1. Field of the Invention
The present invention relates to information recording devices, information playback devices, information recording methods, information playback methods, and information recording media and program providing media used therewith. In particular, the present invention relates to an information recording device, an information playback device, an information recording method, and an information playback method in which, by using tree-structure, hierarchical key distribution to reduce the number of messages, reductions can be achieved in a data distribution load which is generated when a key such as master key or media key is updated, and in which by using, as data for generating a content-encryption key, secret information capable of being read only in special data-reading processing different from content-reading processing, the security of contents can be improved.
Specifically, the present invention relates to an information recording device, an information playback device, an information recording method, and an information playback method in which, by using a key distribution method in which recording/playback devices are arranged as leaves of an n-ary tree so that the key (master key or media key) required for recording/playback of content data on a recording medium can be distributed by recording medium or communication link, each recording/playback device uses the key to perform the recording and playback of the content data, and stores secret information, such as stamper ID, on a content storage disk for content recording/playback so that the device performs a specified playback process to obtain the secret information and generates a content-encryption key based on the secret information. The present invention also relates to an information recording medium and a program providing medium which are used with the information recording device, the information playback device, the information recording method, and the information playback method.
2. Description of the Related Art
With the progress and development in digital signal processing technology, the use of recording devices and recording media for digital data recording has become widespread in recent years. By using the recording devices and recording media, images and sound can be recorded and played back repeatedly without a deterioration in quality. In this manner, digital data can be repeatedly copied, while maintaining image and sound quality. Accordingly, if illegally copied recording media are distributed in the market, the profits to copyright holders for various type contents, such as music and movies, or appropriate dealership owners decrease. Nowadays, to prevent such unauthorized copying of digital data, various mechanisms (systems) are being incorporated into digital recording devices and recording media.
By way of example, the Serial Copy Management System (SCMS) is employed in Minidisk (MD) (trademark) devices as a method of preventing unauthorized copying. In the SCMS, a data playback side outputs an SCMS signal with audio data from a digital interface, and the data recording side controls, based on the SCMS signal, recording of the audio data from the data playback side so that unauthorized copying can be prevented.
Specifically, the SCMS signal represents an audio data type among “Copy Free” type in which the audio data may be copied any number of times, “Copy Once Allowed” type in which copying the audio data can be performed only once, and “Copy Prohibited” type in which the copying of the audio data is prohibited. When receiving the audio data from the digital interface, the data recording side detects the SCMS signal which is transmitted with the audio data. When the SCMS signal received represents the Copy Free type, the data recording side records the audio data on the Minidisk with the SCMS signal. When the SCMS signal represents the Copy Once Allowed type, the data recording side records the audio data on the Minidisk after changing the type of the audio data to the Copy Prohibited type. When the SCMS signal represents the Copy Prohibited type, the data recording side does not record the audio data. By using SCMS control, the Minidisk device prevents copyrighted audio data from being illegally copied.
However, it is difficult for the SCMS to cope with a case in which a Minidisk device having no mechanism for performing SCMS control is produced because the SCMS is based on the condition that a data recording device itself must have the above structure for performing control based on an SCMS signal of the recording of audio data from the playback side. Accordingly, for example, digital versatile disk (DVD) players use a content scramble system to prevent copyrighted data from being illegally copied.
In the content scramble system, video data, audio data, etc., are recorded in a DVD-ROM in encrypted form, and a key (decryption key) for decrypting the encrypted data is given to a licensed DVD player. The license is given to a DVD player designed to obey predetermined operation rules such as not performing unauthorized copying. Accordingly, the licensed DVD player can play back images and sound from the DVD-ROM by using the given key to decrypt the encrypted data in the DVD-ROM.
Conversely, an unlicensed DVD player cannot decrypt the encrypted data in the DVD-ROM because it does not have the key for decrypting the encrypted data. In the scramble system, a DVD player that does not meet the conditions required for licensing is not allowed to play back a DVD-ROM containing digital data, thereby preventing unauthorized copying.
Nevertheless, the content scramble system employed in the DVD-ROM is directed to recording media (hereinafter referred to also as “ROM media”) in which data writing by the user is impossible. The content scramble system cannot be applied to an application to recording media (hereinafter referred to also as “RAM media”) in which data writing by the user is possible.
In other words, if data contained in ROM media is encrypted, unaltered copying of the entire encrypted data to RAM media makes it possible to create a so-called “pirated edition” which can be played back by a licensed device.
Accordingly, the assignee of the present Application has filed Japanese Patent Application No. 10-224461 (Japanese Unexamined Patent Application Publication No. 11-224461) for a construction in which by recording, on a recording medium, information (hereinafter referred to as “medium identification information”) for identifying each recording medium with other data, and using a condition that a device for use is licensed about the medium identification information, only when the condition is met does the device access the medium identification information on the recording medium.
In this construction, data on the recording medium is encrypted using the medium identification information and a secret key (master key) obtained when the apparatus is licensed. If an unlicensed device has read the encrypted data, it cannot obtain semantic data. When the device is licensed, its operations are regulated so that it is unable to perform unauthorized reproduction (illegal copying).
The unlicensed device is not allowed to access the medium identification information, and the medium identification information has a unique value for each recording medium. Thus, if the unlicensed device has copied all of the encrypted data on a new recording medium, the encrypted data on the new recording medium cannot be correctly decrypted not only by the unlicensed device but also by even the licensed device. Therefore, illegal copying is substantially prevented.
In the above construction, in general, a common master key is stored in all licensed devices. This is because the storing of the common master key in the devices is the condition required for a recording medium having data recorded by one device to be played back by other devices (interoperability is ensured).
However, in this construction, if an attacker has succeeded in attacking one device and has extracted the master key, the attacker can decrypt the encrypted data contained in the entire system, so that the entire system may collapse. To prevent this situation, when it is detected that a device has been attacked and the master key exposed, the master key must be updated, and the updated master key must be given to all of the other devices. Concerning a simplest method for implementing this technique, it is possible to perform provision of unique keys (device keys) for a plurality of device, preparation of values which are encrypted using the device keys, and sending of the values by recording medium. In this case, the amount of all messages to be sent increases in proportion to the number of devices.
To solve this problem, the assignee of the present Application has already filed a Japanese Patent Application regarding a construction in which, by using a key distribution method in which information recording/playback devices are arranged as leaves of an n-ary tree, and distributing by a recording medium or communication link, the key (master key or media key) required for recording/playback of content data on the recording medium so that each device can record or play back the content data, the master key or the media key can be sent using a small number of messages to the appropriate device without exposing secret information. Specifically, in this construction, each device can obtain the key required for recording/playback of information on/from the recording medium by setting, as an updating node key, the key required for generating the key required for recording/playback of information on the recording medium (e.g., a node key assigned for each leaf of the n-ary tree), distributing to each information recording/playback device an enabling key block including information generated by encrypting the updating node key using a leaf key and the node key possessed only by an appropriate device so that the information can be decrypted, and performing enabling-key-block decryption in each information recording/playback device when it receives the enabling key block.
The security of the above construction is based on that an encryption key given to the information recording/playback device, and the media key for use in encryption/decryption processing in recording/playback of data on the recording medium are not exposed. Accordingly, there is no problem if the media key is prevented from being exposed. However, exposure of the media key, which must be kept secret, significantly affects the system.