This invention relates to a recording medium for recording encrypted contents data. The present invention also relates to a recording/reproduction apparatus for writing data on a recording medium where encrypted contents data are recorded. The present invention further relates to a replay apparatus for replaying a recording medium on which encrypted contents data are recorded.
This application is based upon and claims the benefit of priority from the prior Japanese Patent Application JP 2005-262613, filed on Sep. 9, 2005, the entire contents of which are incorporated herein by reference.
As digital contents have become available to a large extent, the problem of copyright infringements of illegally copying digital contents has become serious. When contents are recorded on recording mediums such as recording tapes as analog data, both audio data and video data are recorded as analog data. The quality of analog data is degraded as the data are copied repeatedly. On the other hand, when audio data and video data are recorded and reproduced by means of recording/reproduction apparatus that operate digitally as digital data, the quality of digital data is essentially not degraded if the data are copied repeatedly.
Thus, the loss that copyright owners suffer due to illegal copying is greater when digital equipment is used than when analog equipment is used for illegal copying. Therefore, it is a serious problem to protect copyrights against illegal copying when digital equipment is involved.
Known popular techniques for preventing illegal copying include those of mutual authentication of equipment and contents. The contents are allowed to be copied according to the copying authorizing information contained in the contents only when the equipment is authenticated.
For example, Patent Document 1 (Japanese Patent Application Laid-Open Publication No. 2000-195159) describes a copyright protection policy of using a copy control system that limits generations of copies, which is referred to as SCMS (serial copy management system), for CDs (compact discs), MDs (mini discs), DATs (digital audio tapes) and so on. More specifically, according to such a system, audio contents are authorized to be copied only once but copying a copy of audio contents is prohibited.
The SCMS will be described in detail below by referring to
Reproduction apparatus 72 reproduces the digital audio signals it reads out from the disc 71 and transmits them to recording apparatus 73 with the annex information. More specifically, the reproduction apparatus 72 transmits the digital audio signals to the recording apparatus 73 at the normal (proper) reproduction speed. In other words, the time spent for transmitting the digital audio signals is equal to the time that is spent when the listener listens to the contents of the audio signals.
When the annex information of the audio signals tells that the digital audio signals are authorized to be copied once, the recording apparatus 73 that received the digital audio signals as input signals recognizes that the signals can be copied once. After confirming that the annexed information tells that the digital audio signals are authorized to be copied only once, the recording apparatus 73 records the digital audio signals on a recordable disc 74 as copy. At this time, the recording apparatus 73 amends the annex information “authorized to be copied once” so as to read as “copying prohibited”. Thus, the digital audio signals are recorded on the disc 74 as copy along with the annex information “copying prohibited”.
When the disc 74 (first generation disc) to which the digital audio signals are copied for once is replayed by the reproduction apparatus 75 and the digital audio signals are supplied to the recording apparatus 76, the recording apparatus 76 detects that the annex information tells “copying prohibited”. Thus, the recording apparatus 76 can no longer record the digital audio signals to recordable disc 77.
However, with the above-described known copyright protection technique, the equipment and the contents mutually authenticate each other and the contents are permitted to be copied or transferred according to the copying authorizing information annexed to the contents only when the equipment is authenticated. Thus, with a system using the technique, a buyer who bought the contents can only enjoy the contents only within the limitations imposed by the contents.
In view of the above-identified circumstances, it is therefore the object of the present invention to provide a recording medium, a recording/reproduction apparatus and a replay apparatus that technically make it not only impossible to infringe copyrights but possible for a buyer who properly bought contents to personally freely reproduce and enjoy the contents.
In an aspect of the present invention, the above objects is achieved by providing a recording medium bearing encrypted contents recorded thereon, the medium including: a first recording region bearing the contents encrypted by a contents key and recorded therein; a second recording region bearing a data providing a basis for the contents key and recorded therein; a third recording region allowing the encrypted contents key obtained by encrypting the contents key generated from the data providing a basis for the contents key by means of identification information on a user to be recorded therein.
Thus, the information providing a basis for the contents key is read out from the second recording region and a contents key is generated by carrying out predetermined arithmetic operations on the information providing basis for the contents key. The contents key is encrypted typically by the biometric identification information on the user. The encrypted contents key is then recorded in a predetermined recording region (third recording region).
In another aspect of the present invention, the above object is achieved by providing a recording/reproduction apparatus for writing data on a recording medium bearing encrypted contents data recorded thereon, the apparatus including: a reproduction means for reproducing the data providing a basis for a contents key of the encrypted contents data recorded on the recording medium in advance by the contents key from a second recording region bearing data providing a basis for the contents key; a contents key generation means for generating a contents key from the data providing a basis for a contents key; an acquisition means for acquiring identification information on a user authorized to reproduce the contents corresponding the contents data; an encrypted contents key generation means for generating an encrypted contents key encrypted by means of the generated contents key and the acquired identification information on the user; and a recording means for recording the generated encrypted contents key in a third recording region of the recording medium.
Thus, the reproduction means reproduces the data providing a basis for a contents key from the second recording region and the contents key generation means generates a contents key from the data providing a basis for a contents key. Then, the acquisition means acquires identification information on a user who is authorized to reproduce the contents corresponding to the contents data and the encrypted contents key generation means generates an encrypted contents key encrypted by means of the generated contents key and the acquired identification information on the user. Thereafter, the recording means records the generated encrypted contents key in a third recording region of the recording medium.
In still another aspect of the present invention, the above object is achieved by providing a replay apparatus for replaying a recording medium bearing encrypted contents data recorded thereon, the apparatus including: a first reproduction means for reproducing the encrypted contents data recorded in a first recording region of the recording medium; a second reproduction means for reproducing the encrypted contents key for decrypting the cryptogram of the encrypted contents, the encrypted contents key being recorded in a second recording region of the recording medium; an input means for inputting identification information on a user; an encrypted contents key decryption means for decrypting the contents key by means of the encrypted contents key and the identification information on the user; and a contents data decryption means for decrypting the encrypted contents data reproduced by the first reproduction means by means of the contents key decrypted by the contents key decryption means.
Thus, the first reproduction means reproduces the encrypted contents data recorded in the first recording region of the recording medium and the second reproduction means reproduces the encrypted contents key for decrypting the cryptogram of the encrypted contents, the encrypted contents key being recorded in a third recording region of the recording medium. Then, the input means inputs identification information on a user and the encrypted contents key decryption means decrypts the contents key by means of the encrypted contents key and the identification information on the user. Thereafter, the contents data decryption means decrypts the encrypted contents data reproduced by the first reproduction means by means of the contents key decrypted by the contents key decryption means.
Now, the present invention will be described in greater detail by referring to the accompanying drawings that illustrate the best mode for carrying out the present invention.
As shown in
The TOC recording region 2 and the first recording region 3 are pre-mastered regions, whereas the second recording region 5 is a pre-recorded region where information Skc that provides a basis for a contents key is pre-recorded at the time of shipment from the plant.
The encrypted contents CE that are to be recorded in the first recording region 3 include audio information and/or video information. In other words, the encrypted contents CE are music, images or images accompanied by music. Of course, the encrypted contents CE may be movie contents. The contents data are digital data and hence the quality thereof is hardly degraded if they are copied. Therefore, if the digital contents are copied freely without restrictions and reproduced, the copyright of the author of the contents can be unduly infringed. Thus, the contents data are encrypted by a contents key in order to restrict reproduction and copying of the digital contents.
The information Skc recorded in the second recording region 5 to provide a basis for a contents key is key information for generating a contents key. The information Skc is already recorded in the second recording region 5 before the disc-shaped recording medium 1 is replayed by a replay apparatus according to an user operation. More often than not, the information Skc is recorded before or at the time when the user purchases the recording medium and hence the time of recording the information Skc is not limited to the time of shipment from the plant.
For example, the information Skc may be recorded at the time of manufacturing the disc-shaped recording medium 1, at the time of shipment or at the time when the user purchase the disc-shaped recording medium 1 at a retail shop. In any case, the information Skc is recorded instantaneously at the time or immediately before or after the time when the encrypted contents CE are recorded in the first recording region 3. A contents key kc is obtained according to the information Skc that provides a basis for the contents key. In other words, the information Skc is expressed by a function fkc for contents key kc, or fkc(kc)=Skc. The contents key kc is an encryption key to be used when generating encrypted contents CE to be recorded in the first recording region 3.
The second recording region 5 is a write once type recordable region, where information that provides a basis for a contents key is recorded. Its recording format is same as the recording format of a so-called-R type optical disc. The second recording region 5 may be a region where data can be erased. For example, the data recorded in the second recording region 5 may be erased by irradiating a laser beam from the recording/reproduction head 10 at a predetermined power level and writing a same predetermined data (e.g., &HFF or &H00) repeatedly on the data already recorded there to blot out the latter.
The encrypted contents key fe(U, kc)=kc′ to be recorded in the third recording region 4 is picked up when the user performed a registration operation at a recording/reproduction apparatus for the first time. For example, it is an encrypted key obtained by encrypting the contents key kc by means of user information U that is biometric identification information such as a fingerprint, a voice print or an iris.
The disc recording/reproduction apparatus comprises a replay button 8 for a proper user of the disc-shaped recording medium 1 to perform a replay operation, an identification information acquisition section 7 arranged on the replay button 8 to acquire the biometric identification information of the user, a recording signal processing section 9 for executing a process for recording the encrypted contents key kc′ in the third recording region of the disc-shaped recording medium 1 and a recording/reproduction head 10 for recording the encrypted contents key kc′ on and reproducing information necessary for recording the encrypted contents key kc′ from the disc-shaped recording medium 1. Particularly, as will be described in greater detail hereinafter, the recording signal processing section 9 has a contents key generation section for generating a contents key from the data that provides a basis for contents key and an encrypted contents key generation section for generating an encrypted contents key by means of the generated contents key and acquired identification information on the user.
Now, the operation of the disc recording/reproduction apparatus when the user accesses a purchased disc-shaped recording medium 1 for the first time will be described. This operation is the recording/reproduction process of the encrypted contents key kc′. Firstly, the user mounts the disc-shaped recording medium 1 on the turntable of the recording/reproduction apparatus.
The recording/reproduction head 10 reads out the information Skc that provides a basis for the contents key from the second recording region 5 of the disc-shaped recording medium 1 and transmits it to the recording signal processing section 9.
Then, the user depresses the reproduction button 8 for a reproduction operation 6. Then, the identification information acquisition section 7 arranged on the reproduction button 8 reads out the identification information of the user, which may be biometric identification information. The user's identification information U read out by the identification information acquisition section 7 is then sent to the recording signal processing section 9.
Then, the recording signal processing section 9 generates a contents key kc from the information Skc that provides a basis for the contents key. Subsequently, the information Skc that provides a basis for the contents key is erased. Additionally, the recording signal processing section 9 generates an encrypted contents key kc′, using the user's identification information U for the generated contents key kc′.
Then, the recording signal processing section 9 writes the encrypted contents key kc′ in the third recording region 4 of the disc-shaped recording medium 1. The process of writing an encrypted contents key on the disc-shaped recording medium 1 proceeds in the manner as summarily described above.
The encrypted contents key kc′ written in the third recording region 4 is read out later when the encrypted contents CE are reproduced by a disc replay apparatus, which will be described in greater detail hereinafter. Then, the encrypted contents key kc is decrypted by the identification information U acquired by the identification information acquisition section to produce the contents key kc. The encrypted contents CE are then decrypted by the produced contents key kc and the contents are reproduced. The operation of contents reproduction by the replay apparatus will be described in greater detail hereinafter.
Firstly, as shown in Step S1 of
In Step S2, the position of the second recording region 5 is identified from the address that becomes known from the TOC and the information Skc that provides a basis for the contents key is read out from the identified position of the second recording region 5.
Thereafter, in Step S3, the user's identification information read out by the identification information acquisition section 7 arranged on the reproduction button 8 is supplied to the user information acquisition section 16 by way of the input terminal 15 and acquired by the user information acquisition section 16.
Then, in Step S4, the contents key kc generation section 12 generates a contents key kc from the information Skc that provides a basis for the contents key. As pointed out above, the information Skc that provides a basis for the contents key is generated as function fkc(kc)=Skc and the disc recording/reproduction apparatus already holds the function fkc. If the disc recording/reproduction apparatus is manufactured by the manufacturer of the disc-shaped recording medium, the apparatus holds the function fkc because it is recorded in the memory section of the apparatus as information corresponding to the disc type. It is also possible for the disc recording/reproduction apparatus to hold the function fkc from the web site of the manufacturer of the disc-shaped recording medium on the Internet in a secured condition. Thus, the kc generation section 12 of the recording signal processing section 9 can generate a contents key kc from fkc−1(Skc), using the inverse function fkc−1 of the above-described function fkc. Thereafter, the information Skc that provides a basis for the contents key is erased.
In the next step, or Step S5, the encrypted contents key kc′ generation section 13 generates an encrypted contents key kc′, using the user identification information (user information) U. More specifically, the encrypted contents key kc′ generation section 13 computes fe(U, kc) to generate an encrypted contents key kc′. In other words, it makes fe(U, kc)=kc′ hold true.
In the nest step, or Step S6, the encrypted contents key kc′ recording section 14 writes the encrypted contents key kc′ in the third recording region 4 at the address that is already known from the process of reading out the TOC in Step S1. As a result, the encrypted contents key kc′ that is encrypted by means of the user's identification information (user information) is written on the disc-shaped recording medium 1.
As described above, the disc recording/reproduction apparatus does not directly record the contents key kc on the disc-shaped recording medium 1. In other words, the disc-shaped recording medium 1 records only the encrypted contents key kc′ that is encrypted by means of the user information U. The information Skc that provides a basis for the contents key is already recorded on the disc-shaped recording medium 1 as pre-recorded information (at the time of shipment from the plant or at the time or immediately before or after the time when the user bought the disc-shaped recording medium 1). However, it is impossible to generate the contents key kc by using the information Skc that provides a basis for the contents key and the encrypted contents key kc′ directly in the disc replay apparatus unless the user's identification information U is not used. Thus, it is possible to perfectly nullify any fraudulent attempt of a malicious third party.
Additionally, as shown in
As pointed out above, the second recording region 5 of the above-described specific example is a write once type recordable region, where information that provides a basis for a contents key is recorded. Its recording format is same as the recording format of a so-called-R type optical disc.
The second recording region 5 may be a region where data can be erased. For example, the data recorded in the second recording region 5 may be erased by irradiating a laser beam from the recording/reproduction head 10 at a predetermined power level and writing a same predetermined data such as “1” of “0” repeatedly on the data already recorded there to blot out the latter. When the second recording region 5 is a region where data can be erased, it is possible to erase the information Skc that provides a basis for a contents key completely from the disc-shaped recording medium. Then, it is possible to safely protect the contents on the disc-shaped recording medium.
Now, the disc replay apparatus for replaying the disc-shaped recording medium 1 where the encrypted contents key kc′ is recorded in the third recording region 4 by the disc recording/reproduction apparatus will be described below. The disc replay apparatus generates a contents key kc from the encrypted contents key kc′ by using the user information U and decrypts the encrypted contents CE by means of the contents key kc to reproduce the contents.
Referring to
The disc replay apparatus will be described in greater detail below. The disc replay apparatus further comprises a first reproduction section (recording/reproduction head 10) for reproducing the contents data encrypted and recorded in the first recording region 3 of the disc-shaped recording medium 1, a second reproduction section (recording/reproduction head 10) for reproducing the encrypted contents key for decrypting the encrypted contents recorded in the third recording region 4 of the recording medium, an input section (identification information acquisition section 16) for inputting recognition information on user, an encrypted contents key decryption section (contents key kc generation section 22) for decrypting the contents key by means of the encrypted contents key and the identification information on the user and a contents data decryption section (contents decryption section 24) for decrypting the encrypted contents data reproduced by the first reproduction section by means of the contents key decrypted by the contents key decryption section.
Now, the operation of the disc replay apparatus for replaying the disc-shaped recording medium 1 where the encrypted contents key fe(U, kc) is already recorded in the third recording region 4 will be described below.
Firstly, the user puts the disc-shaped recording medium 1 on the turntable of the disc replay apparatus. Then, the recording/reproduction head 10 reads out the data recorded in the third recording region 4 of the disc-shaped recording medium 1. The reproduced signal processing section 17 detects the encrypted contents key kc′ from the recording/reproduction head 10. Then, the reproduced signal processing section 17 generates a contents key kc from the encrypted contents key kc′, using the personal identification information U.
Thereafter, the reproduced signal processing section 17 decrypts the encrypted contents CE that are recorded in the first recording region 2 by means of the contents key kc and leads them to the outside.
Now, the operation of the disc replay apparatus will be described in greater detail by referring to
Firstly, as shown in Step S11 of
In Step S12, the position of the third recording region 4 is identified from the address that becomes known from the TOC and the contents key kc′ detecting section 19 reads out the encrypted contents key kc′ from the data that are read out by the recording/reproduction head (second reproduction section) 10 from the identified position of the third recording region 4.
Then, in Step S13, the user's identification information read out by the identification information acquisition section 7 arranged on the replay button 8 is supplied to and acquired by the user information acquisition section 21 by way of the input terminal 20.
Thereafter, in Step S14, the contents key kc generation section (encrypted contents key decryption section) 22 generates a contents key kc. More specifically, the contents key kc generation section 22 computes fe−1(U, kc′), using the encrypted contents key kc′ detected by the encrypted contents key kc′ detecting section 19 in Step S12 and the identification information U acquired by the user information acquisition section 21 in Step S13, to generate a contents key kc. In other words, the contents key kc generation section 22 solves the equation fe−1(U, kc′)=kc. Note that fe−1 is the inverse function of the function fe that is used when generating the encrypted contents key kc′ from U and kc and the disc replay apparatus holds the inverse function fe−1.
Then, in Step S15, the contents decryption section 24 decrypts the encrypted contents 23 that are already read out by the recording/reproduction head (first reproduction section) 10 and temporarily stored in a memory, for example, by means of the contents key kc and leads them out to the outside by way of the output terminal 25.
As pointed out above the contents key kc is not recorded straight on the disc-shaped recording medium 1 but an encrypted contents key kc′ that is encrypted by means of the user's identification information U is recorded in the third recording region 4. In other words, it is impossible to obtain the contents key kc unless acquiring the user's identification information U. Thus, it is not possible to generate a contents key kc unless acquiring the proper user's identification information U.
The user's identification information U is not written on the disc but becomes known only when the user uses the disc. Regardless of the recording region of the disc-shaped recording medium 1 where the encrypted contents key kc′ is stored, the user is required to operate the identification information acquisition section 7 for finger print authentication, for example, in order to acquire the contents key kc from the encrypted contents key kc′.
The TOC recording region 1 through the third recording region 4 are formed on the disc-shaped recording medium 1 as shown in
The returning beam reflected from the disc-shaped recording medium 1 is transmitted through the objective lens 64, reflected by the beam splitter and condensed by the condenser lens 65 before it is received by the photo-detector 66. The photo-detector 66 generates an electric signal according to the quantity of light it receives and transmits it to the reproduced signal processing section or the recording signal processing section.
In this way, the recording/reproduction head 10 reads out the information Skc that provides a basis for a contents key typically from the second recording region 5. It also writes the encrypted contents key kc′ in the third recording region 4 and reads out the encrypted contents CE from the second recording region 3.
Now, the second specific embodiment of recording medium according to the present invention will be described below by referring to
Referring to
The TOC recording region 32 and the first recording region 33 are pre-mastered regions, whereas the second recording region 35 is a pre-recorded region where information Skc that provides a basis for a contents key is pre-recorded. More specifically, the second recording region is an integrated circuit IC 35.
The configurations of the TOC recording region 32, the first recording region 33 and the third recording region 34 are same as those of the disc-shaped recording medium 1 of the first specific embodiment shown in
The third recording region 35, which is an integrated circuit (IC), stores information Skc that provides a basis for a contents key. As pointed out above, the information Skc that provides a basis for a contents key is recorded before the disc-shaped recording medium 31 is handed to the user.
As shown in
Also as shown in
The IC 35 stores information Skc that provides a basis for a contents key in the EEPROM 43. The IC information read section 37 reads out the information Skc that provides a basis for a contents key from the EEPROM 43 in the IC 35 by radio communications between the radio communication section 55 and the radio communication section 45 under the control of the CPU 51 and supplies the information Skc to the recording signal processing section 36 by way of the I/F 56.
The configuration of the recording signal processing section 36 is substantially similar to the one illustrated in
The IC 35 that is the second recording region may be so arranged that the information Skc that provides a basis for a contents key is erased or destroyed after it is read out once.
Referring to
In the next step, or Step S22, the information Skc that provides a basis for the contents key is read out from the IC 35 by means of the IC information read section 37.
Thereafter, in Step S23, the user's identification information U read out by the identification information acquisition section 7 arranged on the reproduction button 8 is supplied to the user information acquisition section 16 by way of the input terminal 15 and acquired by the user information acquisition section 16.
Then, in Step S24, the contents key kc generation section 12 generates a contents key kc from the information Skc that provides a basis for the contents key. As pointed out above, the information Skc that provides a basis for the contents key is generated as function fkc(kc)=Skc and the disc recording/reproduction apparatus already knows the function fkc. Thus, the kc generation section 12 of the recording signal processing section 36 can generate a contents key kc from fkc−1(Skc), using the inverse function fkc−1 of the above-described function fkc.
In the next step, or Step S25, the contents key kc′ generation section 13 generates an encrypted contents key kc′, using the user identification information (user information) U. More specifically, the encrypted contents key kc′ generation section 13 computes fe(U, kc) to generate an encrypted contents key kc′ in other words, it makes fe(U, kc)=kc′ hold true.
In the nest step, or Step S26, the encrypted contents key kc′ recording section 14 writes the encrypted contents key kc′ in the third recording region 34 at the address that is already known from the process of reading out the TOC in Step S21. As a result, the encrypted contents key kc′ that is encrypted by means of the user's identification information (user information) is written on the disc-shaped recording medium 31.
Then, in Step S27, the information Skc that provides a basis for a contents key stored in the IC 35 is destroyed typically by means of the IC read section 37. For example, after the information Skc that provides a basis for a contents key stored in the IC 35 is read out for once, the data in the IC 35 can be deleted by sending a predetermined instruction for erasing data to the IC 35 by means of a communication technique such as RF-ID and executing the predetermined instruction.
As described above, the information Skc that provides a basis for a contents key can be protected by destroying or erasing it from the IC 35 in Step S27.
As described above, the disc recording/reproduction apparatus does not directly record the contents key kc on the disc-shaped recording medium 1 either. In other words, the disc recording/reproduction apparatus records only the encrypted contents key kc′ that is encrypted by means of the user information U in the disc-shaped recording medium 31. The information Skc that provides a basis for the contents key is already recorded in the IC 35 as pre-recorded information. However, it is impossible to generate the contents key kc by using the information Skc that provides a basis for the contents key and the encrypted contents key kc′ directly in the disc recording/reproduction apparatus unless the user's identification information is not used. Thus, it is possible to perfectly nullify any fraudulent attempt of a malicious third party.
The two disc recording/reproduction apparatus having the respective configurations as shown in
When a copy disc is to be replayed by a disc replay apparatus, the user puts the copy disc in the apparatus and decrypts the encrypted contents key kc′ by means of the biometric identification information U of the operator/user to generate a contents key kc. Then, the user reproduces the contents by decrypting the encrypted contents CE by means of the contents key kc.
Thus, the proper user of the disc-shaped recording medium 1 or 31 can prepare as many copy discs as he or she wants. However, if an unauthorized person tries to copy what is recorded on the disc, identification information that is different from the biometric identification information U that is used when generating the encrypted contents key kc′ is acquired by the replay apparatus for replaying the copy disc so that it is not possible to generate a contents key kc from the encrypted contents key kc′. Then, it is not possible to decrypt the encrypted contents CE when a contents key cannot be generated.
When the proper user of the disc-shaped recording medium where the encrypted contents key is recorded wants to give or sell the disc or a copy disc to some other person, he or she simply has to write a new encrypted contents key in the third recording region 4 or 34 to erase the old encrypted contents key. It may be needless to say that the new encrypted contents key is encrypted by means of the biometric identification information U of the new user to whom the disc is given or sold.
Recording/reproduction apparatus according to the invention include those obtained by modifying the apparatus illustrated in
More specifically, a disc-shaped recording medium that the modified recording/reproduction apparatus can use describes the maximum number of persons who can be authorized to use the recording medium and can record as many pieces of personal identification information as the maximum number and so many encrypted contents keys.
The processing sequences of the modified optical disc recording/reproduction apparatus will be described below by referring to
Referring to
If the number of users who use the recording/reproduction apparatus does not exceed the maximum number, it identifies the position of the second recording region 5 from the address known from the TOC and reads out the information Skc that provides a basis for a contents key from the identified position of the second recording region 5 in Step S2.
In the next step, or Step S3, the user's identification information read out by the identification information acquisition section 7 arranged on the replay button 8 is supplied to and acquired by the user information acquisition section 16 by way of the input terminal 15.
Then, in Step S4, the contents key kc generation section 12 generates a contents key kc according to the information Skc that provides a basis for a contents key. More specifically, the contents key kc generation section 12 of the recording signal processing section 9 can generate a contents key kc from fkc−1(Skc), using the inverse function fkc−1 of the above-described function fkc.
In the next step, or Step S5, the encrypted contents key kc′ generation section 13 generates an encrypted contents key kc′, using the user information U. In the nest step, or Step S6, the encrypted contents key kc′ recording section 14 writes the encrypted contents key kc′ in the third recording region 4 at the address that is already known from the process of reading out the TOC in Step S1. As a result, the encrypted contents key kc′ that is encrypted by means of the user's identification information (user information) is written on the disc-shaped recording medium 1.
Then, the disc recording/reproduction apparatus returns to Step S1 and, if the number of users authorized to operate the apparatus does not exceed the above-described maximum number, it repeats the Steps S2 through S6.
If it is determined that the number of users exceeds the above-described maximum number in Step S1, the disc recording/reproduction apparatus records the encrypted contents key kc′ in the fourth recording region 4 and then erase the above-described information Skc that provides a basis for a contents key from the second recording region 5 of the disc-shaped recording medium 1 in the next step. The second recording region 5 is a region where data can be erased. For example, the data recorded in the second recording region 5 may be erased by irradiating a laser beam from the recording/reproduction head 10 at a predetermined power level and writing a same predetermined data repeatedly on the data already recorded there to blot out the latter.
Thus, with the optical disc recording/reproduction apparatus, it is not possible to read out, from the disc-shaped recording medium 1, the information Skc that provides a basis for a contents key when the number of users exceeds the number of persons who can be authorized to use it. Therefore, if the recording/reproduction apparatus can authorize a plurality of users to use the disc-shaped recording medium 1, the information that provides a basis for contents key is protected.
The information on the number of persons who can be authorized to use the disc-shaped recording medium 1 may be encrypted and recorded in the second recording region 5. In any case, it is possible to record a plurality of encrypted contents key that are encrypted by means of personal identification information of so many persons and so many contents keys in the disc-shaped recording medium 1 as shown in
Now, the optical disc recording/reproduction apparatus adapted to record the encrypted contents keys of as many users as the maximum number who are authorized to use a disc-shaped recording medium 31 that describes the maximum number of persons who can be authorized to use the recording medium as shown in
Referring to
If the number of users who use the recording/reproduction apparatus does not exceed the maximum number, it identifies the position of the IC 35 that is the second recording region from the address known from the TOC and reads out the information Skc that provides a basis for a contents key by using the IC information read section 37 from the identified position of IC 35 in Step S22.
In the next step, or Step S23, the user's identification information U read out by the identification information acquisition section 7 arranged on the replay button 8 is supplied to and acquired by the user information acquisition section 16 by way of the input terminal 15.
Then, in Step S24, the contents key kc generation section 12 generates a contents key kc from the information Skc that provides a basis for the contents key. More specifically, the kc generation section 12 can generate a contents key kc from fkc−1(Skc), using the inverse function fkc−1 of the above-described function fkc.
In the next step, or Step S25, the contents key kc′ generation section 13 generates an encrypted contents key kc′, using the user identification information (user information) U. More specifically, the encrypted contents key kc′ generation section 13 computes fe(U, kc) to generate an encrypted contents key kc′.
In the nest step, or Step S26, the encrypted contents key kc′ recording section 14 writes the encrypted contents key kc′ in the third recording region 34 at the address that is already known from the process of reading out the TOC in Step S21. As a result, the encrypted contents key kc′ that is encrypted by means of the user's identification information (user information) is written on the disc-shaped recording medium 31.
After Step S26, this modified optical disc recording/reproduction apparatus returns to Step S21 and, if the number of users authorized to operate the disc recording/reproduction apparatus does not exceed the above-described maximum number, it repeats the Steps S22 through S26.
If it is determined that the number of users exceeds the above-described maximum number in Step S21, the disc recording/reproduction apparatus records the encrypted contents key kc′ in the third recording region 34 in Step S26 and then destroys the above-described information Skc that provides a basis for a contents key in the IC 35 in Step S27. For example, the data in the IC 35 can be destroyed by sending a predetermined instruction for erasing data to the IC 35 by means of a communication technique such as RF-ID and executing the predetermined instruction.
Thus, with the optical disc recording/reproduction apparatus, it is not possible to read out the information Skc that provides a basis for a contents key when the number of users exceeds the number of persons who can be authorized to use it because the information Skc that provides a basis for a contents key is destroyed or erased in Step 27 when the number of users exceeds the number of persons who can be authorized to use it. Therefore, if the recording/reproduction apparatus can authorize a plurality of users to use the disc-shaped recording medium 31, the information that provides a basis for contents key is protected.
The information on the number of persons who can be authorized to use the disc-shaped recording medium 1 may be encrypted and recorded in the second recording region 35. In any case, it is possible to record a plurality of encrypted contents keys that are encrypted by means of personal identification information of so many persons and so many contents keys in the disc-shaped recording medium 31 as shown in
Now, two specific examples will be described below for the above modified embodiments. In the first specific example, the information Skc that provides a basis for a contents key is not erased but maintained. The maximum number of persons for whom encrypted contents key kc′ can be recorded in the third recording region 4 or 34 (to be referred to the recordable maximum number of persons hereinafter) is predetermined and greater than the maximum number of persons who can be authorized to use the disc-shaped recording medium. Users can be registered within the maximum number of persons who can be authorized to use the recording medium until the number gets to the recordable maximum number of persons. If it is desired to register one or more than one persons beyond the maximum number of persons who can be authorized to use the recording medium, one or more than one of the encrypted contents keys are erased by means of the users' personal identification information and their contents keys that are already recorded and then the encrypted contents keys of those new persons are recorded by means of the new persons' personal identification information and their contents keys. In this way, it is possible to replace users at any time within the maximum number of persons who can be authorized to use the recording medium. However, since the recordable maximum number of persons is predetermined and the number of persons that can be replaced is limited, it is possible to avoid a situation where the recording medium is assigned to an infinite number of persons.
In the second specific example, the maximum number of persons who can be authorized to use the recording medium is managed by using flags. More specifically, flags are recorded for the maximum number of persons who can be authorized to use the recording medium in the region 5 or 35 where the information Skc that provides a basis for contents keys is written and a flag is erased when a new user is registered. Thus, when all the flags are erased, it is determined that the maximum number of persons who can be authorized to use the recording medium is reached.
In either of the two specific examples of the modified embodiments, the information Skc that provides a basis for a contents key is destroyed or erased when the number of users gets to the maximum number of persons who can be authorized to use the recording medium.
The disc-shaped recording mediums 1 and 31 where the encrypted contents keys kc′ of the maximum number of persons who can be authorized to use the recording medium are recorded by either of the modified embodiments of disc recording/reproduction apparatus is replayed by a disc replay apparatus as shown in
The present invention is by no means limited to the above-described embodiments, which may be modified and altered in various different ways without departing from the spirit and scope of the invention as defined by the appended claims.
Applications where a recording apparatus can be used as apparatus for writing user information include retailers selling disc-shaped recording mediums such as CD & DVD shops, where biometric identification information of each user is read out and used to generate an encrypted contents key, which is then written in a predetermined recording region of a recording medium according to the invention as user information.
When replaying the recording medium, a replay apparatus according to the invention acquires the biometric identification information and decrypts the encrypted contents key to obtain the corresponding contents key. Then, the contents key is used to decrypts the corresponding encrypted contents.
Number | Date | Country | Kind |
---|---|---|---|
2005-262613 | Sep 2005 | JP | national |
Filing Document | Filing Date | Country | Kind | 371c Date |
---|---|---|---|---|
PCT/JP2006/317912 | 9/8/2006 | WO | 00 | 9/5/2008 |