The present invention relates to a data processing system, a method of processing data, a data processing apparatus, and a computer program providing medium. More particularly, the present invention relates to a data processing system, a data processing method, a data processing apparatus, and a program providing medium, in which a tree structure type hierarchical key distribution system is introduced to make it possible to reduce the load for distribution of a contents key and for distribution of other ciphering keys via the contraction of message volume, and yet capable of preserving the security of data and accordingly achieving higher efficiency to process data via such devices which are managed by the hierarchical key distribution tree.
Recently, there is a further growth of distribution of so-called “contents” data via a wide variety of software data including music data, game programs, picture data, or the like, which are respectively transmitted via internet service lines, or via distributable recording media including a memory card, a DVD (Digital Versatile Disc), or CD (Compact Disc), or the like, for example.
Any of those distributed contents data is reproduced via user's personal computers, reproduction devices, or game players via reception, or via such recording media including a memory card, a CD, or a DVD loaded in any of those means cited above. In addition, the above contents data are also reproducibly stored in a reproduction device and a recording medium stored in a personal computer such as a memory card or a hard disc for example.
Any of the above-cited reproduction devices, game players, and information device such as personal computers incorporates an interface device for receiving distributed contents data or for accessing a DVD and a CD and further incorporates a controlling means required for reproducing contents data, and yet, also incorporates a RAM (Random Access Memory) and a ROM (Read Only Memory) for storing programs and a variety of data.
Based on user's instruction via the reproduction device, the game player, or the information device such as the personal computer or user's instruction via a connected input means, a wide variety of contents data such as music data, picture data, or programs are individually output from a built-in or detachable recording medium and then reproduced by a data reproducing apparatus or via a connected display device or speaker units.
Conventionally, the rights of distribution for game programs, music data, picture data, or the like, are reserved by corresponding producers and marketing agents. Accordingly, whenever distributing contents data, only restricted proper users are authorized to utilize the contents data so that unauthorized duplication will not be committed. In other words, it is a conventional practice to establish such a safeguard to ensure security.
A process for ciphering distributable contents data constitutes such a practical means to restrain users from utilizing the contents data. Concretely, the ciphering method distributes a variety of contents data comprising ciphered audio data, picture data, game programs, or the like, via internet service lines for example, and in addition, it also enables only those who are authenticated as proper users to decode the distributed ciphered contents data. In other words, only those verified users are entitled with reception of the decoding key.
Ciphered data can properly be restored into practically usable decoded data, i.e., a plain text, solely after completing such a decoding process in accordance with a predetermined procedure. These processes for ciphering data via a ciphering process and decoding data via a decoding method and the process are conventionally well known.
Of those various kinds in the method for ciphering and decoding data by applying a ciphering key and a decoding key, there is such a method so-called common key ciphering system, for example. This common key ciphering system effects ciphering of data and decoding of data by applying a common key. This system provides verified proper users with the common key for ciphering and decoding receivable data whereby preventing unverified users devoid of the common key from improperly accessing data. A typical one of the common key ciphering system is cited as the DES (Data Encryption Standard).
Such a ciphering key and a decoding key usable for the above cited ciphering and decoding processes can be secured by applying a mono-directional function such as a Hash function based on a certain pass-word for example. Such mono-directional function involves an extreme difficulty to compute an input value inversely from an output value. For example, based on an input pass-word predetermined by a user, by applying the mono-directional function and a resultant output value, a ciphering key and a decoding key are respectively generated. On the other hand, it is practically impossible to identify the above-referred pass-words as the original data from the ciphering and decoding keys generated via the above process.
There is a so-called open key ciphering process which utilizes such an algorithm based on such a ciphering process with a ciphering key and such a decoding process with a decoding key being different algorithm from each other. The open key ciphering process utilizes such an open key commonly usable by unspecified users. This ciphering method ciphers a document addressed to a specific individual by applying an open key issued by this specific individual. The document ciphered by this open key can be decoded solely by applying a secrete key corresponding to this open key used for ciphering this document. Inasmuch as the secrete key is reserved by such a specific individual who issued the open key, the document ciphered by the open key can exclusively be decoded by a specific individual reserving the secrete key. The RSA (Rivest Shamir Adleman) ciphering code is cited as the typical system of the open key ciphering method cited above. By way of utilizing the open key ciphering method, it is possible to set up such a system enabling ciphered contents data to be decoded exclusively for the verified proper users.
A number of the contents data distribution system cited above provides specific users with ciphered contents data via internet service lines or via storage in a recording medium such as a DVD or a CD by way of delivering a specific contents key for decoding ciphered contents data exclusively to those verified proper users. Further, such a system is also proposed, which initially ciphers such a contents data key for preventing a malfeasant from illegally duplicating contents data and then delivers the ciphered contents data key to verified proper users in order to decode the ciphered contents data key by applying such a decoding key solely reserved by the verified proper users whereby enabling them to utilize the delivered contents data key.
Generally, such a judgment to identify whether a corresponding user is verified as the proper one or not is executed prior to distribution of a contents data or a contents data key between a contents data provider for transmitting the contents and a specific device on the part of an individual user. When executing such a conventional authenticating process, initially, entity of the opposite party is confirmed, and then, such a session key solely effective for the related communication is generated. Only after completing the authenticating process, a contents related data or the contents data key is ciphered using thus generated session key to conduct the related communication. There are two kinds of authenticating methods including a mutual authentication by way of utilizing the above cited common key ciphering method and the other one utilizing the above cited open key ciphering method. However, in the case of the authentication utilizing the common key, another common key is required to deal with an expanded system construction, thus generating inconvenience in the process for renewing the related keys. On the other hand, in the case of utilizing the open key ciphering method, calculation load and the volume of required memory are respectively large. Accordingly, it is by no means desirable to further provide individual devices with additional processing means.