Recently, the prevalence of various broadband environments has exploded, and a variety of content distribution services, including music data, motion picture data, and so on, have become commercially available.
There are subscription-based music distribution services, e.g., “PressPlay (trademark).” In such music distribution services, a user who pays a monthly fixed fee can enjoy music content under predetermined conditions (for example, under conditions where up to 1,000 songs can be played back for streaming playback, up to 100 songs can be downloaded to and saved in a hard disk of a personal computer, up to 20 songs can be copied for writing (copying) onto CD (Compact Disk)-R, and so forth).
One system for managing right information of a user who receives content using such distribution services is disclosed in, for example, Japanese Unexamined Patent Application Publication No. 2001-352321, in which the system has nodes corresponding to a plurality of services which form a tree; wherein an enabling key block (EKB) including key information (DNK (Device Node Key)) assigned to the nodes on a path starting with one node corresponding to a given service and ending with the leaf nodes (devices) belonging to this service is used.
In this system, an EKB is added to the content distributed by a certain service, and a DNK assigned to each device is used to obtain updated key information contained in the EKB, so that the devices allowed to use the service can be managed. The devices which cannot obtain updated key information from the EKB using the DNK are not able to receive the service thereafter.
Therefore, use of the content on each device can be managed without authentication between a server which provides the content and each device.
In such a managing system of content right information, the device which imports the content from, for example, a CD (Compact Disk) uses an ICV (Integrity Check Value) to manage the content.
FIG. 1 is a schematic diagram of a mechanism for managing the imported content based on an ICV.
As shown in FIG. 1, for example, a device, such as a personal computer, registers the content (music data) imported from a CD in a management table of a hard disk, and generates an ICV by applying MAC (Message Authentication Code) (C1, C2, . . . , Cn) generated based on the registered content to ICV=hash (Kicv, C1, C2, . . . , Cn). Kicv is key information for generating the ICV.
The ICV which is generated when the content is created and which is saved securely and the ICV which is newly generated at a predetermined time such as a playback time are compared. When the ICVs match, it is determined that the content has not been tampered with. When the generated ICV does not match that generated when the content is created, it is determined that the content has been tampered with. When it is determined that the content has not been tampered with, the content is played back subsequently. When it is determined that the content has been tampered with, the playback operation is not performed. Therefore, playback of the tampered content can be prevented.
However, the above-described ICV-based content management mechanism has a problem in that an ICV must be generated each time the content is imported or played back, and this operation is burdensome.
Therefore, portable devices, such as music playback devices, must have a high-performance calculation unit having the capable of hash calculation to generate an ICV, and, due to such a calculation unit, the device cost must increase.