1. Field of the Invention
The invention relates to data alteration checking apparatus and method for checking the presence or absence of alteration with respect to a contents file whose copyright is protected and which has been recorded on a recording medium and relates to a recording medium which is used for such an apparatus.
2. Description of the Related Arts
In recent years, the development of high density optical disks represented by a DVD (Digital Versatile Disk) has been progressed and the standardization of such disks has been progressed in association with it. AUDF (Universal Disk Format) has been determined by such standardization. A logic format according to the UDF is used in a DVD-RAM (DVD—Random Access Memory) in which a DVD is modified as a rewritable disk. The UDF can be also applied to a CD-R in which a CD-ROM (Compact Disc—Read Only Memory) is modified as a writable disk and a CD-RW in which a CD-ROM is modified as a rewritable disk.
In the UDF, a layer-like file system is used, a sub-directory is referred to from information stored in a root directory, and further another sub-directory or a substantial file is referred to from the information stored in the sub-directory.
The above construction will be described more specifically. A recording area on the disk is accessed by using a sector as a minimum unit and, for example, in case of the DVD-RAM, the recording area is accessed from the inside to the outside of the disk. An area in which volume information is written (such an area is referred to as a system area here) is arranged subsequent to a lead-in area from the innermost rim side. A position where a file entry (hereinafter, abbreviated to “FE”) of the root directory is written is shown in the system area. The FE comprises a root directory, a sub-directory, and an allocation descriptor (hereinafter, abbreviated to “AD”) as information of an address and a length of the file.
In the FE of the root directory, a logic address and a length of the root directory as a substance are shown by the AD. The root directory includes one or a plurality of file identifier descriptors (hereinafter, abbreviated to “FIDs”). The FE of the sub-directory or the FE of the file under the root directory is referred to by the FID. By those FEs, the substance of the corresponding sub-directory or file is referred to. The substance of the sub-directory includes one or a plurality of FIDs. That is, in the UDF, the directories other than the root directory are accessed in the order of the FIDs, FEs, and substances by using the FID and FE as pointers.
There is an alteration check as one of technical elements regarding the protection of the copyright of the information data recorded on the recording medium. It is a technique for preventing illegal alteration with respect to the recorded information data and detecting the alteration in the case where the information data has illegally been altered. Further, according to the alteration check, by binding the information data as data closed in the recording medium on which the information data has been recorded, an illegal copy of the information data can be prevented. In the copyright protection, therefore, such a technique can be regarded as a-very important technical element.
A conventional data alteration checking method will now be schematically explained. An alteration check value which is unconditionally formed and in which it is difficult to identify source information by a reverse arithmetic operation is obtained every file (contents) as a unit of the information data from attribute information of the file such as important administration information, copyright information, state information, and the like. The obtained alteration check value is written into an alteration check administration value space as an area or a file which is provided on the recording medium and which cannot be easily accessed by the user. When the recording medium is reproduced, an alteration check value is obtained on the basis of reproduction data and the obtained alteration check value is compared with the alteration check value written in the alteration check administration value space, thereby discriminating whether an illegal movement or copy of the file has been performed or not.
Similarly, a method of discriminating whether an illegal movement or copy of the file has been performed or not by obtaining alteration check values with respect to all of the files existing on the same recording medium is also embodied.
As a method of obtaining the alteration check values, for example, an arithmetic operating method called MAC (Message Authentication Code) specified in ISO/IEC9797 is known. There is a case where the alteration check value itself of each file is called MAC. At this time, particularly, there is a case where the alteration check with respect to all of the files existing on the same recording medium is called ICV (Integrity Check Value), thereby distinguishing both of them. The alteration check value of each file is called MAC and the alteration check values with respect to all of the files on the same recording medium are called ICVs hereinbelow.
According to the conventional alteration checking method, the MAC is formed every file on the recording medium as mentioned above. In recent years, the realization of a large memory capacity of the recording medium has remarkably been progressed. As the memory capacity of the recording medium increases, the number of files existing on the recording medium also becomes very large and it is presumed that an amount of MAC also becomes very large in association with it. As a procedure of the above alteration checking method, it is necessary to arithmetically operate the present MACs and ICVs at timing for performing the check on the basis of the files or the like existing on the recording medium. At this time, particularly, in case of the disk-shaped recording medium, a driving system exists in terms of its structure and there is a problem such that it takes a long time for the access which is performed to obtain information for obtaining the MACs and ICVS. There is also a problem such that it causes a stress to the user.
Further, in the case where various kinds of contents exist on the same recording medium, contents files other than the targets of the alteration check are also included in the alteration checking procedure every time in dependence on application software or set equipment for reproducing the recording medium. In such a case, it takes surplus time which is spent for the alteration check and there is a problem such that a time efficiency is low.
Further, a case where the alteration checking procedure has to be performed with respect to a specific file at certain timing is also considered. In such a case, in the application software or set equipment, the corresponding MAC is searched from an MAC list of the relevant file held at the time of the first alteration check regarding the recording medium and the alteration check is performed by using the searched MAC. In this case, if the memory capacity of the recording medium becomes large and the number of files existing on the recording medium is very large as mentioned above, a scale of the MAC list is also very large and it is necessary to spend a long time to specify the corresponding MAC from the list. There is, consequently, a problem such that the time efficiency is low in a manner similar to that mentioned above.
As an example of measures for solving the above problem, there is a method whereby an area to store the MAC is set to a fixed length and a storing location of the MAC is directly specified in accordance with the file number or the like. In case of the recording medium of the large capacity, however, there is a problem such that it is necessary to assure a fairly large area for this purpose due to a contents storing ability.
According to such a method, since the area to store the MAC is set to the fixed length, there is a problem such that it is necessary to limit the number of files or the like and it is not practical.
Hitherto, as a method of binding the information data files existing on the recording medium onto the recording medium, a method whereby a peculiar ID is embedded into the recording medium and an information data file which is recorded onto the recording medium is encrypted by using a contents key to which the ID has been reflected is embodied. A method whereby a certain kind of key is embedded into the recording medium in a state where it is protected by, for example, an encryption or the like and this key is used for encrypting the information data is also used likewise. According to both of the above methods, for example, even in the case where the file recorded on the recording medium is illegally copied onto another recording medium, since an ID different from that of the recording medium on the copying source side has been embedded into such another recording medium, the encryption performed to the information data cannot be decrypted upon reproduction of such another recording medium, so that a state which is substantially closed in the recording medium can be realized.
According to such a method, however, when a copy or a movement of the file is executed by a legal procedure, it is necessary to decode the information data to be copied or moved and encrypt it again by using a peculiar ID or key of the recording medium on the copy or movement destination side, so that there is a problem such that it is very troublesome to the user.
The foregoing alteration check is also used for realizing a mechanism similar to that mentioned above. If the ICV can be certainly held on the recording medium, even when the file is illegally moved or copied onto such a recording medium, a mismatch can be detected. At a point when the mismatch is detected, by obtaining each MAC with respect to all of the files existing on the recording medium at present and comparing the obtained MACs with the MACs which have already been recorded, the files which were illegally moved or copied can be specified.
According to the calculation of the ICVs and the checking procedure, however, since a procedure to calculate the MACs with respect to all of the files existing on the recording medium is necessary, it takes a long time for the processes. On the other hand, if only the MACs are used, the files are not always bound on the recording medium. Therefore, in case of the method using the MAC, it is certainly necessary to use at least the foregoing method using the ICVs or the like together. At this time, particularly, in case of the disk-shaped recording medium, the driving system exists in terms of its structure and there is a problem such that it takes a long time for the access which is executed to obtain information for obtaining the MACs and ICVs. There is also a problem such that it causes a stress to the user.