1. Field of the Invention
In general, the present invention relates to an information processing apparatus, an information processing method, an information processing system and a recording medium. More particularly, the present invention relates to an information processing apparatus, an information processing method an information processing system and a recording medium that allow data to be exchanged with a higher degree of security.
2. Description of the Invention
In recent years, there has been proposed a system comprising pieces of electronic equipment such as AV apparatuses and personal computers connected to each other by typically IEEE1394 serial buses wherein data can be exchanged among the pieces of equipment.
In such a system, for example, the ordinary user can play back movie information by using a DVD (Digital Video Disc) player and transmit the movie information to a monitor through the 1394 serial bus to display it on the monitor. The conduct done by the user to display the movie information is automatically permitted by the author of the movie information normally through a license which was obtained when the user purchased the DVD of the movie information. In order to do a conduct to copy the movie information played back from the DVD player to another recording medium such as an optical magnetic disc, however, it is necessary for the user to obtain a special permission from the author of the movie information. In the case of a copy license, typically, the optical magnetic disc apparatus is also used to store a key for indicating whether or not recording movie information into an optical magnetic disc mounted on the apparatus is allowed. That is to say, the key is used for forming a judgment as to whether or not the optical magnetic disc apparatus is a valid apparatus, that is, an apparatus licensed by the author of the movie information. If the optical magnetic disc apparatus is authenticated as a valid apparatus, the act to record the movie information into the apparatus can be judged to be a permitted conduct.
In such a case, it is necessary to verify that the destination apparatus is a valid apparatus in a transfer of information from an apparatus transmitting the information to an apparatus receiving the information, that is, the destination apparatus. It should be noted that the information transmitting apparatus and the information receiving apparatus are referred to hereafter as a source and a sink respectively.
FIG. 41 is a diagram showing the ordinary method for authenticating a destination apparatus. As shown in the figure, the source and the sink are each given a predetermined function f in advance by the author. Stored in a memory of each of the source and sink, the function f is difficult to identify from its input and output. In addition, it is difficult for a person who does not know the function f to infer an output produced by the function f from an input to the function f. The function f is provided to and stored in only an apparatus licensed by the author.
The source generates a random number r and transmits the number r to the sink through a 1394 serial bus. The source also applies the function f to the random number r, generating a number x (=f(r)).
Receiving the random number r from the source, the sink applies the function f to the random number r, generating a number y (=f(r)). The sink then transmits the number y to the source.
The source compares the calculated number x with the number y received from the sink to form a judgment as to whether or not the former is equal to the latter (x=y). If the number x is found equal to the number y, the source judges the sink to be a valid apparatus. In this case, movie information is encrypted by using a predetermined key before being transmitted to the sink.
As the key, a value k generated by applying the function f to the number y received by the source from the sink f is used (k=f(y)). By the same token, the sink also applies the function f to the number y to generate the value k (=f(y)). The value k is then, on the contrary, used as a key for decrypting the encrypted movie information.
In this method, however, it is necessary for all pieces of electronic equipment used as sources and sinks for transmitting and receiving information respectively to hold a uniform function f in strict confidence.
As a result, when the function f held in a piece of electronic is stolen by an unauthorized user, for example, the unauthorized user is capable of generating a key k by monitoring data exchanged by way of a 1394 serial bus and is, hence, capable of interpreting or decrypting encrypted data. In this way, the unauthorized user is capable of illegally stealing information by posing as an authorized user using a desired piece of electronic equipment.
The present invention addresses the problems described above. It is an object of the present invention to further improve security of transmitted information by preventing an unauthorized user from posing as an authorized user using a desired piece of electronic equipment even if data required for encrypting or decrypting the information is stolen by the unauthorized user.