The present invention relates to an information processing apparatus, an information recording medium, an information processing method and a computer program. More specifically, the present invention relates to an information processing apparatus, an information recording medium, an information processing method and a computer program wherein an authentication process is executed for permitting a reliable component to execute various data processes for utilization of contents such as a decryption process for encrypted contents recorded on an information recording medium.
In recent years, various disks which can record a large amount of data such as a DVD (Digital Versatile Disc) and a blue laser disk (Blu-ray Disc) have been developed and placed into practical use to allow storage and reproduction of high definition images and high quality sound as a large amount of data. Further, as reproduction environment of such large capacity recording media, not only conventional recording and reproduction apparatus for consumers, but also personal computers (PCs) which incorporate a high performance central processing unit (CPU) or a video card and various other information reproduction apparatus have been developed and placed into practical use.
One of problems where contents are reproduced, for example, on a PC is protection of the copyright of the contents. Usually, the right of distribution or like right to most contents such as music data and image data is owned by a creator or a seller of the contents. Accordingly, such contents as mentioned above are normally configured such that, when the contents are distributed, fixed limitation to the utilization of the contents is applied such that utilization of the contents is permitted only to illegal users so that duplication or the like of the contents which is not permitted may not be performed.
Particularly, where a digital recording apparatus and recording medium are used, recording and reproduction can be repeated without any deterioration of the image and sound quality, and this gives rise to such various problems as distribution of illegally copied contents through the Internet and distribution of pirated edition disks which are recording media such as a CD-R or a DVD on which contents are copied.
A large capacity recording medium such as a DVD or a blue laser disk has various video information and music information, which make an object of protection of the copyright, recorded as digital data thereon and is distributed as such on the market. Where it is intended to distribute such a medium on which digital data is recorded as just described on the market, it is essentially required to take a countermeasure for prevention of illegal copying to achieve protection of the owner of the copyright.
Actually, however, the system for preventing illegal copying is incomplete as can be recognized from the fact that a tool which makes it possible for a PC to decrypt contents recorded on a recording medium complying, for example, with the DVD-Video standards is distributed on the Internet.
Further, where a reproduction program is executed under the control of a CPU of a PC to execute a contents reproduction process, contents, cryptographic key generation information and so forth recorded as encrypted data on a disk such as a DVD loaded in a drive of the PC are stored into a memory of the PC through an interface of the drive and a general purpose bus of the PC.
Further, a generation process of a decryption key for the encrypted contents, a decryption process of the contents with the generated key, a decoding process of MPEG compressed contents and so forth are executed in accordance with the reproduction program executed by the CPU. Key information, intermediate data and so forth generated during the processes are transferred at individual processing timings through the general purpose bus of the PC and stored into the general purpose memory.
When the PC executes the contents reproduction program to perform a contents data process in which the general purpose bus, the general purpose memory and so forth of the PC are used in this manner, digital AV stream data or cryptographic key information in a decrypted state which is generated in the data processing process comes to exist on the memory or the general purpose bus of the PC even temporarily. This gives rise to the possibility of exploitation of data in the contents processing process, resulting in a problem that illegal copying of the contents is allowed.
The following countermeasure has been proposed to solve such problems as described above.
In particular, authentication is performed between a drive in which a disk is loaded and a component (hardware apparatus, reproduction software and so forth are collectively referred to as components) which executes a contents process. Then, a temporary cryptographic key generated upon such authentication is used to encrypt contents to be transmitted between the drive and the component, and the encrypted contents is transferred. As a result, illegal acquisition of the contents by an illegal apparatus which cannot establish authentication can be prevented.
The process described makes it possible to select a component which is to execute a process of contents under the condition that the authentication results in success, and eliminates intervention of an illegal component thereby to prevent exploitation of data by an illegal apparatus.
However, an owner of the copyright or the right of distribution of contents sometimes wants a contents process only by a further limited component. For example, if a software program causes an encrypted contents process to be executed on a PC, then a decryption processing program is executed as a process of the CPU which executes processing under the control of a general purpose operating system (OS), and there is the possibility that intermediate data, key data and result data generated during the process may be stored into the general purpose memory of the PC as described hereinabove. The possibility that such data may be exploited cannot be denied.
In the authentication process described above, if a component has predetermined information necessary for the authentication, then the authentication can result in success irrespective of whether the component is a hardware component or a software component. As a result, intermediate data, key data and result data are stored into the general purpose memory of the PC and a process of contents transferred on the general purpose bus is allowed.
In order to execute a contents process more securely, it is preferable to execute a contents process within a closed particular hardware component for exclusive use which does not make use of a general purpose CPU, a memory or a general purpose bus.