The present disclosure relates to an information processing device, an information processing system, and an information processing method, and a program, and specifically relates to an information processing device, an information processing system, and an information processing method, and a program which prevent unauthorized usage of contents.
For example, contents such as movies, music, and so forth are provided to a user via various media such as DVD (Digital Versatile Disc), Blu-ray Disc (registered trademark), or flash memory, or a network such as the Internet or the like, or broadcast waves, or the like. The user can perform playing of contents using various information processing devices, for example, such as a PC, portable terminal, a recording/playing device such as a BD player or the like, a television set, and so forth.
However, with regard to many contents such as music data, video data, and so forth to be provided to a user, copyright, distribution right, and so forth are possessed by a creator or seller thereof. Accordingly, in the case of providing a content to a user, a content provider frequently performs predetermined content usage restrictions.
Using a digital recording device and a recording medium, for example, enables recording and playing to repeated without deteriorating video and audio, and accordingly, a problem has occurred in that usage of unauthorized copied contents is widespread, such as distribution of unauthorized copied contents via the Internet, circulation of so-called pirated discs, and so forth.
In order to prevent such unauthorized coping of data, various techniques for preventing illegal coping to a digital recording device and a recording medium have come into practical use.
For example, content encryption processing is one form thereof. A key used for decrypting encrypted data is provided to only a playing device which has received a license serving as a right to use a content. The license is provided to a playing device designed to follow a predetermined operational regulation, for example, such as performing no unauthorized copying, or the like. On the other hand, a playing device which has not received a license does not have a key for decrypting encrypted data, and accordingly does not perform decryption of encrypted data.
However, there is at the present a situation wherein, even when such encryption of a content is executed, unauthorized content use is still performed.
A specific example of unauthorized use of a content will be described. We will assume an arrangement wherein a content server distributes en encrypted content to a user device, e.g., a user device such as a recording/playing device, PC, portable terminal, or the like.
In the case that the content server distributes an encrypted content to a user device, the content server distributes the following data to the user device via a network, for example.    (a) Encrypted content    (b) Encryption key used for encryption and decryption of an encrypted content
For example, in the event of providing the same content such as the same movie or the like to a great number of user devices, there are the following two processing modes as processing modes that the content server executes.    (A) To generate a different encrypted content by applying an individual different encryption key to provide to each of the user devices    (B) To generate the same encrypted content encrypted by the same encryption key to provide to multiple user devices
In the case of considering safety for preventing unauthorized usage of a content, the processing in the above (A) is effective.
However, in order to perform the processing in the above (A), processing has to be performed for generating an individual encrypted content by setting an individual encryption key to each of the great number of users, causing a problem in that the processing load of the server increases according to the number of users to which the content is to be distributed, such as generation and management of encryption keys, generation processing of encrypted contents, and so forth.
Accordingly, in many cases, the processing in the above (B), i.e., with regard to the same content, it is not unusual to generate the same encrypted content encrypted by the same encryption key, and to provide to multiple users.
For example, one encryption key (=title key) is set to a content having a certain title, and the same encrypted content is generated by applying this one title key, and the following data sets are distributed to multiple users.    (a) Encrypted content    (b) Title keyThe processing load of the content server is reduced by performing such processing.
Note that, hereinafter, an encryption key to be set in increments of content titles will be described as “title key”. Note that a title key is applied to encryption and decryption processing of the encrypted content of the title thereof.
However, in the event of distributing the same dataset to a great number of users in this way, i.e., in the event of distributing a combination of the same data of the    (a) Encrypted content, and    (b) Title key,the following fraudulent processing may be performed by a part of “unauthorized users”.    (1) “Unauthorized user” reads out a title key received from the server to expose the read title key to an unspecified number of users, or    (2) “Unauthorized user” uses a title key A corresponding to a certain encrypted content A to encrypt a completely different content B,and the following combined data is distributed to an unspecified number of users.    (X) Title key A    (Y) Encrypted content B encrypted by Title key A
For example, in the event of the processing in the above (1) having been performed, a content encrypted by using the title key thereof is illegally used by a great number of users who have obtained an unauthorized exposed title key.
Also, in the event of the processing in the above (2) having been performed, an unauthorized dataset that the above “unauthorized user” has generated, i.e.,    (X) Title key A, and    (Y) Encrypted content B encrypted by Title key A,these are obtained from “unauthorized user”, and accordingly, the encrypted content B is illegally used by a great number of users.
Consequently, the number of users who legally purchase the original authorized dataset, i.e., the encrypted content B, and
the title key B corresponding to the encrypted content B, these datasets decrease, and the profits of a copywriter and a distribution rights holder are markedly diminished.
Further, a specific unauthorized process will be described. Let us say that the content server holds datasets in the following (1) through (3) encrypted content (C) and title key (Kt).    (1) (Kt11, C11)    (2) (Kt12, C12)    (3) (Kt13, C13)
where Cnn is a content file, and Ktnn is a title key used for encryption of a content.
(Kt11, C11) is a dataset of a title key (Kt11), and a content (C11) encrypted by the title key (Kt11).
For example, let us say that a certain “unauthorized user Ux” has purchased all of the following three datasets.    (1) (Kt11, C11)    (2) (Kt12, C12)    (3) (Kt13, C13)
Let us say that this purchase processing itself has been performed in accordance with a predetermined purchase procedure between a user device which “unauthorized user Ux” possesses, e.g., a PC and the content server.
“Unauthorized user Ux” records the above (1) through (3) datasets in a medium such as a hard disk or the like of the PC which is the user device.
“Unauthorized user Ux” reads out the above (1) through (3) datasets from a medium such as a hard disk or the like of the user device PC such as a PC or the like, and temporarily decrypts all of the encrypted contents using the corresponding title key to obtain the following data.
Title keys: Kt11, Kt12, Kt13
Decrypted contents: C11, C12, C13
Note that, with an authorized playing device, in the event of using an authorized content playing program, a title key is not externally read out, but the title key itself may be read out by a method such as installing an unauthorized program into a device such as a PC or the like, and it is difficult to completely prevent readout of the title key, which is the current situation.
Further, “unauthorized user Ux” generates data of the decoded contents: C11 through C13 being connected, i.e., C11∥C12∥C13, and encrypts this concatenated data using the title key Kt11.
Specifically, “unauthorized user Ux” generates
(Kt11, C11∥C12∥C13),
and illegally circulates this dataset via a network, e.g., sells this at a cheap price, or provides this to a great number of users without charge, for example.
Upon such processing being performed, a great number of general users may obtain the above unauthorized dataset, i.e., (Kt11, C11∥C12∥C13), from the above “unauthorized user Ux”.
This dataset is made up of the following datasets,    (a) Encrypted content encrypted by title key Kt11, and    (b) Title key Kt11, and has the same data configuration as with the data content provided from an authorized content provider to a user.
Therefore, an authorized playing device having an authorized content playing program having a license can decode and play the encrypted content [C11∥C12∥C13] using the title key Kt11 without any problem.
As a result, unauthorized usage is spread without authorized content purchase being performed, and users who legally purchase such as C11 through C13 and so forth decrease, and accordingly, the profits of an authorized rights holder are diminished.
Further, description will be made in a specific manner. For example, let us say that, with regard to a certain drama or the like, with series contents made up of 12 titles of a first episode though a twelfth episode, content purchase increments are set in increments of each episode as follows.    First episode=(Kt01, C01)    Second episode=(Kt02, C02)    Third episode=(Kt03, C03)    and so on through    Twelfth episode=(Kt12, C12)
In such a case, a certain “unauthorized user” performs processing for purchasing all of the series of 12 titles of the first through twelfth episodes, connecting the contents C01 through C12 of the first through twelfth episodes, generating a dataset re-encrypted bi the title key Kt01 corresponding to the first episode, i.e., (Kt01, C01∥C02∥C03 . . . ∥C12), and exposing this over a network, or illegally selling this.
In such a case, with a great number of user devices, the unauthorized dataset that “unauthorized user” has generated, i.e., (Kt01, C01∥C02∥C03 . . . ∥C12), may be obtained for playback and use.
For example, let us say that the regular price of each of the above twelve episodes is 2000 yen.
In this case, when purchasing all of the twelve episodes, the prices is calculated as 12×2000 yen=24000 yen.
For example, the above “unauthorized user” purchases the above unauthorized dataset, i.e., (Kt01, C01∥C02∥C03 . . . ∥C12), at 6000 yen. In this case, a great number of users purchase this cheap content, and consequently, authorized content sale is inhibited, and the profits and rights of the original copyright holder and selling rights holder are infringed.
In addition to the above example, the title key Kt11 set in response to one certain content C11 is used for encryption of other irrelevant various contents Cxx, and accordingly, the (Kt11, Cxx) content may be taken as various contents, which causes a problem in that all of the contents may be decrypted and played with one title key.
That is to say, even with a playing device wherein playback of a plain text content is forbidden, the same decryption and playback as with an authorized purchase content may be performed by use of the above unauthorized dataset.
Further, the “unauthorized user” can even perform replacement and re-encryption of a title key as a service, acting as if he/she were an authorized server.
In this way, it is difficult to prevent unauthorized use of a content just by countermeasures such as content encryption processing.
There is a technique causing a playing device to execute content tampering verification as a content unauthorized use exclusion technique different from encryption processing. According to this technique being applied, for example, with an unauthorized content circulation process, in the event that some sort of modification (tampering) has been made on a content, use of the tampered content thereof can be stopped.
Specifically, a user device which executes content playback has a control arrangement wherein processing for verifying whether or not there is content tampering is executed, and only in the case that confirmation is made that there is no content tampering, content playback is permitted, and in the case that confirmation is made that there is tampering, content playback is not executed.
For example, with Japanese Unexamined Patent Application Publication No. 2002-358011, a control arrangement has been disclosed wherein a hash value is calculated from a content file to be scheduled for playback, comparison with a hash value for matching prepared beforehand, i.e., a hash value for matching calculated beforehand based on authorized content data is executed, and in the case that the newly calculated hash value agrees with the hash value for matching, determination is made that there is no content tampering to proceed to content playing processing.
However, in the case of executing processing for calculating a hash value based on a content in this way, when the capacity of content data serving as the original data for hash value calculation is great, the processing load and processing time for calculation is also increased. Nowadays, quality improvement in moving image data has advanced, and there are many cases where one content has the data quantity of several gigabytes to several dozen gigabytes. A user device which executes content playback is caused to execute content hash value calculation processing based on such large capacity data, which leads to a problem in that data processing capabilities demanded of the user device become excessively great, and further leads to a problem in that time used for content verification is prolonged, and content playing processing is not performed in an effective manner.
Also, with Japanese Patent No. 4576936, an arrangement has been disclosed wherein a hash value regarding each hash unit set as segmented data of a content stored in an information recording medium is recorded in a content hash value table, and is stored in the information recording medium along with the content.
According to this disclosed arrangement, an information processing device which executes content playback executes hash value matching processing based on one or more hash units randomly selected. According to the present arrangement, regardless of the data amount of a content, hash value calculation and matching processing based on a hash unit having little data amount may be performed, and effective content verification at a user device which executes content playback may be performed.
However, the arrangement according to Japanese Patent No. 4576936 is premised on processing as to a content stored in the information recording medium. Though this disclosed arrangement may be available in the case that a hash value can be recorded along with a content at the time of manufacturing the information recording medium for example, this has a problem in that it is difficult to apply this disclosed arrangement to a content downloaded from a server for example.
Also, both of the above Japanese Unexamined Patent Application Publication No. 2002-358011 and Japanese Patent No. 4576936 emphasize on content tampering verification, and have a problem in that circulation of an authorized copied content having no tampering is completely uncontrollable.
In this way, it is the present situation that content encryption and tampering verification processing serving as existing techniques do not have sufficient prevention effects on circulation of unauthorized copied contents, and leaking of content encryption keys.