result matches a predetermined value, for example, a value of zero, recorder 2 or device Player 3 is determined to be not valid. That is, such a recorder 2 or player 3 is revoked.
- C 2 — G 2 3 and 3 3 are processes for calculating the media unique key by calculating the media key and media ID, respectively.
- a random number generator (RNG) 24 is used to generate the title key.
- the title key from the random number generator 24 is input to C2_E25, and the title key is encrypted with the media unique key.
- the encryption title key 14 is recorded on the DVD medium 1.
- the encrypted title key 14 and the media unique key played from the DVD medium 1 are supplied to the C2_D 35, and the encrypted title key is decrypted with the media unique key to obtain the title key.
- CCI and title key are changed to C2G26. Supplied and the content key is derived.
- the content key is supplied to C2_E CBC27, and the content is encrypted using the content key as a key.
- the encrypted content 13 is recorded on the DVD medium 1.
- the CCI and the title are supplied to C2-G36, and the content key is derived.
- the content key is supplied to C2—ECBC 37, and the encrypted content 13 reproduced from the DVD medium 1 is decrypted using the content key as a key.
- the recording procedure by the recorder 2 in the configuration of FIG. 1 will be described.
- the recorder 2 reads the MKB 1 from the DVD medium 1, calculates the device key 21 and the MKB 12 by the process MKB 22 and calculates the media key. If the calculation result indicates a predetermined value, it is determined that the device key 21 (the device or application of the recorder 2) has been revoked by the MKB.
- the recorder 2 interrupts the subsequent processing and prohibits recording on the DVD medium 1. If the value of the media key is other than the predetermined value, the processing is continued.
- the recorder 2 reads the media ID 11 from the DVD media 1, inputs the media ID to the media key C2_G23 together with the media key, and calculates a different media unique key for each media.
- the title key generated by the random number generator 24 is encrypted by C2—E25 and recorded on the DVD medium 1 as the encrypted title key 14.
- the CCI information of the title key and the content is calculated by C2_G26 to derive the content key.
- the content is encrypted with the content key using C2—ECBC27 and recorded on the DVD medium 1 as encrypted content 13 together with CCI15.
- the playback procedure by the player 3 will be described. First, read MKB1 2 from DVD media 1.
- the device key 31 and MKB 1 2 are calculated, and revocation is confirmed. If the device key 31 or the device or application of player 3 is not revoked, the media unique key is calculated using the media ID, and the read encrypted title key 14 and media unique key are read out.
- the title key is calculated from.
- the title key and CC I 15 are input to C 2 — G 36 to derive the content key.
- the content key is input to the C2_D CBC 37, and the C2_D CBC 37 is applied to the encrypted content 13 reproduced from the DVD media 1 using the content key as a key. As a result, the encrypted content 13 is decrypted.
- FIG. 1 The configuration shown in FIG. 1 described above is configured as a recording / reproducing device.
- the present invention is applied when the content protection processing for the DVD medium 1 is handled in a PC environment.
- FIG. 2 the roles of PCs and drives under the current system are shown.
- reference numeral 4 denotes a DVD drive as a recording / reproducing device for recording and reproducing the DVD media 1 compliant with the above-mentioned CPRM standard.
- Reference numeral 5 denotes a host such as a PC as a data processing device.
- Host 5 can record to DVD media 1 and play back from DVD media 1. It is a device or application software that can handle playable content and is connected to the DVD drive 4 and can exchange data.
- the host 5 is configured by installing application software on a PC.
- the DVD drive 4 and the host 5 are connected by the interface 4a.
- the interface 4a is ATAP I (AT Attachment with Packet Interface), I; Small Computer System Interface (I), Universal Serial Bus (USB), IEEE (Institute of Electronics and Electronics Engineers). It is 1 3 94 mag.
- a media ID 11 a media ID 11
- a media key block 12 a media key block 12
- ACC Authentication Control Code
- the DV drive 4 reads the AC C 16 from the DV media 1.
- the AC C 16 read from the DVD medium 1 is input to an AKE (Authentication and Key Exchange) 41 of the DVD drive 4 and transferred to the host 5.
- the host 5 inputs the received AC C to AK 51.
- the AKEs 41 and 51 exchange random number data and generate a common session key (referred to as a bus key) having a different value for each authentication operation from the exchanged random number and the value of the ACC.
- the bus key is supplied to MAC (Message Authentication Code) calculation blocks 42 and 52, respectively.
- the MAC operation blocks 42 and 52 are processes for calculating the media ID and the MAC of the media key block 12 using the bus keys obtained in AKEs 41 and 51 as parameters.
- MKB and media ID integrity (integri ty) is used by host 5 to confirm.
- the MACs calculated by the MACs 42 and 52 are compared in the comparison 53 of the host 5 to determine whether the values match. If these MAC values match, the integrity of the MKB and media ID has been confirmed. Switch SW 1 is controlled by the comparison output.
- the switch SW 1 is shown as turning ON / OFF the signal path between the recording / playback path of the DVD medium 1 of the DVD drive 4 and the encryption / decryption module 54 of the host 5. ing. Although the switch SW 1 is shown as performing ON / OF of the signal path, in actuality, the processing of the host 5 continues when the signal is ON and the processing of the host 5 when the signal is OFF. It indicates that it stops.
- the encryption / decryption module 54 calculates the content key from the media unique key, the encryption title key, and the CCI, and encrypts the content into the encrypted content 13 using the content key as a key, or the content key. This is an operation block that decrypts the encrypted content 13 using one as a key.
- the media unique key calculation block 55 is a calculation block for calculating a media unique key from the MKB 12, the media ID and the device key 56. As in the case of the recorder or player shown in FIG. 1, the media key is calculated from the device key and the MKB12. A media unique key is calculated from the media key and the media ID 11. When the media key reaches a predetermined value, the electronic device or the abbreviated software is determined to be invalid and revoked. Therefore, the media unique key operation block 55 also has a function as a revocation processing unit for performing revocation.
- FIG. 3 shows a procedure for transmitting and receiving signals between the DVD medium 1, the DVD drive 4, and the host 5 in the system using DVD media under the current PC environment shown in FIG.
- the host 5 sends a command to the DV drive 4, and the DV drive 4 performs an operation in response to the command.
- the AC C on the DVD medium 1 is sought and read in response to a request from the host 5 (step S 1).
- the read AC C is input to the AKE 41 and is also transferred to the host 5, where the received AC C is input to the AKE 51.
- the AKEs 4 1 and 5 1 exchange random number data, generate a bass key as a session key having a different value for each authentication operation from the exchanged random number and the value of the AC C 16, and transfer the bus key to the DVD drive 4.
- the authentication operation is always performed when the disk is detected after the power is turned on or when the disk is replaced.
- the recording operation is performed by pressing the record button
- the authentication operation is performed when the reproduction operation is performed by pressing the play button. You may do it.
- authentication is performed when a record or play button is pressed.
- step S3 the host 5 requests the DVD drive 4 to read the MKB (media key block) pack # 0 from the DVD medium 1.
- MKB media key block
- 16 sectors from pack 0 to pack 15 are recorded once or twice in the lead-in area. Error correction coding is performed in pack units.
- the DV drive 4 goes to read the MKB pack # 0 in step S4, and reads the pack # 0 in step S5.
- the DVD drive 4 returns the modified MKB to the host 5 (step S6).
- When reading the MKB calculate the MAC value with the bus key as a parameter, add the MAC value to the MKB, and transfer the data to the host 5. No. For example, pack # 15 is read until the request for the remaining MKB pack other than pack # 0, the read operation of DVD drive 4, and the transfer operation of the modified MKB pack are completed until the MKB pack is exhausted. It is repeated by steps S7 and S8 until it is transferred to the host 5.
- Host 5 requests a media ID from DVD drive 4.
- the DVD drive 4 goes to read the media ID recorded on the DVD media 1, and in step S11, the media ID is read.
- the DVD drive 4 uses the bus key as a parameter and calculates its MAC value.
- the DVD drive 4 adds the MAC value m1 to the read medium ID and transfers the data to the host 5.
- the host 5 calculates the MAC value again from the MKB 12 and the media ID 11 received from the DVD drive 4 using the bus key as a parameter.
- the calculated MAC value is compared with the MAC value received from the DVD drive 4 in comparison 53. If they match, it is determined that the correct MKB and media ID have been received, switch SW1 is set to ON, and the process proceeds. Conversely, if they do not match, it is determined that the MKB and the media ID have been tampered with, and switch SW 1 is set to 0FF to stop the processing.
- step S13 the host 5 requests the encrypted content from the DV drive 4, and in step S14, the DVD drive 4 reads the encrypted content, and in step S13, the encrypted content is read.
- the encrypted content is forwarded to Host 5.
- a media unique key is calculated by the device key 56, the MKB 12, and the media ID 11.
- the media unique key is supplied to the encryption / decryption module 54, and the content key is obtained from the encryption title 14 and the CCI 15.
- the encrypted content read from the DVD media 1 is decrypted using the content key as a key.
- the content recorded on DVD media 1 is encrypted.
- step ST 1 is performed by using a MAC calculation value obtained by using the bus key as a parameter in the MAC calculation block 4 2 and a MAC calculation value obtained by using the bus key as a parameter in the MAC calculation block 53. Is a step of comparing. If they match, switch SW1 is turned on in step ST2. If they do not match, switch SW1 is set to 0FF in step ST3, and the process stops.
- the CP RM described above uses the same buskey generation method as CSS, which is a DVD-Video copyright protection technology.
- Content of CSS authentication method Is supposed to be confidential, but can be operated by free software that has not been licensed by DVD-CCA, a CSS license management body that has already been analyzed and is available to the general public. Has become.
- the content protection process is performed on the host side, that is, all of revocation determination, media key acquisition, media unique key derivation, content key derivation from content key generation and derivation, and content encryption and decryption. Is a process on the host side, so its reliability as copyright protection technology is decreasing.
- FIG. 5 is a block diagram showing a configuration of mutual authentication according to an embodiment.
- FIG. 6 is a flowchart showing a flow of processing on the drive side.
- FIG. 7 is a flowchart showing the flow of processing on the host side.
- reference numeral 101 indicates a medium, for example, an optical disk
- reference numeral 102 indicates a drive of the medium
- reference numeral 103 indicates a drive 102 and a drive-host interface 104.
- the medium 101 is the one on which information similar to that of the DVD media described above is recorded in advance.
- the medium 101 is not limited to a recordable medium, but may be a read-only medium.
- the host 103 sends a predetermined command to the drive 102 and controls its operation.
- the commands to be used are the commands described in Non-Patent Document 2 described above and commands obtained by extending the commands. This is a READ command to read the contents as sector data from 1 and a WRITE command to write the contents to the media 101 as sector data.
- the drive 102 has a device key 121 of the drive, and the host 103 has a device key 131 of the host.
- the device key is placed inside an LSI (Large Scale Integrated Circuit) and cannot be read from the outside. It is stored securely.
- the device key 1311 may be stored securely in a software program, or may be stored in hardware as hardware.
- drive 102 In order for drive 102 to be a legitimate drive that handles media 101, as in one embodiment, it requires confidential information on copyright protection technology such as a device key, so a regular license is required. This has the effect of preventing the creation of a clone drive that would imitate a genuine product without receiving it.
- the drive 102 is provided with a process MKB 122 for inputting the MKB and the device key 121 and determining whether the device key of the drive has been revoked. .
- the host 103 is provided with a process MKB 132. If revocation is not performed, the media keys Km are output from processes MKB 122 and 132, respectively. The revocation judgment processing is performed, and the authentication processing is performed after the media key Km is obtained.
- Reference numerals 123, 124 and 125 denote MAC operation blocks for calculating a MAC value using the media key Km as a parameter, respectively.
- Reference numerals 1, 2, 1 2, and 1 2 indicate a random number generator (RNG).
- Random number generator 1 2 6 generates random number Ral
- random number generator 1 2 7 generates random number Ra2
- the creature 1 2 8 generates a random number Ra3.
- the random number generators 12 26, 127, and 128 are, for example, random number generators having an LSI configuration, and can generate random numbers closer to true random numbers as compared with a method of generating random numbers by software. it can.
- the random number generator may be a common hardware, but the random numbers Ral, Ra2 and Ra3 are independent of each other. '
- a MAC operation block that calculates a MAC value using the media key Km as a parameter to the host 103, a MAC operation block 1 3 3, 1 3 4 and 1 3 5, and a random number generator 1 3 6, 1 3 7 and 1 3 8 Is provided.
- the random number generator 13 6 generates a random number Rbl
- the random number generator 13 7 generates a random number Rb2
- the random number generator 13 8 generates a random number Rb3.
- the random number generators 13 6, 13 7, and 13 8 normally generate random numbers by software, but if random numbers by hardware can be used, they may be used.
- the random number generated in the drive 102 and the random number generated in the host 103 are exchanged.
- the random number Ral and the random number Rbl are input to the MAC operation blocks 1 2 and 1 3 3
- the random number Ra 2 and the random number Rb 2 are input to the MAC operation blocks 1 2 and 1 3
- the random number Ra 3 and the random number Rb 3 are input to the MAC operation block Input to blocks 1 15 and 1 35.
- the MAC value calculated by the MAC calculation block 123 of the drive 102 and the MAC value calculated by the MAC calculation block 133 of the host 103 are compared in the comparison 130 in the host 103, It is determined whether the two values are the same.
- the MAC value here is expressed as eKm (Ral II Rbl).
- e Km () indicates that the data in parentheses is encrypted using the media key Km as a key.
- the Ral II Rbl symbol indicates that two random numbers are combined such that a random number Ral is placed on the left and a random number Rbl is placed on the right. are doing.
- the MAC value calculated by the MAC calculation block 13 4 of the host 10 3 and the MAC value calculated by the MAC calculation block 12 4 of the drive 10 2 are compared in the comparison 1 9 in the drive 10 2. It is determined whether the two values are the same.
- the MAC value here is expressed as eKm (Rb2 II Ra2). As a result of the comparison, if the two values are determined to be the same, it means that the authentication of the host 103 by the drive 102 has succeeded, and otherwise the authentication has failed.
- a common session key -eKm (Ra3 II Rb3) is generated by the AC operation blocks 1 2 5 and 1 3 5, respectively.
- step ST20 of FIG. 7 the host 103 issues a command REP0 RT KEY to the drive 102 to request transfer of MKB.
- step ST10 in FIG. 6 the drive 102 reads the MKB112 from the medium 101 and transfers it to the host103.
- step ST11 the drive 102 calculates the media key Km by the process MKB122, and the host 103 in step ST21 executes the media key Km by the process MKB132. Calculate m. In the process of this calculation, it is determined whether or not the device keys 1 2 1 and 1 3 1 included in each are targeted for revocation. It is confirmed by itself (step ST12 in FIG. 6, step ST22 in FIG. 7).
- step ST23 the random number generators 1336 and 137 are generated for the drive 102 by the command SEND KEY, respectively.
- the random number Rbl and the random number Rb2 are transferred. If the drive 102 is not to be revoked, the drive 102 receives these random numbers transferred from the host 103 in step ST13.
- the host 103 uses the command REPORT KEY to respond to the drive 102 by using the media key Km of the drive 102 as a key, the MAC response value, and the random number generated by the random number generator 1 26. Are transferred to the host 103 (step ST24).
- This response value is expressed as eKm (Ralil RM).
- e Km () indicates that the data in parentheses is encrypted using the media key Km as the encryption key.
- the symbol Ral II Rbl indicates that two random numbers are combined such that a random number Ral is placed on the left and a random number Rbl is placed on the right.
- the drive 10 receiving the command REPORT KEY from the host 103 sends the MAC value eKm (Ral II Rbl) and the random number Ral generated by the MAC operation block 123 to the host 103 in step ST 14. Forward.
- the host 103 calculates the MAC value in its own MAC calculation block 133 and confirms whether the value matches the value received from the drive 102 in the comparison 1339. I do. If the received MAC value and the calculated MAC value match, it means that host 103 has successfully authenticated drive 102. In step ST 25 If the result of the comparison is not the same, it means that the authentication of the drive 102 by the host 103 has failed, and the redirect process is performed.
- step ST26 the host 103 sends a command REPORT KEY to the drive 102, and the random number generator of the drive 102 Requests transfer of random numbers Ra2 and Ra3 generated by 1 2 4 and 1 2 5 respectively.
- step ST15 the drive 10 transfers these random numbers to the host 103.
- step ST 27 the MAC operation block 13 4 of the host 10 3 calculates the response value eKm (Rb2 II Ra2) by the MAC using the media key Km of the host 103 as a key from the random number received from the drive 102. ) Is calculated and transferred to drive 102 using the command SEND KEY together with the random number Rb3.
- step ST16 when the drive 102 receives the response value eKm (Rb2 II Ra2) and the random number Rb3 from the host 103, the drive 102 calculates its own MAC value. To check if it matches the MAC value received from host 103. If the received MAC value matches the calculated MAC value, it means that the authentication of the host 103 by the drive 102 was successful. In this case, in step ST 18, the MAC operation block 1 25 generates a session key eKm (Ra3 II Rb3), and indicates that the host 103 has been successfully authenticated. The information is sent and the authentication process is completed. The session key has a different value for each authentication operation.
- step ST17 If the result of the comparison in step ST17 is not the same, it means that authentication of host 103 by drive 102 has failed, and error information indicating that authentication has failed in step ST19. Is the host Sent to 103.
- the host 103 receives information indicating whether or not the authentication was successful from the drive 102 as a response to the sent command SEND KEY, and based on the received information, determines in step ST 28 whether or not the authentication has been completed. Judge. It determines that authentication is complete by receiving information indicating that authentication was successful, and determines that authentication was not completed by receiving information that indicates that authentication failed.
- the MAC operation block 135 When the authentication is completed, in step ST29, the MAC operation block 135 generates a session key eKm (Ra3IIRb3) (for example, 64 bits long) common to the drive side. If the authentication is not completed, a redirect process is performed.
- the session key eKm (Ra3 II Rb3) is referred to as s as appropriate.
- the mutual authentication according to the above-described embodiment has a feature that the drive 102 can have a revocation function and does not require a specific authentication key dedicated to authentication.
- the recording / reproducing device since the recording / reproducing device has a device key as information unique to the electronic device, the recording / reproducing device itself can be revoked.
- drive 102 confirms the authentication result of host 103 by comparison 19, and confirms that drive 102 was implemented after receiving a valid license from host 103. It is possible to determine whether or not.
- FIG. 8 shows a configuration of an embodiment of a recorder realized by combining the drive 102 and the host 103 performing the above-described mutual authentication.
- the drive 102 calculates the media unique key, and securely transfers the calculated media unique key to the host 103 using the session key Ks generated by the mutual authentication.
- the drive 102 generates a random number data for deriving the content key, securely transfers the generated random number data to the host 103 using the session key Ks generated by the mutual authentication, and
- the content is encrypted using the content key derived by the device 103, the encrypted content is transferred to the drive 102, and the drive 102 records the encrypted content on the medium 101. ing.
- Drives 102 that make up the recorder consist of device keys 121, process MKB 122, C2_G2 14 DES (Data Encryption Standard) descriptors 142, random number generators 144, and DES encryptors. It has 144 components.
- a media key is calculated from MKB 112 and device key 121. If the device key 1 2 1 of the drive 102 is not included in the MKB 112 and the calculated result matches a predetermined value, for example, a value of zero, the device key 1 2 1
- the drive 101 with the key is determined to be invalid, and the drive 102 is revoked.
- C2_G141 calculates the media key and the media ID 111, and determines the media unique key. This is the process to derive.
- the media unique key is encrypted with the session key K s at the DE SEND KEY. As an encryption method, for example, DESSCB mode is used.
- the output of the DES encrypter 142 is transmitted to the DEST and the crypter 151 of the host 103.
- a title key is generated by the random number generator 144. Random number generator The title key from 144 is entered into the DES Encrypt window, and the title key is encrypted with the session key. The encryption title is sent to the DES decryptor 152 on host 103.
- the media unique key is decrypted by the session key Ks in the DES decryptor 1551.
- the title key is decrypted by the session key Ks.
- Media unique key and title key are C2_E
- the title key is encrypted by C2 using the media unique key.
- the encryption title key 114 is recorded on the medium 101.
- CCI and the decrypted title key are supplied to C2-G154, and the content key is derived.
- the content key is supplied to C 2 __ E C B C 155 and the content is encrypted using the content key as a key.
- the encrypted content 1 1 3 is recorded on the medium 101.
- FIG. 9 shows a procedure for recording content.
- the MKB on the medium 101 is sought and read in response to a request from the host 103 (step S21).
- step S 22 AKE (Authentic cat on and Key Exchange)
- the above-mentioned rehearsal processing and mutual authentication between drive 102 and host 103 are performed.
- Mutual authentication is always performed when a disk is detected after power is turned on or when a disk is replaced.
- the authentication operation may be performed when the recording operation is performed by pressing the recording button, or when the reproduction operation is performed by pressing the reproduction button.
- a record or play button is pressed, authentication is performed. If the mutual authentication is not successful, for example, the process is interrupted by the redirect process. If the mutual authentication is successful, a session key Ks is generated in both the drive 102 and the host 103, and the session key Ks is shared.
- the host 103 requests a media unique key from the drive 102.
- the drive 102 seeks the medium ID of the medium 101 (step S24), and reads the medium ID from the medium 101 (step S25).
- the drive 102 generates a media unique key by calculating the media key and the media ID.
- the media unique key is encrypted with the session key Ks, and the encrypted media unique key is transferred to the host 103.
- step S27 the host 103 requests the drive 102 for the title key.
- step S28 the drive 102 encrypts the title key with the session key Ks, and transfers the encrypted title key to the host 103.
- the encrypted media unique key and the encrypted title key are decrypted by the session key Ks.
- the title key is encrypted with the media unique key, and an encrypted title key is generated.
- a content key is generated from the title key and CCI, and the content is encrypted with the content key.
- the encryption title key, the encrypted content, and the CCI are transferred from the host 103 to the drive 102.
- these encrypted titles, encrypted contents, and CCI are recorded on the medium 101 by the drive 102.
- the drive 102 generates a title key using the random number generator 144.
- a random number generator may be provided in the host 103 and the title key may be generated by the random number generator.
- FIG. 10 shows a configuration of an embodiment of a player realized by combining the drive 102 and the host 103 that perform the mutual authentication described above.
- the player securely transfers the media menu calculated by the drive 102 to the host 103 by using the session key K s generated by the mutual authentication, and the host 103 encrypts the media key. It is designed to decrypt the encrypted title using the media unique key and decrypt the content using the content key derived from the title key and CCI.
- the drive 102 constituting the player has the following components: a device key 121, a process MKB 122, and a C2_G2 14K DES en- cle. It is possible to determine whether the revocation has been performed by calculating the MKB 112 reproduced from the media 101 and the device key 111 in the process MKB 122. In the process MKB 122, a media key is calculated from MKB 112 and the device key 111.
- C2_G141 is a process of calculating the media unique key by calculating the media key and the media ID111.
- the media unique key is encrypted by the session key K s at the DES encryptor 144.
- As an encryption method for example, DESSCB mode is used.
- the output of the DS encryptor 14 2 is sent to the host 10 3 DS descriptor 15 1.
- the DES descriptor 151 The media unique key is decrypted by John Ks.
- the media unique key and the encrypted title key 114 are supplied to C2_D153, and the encrypted title key is decrypted using the media unique key.
- the decrypted title key and the CCI reproduced from the media 101 are supplied to C 2 _G 154 to derive the content key.
- the encrypted content 113 reproduced from the medium 101 is decrypted by the C2 decryptor 155 using the content key, and the content is obtained.
- FIG. 11 shows a procedure at the time of content reproduction.
- the MKB on the medium 101 is sought and read (step S41). MKB is read for each pack.
- the revocation processing and the mutual authentication operation between the drive 102 and the host 103 are performed as described above. If the mutual authentication is not successful, for example, the processing is interrupted by the redirection processing. Refuse. If the mutual authentication is successful, a session key Ks is generated in both the drive 102 and the host 103, and the session key Ks is shared.
- the host 103 requests a media unique key from the drive 102.
- the drive 102 seeks the medium ID of the medium 101 (step S44), and reads the medium ID from the medium 101 (step S45).
- the drive 102 generates a media unique key by calculating a media key and a media ID.
- the media key is encrypted by the session key Ks, and the encrypted media unique key is transferred to the host 103.
- the host 103 requests the drive 102 for the encryption title, the CCI, and the encrypted content.
- the drive 102 reads the encrypted title 114, the CCI 115, and the encrypted content 113 from the medium 101.
- step S49 the drive 102 reads the encryption title key 114, the CCI 115, and the encryption content 113. Then, in step S50, the drive 101 transfers the encryption title key 114, the CCI 115, and the encryption content 113 to the host 103.
- the title key is decrypted
- the content key is obtained from the title key and CCI
- the encrypted content is decrypted using the content key as a key.
- the host 103 has a decryptor C 2 _D 153 for decrypting the encrypted title key, but the drive 102 decrypts the encrypted title key.
- a decryptor may be provided.
- the decrypted title key is securely transferred to the content key generation C 2 _G 154 of the host 103.
- a content key generation device C 2 -G may be provided in the drive 102, and the content key may be generated from the decrypted title key and C C I in the drive 102.
- the decrypted content key is securely transferred to C2-DCCB155 of the host 103.
- FIG. 12 shows the configuration of another embodiment of a recorder realized by combining a drive 102 and a host 103 that perform mutual authentication.
- the recorder of another embodiment secures the media unique key calculated by the drive 102 using the session key Ks generated by mutual authentication. Forward to host 103. Also, a content key is generated in the drive 102, the generated content key is securely transferred to the host 103 using the session key Ks, and the content is generated using the content key decrypted by the host 103. Then, the encrypted content is transferred to the drive 102, and the drive 102 records the encrypted content on the media 101. That is, in the above-described recorder shown in FIG. 8, the content key is generated in the host 103, but in another embodiment, the content key is generated in the drive 102.
- the media key is calculated by calculating the MKB 11 reproduced from the media 101 and the device key 111 in the process MKB 122, and C 2 — G
- the media key and the media ID 111 are calculated to derive a media unique key.
- the media unique key is encrypted by the session key K s at the DES encryptor 14 2, and the output of the DES encryptor 14 2 is transmitted to the DES decryptor 15 1 of the host 10 3, and the DES decryptor 14
- the media unique key is derived by the descriptor 15 1
- the title key is generated by the random number generator 14 3 of the drive 102, and the title key from the random number generator 14 3 is used as the C 2 of the host 103.
- __ Supplied to E153 the title key is encrypted by C2 using the media unique key.
- the encryption title key 114 is recorded on the media 101.
- the MAC value e Ks (CCI) of the CCI is calculated by the MAC operation block 158 using the session key Ks as a key, and is transferred to the drive 102 together with the CCI.
- the MAC value e K s (CCI) of the CCI is calculated from the CCI received from the host 103 using the session key K s as a key by the MAC operation block 157 and received from the host 103.
- the CCI and the title key received from the host 103 are supplied to the C2_G145, and the content key is derived.
- the content key is supplied to the DESC 146, and the content key is encrypted using the session key Ks as a key.
- the encrypted content key is transferred to the DEST dev on host 103.
- the content key decrypted using the session key K s at the DS decipherer 156 is supplied to C2—ECCB 155, and the content is encrypted using the content key as the key.
- the encrypted content 113 is transferred to the drive 102 and recorded on the medium 101 by the drive 102.
- the title key is generated by the random number generator 144 of the drive 102.
- a random number generator may be provided on the host 103 side, and a title key may be generated by the random number generator.
- the generated title key is transferred from the host 103 to C2-G145 for generating the content key of the drive 102.
- Fig. 13 shows the procedure for recording content according to another embodiment of the recorder. The order is shown.
- the MKB on the media 101 is sought and read in response to a request from the host 103 (step S61).
- AKE of the next step S62 a revoke process and a mutual authentication operation between the drive 102 and the host 103 are performed.
- the process is interrupted by the redirect process. If the mutual authentication is successful, a session key Ks is generated in both the drive 102 and the host 103, and the session key Ks is shared.
- the host 103 requests the drive 102 for a media unique key.
- the drive 102 seeks the medium ID of the medium 101 (step S64), and reads the medium ID from the medium 101 (step S65).
- the drive 102 generates a media unique key by calculating a media key and a media ID.
- the media key is encrypted by the session key Ks, and the encrypted media unique key is transferred to the host 103.
- step S67 the host 103 requests the drive 102 for a title key.
- step S68 the drive 102 transfers the title key to the host 103.
- the encrypted media unique key is decrypted by the session key Ks.
- the title key is encrypted by the media unique key, and an encrypted title key is generated.
- step S69 the host 103 sends a CCI to the drive 102.
- the MAC value e K s (CCI) calculated as the CCI authentication data is added and transferred. No alteration of CCI on drive 102
- the content key is generated from the title key and CCI, and the content key is encrypted with the session key Ks.
- the host 103 requests the drive 102 for the content key in step S70
- the drive 101 sends the encrypted content key to the host 103 in step S71.
- the host 103 decrypts the encrypted content key with the session key Ks to obtain the content key.
- Content is encrypted with the content key.
- the encryption title key, the encryption content, and the CCI are transferred from the host 103 to the drive 102.
- the drive 102 records the encrypted title, the encrypted content, and the CCI on the media 101.
- the recorder having the configuration shown in FIG. 12 described above can generate a true random number or a random number close to it in a drive 102 using a hardware such as an LSI, and replace the generated random number with a fixed value. Can be difficult.
- the drive 102 since a content key is generated according to a hard disk configuration, the implementation of copyright protection can be strengthened.
- the title key is the key of title II.
- this is also used for a video or still image camera system that uses an optical disk as a medium and has a drive that drives the medium and a microcomputer that controls the drive. It is possible to apply the invention.
- key information (media key) derived as the same value from key information (MKB) recorded on a medium and key information (device key) stored in each device or application is used.
- MKB key information
- device key key information stored in each device or application.
- Mutual authentication is performed. Therefore, in the present invention, a specific authentication key prepared only for the authentication is not required, the secret information can be reduced, and the device key can be made different depending on the device or application. The risk of unauthorized reading of information can be reduced.
- the application software installed in the information processing device is You no longer need to have all the secret information about the rights protection technology.
- the recording / reproducing device itself can be revoked.
- random number information required for calculating a content key in the information processing device can be generated by, for example, an LSI in the recording / reproducing device, so that a random number is generated by a software in the PC.
- LSI in the recording / reproducing device
Abstract
Description
Claims
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/505,175 US7395429B2 (en) | 2003-01-15 | 2003-12-18 | Mutual authentication method, program, recording medium, signal processing system, reproduction device, and information processing device |
EP03780879A EP1585248A4 (en) | 2003-01-15 | 2003-12-18 | METHOD OF MUTUAL AUTHENTICATION, PROGRAM, RECORDING MEDIUM, SIGNAL PROCESSING SYSTEM, REPRODUCTION DEVICE AND INFORMATION PROCESSING DEVICE |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2003-6915 | 2003-01-15 | ||
JP2003006915A JP2004220317A (ja) | 2003-01-15 | 2003-01-15 | 相互認証方法、プログラム、記録媒体、信号処理システム、再生装置および情報処理装置 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2004064317A1 true WO2004064317A1 (ja) | 2004-07-29 |
Family
ID=32709093
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2003/016226 WO2004064317A1 (ja) | 2003-01-15 | 2003-12-18 | 相互認証方法、再生装置及び情報処理装置 |
Country Status (7)
Country | Link |
---|---|
US (1) | US7395429B2 (ja) |
EP (1) | EP1585248A4 (ja) |
JP (1) | JP2004220317A (ja) |
KR (1) | KR101017002B1 (ja) |
CN (1) | CN1706148A (ja) |
TW (1) | TWI289829B (ja) |
WO (1) | WO2004064317A1 (ja) |
Families Citing this family (40)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7698743B2 (en) * | 2004-01-16 | 2010-04-13 | Panasonic Corporation | Authentication server, method and system for detecting unauthorized terminal |
US20080235810A1 (en) * | 2004-01-22 | 2008-09-25 | Koninklijke Philips Electronic, N.V. | Method of Authorizing Access to Content |
JP2006020154A (ja) * | 2004-07-02 | 2006-01-19 | Toshiba Corp | コンテンツ管理方法及びコンテンツ管理用プログラム、並びに電子機器 |
JP4717396B2 (ja) * | 2004-08-30 | 2011-07-06 | キヤノン株式会社 | データ通信装置及びデータ通信方法並びにデータ通信プログラム |
JP4717398B2 (ja) * | 2004-09-10 | 2011-07-06 | キヤノン株式会社 | データ処理装置の制御方法 |
KR100947017B1 (ko) | 2004-09-15 | 2010-03-11 | 후지쯔 가부시끼가이샤 | 정보 처리 장치 및 셋업 프로그램이 기록된 컴퓨터 판독 가능한 기록 매체 |
KR100947019B1 (ko) | 2004-09-15 | 2010-03-11 | 후지쯔 가부시끼가이샤 | 정보 처리 장치 |
TWI277870B (en) | 2004-11-22 | 2007-04-01 | Toshiba Corp | Copyright management method, information recording/reproducing method and device, and information recording medium and method of manufacturing the medium |
JP4551202B2 (ja) * | 2004-12-07 | 2010-09-22 | 株式会社日立製作所 | アドホックネットワークの認証方法、および、その無線通信端末 |
JP4774734B2 (ja) * | 2004-12-14 | 2011-09-14 | ソニー株式会社 | 情報処理装置、情報記録媒体、および情報処理方法、並びにコンピュータ・プログラム |
JP4712369B2 (ja) * | 2004-12-15 | 2011-06-29 | 建 徳應 | コンテンツ配信方法 |
JP2006216113A (ja) * | 2005-02-02 | 2006-08-17 | Funai Electric Co Ltd | Dvd再生装置 |
WO2006082961A1 (ja) * | 2005-02-07 | 2006-08-10 | Matsushita Electric Industrial Co., Ltd. | 記録装置、再生装置、集積回路及び制御プログラム |
JP4899442B2 (ja) * | 2005-11-21 | 2012-03-21 | ソニー株式会社 | 情報処理装置、情報記録媒体製造装置、情報記録媒体、および方法、並びにコンピュータ・プログラム |
JP2007336197A (ja) * | 2006-06-14 | 2007-12-27 | Toshiba Corp | 情報アクセス管理方法および装置 |
JP4770650B2 (ja) * | 2006-09-09 | 2011-09-14 | ソニー株式会社 | 情報処理装置および情報処理方法並びにコンピュータ・プログラム |
JP5026049B2 (ja) * | 2006-10-25 | 2012-09-12 | ソニー株式会社 | メディアドライブ装置、メディアドライブ装置の動作方法、プログラム、プログラム記録媒体 |
KR20090000624A (ko) * | 2007-03-09 | 2009-01-08 | 삼성전자주식회사 | 호스트 디바이스와의 상호 인증 방법 및 그 시스템 |
US20080226078A1 (en) * | 2007-03-12 | 2008-09-18 | Microsoft Corporation | Enabling recording and copying data |
KR101310232B1 (ko) * | 2007-04-24 | 2013-09-24 | 삼성전자주식회사 | 버스 키 공유 방법 및 그 장치 |
US20090052670A1 (en) * | 2007-08-21 | 2009-02-26 | Samsung Electronics Co., Ltd. | Method and apparatus for storing digital content in storage device |
KR20090052199A (ko) * | 2007-11-20 | 2009-05-25 | 삼성전자주식회사 | 저장 장치, 상기 저장 장치를 이용하는 단말장치와 그 방법 |
JP4703668B2 (ja) * | 2008-02-14 | 2011-06-15 | 株式会社東芝 | コンテンツ転送方法 |
US8462954B2 (en) * | 2008-05-30 | 2013-06-11 | Motorola Mobility Llc | Content encryption using at least one content pre-key |
JP4620146B2 (ja) | 2008-07-18 | 2011-01-26 | 株式会社東芝 | 情報処理装置及び認証方法 |
SG165220A1 (en) * | 2009-03-25 | 2010-10-28 | Toshiba Kk | Processing apparatus of portable electronic devices, portable electronic device, and processing system of portable electronic devices |
EP2270710B1 (en) * | 2009-06-30 | 2015-12-23 | Axis AB | Method for restricting access to media data generated by a camera |
CN101895537B (zh) * | 2010-06-30 | 2014-07-30 | 北京握奇数据系统有限公司 | 建立数据交互通道的方法和系统、智能卡、服务器 |
JP2012084071A (ja) | 2010-10-14 | 2012-04-26 | Toshiba Corp | デジタルコンテンツの保護方法、復号方法、再生装置、記憶媒体、暗号装置 |
KR101944468B1 (ko) * | 2011-04-04 | 2019-04-30 | 삼성전자주식회사 | 컨텐츠를 보호하기 위한 방법, 호스트 장치, 저장 장치 및 기계로 읽을 수 있는 저장 매체 |
US8661527B2 (en) | 2011-08-31 | 2014-02-25 | Kabushiki Kaisha Toshiba | Authenticator, authenticatee and authentication method |
JP5275432B2 (ja) | 2011-11-11 | 2013-08-28 | 株式会社東芝 | ストレージメディア、ホスト装置、メモリ装置、及びシステム |
JP5204290B1 (ja) | 2011-12-02 | 2013-06-05 | 株式会社東芝 | ホスト装置、システム、及び装置 |
JP5204291B1 (ja) | 2011-12-02 | 2013-06-05 | 株式会社東芝 | ホスト装置、装置、システム |
JP5112555B1 (ja) | 2011-12-02 | 2013-01-09 | 株式会社東芝 | メモリカード、ストレージメディア、及びコントローラ |
JP5100884B1 (ja) | 2011-12-02 | 2012-12-19 | 株式会社東芝 | メモリ装置 |
JP5275482B2 (ja) | 2012-01-16 | 2013-08-28 | 株式会社東芝 | ストレージメディア、ホスト装置、メモリ装置、及びシステム |
US9201811B2 (en) | 2013-02-14 | 2015-12-01 | Kabushiki Kaisha Toshiba | Device and authentication method therefor |
US8984294B2 (en) | 2013-02-15 | 2015-03-17 | Kabushiki Kaisha Toshiba | System of authenticating an individual memory device via reading data including prohibited data and readable data |
US10860409B2 (en) * | 2018-08-01 | 2020-12-08 | Cisco Technology, Inc. | Tracelog isolation of failed sessions at scale |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1061514A2 (en) | 1999-06-16 | 2000-12-20 | Kabushiki Kaisha Toshiba | Mutual authentication method, recording apparatus, reproducing apparatus, and recording medium |
JP2001331106A (ja) * | 2000-03-14 | 2001-11-30 | Matsushita Electric Ind Co Ltd | 暗号化情報信号、情報記録媒体、情報信号再生装置、および、情報信号記録装置 |
Family Cites Families (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH08335040A (ja) * | 1995-06-02 | 1996-12-17 | Fujitsu Ltd | 暗号化処理方式 |
JP3864401B2 (ja) * | 1997-04-23 | 2006-12-27 | ソニー株式会社 | 認証システム、電子機器、認証方法、および記録媒体 |
US6615192B1 (en) * | 1999-03-12 | 2003-09-02 | Matsushita Electric Industrial Co., Ltd. | Contents copying system, copying method, computer-readable recording medium and disc drive copying contents but not a cipher key via a host computer |
KR100331778B1 (ko) * | 1999-09-13 | 2002-04-09 | 남봉길 | 은행잎의 유효성분 추출방법 및 그의 추출장치 |
JP2001256113A (ja) * | 2000-03-13 | 2001-09-21 | Toshiba Corp | コンテンツ処理システムおよびコンテンツ保護方法 |
JP4608749B2 (ja) * | 2000-07-24 | 2011-01-12 | ソニー株式会社 | データ処理装置、データ処理方法、およびライセンスシステム、並びにプログラム提供媒体 |
US7178169B1 (en) * | 2000-09-01 | 2007-02-13 | Zoran Corporation | Method and apparatus for securing transfer of and access to digital content |
US7111175B2 (en) * | 2000-12-28 | 2006-09-19 | Intel Corporation | Method and apparatus for verifying the integrity of a media key block |
US6912634B2 (en) * | 2000-12-28 | 2005-06-28 | Intel Corporation | Verifying the integrity of a media key block by storing validation data in a validation area of media |
US7039803B2 (en) * | 2001-01-26 | 2006-05-02 | International Business Machines Corporation | Method for broadcast encryption and key revocation of stateless receivers |
US20020141577A1 (en) * | 2001-03-29 | 2002-10-03 | Ripley Michael S. | Method and system for providing bus encryption based on cryptographic key exchange |
US6957343B2 (en) * | 2001-03-30 | 2005-10-18 | Intel Corporation | Validating keying material by using a validation area of read-only media to prevent playback of unauthorized copies of content stored on the media |
TWI222583B (en) * | 2001-04-13 | 2004-10-21 | Matsushita Electric Ind Co Ltd | Contents recording/duplicating device and recording media storing program for recording/duplicating contents |
EP1428214A2 (en) * | 2001-07-09 | 2004-06-16 | Matsushita Electric Industrial Co., Ltd. | Content reading apparatus |
US20030188183A1 (en) * | 2001-08-27 | 2003-10-02 | Lee Lane W. | Unlocking method and system for data on media |
KR20040077446A (ko) * | 2002-02-05 | 2004-09-04 | 소니 가부시끼 가이샤 | 데이터 기록 장치 및 기록 방법 |
JP2005166185A (ja) * | 2003-12-04 | 2005-06-23 | Matsushita Electric Ind Co Ltd | 記録装置、再生装置、記録方法、再生方法、記録媒体、及びプログラム |
-
2003
- 2003-01-15 JP JP2003006915A patent/JP2004220317A/ja active Pending
- 2003-12-18 EP EP03780879A patent/EP1585248A4/en not_active Withdrawn
- 2003-12-18 WO PCT/JP2003/016226 patent/WO2004064317A1/ja active Application Filing
- 2003-12-18 KR KR1020047014383A patent/KR101017002B1/ko not_active IP Right Cessation
- 2003-12-18 CN CNA2003801003420A patent/CN1706148A/zh active Pending
- 2003-12-18 US US10/505,175 patent/US7395429B2/en not_active Expired - Fee Related
-
2004
- 2004-01-13 TW TW093100790A patent/TWI289829B/zh not_active IP Right Cessation
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1061514A2 (en) | 1999-06-16 | 2000-12-20 | Kabushiki Kaisha Toshiba | Mutual authentication method, recording apparatus, reproducing apparatus, and recording medium |
JP2001331106A (ja) * | 2000-03-14 | 2001-11-30 | Matsushita Electric Ind Co Ltd | 暗号化情報信号、情報記録媒体、情報信号再生装置、および、情報信号記録装置 |
Non-Patent Citations (2)
Title |
---|
See also references of EP1585248A4 * |
TATEBAYASHI MAKOTO ET AL.: "Kiroku media no contents hogo system", 2000NEN THE INSTITUTE OF ELECTRONICS, INFORMATION AND COMMUNICATION ENGINEERS KISO KYOKAI SOCIETY TAIKAI KOEN RONBUNSHU, 7 September 2000 (2000-09-07), pages 367 - 368, XP001119437 * |
Also Published As
Publication number | Publication date |
---|---|
EP1585248A1 (en) | 2005-10-12 |
JP2004220317A (ja) | 2004-08-05 |
TW200425071A (en) | 2004-11-16 |
CN1706148A (zh) | 2005-12-07 |
EP1585248A4 (en) | 2011-07-13 |
US20050160284A1 (en) | 2005-07-21 |
US7395429B2 (en) | 2008-07-01 |
KR101017002B1 (ko) | 2011-02-23 |
KR20050099934A (ko) | 2005-10-17 |
TWI289829B (en) | 2007-11-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP4525350B2 (ja) | 信号処理システム | |
KR101017002B1 (ko) | 상호 인증 방법, 기록 매체, 신호 처리 시스템, 재생 장치 및 정보 처리 장치 | |
KR100311563B1 (ko) | 카피제어방법및카피제어장치 | |
JP3878542B2 (ja) | 記録装置 | |
JP4600042B2 (ja) | 記録再生装置およびデータ処理装置 | |
JP5269145B2 (ja) | ユーザキーを利用した記録媒体のディスク使用制限方法及び装置 | |
US20040190868A1 (en) | Recording apparatus and content protection system | |
KR20010109323A (ko) | 데이터 기록 재생기 및 세이브 데이터 처리 방법, 및프로그램 제공 매체 | |
KR20090016709A (ko) | 컨텐츠 기록을 위한 장치, 방법 및 컴퓨터 판독가능한 기록 매체 | |
JP2006031818A (ja) | 情報処理装置、および情報処理方法、並びにコンピュータ・プログラム | |
JP4239741B2 (ja) | 情報記録媒体製造管理システム、情報処理装置、および方法、並びにコンピュータ・プログラム | |
JP2004311000A (ja) | 記録装置及び著作権保護システム | |
JP2007505347A (ja) | コンテンツプロテクト方法及びシステム | |
US20050141011A1 (en) | Apparatus and method for recording data on and reproducing data from storage medium | |
JP2000003559A (ja) | デ―タ再生方泡デ―タ再生装置、デ―タ符号化方泡デ―タ記録方泡デ―タ記録装置、認証方法及び半導体チップ | |
JP2000242562A (ja) | 記録媒体及び再生装置 | |
JP4620136B2 (ja) | 情報記録装置 | |
JP2007515736A (ja) | ディスク解読方法及びシステム |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): CN KR US |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR |
|
WWE | Wipo information: entry into national phase |
Ref document number: 10505175 Country of ref document: US |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2003780879 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 1020047014383 Country of ref document: KR |
|
WWE | Wipo information: entry into national phase |
Ref document number: 20038A03420 Country of ref document: CN |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWP | Wipo information: published in national office |
Ref document number: 2003780879 Country of ref document: EP |
|
WWP | Wipo information: published in national office |
Ref document number: 1020047014383 Country of ref document: KR |