1. Field of the Invention
The present invention relates to information processing apparatuses, information processing methods, and programs. More specifically, the present invention relates to an information processing apparatus, an information processing method, and a program which control use of content.
2. Description of the Related Art
Nowadays, DVDs (digital versatile discs), Blu-ray Discs®, and so on are used as data storage media. These information storage media are used to record and play back various types of content, such as movies and music.
Variations of the information storage media, such as DVD and Blu-ray Disc®, include read only media (on which data are pre-recorded and to which new data writing is not permitted), such as DVD-ROM and BD-ROM, and rewritable media (to which data can be written), such as DVD-RAM/R/RW, DVD+RW/+R and BD-R/RE.
Read only media on which various types of content, such as moves and/or music, are pre-recorded are supplied to users. Use of data-writable information storage media, such as rewritable media, allows users to record and use, for example, broadcast content, content downloaded over a network, and content obtained via terminal apparatuses installed at public places.
For content that is pre-recorded on discs or obtained through broadcasting, a network, or the like, the creators or sellers of the content in many cases hold copyrights, distribution rights, and so on of music data, moving-image data, and so on of the content. Thus, many pieces of content supplied to the users are subjected to usage control to ensure that the content is not unlimitedly copied. More specifically, for example, a control scheme for preventing unauthorized coping and so on is employed, permitting only legitimate users to use (e.g., to play back) content.
One scheme for the content usage control is to encrypt content for distribution. A key held by only a user and/or an apparatus having legitimate content-usage permission is used to decrypt the encrypted content to execute playback thereof. One example of such a usage control system will be described.
Playback apparatuses (players) for playing back content recorded on media (such as DVDs and Blu-ray Discs®), recording apparatuses (recorders) for recording data to the media, drive apparatuses for performing playback from or recording to the media loaded thereinto, and so on are supplied to users, with apparatus-unique keys (electronic keys) being associated with the respective apparatuses and being stored in the memories of the apparatuses.
The keys stored in the apparatuses are issued by a license administrator (an administration center) that offers a content copyright protection technology. The manufacturing plant of the playback apparatuses and so on record the individual keys, distributed from the administration center, in the memories in playback apparatuses. The apparatuses in which the apparatus-unique keys are stored are supplied to users through sales outlets and so on. One example of the administration center is AACS LA (Advanced Access Content System Licensing Administrator) that licenses the AACS, which is a copyright protection technology for HD (high definition) movie content.
Content stored/recorded on media such as DVDs is generally encrypted. Thus, when the user performs playback, a content cryptographic key is calculated using the key stored in the apparatus to perform processing for decrypting the encrypted content. When content is be recorded to media, the content is encrypted with the content cryptographic key and the encrypted content is recorded together with the content cryptographic key subjected to encryption processing using the key stored in the apparatus. With such an arrangement in which the apparatus-unique key is used to execute decryption playback processing or encryption recording processing on content, unauthorized copy or use of the content is prevented.
However, for example, when the key held in the apparatus is compromised and disclosed, this results in a situation in which the key that is supposed to be unique to the single apparatus can be used for many other apparatuses manufactured without a legitimate license. As a result, a third party that sells or distributes unauthorized apparatuses that enable content copy or content use circumventing the restrictions of the AACS specification may appear, which may lead to a situation in which unauthorized use of the content may not be prevented.
The AACS specification employs a scheme for dealing with such a situation. One example is a system for invalidating (revoking) a key, held in an apparatus in accordance with an AACS license contract, at a point when the administration center (AACS LA) finds a critical violation, such as key compromise, against compliance rules of the contract.
The key invalidation processing (revocation processing) is already available as invalidation processing (revocation processing) for public keys or as processing using an MKB (media key block), which is a cryptographic information (cryptographic key) block generated based on a key-structure key distribution scheme (which is one type of broadcast encryption scheme). The key invalidation processing that complies with the AACS specification is also analogous to the already-available invalidation processing. The processing using the MKB is disclosed in, for example, Japanese Unexamined Patent Application Publication No. 2008-103007.
The MKB contains encrypted data of a media key used for processing for decrypting encrypted content. The media key can be obtained through MKB processing using the key stored in the apparatus. The MKB is data that is sequentially updated. For example, when a key compromise as described is found out and the key is to be invalidated, an MKB from which a valid media key may not be acquired when MKB processing using the compromised key is performed is generated.
The MKB updated as described above is stored on media, such as DVDs, that are made commercially available and are supplied to users. Even when an attempt is made to perform content playback with an apparatus in which an invalidated key is stored, the content playback is disabled since the media key may not be obtained from the updated MKB.
With such a system, however, even when the apparatus-unique key of an apparatus of a user has been invalidated, the user generally does not notice that the key of his or her apparatus has been invalidated unless he or she uses a medium on which data (such as the latest MKB) indicating the invalidation is recorded.
When revocation according to the AACS specification occurs, a situation in which content stored on old discs can be played back but content stored on new discs is not played back may occur. In such a situation, the user of the apparatus suspects that it is due to a failure of the apparatus and may ask the manufacturer of the apparatus or the like to repair the apparatus.
In order to prepare for such a situation, the apparatus manufacturer employs a particular scheme. Specifically, during storage of the keys, received from the administration center, into apparatuses to be supplied, the manufacturer creates an apparatus-and-key list containing data indicating correspondences between identifiers (serial numbers) of the apparatuses and identification information of apparatus-unique keys stored in the apparatuses and semi-permanently stores the apparatus-and-key list.
The apparatus manufacturer receives, when the key stored in the apparatus manufactured thereby is invalided, key information of the invalidated key from the administration center and uses the apparatus-and-key list to obtain the apparatus identifier (serial number) information set for the invalidated key, in order to identify the product in which the invalidated key is contained. Thereafter, the product serial number is reported to the user via media, such as a web site, provided by the manufacturer. Such a process makes it possible to offer customer services, such as prompting product replacement or refund, to users who have apparatuses in which invalidated keys are stored.
Such an approach, however, has the following problems:
(1) Data Storage Facility and Maintenance Cost that Accumulates Continuously Every Year
For products that are designed and manufactured with every possible care being taken to ensure that incidents involving product invalidation and so on, which are events that incur loss to the apparatus manufacturer, do not occur, such an incident or a key invalidation involved therein could occur any time but it can also be said that the probability of the occurrence is nearly zero. The manufacturer continuously storing the apparatus-and-key list in case of the key validation means continuously bearing a facility cost (for facility-investment and maintenance) that is proportional to the number of products manufactured. The cost adds up along with the volume of data that accumulates year by year. Since the upper limit of the data storage period is not clearly specified in a contract for copyright protection technology (e.g., the AACS), the apparatus manufacturer may have to semi-permanently store the data.
(2) Problem in Service
For example, when the apparatus manufacturer is to replace a key-containing component during repair or maintenance service after shipment of the product, it is also generally necessary to go through a procedure for updating the apparatus-and-key list. Alternatively, for replacement of a key-containing component during repair or maintenance service, it is also necessary to perform work for retrieving the key, associated with the serial number of the product, from the apparatus-and-key list and for recording the retrieved key back to the product after the component replacement. During the work, service stations located in various regions have to access a database in which the apparatus-and-key list is stored. Also, recording the electronic key (which is strictly confidential information) during the repair or maintenance service also involves taking measures for advanced information security for not only a key-recording instrument but also facilities and personnel, and correspondingly, the facility-investment cost and maintenance cost at the service stations increase.
(3) Problem with Apparatus Installed in PC
For products (such as Blu-ray Disc® drives) that are installed in PC main units, checking the serial numbers of the products generally necessitates removing the products from the PC main units. However, not every user can perform such check processing. In particular, for notebook PCs that are increasingly becoming popular among PC products in recent years, removing built-in Blu-ray Disc® drives or the like involves work that is equivalent to completely disassembling the PC main units, and is thus far from being practical.