This invention relates to an information processing method, an information processing device, an information recording medium and a computer program. More particularly, it relates to an information processing method, an information processing device, an information recording medium and a computer program, which are configured so that keys necessary for recording and/or reproducing content data, such as a master key, a media key or a content key, are distributed or acquired, using a hierarchical key distribution system of a tree structure, and in which respective devices record or reproduce the content data using these keys.
In keeping up with progress and development of digital signal processing techniques, recording devices or recording media for digitally recording the information, are finding widespread use. With the digital recording device or recording medium, since copying can be repeatedly made without degrading the sound or picture quality, recording media obtained on unauthorized duplication may be circulated on the market, thus impairing the benefit of the copyright owners or authorized distributors of various contents, such as music or motion pictures. Nowadays, various techniques or systems for preventing unauthorized duplication have been introduced in the digital recording devices or digital recording media in order to prohibit such unauthorized duplication of digital data.
For example, in a MD (mini-disc), mini-disc and MD being registered trademarks of Sony Corporation, an SCMS (Serial Copy Management System) is used as a method of prohibiting unauthorized duplication. The SCMS is such a system in which, on the data reproducing side, an SCMS signal is output along with audio data from a digital interface (DIF) and, on the receiving side, the recording of audio data from the reproducing side is controlled based on the SCMS signal from the reproducing side to prohibit the unauthorized duplication.
Specifically, the SCMS signal is such a signal indicating whether given audio data is copy-free data, for which copying can be made any number of times, copy-once-allowed data, for which copying is allowed only once, or copy-prohibited data, for which copying is prohibited. On receipt of audio data from the DIF, the data recording side detects the SCMS signal, sent along with the audio data. If the SCMS signal is copy-free, the audio data is recorded, along with the SCMS signals, on a minidisc. If the SCMS signal is copy-once-allowed, the SCMS signal is changed to copy-prohibited and is recorded along with the audio data on the mini-disc. If the SCMS signal is copy-prohibited, audio data is not recorded. By this control employing the SCMS, unauthorized duplication of audio data, protected by copyright, may be prevented from occurring.
However, with the SCMS, it is unnecessary for the data recording equipment itself to incorporate means for controlling the recording of the audio data based on the SCMS signals, as described above. Thus, a mini-disc type recorder that is not capable of executing SCMS control will be unable to prevent illicit copying. In view of such limitation, the digital video disc (DVD) player, for example, is configured for prohibiting illicit copying of copyright-protected data by exploiting a content scramble system.
In the content scramble system, video or audio data are recorded encrypted in a DVD-ROM (Read Only Memory), and a key used for decoding the encrypted data (decrypting key) is provided to each licensed DVD player. Only DVD players which are designed to comply with preset operational regulations, such as not undertaking illicit copying, are licensed. In such way, the licensed DVD player is able to reproduce the pictures or speech recorded on the DVD-ROM by decoding the encrypted data through use of the key.
On the other hand, an unlicensed DVD player, not having a key for decoding the encrypted data, is unable to decode the encrypted data recorded on the DVD-ROM. Thus, with the content scramble system configuration, a DVD player not meeting required conditions to be accorded the license cannot reproduce the DVD-ROM having digital data recorded thereon. In such way, unauthorized duplication is prevented.
However, the content scramble system, used in the DVD-ROM, is designed for a recording medium on which data writing by the user is impossible (this sort of the recording medium is incidentally referred to below as ROM media), while no provision is made for a recording medium on which data writing by the user is possible (this sort of the recording medium is incidentally referred to below as RAM (random access memory) media).
Thus, even if the data recorded on the ROM-media is encrypted, but the encrypted data is copied in its entirety onto the RAM media, the result is a so-called pirated edition which reproducible on a licensed authorized device.
The present Assignee proposed in our senior patent application (Japanese Laying-Open Patent Publication H-11-224461; JP Patent Application 10-25310) a configuration in which the information for identification of individual recording media, referred to below as medium identification information, is recorded along with other data on a recording medium in question to permit only the licensed authentic device to access the medium identification information of the recording medium.
With this method, data on the recording medium is encrypted by the media identification information and a secret key (master key), obtained on licensing, such that, if an unlicensed device or equipment reads out the encrypted data, no meaningful data can be produced. It is noted that the device has its operation regulated at the time of licensing so that illicit duplication (unauthorized copying) is prohibited.
An unlicensed device cannot access the media identification information, while the medium identification information is of a value specific to each medium, so that, if such unlicensed device duplicates the totality of the encrypted data, recorded on the recording medium, on a new recording medium, the data recorded on the so produced recording medium cannot be decrypted correctly on a licensed device, to say nothing of the unlicensed device, thus effectively prohibiting the unauthorized duplication.
Meanwhile, in the above configuration, a master key stored in a licensed device or equipment is usually common to all devices or equipment. The reason a common master key is stored in all the equipment is that this represents an essential condition in order to make the media recorded on a given equipment reproducible on other equipment, that is to assure interoperability.
If, in such system, a hacker succeeds in obtaining the master key from one of the licensed pieces of equipment and distributes the master key, the encrypted recorded data can be decrypted by all pieces of equipment in the entire system, thus leading to breakdown of the entire system. In order to prevent this from occurring, it is essential that, if it is revealed that a given equipment has been attacked and a master key has become known, the master key be changed to a new one, which then is given to all pieces of the equipment except the equipment which has succumbed to the attack. As the simplest system to realize this configuration, a key unique to each equipment (device key) may be given to each equipment and a value obtained on encrypting the new master key with the individual device key may then be formed and transmitted to each equipment through a recording medium. However, in this case, the volume of the entire messages to be transmitted is undesirably increased in proportion to the number of the pieces of equipment.
As the configuration which possibly overcomes such problem, the present Assignee has already proposed in commonly owned co-pending patent application (JP Patent Application 2000-105328) a configuration employing a key distribution method having respective information recording and/or reproducing devices arranged at respective leaves of an n-branched tree, in which a key necessary for recording the content data on a recording medium or reproduction from the recording medium (master key or media key) is distributed through a recording medium or over a communication network. Each equipment then undertakes recording or reproduction of the content data using the so distributed master key or media key to enable the key to be distributed to authorized equipment (equipment in which secrecy is not disclosed), such that a lesser message volume is needed. Specifically, a key needed to generate a key required for recording on a recording medium or reproduction from the recording medium is set as a renewal node key. Such node key is allocated to each leaf or node of a n-branched tree. The renewal node key is encrypted such that decryption is possible only with a leaf key or a node key owned by the authorized equipment, and the resulting encrypted information is included in a key renewal block (KRB) which is then distributed to each information recording and/or reproducing piece of equipment. On receipt of the key renewal block (KRB), each recording and/or reproducing piece of equipment executes KRB decrypting processing to acquire the key necessary for recording or reproduction on or from the recording medium.
When the key distributing method is used in which the information recording and/or reproducing equipment pieces are arranged at the respective leaves of a n-branched tree and when media keys allocated to respective recording media are encrypted with the key renewal block (KRB) and distributed in this form, each recording and/or reproducing equipment has to carry out media key calculations. This must be done using the key renewal block (KRB) and the device key each time the recording media are accessed. Since the volume of these calculations is proportionate to the product of the time needed to decrypt the individual encrypted messages and the tree depth up to the leaves corresponding to the recording and/or reproducing equipment, the processing overhead is increased in the case of a large-sized system having a large number of the devices.
Commonly owned Japanese Patent Application 2000-105329 discloses a configuration employing a key distribution method having respective recording and/or reproducing equipment arranged at respective leaves of an n-branched tree, in which a content key is furnished through a recoding medium over a communication network as a cipher key necessary to record and/or reproduce the content data from the recording medium. This configuration is one in which the content data and a content key corresponding to the encrypted content data are sent e.g., over a communication network, with the content key being sent as encrypted data.
The encrypted content key is furnished using a key renewal block (KRB) obtained on encrypting a node key allocated to a node at each leaf of a n-branched tree set as a renewal node key. The renewal node key can then be decrypted with a leaf key or a node key owned solely by an authorized equipment. By furnishing the content key encrypted by the renewal node key, only the authorized recording and/or reproducing device is able to acquire the content key.
If the encrypted content key is furnished using the key distribution method having the information recording and/or reproducing devices arranged at the respective leaves of the n-branched tree, each recording and/or reproducing device has to process the KRB with the device key (leaf key) to calculate the content key. This is performed each time the content is used. For example, it is performed each time the content is reproduced from the recording medium.
Since the volume of these calculations is proportionate to the product of the time needed to decrypt the individual encrypted messages and the depth of the tree to the leaves of the tree which correspond to the recording and/or reproducing equipment, the processing overhead is increased in the case of a large-sized system having a large number of the recording and/or reproducing devices.