Data distribution system and recorder for use therein

US 20020184492A1
Filed: 05/31/2002
Published: 12/05/2002
Est. Priority Date: 12/03/1999
Status: Active Grant

First Claim

Patent Images

1. (Amended) A data distribution system comprising:

a plurality of terminals (100, 101); and

a content provision device (10, 11) distributing encrypted content data ({Data}Kc) and a license key (Kc) to said plurality of terminals, said license key serving as a decryption key decrypting said encrypted content data to obtain plaintext content data (Data), wherein;

each said terminal includes a first interface unit (1102) provided to externally communicate data, and a distributed-data deciphering unit (110, 115) receiving and recording at least said license key therein;

said deciphering unit has a first authentication data hold unit (1400) holding first class certification data (Cmc(m)) determined to correspond to said deciphering unit, for output via said first interface unit when said license key is received, said first class certification data (Cmc(m)) being encrypted in a state authenticatable through decryption using an authentication key (KPma), and a first storage unit (1415, 1440) provided to record said encrypted content data and said license key therein; and

said content provision device includes a second interface unit (350) provided to externally communicate data, a first authentication unit (312) receiving from said second interface unit said first class certification data encrypted in a state capable of verifying authenticity through decryption using said authentication key, and decrypting said first class certification data with said authentication key to confirm said authenticity, a class revocation list hold unit (306) holding a class revocation list (CRL) listing said first class certification data subjected to revocation of said distribution, and a distribution control unit (315) suspending at least a distribution operation distributing said content key to each said terminal having said deciphering unit, if said first authentication unit obtains said first class certification data listed on said class revocation list held in said class revocation list hold unit.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A license server (10) includes a CRL database (306) holding a revocation list recording therein classes predetermined corresponding respectively to a memory device, such as a memory card, and a content reproduction circuit, such as a cellular phone, that are subjected to revocation of distributing, reproducing and transferring content data. A distribution control unit (315) suspends an operation distributing content data if the distribution is addressed to a class listed on the revocation list. The revocation list is also held in the memory card and distribution control unit (315) in distributing content also transmits information for updating the revocation list in the memory card.

62 Citations

View as Search Results

39 Claims

1. (Amended) A data distribution system comprising:
- a plurality of terminals (100, 101); and
  
  a content provision device (10, 11) distributing encrypted content data ({Data}Kc) and a license key (Kc) to said plurality of terminals, said license key serving as a decryption key decrypting said encrypted content data to obtain plaintext content data (Data), wherein;
  
  each said terminal includes a first interface unit (1102) provided to externally communicate data, and a distributed-data deciphering unit (110, 115) receiving and recording at least said license key therein;
  
  said deciphering unit has a first authentication data hold unit (1400) holding first class certification data (Cmc(m)) determined to correspond to said deciphering unit, for output via said first interface unit when said license key is received, said first class certification data (Cmc(m)) being encrypted in a state authenticatable through decryption using an authentication key (KPma), and a first storage unit (1415, 1440) provided to record said encrypted content data and said license key therein; and
  
  said content provision device includes a second interface unit (350) provided to externally communicate data, a first authentication unit (312) receiving from said second interface unit said first class certification data encrypted in a state capable of verifying authenticity through decryption using said authentication key, and decrypting said first class certification data with said authentication key to confirm said authenticity, a class revocation list hold unit (306) holding a class revocation list (CRL) listing said first class certification data subjected to revocation of said distribution, and a distribution control unit (315) suspending at least a distribution operation distributing said content key to each said terminal having said deciphering unit, if said first authentication unit obtains said first class certification data listed on said class revocation list held in said class revocation list hold unit.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 14)
- - 2. The data distribution system of claim 1, wherein:
    - said deciphering unit (110, 115) is a recording device detachably attached to said terminal; and
      
      said first class certification data (Cmc(m)) is predetermined to corresponding to each type of said recording device.
  - 3. (Amended) The data distribution system of claim 1, wherein:
    - said deciphering unit (110, 115) further has a second storage unit (1430, 2145) provided to hold said class revocation list (CRL), and a control unit (1420) operative in response to issuance of an instruction to effect said distribution operation, to extract update information (CRL_ver) capable of specifying an update of said class revocation list held in said second storage unit, for output via first interface unit (1102) to said content provision device (10, 11);
      
      said content provision device provides said update information to said distribution control unit (315) via said second interface unit (350); and
      
      said distribution control unit uses said update information to produce and output updating data (CRL_dat) via said second interface unit, said updating data being used to update said class revocation list in said second storage unit to provide a new class revocation list; and
      
      said control unit receives said updating data via said first interface unit and uses said updating data to update content of said class revocation list held in said second storage unit.
  - 4. (Amended) The data distribution system of claim 3, wherein:
    - said deciphering unit (110, 115) further has a second authentication unit (1408) using said authentication key (KPma) to effect decryption to confirm said authenticity;
      
      in a transfer operation effected in response to an external instruction to transfer or replicate into another distributed-data deciphering unit (112, 116) at least one of said encrypted content data ({Data}Kc) and said license key (Kc), said deciphering unit obtains said first class certification data (Cmc(m)) corresponding to said another deciphering unit and encrypted in a state capable of verifying said authenticity through decryption using said authentication key; and
      
      if said second authentication unit obtains said first class certification data corresponding to said another deciphering unit and listed on said class revocation list (CRL) held in said second storage unit (1430, 2145), said control unit (1420) suspends at least said transfer operation transferring said license key to said another deciphering unit.
  - 5. (Amended) The data distribution system of claim 1, wherein:
    - each said terminal (100, 101) further includes a content reproduction unit (1550);
      
      said content reproduction unit has a content data reproduction unit (1516, 1518) receiving said license key (Kc) and said encrypted content data ({Data}Kc) from said deciphering unit (110, 115) and using said license key to decrypt and reproduce said encrypted content data, and a second authentication data hold unit (1500) holding second class certification data (Cp(n)) predetermined to correspond to said content reproduction unit and encrypted in a state capable of verifying said authenticity through decryption using said authentication key (KPma);
      
      said first authentication unit (312) receives encrypted said second class certification data via said second interface unit (350) for decryption;
      
      said class revocation list (CRL) held in said class revocation list hold unit (306) further lists said second class certification data subjected to revocation;
      
      in said distribution operation each said terminal (100, 101) outputs encrypted said second class certification data via said first interface unit (1102) to said second interface unit; and
      
      if said second class certification data input via said second interface unit and decrypted by said first authentication unit is listed on said class revocation list held in said class revocation list hold unit, said distribution control unit (315) suspends at least said distribution operation distributing said license key to each said terminal.
  - 6. (Amended) The data distribution system of claim 3, wherein:
    - each said terminal further includes a content reproduction unit (1550);
      
      said content reproduction unit has a content data reproduction unit (1516, 1518) receiving said license key (Kc) and said encrypted content data ({Data}Kc) from said deciphering unit (110, 115) and using said license key to decrypt and reproduce said encrypted content data, and a second authentication data hold unit (1500) holding second class certification data (Cp(n)) predetermined to correspond to said content reproduction unit and encrypted in a state capable of verifying said authenticity through decryption using said authentication key (KPma);
      
      said deciphering unit further has a second authentication unit (1408) using said authentication key to effect decryption to confirm said authenticity;
      
      said class revocation list (CRL) held in said second storage unit (1430, 2145) further lists said second class certification data subjected to revocation;
      
      in a reproduction operation effected in response to an external instruction to reproduce said encrypted content in said content reproduction unit, said deciphering unit outputs said encrypted content data and license key stored in said first storage unit (1415, 1440);
      
      said deciphering unit in said reproduction operation obtains said second class certification data corresponding to said content reproduction unit and encrypted in a state capable of verifying said authenticity through decryption using said authentication key; and
      
      said control unit (1420) at least suspends outputting said license key to said content reproduction unit, if in said reproduction operation said second authentication unit obtains said second class certification data listed on said class revocation list held in said second storage unit.
  - 7. The data distribution system of claim 1, wherein:
    - said first interface unit (350) and said second interface unit (1102) are connected together by a cellular phone network; and
      
      said distribution control unit (315) in said distribution operation uses said first class certification data (Cmc(m)) to authenticate said deciphering unit (110, 115).
  - 8. The data distribution system of claim 7, wherein each said terminal (100, 101) further includes a communication processing unit connected to said cellular phone network to allow conversation.
  - 9. (Amended) The data distribution system of claim 6, wherein said content reproduction unit (1550) is detachably attached to said terminal (100, 101).
  - 10. The data distribution system of claim 2, wherein said first memory (1415, 1440) is a semiconductor memory and said recording device is a memory card.
  - 14. The recording device of claim 1, wherein said first storage unit (1415, 1440) is a semiconductor memory and said recording device is a memory card.

11. (Amended) A recording device comprising:
- a first storage unit (1415, 1440) provided to record data (Kc) therein;
  
  an authentication unit (1408) receiving first class certification data (Cp(n), Cmc(m)) provided from a destination of said data output via an interface unit (1202) and encrypted in a state authenticatable through decryption using an authentication key (KPma), and decrypting said first class certification data with said authentication key to confirm authenticity;
  
  a second storage unit (1430, 2145) holding a class revocation list (CRL) listing first class certification data subjected to revocation of output of said data; and
  
  a control unit (1420) operative in response to an external instruction issued to output said data, to issue an instruction to output said data via said interface unit, wherein said control unit suspends outputting said data to said destination having output said first class certification data received, if said class revocation list includes the first class certification data obtained from said authentication unit decrypting said encrypted first class certification data input externally via said interface unit together with said external instruction.
- View Dependent Claims (12, 13, 16, 17, 18, 19, 20, 21, 22, 23, 24, 26, 28, 29, 30, 31, 32, 33, 36, 38)
- - 12. (Amended) The recording device of claim 11, further comprising an authentication data hold unit (1400) holding second class certification data (Cmc(m)) determined to correspond to said recording device and encrypted in a state decryptable with said authentication key (KPma), wherein in a recording operation recording in said first storage unit (1415, 1440) said data (Kc) input and received via said interface unit (1202), in response to an external instruction issued to output second class certification data said authentication data hold unit outputs via said interface unit (1202) said second class certification data held in said authentication data hold unit.
  - 13. (Amended) The recording device of claim 12, wherein in said recording operation:
    - in response to issuance of an instruction to effect said recording operation, said control unit (1420) extracts update information (CRL_ver) capable of specifying an update of said class revocation list (CRL) held in said second storage unit (1430, 2145) and externally outputs said update information via said interface unit; and
      
      said control unit externally receives, via said interface unit, updating data (CRL_dat) together with said data, said updating data being produced from said update information for updating said class revocation list to provide a new class revocation list, and said control unit refers to said updating data to update content of said class revocation list.
  - 16. (Amended) The data distribution system of claim 15, wherein:
    - said second and third decryption units (1412, 1442) receives via said second interface unit (1102) second reproduction information (AC1) encrypted in said content provision device (10, 11) with said second public encryption key (KPm(i)), further encrypted with said second symmetric key (Ks2), and distributed together with said first reproduction information, for decryption with said second symmetric key and said second private decryption key (Km(i)); and
      
      said first storage unit (1415, 1440) further records said second reproduction information therein.
  - 17. (Amended) The data distribution system of claim 15, wherein:
    - said deciphering unit (110, 115) further has a second storage unit (1430, 2415) holding said class revocation list (CRL), and a control unit (1420) operative in response to issuance of an instruction to effect a distribution operation to distribute said first reproduction information (AC2), to produce update information (CRL_ver) capable of specifying an update of said class revocation list held in said second storage unit;
      
      said first encryption unit (1406) further encrypts said update information with said first symmetric key (Ks1) together with said second public encryption key (KPm(i)) and said second symmetric key (Ks2) for output to said second interface unit (1102);
      
      said distribution control unit (315) produces updating data (CRL_data) from said update information decrypted by said session key decryption unit (320), said updating data being used to update said class revocation list in said second storage unit to provide a new class revocation list;
      
      said content provision device encrypts said updating data with said second symmetric key (Ks2) together with the first reproduction information encrypted with said second public encryption key, for transmission via said first interface unit (350) to the terminal corresponding to the source of said first class certification data received;
      
      said second decryption unit (1412) receives encrypted said updating data via said second interface unit for decryption with said second symmetric key; and
      
      said control unit (1420) uses said updating data to update content of said class revocation list held in said second storage unit.
  - 18. (Amended) The data distribution system of claim 17, wherein:
    - said deciphering unit (110, 115) is a recording device detachably attached to said terminal (100, 101);
      
      said first private decryption key (Kmc(m)) varies for each type of said recording device; and
      
      each said terminal further includes a third interface having said deciphering unit attached thereto to communicate data with said deciphering unit.
  - 19. (Amended) The data distribution system of claim 17, wherein said second storage unit (1430, 2145) is arranged in a security area (TRM) unrewritable by a third party.
  - 20. (Amended) The data distribution system of claim 18, wherein:
    - in a reproduction operation effected in response to an external instruction to reproduce said content data, said second session key generation unit (1418) is operative in response to said instruction to produce a third symmetric key (Ks3);
      
      said first storage unit (1415, 1440) is controlled by said control unit (1420) to be operative in response to said instruction issued to effect said reproduction operation, to output recorded said encrypted content data ({Data}Kc) and said first reproduction information;
      
      if in said reproduction operation said first storage unit outputs said first reproduction information encrypted, said third decryption unit (1422) effects decryption to extract said first reproduction information;
      
      said first encryption unit (1406) in said reproduction operation receives said first reproduction information from one of said third decryption unit and said first storage unit for encryption with a fourth symmetric key (Ks4);
      
      said deciphering unit (110, 115) outputs said first reproduction information encrypted with said fourth symmetric key and said encrypted content data recorded in said first recording unit;
      
      said data distribution system further comprises a plurality of reproduction terminals (100, 101) having said deciphering unit attached thereto to receive from said deciphering unit said first reproduction information encrypted with said fourth symmetric key and said encrypted content data which are output from said deciphering unit and reproduce content data from said first reproduction information and said encrypted content data;
      
      each said reproduction terminal has a fourth interface having said deciphering unit attached thereto to communicate data with said deciphering unit, and a content reproduction unit;
      
      said content reproduction unit has a fourth decryption unit (1510) decrypting said first reproduction information encrypted with said fourth symmetric key and output from said deciphering unit, to extract said first reproduction information, a content data reproduction unit (1516, 1518) decrypting said encrypted content data with said license key (Kc) included in said first reproduction information corresponding to an output of said fourth decryption unit, for reproduction, a second authentication data hold unit (1500) holding a second class certification data (Cp(n)) and a third public encrypted key (KPp(n)) predetermined to correspond to said content reproduction unit and encrypted in a state capable of verifying authenticity through decryption using said authentication key (KPma), for output to said deciphering unit (110, 115) to accommodate said reproduction operation, a fourth key hold unit (1502) holding a third private decryption key (Kp(n)) decrypting data encrypted with said third public encryption key, a fifth decryption unit (1504) using said third private decryption key to decrypt data encrypted with said third public encryption key and returned, to obtain said third symmetric key, a third session key generation unit (1508) producing said fourth symmetric key updated whenever said reproduction operation is effected, and a second encryption unit (1506) using said third symmetric key received from said fifth decryption unit, to encrypt said fourth symmetric key for output to said deciphering unit;
      
      said deciphering unit (110, 115) further has a second authentication unit (1408) using said authentication key (KPma) to decrypt said second class certification data and said third public encryption key encrypted in a state capable of verifying authenticity through decryption using said authentication key, to confirm said authenticity, and a third decryption unit (1410) controlled by said control unit (1420) to encrypt said second symmetric key with said third public encryption key received from said second authentication unit, for output to said content reproduction unit (1550) corresponding thereto;
      
      said class revocation list (CRL) further lists said second class certification data subjected to revocation; and
      
      said control unit (1420) suspends outputting said first reproduction information to said content reproduction unit, if in said reproduction operation said second authentication unit obtains said second class certification data listed in said class revocation list held in said second storage unit.
  - 21. The data distribution system of claim 20, wherein:
    - said second and third decryption units (1412, 1422) receives via said second interface unit (1102) second reproduction information (AC1) encrypted in said content provision device (10, 11) with said second public encryption key (KPm(i)), further encrypted with said second symmetric key (Ks2), and distributed together with said first reproduction information (AC2), for decryption with said second symmetric key and said second private decryption key (Km(i));
      
      said first storage unit (1440), said deciphering unit (110, 115) further records therein said second reproduction information decrypted; and
      
      said control unit (1420) in said reproduction operation refers to said second reproduction information in said first storage unit to determine whether said first reproduction information may be output.
  - 22. (Amended) The data distribution system of claim 20, wherein:
    - in a transfer operation effected in response to an external instruction to transfer or replicate from said deciphering unit (110, 115) to another distributed-data deciphering unit (112, 116) data at least including said first reproduction information, said second authentication unit (1408) of said deciphering unit receives via said second interface unit said first class certification data (Cmc(m)) and said first public encryption key (KPmc(m)) corresponding to said another deciphering unit and encrypted in a state capable of verifying authenticity through decryption using said authentication key, for decryption with said authentication key (KPma) to confirm said authenticity, and said second session key generation units (1418) of said deciphering unit and said another deciphering unit, respectively, also produce said third and second symmetric keys (Ks3, Ks2), respectively, to accommodate said transfer operation;
      
      said third encryption unit (1410) of said deciphering unit in said transfer operation uses said first public encryption key corresponding to said another deciphering unit, to encrypt said third symmetric key corresponding to said deciphering unit (112, 116), for output to said deciphering unit;
      
      said second decryption unit (1412) of said another deciphering unit in said transfer operation decrypts data encrypted with said third symmetric key and returned from said deciphering unit, to obtain said second symmetric key produced in said deciphering unit (112, 116) and said second public encryption key corresponding to said deciphering unit;
      
      said deciphering unit further has a fourth encryption unit (1424) further encrypting in said transfer operation said first reproduction information output from said first storage unit (1440), with said second public encryption key corresponding to said another deciphering unit;
      
      said first encryption unit (1406) of said deciphering unit in said transfer operation further encrypts said output of said fourth encryption unit (1424) with said second symmetric key produced by said another deciphering unit (112, 116), for output to said another deciphering unit; and
      
      said control unit (1420) of said deciphering unit suspends said transfer operation if in said transfer operation said second authentication unit obtains said first class certification data corresponding to said another deciphering unit and listed in said class revocation list held in said second storage unit.
  - 23. (Amended) The data distribution system of claim 20, wherein:
    - said second and third decryption units (1412, 1422) receives via said second interface unit (1102) second reproduction information (AC1) encrypted in said content provision device (10, 11) with said second public encryption key (KPm(i)), further encrypted with said second symmetric key (Ks2), and distributed together with said first reproduction information (Kc//AC2), for decryption with said second symmetric key and said second private decryption key (Km(i));
      
      said first storage unit (1440) further records therein said second reproduction information decrypted; and
      
      said control unit (1420) in said transfer operation refers to second reproduction information in said first storage unit to determine whether said transfer operation may be carried out and if said control unit determines that said transfer operation may be effected and said first reproduction information is output to said another deciphering unit (112, 116) said control unit (1420) updates said second reproduction information recorded in said first storage unit.
  - 24. (Amended) The data distribution system of claim 18, wherein:
    - said deciphering unit (115) further has a fifth key hold unit (1450) holding a secret key (K(i)) different for each said recording device, a fifth encryption unit (1452) using said secret key to encrypt data obtained from said third decryption unit (1422) decrypting an output of said second decryption unit (1412) using said second private decryption key (Km(i)), and a sixth decryption unit (1454) decrypting data encrypted with said secret key;
      
      said first storage unit (1415) records therein data encrypted by said fifth encryption unit;
      
      said fifth encryption unit encrypts data of said class revocation list (CRL) with said secret key; and
      
      said second storage unit (2415) is arranged external to a security area (TRM) unreadable by a third party and holds said class revocation list encrypted by said fifth encryption unit.
  - 26. (Amended) The data distribution system of claim 25, wherein:
    - said deciphering block (110, 115) is a recording device detachably attached to said terminal (110, 101);
      
      said class certification data (Cmc(m)) is predetermined to correspond to each type of said recording device;
      
      said deciphering block (110, 115) further has a second storage unit holding said class permission list, and a control unit (1420) operative in response to issuance of an instruction to effect said distribution operation, to produce update information capable of specifying an update of said class permission list held in said second storage unit;
      
      said control unit outputs said update information via said second interface unit (1102) to said content provision device (10, 11);
      
      said content provision device receives said update information via said first interface unit (350) for provision to said distribution control unit (315);
      
      said distribution control unit uses said update information to produce and output updating data via said first interface unit, said updating data being used to update said class permission list to provide a new class permission list,; and
      
      said control unit receives said updating data via said second interface unit (1102) and uses said updating data to update content of said class permission list held in said second storage unit.
  - 28. (Amended) The recording device of claim 27, further comprising an authentication unit (1408) operative in a reproduction operation effected in response to an external instruction issued to reproduce said content data, to receive via said interface unit (1202) said third class certification data (Cp(n)) corresponding to a reproduction circuit (1550) reproducing said content data, and encrypted with said authentication key, for decryption with said authentication key (KPma) to confirm said authenticity, wherein:
    - said first class certification data includes said third class certification data; and
      
      said control unit suspends said reproduction operation if in said reproduction operation said authentication unit obtains said third class certification data corresponding to said content data reproduction circuit and listed on said class revocation list held in said second storage unit.
  - 29. (Amended) The recording device of claim 28, wherein:
    - in a transfer operation effected in response to an external instruction to transfer or replicate into another recording device data at least including said first reproduction information, said authentication unit (1408) receives via said interface unit (1202) second class certification data encrypted with said authentication key (KPma) and corresponding to said another recording device (112, 116), for decryption;
      
      said first class certification data includes said second class certification data; and
      
      said control unit (1420) suspends said transfer operation if in said transfer operation said authentication unit obtains said second class certification data corresponding to said recording device and listed on said class revocation list held in said second storage unit.
  - 30. (Amended) The recording device of claim 27, wherein said second storage unit (1430, 2145) is arranged internal to a security area (TRM) unreadable by a third party.
  - 31. (Amended) The recording device of claim 27, further comprising a second encryption unit (1424) encrypting data of said class revocation list (CRL) with said second public encryption key (KPm(i)), wherein said second storage unit (2415) is arranged external to a security area (TRM) unreadable by a third party and holds said class revocation list encrypted by said second encryption unit.
  - 32. (Amended) The recording device of claim 27, further comprising:
    - a secret key hold unit (1450) holding a secret key (K(i)) different for each said recording device;
      
      a secret key encryption unit (1452) using said secret key to effect encryption; and
      
      a secret key decryption unit (1454) decrypting data encrypted with said secret key, wherein;
      
      said first storage unit (1415) and said second storage unit (2415) are arranged external to a security area (TRM) unreadable by a third party;
      
      said first storage unit (1415) holds data encrypted by said second encryption unit; and
      
      said second storage unit (2415) holds said class revocation list encrypted by said second encryption unit.
  - 33. (Amended) The recording device of claim 27, wherein said first storage unit (1415, 1440) is a semiconductor memory and said recording device is a memory card.
  - 36. (Amended) The data provision data of claim 35, wherein:
    - said data recording unit provided to each said terminal outputs a license key to another said data recording unit or a data reproduction circuit holding second class certification data and decrypting said encrypted content with said license key to reproduce content data, and to determine whether said license key may be output said data recording unit holds a class revocation list (CRL) listing said first and second class certification data subjected to revocation of outputting said license key;
      
      said data provision device receives via said interface unit (350) update information (CRL_ver) transmitted in response to an instruction to effect said distribution operation being issued from each said terminal having said data recording unit, for output to said distribution control unit (315), said update information being capable of designating an update of said class revocation list; and
      
      said distribution control unit refers to said update information to create updating data (CRL dat) updating said class revocation list in said data recording unit to be a new class revocation list, for output via said interface unit.
  - 38. (Amended) The data provision device of claim 37, wherein:
    - said data recording unit provided to each said terminal outputs to another said data recording unit or a data reproduction circuit holding second class certification data and decrypting said encrypted content with said license key to reproduce content data, and to determine whether said license key may be output said data recording unit holds a class revocation list (CRL) listing another first and second class certification data subjected to revocation of outputting said license key;
      
      said data provision device receives via said interface unit (350) update information (CRL_ver) transmitted in response to an instruction to effect said distribution operation being issued from each said terminal having said data recording unit, and encrypted with said first symmetric key (Ks1) together with said second public encryption key and said second symmetric key, for decryption in a session key decryption unit (320), said update information being capable of specifying an update of said class revocation list;
      
      said distribution control unit (315) uses said update information decrypted by said session key decryption unit, to produce updating data (CRL_dat) updating said class revocation list in said data recording unit to be a new class revocation list; and
      
      said first encryption unit (1406) allows said updating data to be encrypted together with a license key encrypted with said second public encryption key, by said second license data encryption unit using said second symmetric key (Ks2), for transmission via said interface to the terminal corresponding to the source of said first class certification data received.

15. (Amended) A data distribution system comprising:
- a content provision device (10, 11) provided to distribute encrypted content data ({Data}Kc) and a license key (Kc) serving as a decryption key decrypting said encrypted content data to obtain plaintext content data (Data); and
  
  a plurality of terminals (100, 101) receiving the distribution from said content provision device (10, 11), wherein;
  
  said content provision device includes a first interface unit (350) provided to externally communicate data, a first authentication unit (312) receiving via said first interface unit first class certification data (Cmc(m)) and a first public encryption key (KPmc(m)) transmitted from each said terminal and encrypted in a state authenticatable through decryption using an authentication key (KPma), for decryption with said authentication key to confirm authenticity, a class revocation list hold unit (350) holding a class revocation list (CRL) listing said first class certification data subjected to revocation of distribution of said license key, a distribution control unit (315) suspending a distribution operation distributing first reproduction information at least including said license key to a terminal corresponding to a source of said first class certification data received, if said first authentication unit obtains said first class certification data listed on said class revocation list held in said class revocation list hold unit, a first session key generation unit (316) generating a first symmetric key (Ks1) updated whenever said distribution is effected, a session key encryption unit (318) effecting an encryption process using said first public encryption key to encrypt said first symmetric key for transmission via said first interface unit to the terminal corresponding to the source of said first class certification data received, a session key decryption unit (320) decrypting and extracting a second public encryption key (KPm(i)) and a second symmetric key (Ks2) encrypted with said first symmetric key and returned via said first interface unit from the terminal corresponding to the source of said first class certification data received, a first license data encryption unit (326) encrypting said first reproduction information with said second public encryption key decrypted by said session key decryption unit, and a second license data encryption unit (328) effecting an encryption process further encrypting an output of said first license data encryption unit with said second symmetric key decrypted by said session key decryption unit, for transmission via said first interface unit for distribution to the terminal corresponding to the source of said first class certification data received;
  
  each said terminal includes a second interface unit (1102) provided to externally communicating data, and a distributed-data deciphering unit (110, 115) receiving and recording said encrypted content data therein;
  
  first class certification data (Cmc(m)) and a first public encryption key (KPmc(m)) are determined to correspond to said deciphering unit;
  
  said deciphering unit has a first authentication data hold unit (1400) holding said first class certification data and first public encryption key encrypted in a state capable of verifying said authenticity through decryption using said authentication key, for output when said first reproduction information is received, a first key hold unit (1402) holding a first private decryption key (Kmc(m)) decrypting data encrypted with said first public encryption key, a first decryption unit (1404) receiving said first symmetric key encrypted with said first public encryption key, for decryption, a second key hold unit (1416) holding said second public encryption key, a second session key generation unit (1418) producing said second symmetric key updated whenever said encrypted content data is communicated, a first encryption unit (1406) encrypting said second symmetric key and said second public encryption key with said first symmetric key for output to said second interface unit, a second decryption unit (1412) receiving encrypted said first reproduction information from said second license data encryption unit for decryption using said second symmetric key, a third key hold unit (1421) holding a second private decryption key (Km(i)) decrypting data encrypted with said second public encryption key, a third decryption unit (1422) providing a decryption using said second private decryption key, and a first storage unit (1415, 1440) recording said first reproduction information and said encrypted content data therein.

25. (Amended) A data distribution system comprising:
- a content provision device (10, 11) distributing encrypted content data ({Data}Kc) and a license key (Kc) serving as a decryption key decrypting said encrypted content data to obtain plaintext content data (Data); and
  
  a plurality of terminals (100, 101) receiving the distribution from said content provision device (10, 11), wherein;
  
  said content provision device (10, 11) includes a first interface unit (350) externally communicating data, an authentication unit (312) receiving, via said first interface unit, class certification data (Cmc(m)) encrypted in a state authenticatable through decryption using an authentication key (KPma), for decryption with said authentication key, a class permission list hold unit holding a class permission list listing said class certification data subjected to permission of distribution of said encrypted content data, and a distribution control unit (315) effecting at least a distribution operation to distribute said license key, if said authentication unit obtains said class certification data listed in said class permission list held in said class permission list hold unit;
  
  each said terminal (100, 101) includes a second interface unit (1102) externally communicating data, and a distributed-data deciphering unit (110, 115) receiving and recording at least said license key therein;
  
  said class certification data is determined to correspond to said decryption unit;
  
  said deciphering unit has an authentication data hold unit (1400) holding said class certification data encrypted in a state capable of verifying authenticity through decryption using said authentication key, for output via said second interface unit when said license key is received, and a first storage unit (1415, 1440) recording said encrypted content data and said license key therein.

27. (Amended) A recording device receiving and recording therein encrypted content data ({Data}Kc) and first reproduction information including a license key (Kc) serving as a decryption key decrypting said encrypted content data to obtain plaintext content data (Data), comprising:
- an interface unit (1202) externally communicating data;
  
  a first storage unit (1415, 1440) recording said first reproduction information and said encrypted content data therein;
  
  a second storage unit (1430, 2415) holding a class revocation list listing said first class certification data (Cp(n), Cmc(m)) subjected to revocation of communicating said reproduction information;
  
  a control unit (1420) operative, when said first reproduction information is received, to produce update information (CRL_ver) capable of specifying an update of said class revocation list held in said second storage;
  
  an authentication data hold unit (1400) holding second class certification data (Cmc(m)) and a first public encryption key (KPmc(m)) of a data recording device determined to correspond to said recording device and encrypted in a state capable of authenticatable through decryption using an authentication key (KPma), for external output via said interface unit when said first reproduction information is received;
  
  a first key hold unit (1402) holding a first private decryption key (Kmc(m)) decrypting data encrypted with said first public encryption key;
  
  a first decryption unit (1404) receiving externally via said interface unit a first symmetric key (Ks1) encrypted with said first public encryption key, for decryption;
  
  a second key hold unit (1416) holding a second public encryption key (KPm(i)) determined for each said recording device;
  
  a session key generation unit (1418) producing a second symmetric key (Ks2) updated whenever said content data is communicated;
  
  a first encryption unit (1406) encrypting said update information, said second symmetric key and said second public encryption key with said first symmetric key for external output via said interface unit;
  
  a second decryption unit (1412) receiving, via said interface unit, said first reproduction information encrypted with said second public encryption key encrypted with said second symmetric key, and updating data based on said update information and input and used to update said class revocation list held in said second storage, for decryption with said second symmetric key;
  
  a third key hold unit (1421) holding a second private decryption key (Km(i)) decrypting data encrypted with said second public encryption key; and
  
  a third decryption unit (1422) using said second private decryption key to effect decryption, wherein said control unit refers to said updating data decrypted by said second decryption unit, to update content of said class revocation list held in said second storage.

34. (Amended) A recording device comprising:
- a first storage unit (1415, 1440) recording data (Kc) therein;
  
  an authentication unit (1408) receiving class certification data (Cmc(m)) input via an interface unit (1202) and encrypted in a state authenticatable through decryption using an authentication key (KPma), for decryption with said authentication key to confirm authenticity;
  
  a second storage unit holding a class permission list listing class certification data subjected to permission to output said data; and
  
  a control unit (1420) operative in response to an external instruction issued to output said data, to control outputting said data via said interface unit, wherein said control unit effects outputting said data, if said class permission list includes the class certification data obtained from said authentication unit decrypting said class certification data encrypted and input externally via said interface unit together with said external instruction.

35. (Amended) The data provision device (10, 11) provided to distribute encrypted content data ({Data}Kc) and a license key (Kc) serving as a decryption key decrypting said encrypted content data to obtain plaintext content data (Data) or said license key alone to a plurality of terminals each having a data recording unit holding first class certification data (Cmc(m)) determined to correspond to said data recording unit and encrypted in a state authenticatable through decryption with an authentication key (KPma), comprising:
- an interface unit (350) provided to externally communicate data;
  
  an authentication unit (312) receiving from said interface unit said first class certification data encrypted in a state capable of verifying authenticity through decryption with said authentication key, for decryption with said authentication key to confirm said authenticity;
  
  a class revocation list hold unit (306) holding a class revocation list (CRL) listing said first class certification data subjected to revocation of said distribution; and
  
  a distribution control unit (15) suspending at least a distribution operation distributing said license key to each said terminal having said data recording unit, if said first authentication unit obtains said first class certification data listed on said class revocation list held in said class revocation list hold unit.

37. (Amended) A data provision device (10, 11) distributing encrypted content data ({Data}Kc) and a license key (Kc) decrypting said encrypted content data to obtain plaintext content data (Data) or said license key alone to a plurality of terminals each having a data recording unit holding first class certification data (Cmc(m)) determined to correspond to said data recording unit and encrypted in a state decryption unit, to further encrypt an output of said first license data encryption unit for distribution via said interface unit to the terminal corresponding to the source of said first class certification data received.

39. (Amended) A data provision device (10, 11) distributing encrypted content data ({Data}Kc) and a license key (Kc) serving as a decryption key decrypting said encrypted content data to obtain plaintext content data (Data) or said license key alone to a plurality of terminals each having a data recording unit holding class certification data (Cmc(m)) determined to correspond to said data recording unit and encrypted in a state authenticatable through decryption with an authentication key (KPma), comprising:
- an interface unit (350) provided to externally communicate data;
  
  an authentication unit (312) receiving via said interface unit said class certification data encrypted in a state capable of verifying authenticity through decryption with said authentication key, for decryption with said authentication key to confirm said authenticity;
  
  a class permission list hold unit holding a class permission list listing said class certification data subjected to permission to distribute said encrypted content data; and
  
  a distribution control unit (315) effecting at least a distribution operation distributing said license key, if said authentication unit obtains said class certification data listed on said class permission list held in said class permission list hold unit. authenticatable through decryption with an authentication key (KPma), comprising;
  
  an interface unit (350) provided to externally communicate data;
  
  an authentication unit (312) receiving via said interface unit said first class certification data (Cmc(m)) and a first public encryption key (KPmc(m)) transmitted from each said terminal and encrypted in a state authenticatable through decryption with said authentication key, for decryption with said authentication key to confirm authenticity;
  
  a class revocation list hold unit (306) holding a class revocation list (CRL) listing said first class certification data subjected to revocation of distributing said license key;
  
  a distribution control unit (315) suspending a distribution operation distributing first reproduction information at least including said license key to a terminal corresponding to a source of said first class certification data received, if said first authentication unit obtains said first class certification data listed on said class revocation list held in said class revocation list hold unit;
  
  a first session key generation unit (316) generating a first symmetric key (Ks1) updated whenever said distribution is effected;
  
  a session key encryption unit (318) effecting an encryption process using said first public encryption key to encrypt said first symmetric key for transmission via said interface unit to the terminal corresponding to the source of said first class certification data received;
  
  a session key decryption unit (320) decrypting and thus extracting a second public encryption key (KPm(i)) and a second symmetric key (Ks2) encrypted with said first symmetric key and returned via said interface unit from the terminal corresponding to the source of said first class certification data received;
  
  a first license data encryption unit (326) encrypting said license key with said second public encryption key decrypted by said session key decryption unit; and
  
  a second license data encryption unit (328) effecting an encryption process using said second symmetric key decrypted by said session key

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Fujitsu Limited, Hitachi, Ltd., Sanyo Electric Company Limited (Panasonic Holdings Corporation)
Original Assignee
Fujitsu Limited, Hitachi, Ltd., Sanyo Electric Company Limited (Panasonic Holdings Corporation)
Inventors
Yoshikawa, Takatoshi, Takemura, Hiroshi, Furuta, shigeki, Hasebe, Takayuki, Anazawa, Takeaki, Hioki, Toshiaki, Hatakeyama, Takahisa, Takahashi, Masataka, Hori, Yoshihiro, Tonegawa, Tadaaki, Kanamori, Miwa

Granted Patent

US 7,219,227 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/158
CPC Class Codes

G06F 21/109 by using specially-adapted ...

G06F 2221/2107 File encryption

Data distribution system and recorder for use therein

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

62 Citations

39 Claims

Specification

Solutions

Use Cases

Quick Links

Data distribution system and recorder for use therein

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

62 Citations

39 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links