In keeping up with progress and development of digital signal processing techniques, recording devices or recording media for digitally recording the information, are finding widespread use. With the digital recording device or recording medium, since copying can be repeatedly made without degrading the sound or picture quality, recording media obtained on unauthorized duplication may be circulated on the market, thus impairing the benefit of the copyright owners or authorized distributers of various content items, such as music or motion pictures. Nowadays, various techniques or systems for preventing unauthorized duplication have been introduced in the digital recording devices or digital recording media in order to prohibit such unauthorized duplication of digital data.
For example, in a MD (mini-disc), MD being a trademark, an SCMS (Serial Copy Management System) is used as a method of prohibiting unauthorized duplication. The SCMS is such a system in which, on the data reproducing side, an SCMS signal is output along with audio data from a digital interface (DIF) and, on the receiving side, the recording of audio data from the reproducing side is controlled based on the SCMS signal from the reproducing side to prohibit the unauthorized duplication.
Specifically, the SCMS signal is such a signal indicating whether given audio data is copy-free data, for which copying can be made any number of times, copy-once-allowed data, for which copying is allowed only once, or copy-prohibited data, for which copying is prohibited. On receipt of audio data from the DIF, the data recording side detects the SCMS signal, sent along with the audio data. If the SCMS signal is copy-free, the audio data is recorded, along with the SCMS signals, on a mini-disc. If the SCMS signal is copy-once-allowed, the SCMS signal is changed to copy-prohibited and is recorded along with the audio data on the mini-disc. If the SCMS signal is copy-prohibited, audio data is not recorded. By this control employing the SCMS, unauthorized duplication of audio data, protected by copyright, may be prevented from occurring.
With the SCMS, it is prerequisite that the data recording equipment itself owns the structure of controlling the recording of the audio data from the reproducing side, based on the SCMS signals, as described above. Thus, if the mini-disc not having the structure of executing the SCMS control is produced, it is difficult to cope with the illicit copying. So, the DVD player, for example, is configured for prohibiting illicit copying of copyright-protected data by exploiting a content scramble system.
In the content scramble system, video or audio data are recorded encrypted in a DVD-ROM(Read Only Memory), and a key used for decoding the encrypted data (decrypting key) is given a licenced DVD player. It is a DVD player, designed to comply with preset operational regulations, such as not undertaking illicit copying, that is licensed. So, the licenced DVD player is able to reproduce the pictures or speech from the DVD-ROM by decoding the encrypted data, recorded on the DVD-ROM, by exploiting the accorded key.
On the other hand, an unlicenced DVD player, not having a key for decoding the encrypted data, is unable to decode the encrypted data recorded on the DVD-ROM. Thus, with the content scramble system configuration, a DVD player not meeting required conditions at the licencing time cannot reproduce the DVD-ROM having digital data recorded thereon, thus prohibiting unauthorized duplication.
However, the content scramble system, used in the DVD-ROM, is designed for a recording medium on which data writing by the user is impossible (this sort of the recording medium is incidentally referred to below as ROM media), while account is not taken of application thereof to a recording medium on which data writing by the user is possible (this sort of the recording medium is incidentally referred to below as RAM media).
That is, if the data recorded on the ROM media is encrypted, but the encrypted data is copied in its entirety on the RAM media, the result is a so-called pirate edition reproducible on a licenced authorized device.
The present Assignee proposed in our senior patent application (Japanese Laying-Open Patent Publication H-11-224461; JP Patent Application 10-25310) a configuration in which the information for identification of individual recording media, referred to below as medium identification information, is recorded along with other data on a recording medium in question to permit only the licenced authentic device to access the medium identification information of the recording medium.
With this method, data on the recording medium is encrypted by the media identification information and a secret key (master key), obtained on licencing, such that, if an unlicenced device or equipment reads out the encrypted data, no meaningful data can be produced. It is noted that the device has its operation regulated at the time of licencing so that illicit duplication (unauthorized copying) is prohibited.
An unlicenced device cannot access the media identification information, while the medium identification information is of a value specific to each medium, so that, even if such unlicenced device duplicates the totality of the encrypted data, recorded on the recording medium, on a new recording medium, the data recorded on the so produced recording medium cannot be decrypted correctly on a licenced device, to say nothing of the unlicenced device, thus effectively prohibiting the unauthorized duplication.
Meanwhile, in the above configuration, a master key stored in a licenced device or equipment is usually common to all devices or equipment. The reason the master key common to the plural equipment is stored is that this represents an essential condition in order to make the media recorded on a given equipment reproducible on other equipment, that is to assure interoperability.
If, in such system, a hacker has succeeded in aggressing an equipment and has taken out the master key, the data recorded encrypted can be decrypted in the entire system, thus leading to breakdown of the entire system. In order to prevent this from occurring, it is essential that, if it is revealed that a given equipment is attacked and a master key has become explicit, the master key be changed to a new one, which then is given the totality of the equipment except the equipment which has succumbed to the attack. As the simplest system to realize this configuration, a key unique to each equipment (device key) may be given each equipment and a value obtained on encrypting the new master key with the individual device key may then be formed and transmitted to each equipment through a recording medium. However, in this case, the volume of the entire messages to be transmitted is undesirably increased in proportion to the number of the equipment.
As the configuration, intended to overcome such problem, the present Assignee has already proposed in our co-pending patent application (JP Patent Application 2000-105328) a configuration employing a key distribution method having respective information reproducing devices arranged at respective leaves of an n-branched tree, in which a key necessary for recording the content data on a recording medium or reproduction from the recording medium (master key or media key) is distributed through a recording medium or over a communication network, each equipment then undertaking the recording or reproduction of the content data using the so distributed master key or media key to enable the key to be distributed to authorized equipment (equipment in which secrecy is not disclosed) with a lesser message volume. Specifically, a key required in generating a key required for recording on a recording medium or reproduction from the recording medium, for example, a node key allocated to each leaf or node of an n-branched tree, is set as a renewal node key. The renewal node key is encrypted such that decryption is possible with a leaf key or a node key owned solely by the authorized equipment, and the resulting encrypted information is included in a key renewal block (KRB) which is then distributed to each information recording and/or reproducing equipment. On receipt of the key renewal block (KRB), each recording and/or reproducing equipment executes KRB decrypting processing to acquire the key necessary in recording or reproduction on or from the recording medium.
The aforementioned structure has a feature that, if it is revealed that a given device in a specified system (group or set of recording and/or reproducing devices) is attacked by a hacker and a device key as the secrecy of the device has become disclosed, the recording and/or reproducing device, the secrecy of which as become disclosed, is excluded from the system, that is the recording and/or reproducing interoperability between the device thus excluded from the system and the devices not excluded from the system is disabled, insofar as recording media manufactured since that time is concerned.
In this system, there is presented a problem that an equipment the secrecy of which has become disclosed can be excluded from the system only insofar as recording media manufactured since that time is concerned, whereas data recorded on a recording medium manufactured prior to the time of such disclosure can be decrypted using the so disclosed key even although the actual data recording time is posterior to the time of such disclosure, that is, there may be occasions where the device to be excluded cannot actually be excluded.
In view of the above-described status of the art, it is an object of the present invention to provide a information recording devices, an information reproducing device, an information recording method, an information reproducing method, a cipher key renewal method, an information recording medium and a computer program, in which, after it is revealed that secrecy has become disclosed, recording media produced prior to such disclosure cannot be decrypted using the disclosed key to enable more effective encryption of content.