1. Field of the Invention
The present invention relates to a content reproducing apparatus. More specifically, the present invention relates to a content reproducing apparatus and an authentication control method in which an authentication process with a detachable recording medium is executed by use of certificate data and a content in the recording medium is reproduced when succeeding in the authentication process.
2. Description of the Prior Art
An example of such kind of a conventional content reproducing apparatus is disclosed in a Japanese Patent Laying-open No. 2002-269090 [H04L 9/32, G06F 12/14, G10L 19/00, H04N 5/91, H04N 5/92] laid-open on Jan. 25, 2002. As shown in FIG. 8, a data reproducing apparatus 1 is provided in a cellular phone 2, for example. The data reproducing apparatus 1 executes a reproduction process of encrypted music data stored in a memory card 3 according to an instruction from a user. A controller 4 reads authentication data {KPpx//Crtfx} KPma from an authentication data holder 6 so as to input to the memory card 3 via a memory interface 7. For example, the authentication data holder 6 holds two authentication data {KPp1//Crtf1} KPma and {KPp2/Crtf2} KPma, and the controller 4 reads the authentication data {KPp1//Crtf1} KPma and {KPp2//Crtf2} KPma in this order.
On the other hand, the memory card 3 accepts the authentication data {KPpx//Crtfx} KPma input from the cellular phone 2 and performs a decryption process thereon. That is, the accepted authentication data {KPpx//Crtfx} KPma is decrypted by a public authentication key Kpma. By utilizing a result of the decryption process, it is determined whether or not the authentication data {KPpx//Crtfx} KPma is normal authentication data. In a case the authentication data cannot be decrypted in the memory card 3, an output of unacceptability of the authentication data is applied from the memory card 3 to the controller 4. On the other hand, in a case the authentication data can be decrypted, the memory card 3 determines whether or not an obtained certificate Crtfx is included in prohibition class list data.
The certificate Crtfx is applied with an ID, and the memory card 3 determines whether or not the ID of the accepted certificate Crtfx exists in the prohibition class list data. In a case the certificate Crtfx is included in the prohibition class list data, the memory card 3 applies to the cellular phone 2, i.e., the controller 4 the output of unacceptability of the authentication data.
Thus, the memory card 3, when the authentication data cannot be decrypted by the public authentication key KPma or when the accepted certificate Crtfx is included in the prohibition class list data, outputs the unacceptability of the authentication data to the cellular phone 2. Accordingly, the controller 4, when receiving the unacceptability of the authentication data, reads next authentication data. As described above, the controller 4 reads the authentication data {KPp1//Crtf1} KPma at first and reads next (another) authentication data {KPp2//Crtf2} KPma in place of this. Then, the next authentication data is read, that is, the certificate data including the certificate Crtf1, the certificate Crtf2, . . . the certificate Crtfx in this order is read, and whereby, the above-described authentication process is repeated until it is determined that the certificate Crtfx is not included in the prohibition class list data or until all the authentication data is output.
Herein, that the certificate Crtfx is included in the prohibition class list data means that a secret decryption key Kpx as a class key is broken due to cracking or leakage. Since the memory card 3 cannot output the encrypted music data to the data reproducing apparatus 1 holding such the broken certificate, the process is set so as not to shift to a next step until it is confirmed that the certificate accepted from the cellular phone 2 is not included in the prohibition class list data.
That is, after outputting the unacceptability of the authentication from the memory card 3, the controller 4 is set to transmit another (next) authentication data to the memory card 3, and therefore, even if one or a plurality of certificates out of the certificates held by the data reproducing apparatus 1 is included in the prohibition class list data, if another certificate is not included in the prohibition class list data, it is possible to accept the encrypted content data and the license key from the memory card 3 and reproduce the music data. Thus, even if the certificate is included in the prohibition class list data due to cracking or leakage of the secret decryption key, the cellular phone 2 including the data reproducing apparatus 1 is aimed to be life-prolonged.
However, in the prior art, at a time of executing the authentication process with the memory card 3, the data reproducing apparatus 1 is set so as to utilize the certificate according to a predetermined order and therefore, there is a case even the certificate which has already been included in the prohibition class list data held by the memory card 3 and became unusable may be transmitted to the memory card 3. In this case, the memory card 3 fails in the authentication and outputs the unacceptability of the certificate data. Therefore, there occur problems that the time period, specifically, the time period spent for the decryption process of the certificate is time-wasting and the start of the reproduction of the music data (content data) is delayed uselessly.