1. Field of the Invention
The present invention relates to a content management method and content storage system, in which a content is stored in a storage for management.
2. Description of the Related Art
These days, there have been proposed many ways of data service to users by serving an encrypted content over satellite broadcasting, cable communication, internet communication or similar network.
FIG. 1 shows flows of delivery of a content and its key from a content provider to a user's receiver, as a typical one of the conventional data services.
As shown in FIG. 1, a content provider 101 has non-encrypted contents such as music data, video data, games, document data including books, static image data, etc. When the content provider 101 provides a content to a service provider 102, it encrypts it with a content key it holds or generates. The content provider 101 supplies the content key to a key management center 103 as well. The content key may be different from one content to another or a common one for all contents the content provider 101 serves.
The key management center 103 encrypts the content key supplied from the content provider 101 with a delivery key the key management center 103 holds (it may be different from one user to another or a common one for all the users). Upon request from a user, the key management center 103 supplies the content key encrypted with the delivery key to the user.
The user has a receiver 104 adapted to receive a content key-encrypted content from the service provider 102 over the satellite, cable, internet or other communications network. To enjoy the supplied content, the user has to decrypt the content. To this end, the receiver 104 requests the key management center 103 to send a content key for decryption of the content supplied to the user. Upon request for sending of the content key, the key management center 103 will send the content key to the receiver 104. At this time, the key management center 103 will also account the served content. The accounting may be made in various manners. For example, an amount billed for the supplied content is paid from a user's bank account registered at the key management center 103. A request is made to the user for information of his or her credit card number and an accounting is made according to the credit card number. Alternatively, the receiver 104 may be provided with an IC card storing a prepaid amount of money from which an amount of money billed for the supplied content can be paid. When the accounting is completely performed, the user will have the right for the supplied content.
The user having received the encrypted content key will decrypt the content key with a delivery key held in an internal storage unit 111 of the receiver 104 and uses the decrypted content key to decrypt the encrypted content.
The user stores the decrypted content key in an external storage unit 112 by encrypting it with a unique storage key he holds, which is intended to prevent the delivery key having been used for delivery of the content key from being possibly be varied at every certain period. Also, if the content key is stored not encrypted, it is substantially the same as used in storage of the content as not encrypted, so that there is a likelihood that the data can freely be accessed by any other person. The above storage with the unique storage key is intended to avoid such an access by the other person. Further, so long as the user encrypts the content key with the unique storage key he holds, it is possible to avoid any possible re-accounting at the time of decrypting the same content. By encrypting the content key with the user's unique storage key, it is possible to prevent any third party from fraudulently copying the whole data stored in the external storage unit 112.
In some cases, however, the external storage unit 112 in which a content is stored becomes faulty and thus inaccessible. If the external storage unit 112 cannot thus be accessed, it is impossible to decrypt the content in the external storage unit 112. Also, since the right concerning the content has been purchased, the same content cannot be obtained without re-accounting. To avoid the above, the user has to copy the entire data in the external storage unit 112, which is a so-called “backup”. Permission of such an unlimited backup will lead to an unlimited use of the content key.
For example, if a content key encrypted along with use-permission information including requirements for a frequency and time length for using the content key, can freely be backed up, there is a likelihood that the requirements will not be applied any longer and thus the content key will unlimitedly be used. By writing an unused data over a data for which the required frequency of use has been decreased as it has been used, the frequency requirement can possibly be restored to its initial status. It should be noted that the time-length requirement is a number of days, for example, for which a data can be used after it is supplied to the user from the service provider. The permission of unlimited backup will disadvantageously lead to unlimited use of a content key.
To prevent an unlimited use of a content key, it has been proposed as shown in FIG. 3 to store in each of the first external storage unit 112 and second external storage unit 113 non-rewritable ID information and use the ID information and a storage key together for encryption of the content key. In this method, the content and content key are backed up or duplicated from the first external storage unit 112 to the second external storage unit 113 by copying the entire data in the first external storage unit 112 as shown in FIG. 2.
A content key is decrypted using ID information as will be described below:
First, the content key is encrypted with a key extracted from ID information (the ID information itself may be used as a key), and further encrypted with a storage key. On the assumption that the content key is Kc, storage key is Ks, identification information of the first external storage unit is ID1 and identification information of the second external storage unit is ID2, the encryption can be expressed as follows:K1=Enc(Kc,ID1)K2=Enc(K1,Ks)where “Enc(a, b)” indicates an encryption of the parenthesized data a with the data b taken as a key. That is, K2 thus obtained is an encrypted content key stored in the first external storage unit 112 and second external storage unit 113.
Then the receiver 104 decrypts the content key with data read from the first external storage unit 112 using the expression shown below:K1=Dec(K2,Ks)Kc=Dec(K1,ID1)where “Dec(c, d)” indicates a decryption of the parenthesized data c with the data d taken as a key. Thus, the receiver 104 can correctly extract a content key Kc based on the data stored in the first external storage unit 112.
On the other hand, to decrypt the content key with data taken out of the second external storage unit 113, the decryption will proceed with the expression shown below:K1=Dec(K2,Ks)Kc=Dec(K1,ID2)where “K1” to be decrypted with the identification information ID2 is Enc(Kc, ID1). Therefore, Kc cannot correctly be extracted because the ID information read from the second external storage unit 113 is ID2 and cannot be rewritten.
The above-mentioned encryption and decryption permit to prevent unlimited backup of a content key but no recovery can be made with the backup content key.