With the recent advancement and development of the digital signal processing technology, digital recorders and recording media have been prevailing. With such a digital recorder and recording medium, an image or sound, for example, can be repeatedly recorded and played back without any degradation thereof. Since digital data can be repeatedly copied many times with no degradation of the image and sound qualities, so recording media having digital data illegally recorded therein, if put on the market, will cause the copyrighters of various contents such as music, movie, etc. or legal distributors of the contents to be deprived of profits which would come to the latter if such illegal copying is not possible. To prevent such illegal copying of digital data, various illegal-copy preventing systems have recently been introduced in digital recorders and recording media.
As an example of the above illegal-copy preventing systems, SCMS (Serial Copy Management System) is adopted in the MD (mini disc) drive (MD is a trademark). The SCMS is such that at a data player side, audio data is outputted along with SCMS signal from a digital interface (DIF) while at a data recorder side, recording of the audio data from the data player side is controlled based on the SCMS signal from the data player side, thereby preventing the audio data from being illegally copied.
More particularly, the above SCMS signal indicates that an audio data is a “copy-free” data which is allowed to freely be copied many times, a “copy-once-allowed” data which is allowed to be copied only once or a “copy-prohibited” data which is prohibited from being copied. At the data recorder side, when receiving an audio data from the DIF, SCMS signal transmitted along with the audio data is detected. If the SCMS signal indicates that the audio data is a “copy-free” data, the audio data is recorded along with the SCMS signal to the mini disc. If the SCMS signal indicates that the audio data is a “copy-once-allowed” data, the audio data is converted to a “copy-prohibited” data and the SCMS signal is recorded along with the audio data to the mini disc. Further, if the SCMS signal indicates that the audio data is a copy-prohibited data, the audio data is not recorded to the mini disc. Under a control with the SCMS signal, a copyrighted audio data is prevented from being illegally copied in the mini disc drive unit.
However, the SCMS is valid only when the data recorder itself is constructed to control recording of audio data from the data player side based on the SCMS signal. Therefore, it is difficult for the SCMS to support a mini disc drive not constructed to perform the SCMS control. To apply the SCMS, a DVD player for example adopts a content scrambling system to prevent a copyrighted data from being illegally copied.
The content scrambling system is such that encrypted video data, audio data and the like are recorded in a DVD-ROM (read-only memory) and a decryption key for use to decrypt the encrypted data is given to each licensed DVD player. The license is granted to a DVD player designed in conformity with a predetermined operation rule against illegal copying etc. Therefore, using the given decryption key, a licensed DVD player can decrypt encrypted data recorded in a DVD-ROM to thereby play back the video and audio data from the DVD-ROM.
On the other hand, an unlicensed DVD player cannot decrypt encrypted data recorded in a DVD-ROM because it has no decryption key for the encrypted data. In short, the content scrambling system prevents a DVD player not meeting the licensing requirements from playing a DVD-ROM having digital data recorded therein in order to prevent illegal copying.
However, the content scrambling system adopted in the DVD-ROM is directed to a recording medium to which the user cannot write data (will be referred to as “ROM medium” hereunder wherever appropriate), but not to any recording medium to which the user can write data (will be referred to as “RAM medium” hereunder wherever appropriate).
That is to say, copying all encrypted data recorded in a ROM medium as they are to a RAM medium will produce a so-called pirated edition of the data which can be played back by a licensed DVD player.
To solve the above problem, the Applicant of the present invention proposed, as disclosed in the Japanese Published Unexamined Application No. 224461 of 1999 (Japanese Patent Application No. 25310 of 1998), a method in which information to identify each recording medium (will be referred to as “medium ID information” hereunder) is recorded with other data in a recording medium to allow access to the medium ID information in the recording medium only when a player going to play the recording medium has been licensed for the medium ID information.
The above method encrypts data in the recording medium with a private key (master key) acquired through licensing of the medium ID information so that any unlicensed player cannot acquire any meaningful data even if it can read the encrypted data. Note that a player licensed for the medium ID information has the operation thereof limited against illegal copying.
No unlicensed player can access the medium ID information. The medium ID information is unique to each recording medium. Even if an unlicensed player could copy all encrypted data recorded in such a recording medium to a new recording medium, the data thus recorded in the new recording medium cannot correctly be decrypted by the unlicensed player as well as by a licensed player. Thus, it is substantially possible to prevent data from being illegally copied.
Now it should be reminded that the method disclosed in the above Japanese Published Unexamined Application No. 224461 of 1999 (Japanese Patent Application No. 25310 of 1998) uses a sector key unique to each sector of a disc to encrypt content data such as image, sound, program, etc. to be recorded to the disc.
The above method is destined to solve a problem that if a large amount of data is encrypted with a single encryption key, the encryption key is likely to be uncovered by a differential attack or linear attack with a combination of an encrypted text stored in the recording medium and plain or unencrypted data acquired by an attacker by some means. In the method in the above Japanese Published Unexamined Application of the Applicant of the present invention, a different encryption key is assigned to each of sectors of a predetermined size so that only a limited amount of data can be processed with one encryption key, thereby making it difficult to disclose the encryption key. Further, the method can minimize the amount of data that can be decrypted if the encryption key is uncovered.
In the example described in the above Japanese Published Unexamined Application, however, an encryption key (sector key) for each sector, used for encryption of a content, is further encrypted with a higher-order key and stored in a sector header of a recording medium. Thus, the recording medium has to provide an area wide enough to store the sector key in the sector header, and for recording or playing back the content, access has to be made to the sector header for writing (for recording) or reading (for playback) of the encrypted sector key.