In recent years, information recording media capable of storing large-capacity data, such as DVD, Blu-ray Disc, and so forth have become widely used, and a use mode for recording/playing back digital contents, for example, such as high-resolution image data, high-quality audio data, and so forth in/from a recording medium such as a disk or the like has been commonized.
Examples of a mode for performing contents playback from an information recording medium, contents recording processing to an information recording medium include a mode for utilizing a drive for driving an information recording medium (disc), and a device in which playback/recording processing functions are integrated, and a processing mode for connecting a drive and an information processing device serving as a host, for example, such as a PC or the like for executing a playback processing or recording processing program using a bus or the like, and performing data transfer between the drive and the host.
For example, as for issues in the case of performing data transfer between a drive and a host, there is an issue wherein unauthorized contents use, and probability of outflow increase. With regard to many contents such as music data, image data, and so forth, distribution rights thereof and so forth are generally held by originator or seller thereof. Accordingly, when distributing these contents, a certain use restriction and so forth is generally employed, i.e., an arrangement is made wherein authorized users alone are allowed to use contents, and it is prevented from performing unauthorized copying.
Employing a digital recording device and a recording medium enables recording and playback to be repeated without deteriorating images and audio, and accordingly, distribution of contents copied illegally, and circulation of pirated discs in which contents are copied in a recording medium such as CD-R, DVD, or the like have become a major issue.
Visual information and music information can be stored in a large-capacity-type recording medium such as DVD, Blue-ray Disc, or the like. In the event of circulating such a digital data recording medium in a market, it is indispensable to employ a configuration for preventing illegal copying, and realizing protection of a copyright holder. Nowadays, in order to prevent such illegal copying of digital data, various techniques for preventing illegal copying to a digital recording device and a recording medium have been put into practical use.
For example, with DVD players, the contents scrambling system (CSS) has been employed. With the contents scrambling system, video data, audio data, or the like is encrypted and recorded in a recording medium, for example, DVD-ROM (Read Only Memory), the key to be employed for decrypting encrypted data thereof is provided to only the players which received license thereof. A license is provided to only the players designed to follow predetermined operation rules such as not performing illegal copying, and so forth. Accordingly, the player which has received a license can play back images and audio by decrypting encrypted data recorded in an information recording medium using the provided key.
On the other hand, the player which has not received a license has no key to decrypt encrypted data, so cannot decrypt encrypted data recorded in an information recording medium. Thus, the contents scrambling system (CSS) provides a system for allowing only the players possessing an authorized license to use contents.
However, the contents scrambling system (CSS) includes an issue wherein it is difficult to eliminate illegal use of contents in a sure manner. Particularly, with processing for playing back contents by outputting contents from a drive mounting an information recording medium to an information processing device such as a PC or the like, an issue wherein illegal use of contents can be performed occurs. Description will be made below regarding this issue with reference to drawings.
FIG. 1 illustrates a data example stored in an information recording medium storing contents employing the contents scrambling system (CSS), and processing of a playback instrument (player).
The information recording medium 10 illustrated in FIG. 1 is, for example, a DVD video disc, which stores an encrypted disc key (secured disc key) 11, an encrypted title key 12 corresponding to the title of contents stored in the information recording medium 10, and scrambled MPEG data 13 which is contents subjected to scrambling based on the CSS method.
A playback instrument 20 for executing playback of contents while mounted on the information recording medium 10, for example, a DVD player executes decrypting processing of the encrypted disc key (secured disc key) 11 to obtain a disc key by applying a master key stored in the playback instrument 20 in step S11, executes decrypting processing of the encrypted title key 12 obtained from the information recording medium 10 to obtain a title key by applying the disc key obtained in step S12, and executes descrambling processing of the scrambled MPEG data 13 by applying the obtained title key in step S13, following which executes MPEG decoding processing to play back audio/visual data 25 in step S14.
Next, description will be made regarding a processing sequence wherein contents is input from a drive connected to a host (e.g., PC) for executing an player application serving as a contents playback processing program to the host (PC) side, and playback of the contents is performed using the player application of the host.
As illustrated in FIG. 2, mutual authentication and key sharing (AKE: Authentication and Key Exchange) is performed between a drive 30 mounted on an information recording medium and a player application 40 at the host side in steps S31 and S41 illustrated in the drawing. The mutual authentication processing is performed in accordance with an algorithm following the public key encryption method, for example. A session key is generated in the mutual authentication, and the drive 30 and the player application 40 at the PC side share the session key.
The drive 30 executes re-encryption of the encrypted disc key 11 obtained from the information recording medium by applying the session key to transmit this key to the player application 40 in step S32, and also executes re-encryption of the encrypted title key 12 obtained from the information recording medium by applying the session key to transmit this key to the player application 40 in step S33. The drive 30, and the PC serving as the execution device of the player application 40 are connected to a connection bus, e.g., an ATAPI-BUS, such encrypted key information is transmitted to the player application 40 side of the host (PC) via the connection bus.
Further, the drive 30 outputs the scrambled MPEG data 13 which is contents, which is obtained from the information recording medium, and is subjected to scrambling processing based on the CSS method, to the PC side via the connection bus between the drive and PC.
The player application 40 at the PC side obtains the encrypted disc key 11 by decrypting the re-encrypted data using the session key of the encrypted disc key 11 received from the drive 30 in step S42, and further obtains the encrypted title key 12 by decrypting the re-encrypted data using the session key of the encrypted title key 12 received from the drive 30.
The subsequent processing in step S51 through S55 is the same processing as the processing (S11 through S14) previously described with reference to FIG. 1.
The drawing in which the processing at the drive side in the processing illustrated in FIG. 2 is represented with a flowchart is FIG. 3. Upon determination being made in step S61 that the information recording medium (disc) is inserted, the drive 30 executes mutual authentication and key sharing (AKE: Authentication and Key Exchange) as to the host, i.e., the PC executing the player application 40 illustrated in FIG. 2 in step S62.
Upon achieving the mutual authentication and key sharing (AKE) (Yes in step S63), transition into a state wherein output of the CSS scrambled data which is contents stored in an information recording medium mounted on the drive is permitted occurs, and this state in which output of the CSS scrambled data is permitted continues until the information recording medium is ejected, or a power source is turned off.
Thus, the drive is set to a state in which output of the CSS scrambled data is not permitted before mutual authentication is established with an instrument serving as a contents output destination, and following mutual authentication with the instrument serving as a contents output destination being established, the drive is set to a state in which output of the CSS scrambled data is permitted, and this output permitted state continues until the information recording medium is ejected, or the power source is turned off.
The illegal use of contents illustrated in FIG. 4 can be caused depending on such a permissive condition of output of contents from the drive.
FIG. 4(1) illustrates a bypass use example of contents by switching the application at the host side such as a PC or the like serving as a contents output destination from the drive.
Description will be made regarding the processing (steps S71 through S73) at the host (PC) 60 side. In step S71, mutual authentication is performed between the drive 50 mounted on the information recording medium and the authorized player application of the host (PC) 60. According to establishment of this mutual authentication, the drive 50 is set to a state in which output of the CSS scrambled data is permitted.
In step S72, audio/visual data including the CSS scrambled data is read out from the drive 50, and is stored in a hard disk.
In step S73, the application is switched into a CSS descrambling software, and descrambling processing of the CSS scrambled data stored in the hard disk is performed.
Such processing enables descrambling, and the plaintext contents subjected to descrambling can be used without any restriction.
The processing illustrated in FIG. 4(2) illustrates an illegal use of contents due to wiretapping processing of the connection bus between the host (PC) and the drive, e.g., ATAPI-BUS.
Description will be made regarding the processing (steps S81 through S83) at the host (PC) 60 side. In step S81, mutual authentication is performed between the drive 50 mounted on the information recording medium and the authorized player application of the host (PC) 60 to perform obtaining and playback of contents.
The contents is input as CSS scrambled data via the connection bus between the host (PC) and the drive, e.g., ATAPI-BUS.
The host 60 performs monitoring of the connection bus between the host (PC) and the drive, and stores the data obtained by monitoring, i.e., CSS scrambled data in the hard disk.
In step S63, descrambling processing of the CSS scrambled data stored in the hard disk is performed by applying a CSS descrambling software.
Such processing enables contents subjected to descrambling to be obtained, and the plaintext contents subjected to descrambling can be used without any restriction.
Thus, the current contents scrambling system (CSS) cannot eliminate illegal use of contents in a sure manner. Particularly, as described above, the current contents scrambling system (CSS) includes an issue wherein illegal use of contents readily occurs when playing back contents by outputting contents from a drive mounted on an information recording medium to an information processing device such as a PC or the like.