Digital work protection system, recording medium apparatus, transmission apparatus, and playback apparatus

US 20030009681A1
Filed: 06/26/2002
Published: 01/09/2003
Est. Priority Date: 07/09/2001
Status: Abandoned Application

First Claim

Patent Images

1. A digital work protection system in which a digital work transmitted by a transmission apparatus is written to a portable recording medium apparatus via a reception apparatus, and played back by a playback apparatus, comprising:

the transmission apparatus operable to encrypt original content that is the digital work, based on a distribution encryption key, to generate first encrypted information, and transmit the generated first encrypted information via a network;

the reception apparatus operable to, in a state in which the recording medium apparatus is connected to the reception apparatus, receive the first encrypted information via the network, and output the received first encrypted information to the recording medium apparatus;

the recording medium apparatus, including;

an information storage area; and

a tamper-proof module unit operable to (a) obtain the output first encrypted information, (b) decrypt the obtained first encrypted information, based on a distribution decryption key, to generate intermediate information, (c) encrypt the intermediate information, based on a medium unique key that is unique to the recording medium apparatus, to generate second encrypted information, and (d) write the generated second encrypted information to the information storage area; and

the playback apparatus operable to, in a state in which the recording medium apparatus to which the second encrypted information has been written is connected to the playback apparatus, (a) read the second encrypted information from the information storage area, (b) read securely the medium unique key, (c) decrypt the read second encrypted information, based on the medium unique key, to generate decrypted content, and (d) play back the decrypted content.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A server apparatus encrypts content, based on a distribution key, and transmits the encrypted content to a PC via a network. The PC, to which a memory card is connected, outputs the received encrypted content to the memory card. The memory card decrypts the encrypted content using the distribution key, converts the data format of the decrypted content, encrypts the content using a medium unique key that is unique to the memory card, and records the resulting re-encrypted content internally. A playback apparatus decrypts the re-encrypted content using the medium unique key, and plays back the decrypted content.

175 Citations

31 Claims

1. A digital work protection system in which a digital work transmitted by a transmission apparatus is written to a portable recording medium apparatus via a reception apparatus, and played back by a playback apparatus, comprising:
- the transmission apparatus operable to encrypt original content that is the digital work, based on a distribution encryption key, to generate first encrypted information, and transmit the generated first encrypted information via a network;
  
  the reception apparatus operable to, in a state in which the recording medium apparatus is connected to the reception apparatus, receive the first encrypted information via the network, and output the received first encrypted information to the recording medium apparatus;
  
  the recording medium apparatus, including;
  
  an information storage area; and
  
  a tamper-proof module unit operable to (a) obtain the output first encrypted information, (b) decrypt the obtained first encrypted information, based on a distribution decryption key, to generate intermediate information, (c) encrypt the intermediate information, based on a medium unique key that is unique to the recording medium apparatus, to generate second encrypted information, and (d) write the generated second encrypted information to the information storage area; and
  
  the playback apparatus operable to, in a state in which the recording medium apparatus to which the second encrypted information has been written is connected to the playback apparatus, (a) read the second encrypted information from the information storage area, (b) read securely the medium unique key, (c) decrypt the read second encrypted information, based on the medium unique key, to generate decrypted content, and (d) play back the decrypted content.
- View Dependent Claims (2)
- - 2. The digital work protection system of claim 1, wherein the transmission apparatus (a) stores in advance original content, and an original content key that is unique to the original content, (b) obtains the distribution encryption key that is used in distributing digital content, (c) encrypts the original content using the original content key, to generate encrypted content, (d) encrypts the original content key using the obtained distribution encryption key, to generate a first encrypted content key, and (d) transmits the first encrypted information that includes the generated encrypted content and the first encrypted content key, the reception apparatus receives the first encrypted information, and outputs the received first encrypted information, the tamper-proof module unit (a) stores in advance the distribution decryption key and the medium unique key, (b) obtains the output first encrypted information, (c) decrypts the first encrypted content key using the distribution decryption key, to generate an intermediate content key, (d) encrypts the generated intermediate content key using the medium unique key, to generate a second encrypted content key, and (e) writes the second encrypted information that includes the obtained encrypted content and the second encrypted content key to the information storage area, and the playback apparatus (a) obtains securely the medium unique key from the recording medium apparatus, (b) reads the second encrypted information that includes the encrypted content and the second encrypted content key from the information storage area, (c) decrypts the second encrypted content key using the obtained medium unique key, to generate a decrypted content key, and (d) decrypts the read encrypted content using the generated decrypted content key, to generate decrypted content.

3. A digital work protection system composed of a transmission apparatus that transmits a digital work, a reception apparatus that receives the transmitted digital work via a network, and records the received digital work to a portable recording medium apparatus, a playback apparatus that plays back the digital work that is recorded in the recording medium apparatus, and the recording medium apparatus, the transmission apparatus comprising:
- a storage unit operable to store in advance original content that is the digital work, and an original content key that is unique to the original content;
  
  a distribution encryption key obtaining unit operable to obtain a distribution encryption key that is used in digital work distribution;
  
  an encryption unit operable to encrypt the original content using the original content key, to generate encrypted content, and encrypt the original content key using the obtained distribution encryption key, to generate a first encrypted content key; and
  
  a transmission unit operable to transmit the encrypted content and the first encrypted content key via a network;
  
  the reception apparatus, in a state in which the recording medium apparatus is connected thereto, comprising;
  
  a reception unit operable to receive the encrypted content and the first encrypted content key via the network; and
  
  an output unit operable to output the received encrypted content and the received first encrypted content key, the recording medium apparatus comprising;
  
  a information storage unit that includes an area for storing information, and a tamper-proof module unit that includes;
  
  a key storage sub-unit operable to store in advance a distribution decryption key and a medium key that is unique to the recording medium apparatus;
  
  an obtaining sub-unit operable to obtain the output encrypted content and the output first encrypted content key;
  
  a decryption sub-unit operable to decrypt the first encrypted content key using the distribution decryption key, to generate an intermediate content key;
  
  an encryption sub-unit operable to encrypt the generated intermediate content key using the medium unique key, to generate a second encrypted content key; and
  
  a writing sub-unit operable to write the obtained encrypted content and the generated second encrypted content key to the information storage unit, and the playback apparatus, in a state in which the recording medium apparatus to which the encrypted content and the second encrypted content are written is connected thereto, comprising;
  
  a key obtaining unit operable to obtain securely the medium original key from the key storage unit;
  
  a reading unit operable to read the encrypted content and the second encrypted content key from the information storage unit;
  
  a content key decryption unit operable to decrypt the read second encrypted content key using the obtained medium unique key, to generate a decrypted content key;
  
  a content decryption unit operable to decrypt the read encrypted content using the generated decrypted content key, to generate decrypted content; and
  
  a playback unit operable to play back the generated decrypted content.

4. A transmission apparatus that transmits a digital work via a network, the transmitted digital work being written to a portable recording medium apparatus via a reception apparatus, the transmission apparatus comprising:
- a storage unit operable to store in advance original content that is the digital work, and an original content key that is unique to the original content;
  
  a distribution encryption key obtaining unit operable to obtain a distribution encryption key that is used in digital work distribution;
  
  an encryption unit operable to encrypt the original content using the original content key, to generate encrypted content, and encrypt the original content key using the obtained distribution encryption key, to generate a first encrypted content key; and
  
  a transmission unit operable to transmit the encrypted content and the first encrypted content key via the network.
- View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 28, 29, 30, 31)
- - 5. The transmission apparatus of claim 4, wherein the storage unit further stores usage condition information that shows conditions for using the digital work, and an original usage condition key that is unique to the usage condition information, the encryption unit further encrypts the original usage condition key using the distribution encryption key, to generate a first encrypted usage condition key, and encrypts the usage condition information using the original usage condition key, to generate first encrypted usage condition information, and the transmission unit further transmits the first encrypted usage condition key and the first encrypted usage condition information via the network.
  - 6. The transmission apparatus of claim 5, wherein the distribution encryption key obtaining unit obtains the distribution encryption key, the distribution encryption key being a public key generated using a public key generation algorithm, and the encryption unit encrypts using the distribution encryption key according to a public key encryption algorithm.
  - 7. The transmission apparatus of claim 6, further comprising:
    - a revoke list unit that includes an area for recording an invalid distribution encryption key; and
      
      a registration unit operable to, when the distribution decryption key used in generating the distribution encryption key is exposed, write the distribution encryption key to the revoke list unit, and the distribution key obtaining unit, when the transmission apparatus newly transmits content that is a digital work, obtains a new distribution key, judges whether the obtained distribution key is written in the revoke list unit, and, when the obtained distribution key is written in the revoke list unit, prohibits the encryption unit to encrypt and prohibits the transmission unit to transmit.
  - 8. The transmission apparatus of claim 4, wherein the storage unit further stores usage condition information that shows conditions for using the digital work, and the transmission unit reads the usage condition information from the storage unit, applies a hash algorithm to the read usage condition information, to generate a hash value, and transmits securely the generated hash value and the read usage condition information via the network.
  - 9. The transmission apparatus of claim 4, further comprising:
    - an authentication unit operable to perform mutual device authentication with the recording medium apparatus, wherein the distribution encryption key obtaining unit obtains the distribution encryption key from the recording medium apparatus only when the authentication succeeds, the encryption unit encrypts only when the authentication succeeds, and the transmission unit transmits only when the authentication succeeds.
  - 10. The transmission apparatus of claim 4, further comprising:
    - an update information storage unit operable to store in advance update information for updating a tamper-proof module unit of the recording medium apparatus; and
      
      an update information transmission unit operable to read the update information from the update information storage unit, and transmit the read update information via the network and the reception apparatus to the recording medium apparatus.
  - 11. The transmission apparatus of claim 10, further comprising:
    - a hash unit operable to read the update information from the update information storage unit, apply a hash algorithm to the read update information, to generate a hash value, and transmit securely the generated hash value via the network and the reception apparatus to the recording medium apparatus.
  - 12. The transmission apparatus of claim 11, wherein the update information includes information for updating in the tamper-proof module unit at least one of (a) an encryption method, (b) a decryption method, and (c) a data conversion method of converting a distribution data format to a recording data format, and the update information transmission unit reads the update information, and transmits the read update information.
  - 14. The recording medium apparatus of claim 13, wherein the transmission apparatus (a) stores in advance original content, and an original content key that is unique to the original content, (b) obtains the distribution encryption key that is used in distributing digital content, (c) encrypts the original content using the original content key, to generate encrypted content, (d) encrypts the original content key using the obtained distribution encryption key, to generate a first encrypted content key, and (d) transmits the first encrypted information that includes the generated encrypted content and the first encrypted content key, the obtaining sub-unit obtains the obtained first encrypted information, the decryption unit decrypts the first encrypted content key using the distribution decryption key, to generate an intermediate content key, and generates intermediate information that includes the encrypted content and the generated intermediate content key, the encryption unit encrypts the intermediate content key included in the intermediate information, using the medium unique key, to generate a second content key, and generates second encrypted information that includes the encrypted content included in the intermediate information and the second encrypted content key, and the writing sub-unit writes the second encrypted information.
  - 15. The recording medium apparatus of claim 14, wherein the transmission apparatus further (a) stores usage condition information showing conditions for usage of the digital work, and an original usage condition key that is unique to the usage condition information, (b) encrypts the original usage condition key, using the distribution encryption key, to generate a first encrypted usage condition key, (c) encrypts the usage condition information using the original usage condition key, to generate first encrypted usage condition information, and (d) transmits the first encrypted usage condition key and the first encrypted usage condition information via the network to the reception apparatus, the obtaining sub-unit further obtains the first encrypted usage condition key and the first encrypted usage condition information via the reception apparatus, the decryption sub-unit further decrypts the first encrypted usage condition key using the distribution key, to generate an intermediate usage condition key, and decrypts the first encrypted usage condition information using the generated intermediate usage condition key, to generate intermediate usage condition information, the encryption sub-unit further encrypts the intermediate usage condition information using the medium unique key, to generate second encrypted usage condition information, and the writing sub-unit further writes the generated second encrypted usage condition information.
  - 16. The recording medium apparatus of claim 15, wherein the transmission apparatus further obtains the distribution encryption key, which is a public key generated using a public key generation algorithm, based on a distribution decryption key that is a secret key, and performs encryption according to a public key encryption algorithm using a distribution encryption key that is a public key, and the decryption sub-unit performs decryption according to a public key decryption algorithm using a distribution decryption key.
  - 17. The recording medium apparatus of claim 15, wherein the tamper-proof module unit further includes:
    - a conversion sub-unit operable to convert a format of the intermediate information from a distribution data format into a recording data format, to generate recording intermediate information, wherein the encryption sub-unit encrypts the recording intermediate information instead of the intermediate information.
  - 18. The recording medium apparatus of claim 17, wherein the transmission apparatus stores in advance update information for updating the tamper-proof module unit of the recording medium apparatus, reads the update information, and transmits the read update information to the recording medium apparatus via the network and the reception apparatus, the tamper-proof module unit includes a microprocessor and a semiconductor memory that stores a computer program, and compositional elements of the tamper-proof module unit operate according to the microprocessor operating in accordance with the computer program, the obtaining sub-unit obtains the update information via the reception apparatus, and the tamper-proof module unit further includes:
    - a update sub-unit operable to update the computer program using the obtained update information, resulting in the compositional elements included in the tamper-proof module unit being updated.
  - 19. The recording medium apparatus of claim 18, wherein the transmission apparatus further reads the update information, applies a hash algorithm to the read update information to generate a first hash value, and securely transmits securely the generated hash value to the recording medium apparatus via the network and the reception apparatus, the tamper-proof module unit further includes:
    - a hash sub-unit operable to apply the hash algorithm to the obtained update information, to generate a second hash value; and
      
      a comparison judgement sub-unit operable to judge whether the obtained first hash value and the generated second hash value match, and the update sub-unit updates only when the comparison judgement sub-unit judges that the first hash value and the second hash value match.
  - 20. The recording medium apparatus of claim 19, wherein the update information stored by the transmission apparatus includes information for updating in the tamper-proof module unit at least one of (a) an encryption method, (b) a decryption, and (c) a conversion method used by the tamper-proof module unit for converting a distribution data format to a recording data format, the transmission apparatus transmits the update information, the obtaining sub-unit obtains the update information via the reception apparatus, and the update sub-unit updates the computer program using the obtained update information, resulting in at least one of the encryption sub-unit, the encryption sub-unit, and the conversion sub-unit in the tamper-proof module being updated.
  - 21. The recording medium apparatus of claim 14, wherein the transmission apparatus further (a) stores usage condition information that shows conditions for usage of the digital work, (b) reads the usage condition information, (c) applies a hash algorithm to the read usage condition information, to generate a hash value, and (d) transmits securely the generated hash value and the read usage condition information via the network, the obtaining unit further obtains the transmitted first hash value and the transmitted usage condition data via the reception apparatus, the tamper-proof module unit further includes:
    - a hash sub-unit operable to apply the hash algorithm to the obtained usage condition information, to generate a second hash value; and
      
      a comparison judgement sub-unit operable to judge whether the obtained first hash value and the generated second hash value match, the encryption sub-unit encrypts only when the comparison judgement unit judges that the first hash value and the second hash value match, and the writing-sub unit writes only when the comparison judgement unit judges that the first hash value and the second hash value match.
  - 22. The recording medium apparatus of claim 14, wherein the transmission apparatus further performs mutual device authentication with the recording medium apparatus, obtains the distribution encryption key, and encrypts and transmits only when the authentication is successful, the tamper-proof module unit further includes:
    - an authentication sub-unit operable to mutually authenticate device authenticity with the transmission apparatus, the obtaining sub-unit obtains only when the authentication is successful, the decryption sub-unit decrypts only when the authentication is successful, the encryption sub-unit encrypts only when the authentication is successful, and the writing sub-unit writes only when the authentication is successful.
  - 23. The recording medium apparatus of claim 14, being connected to the playback apparatus, and the playback apparatus reading information from the information storage unit, wherein the tamper-proof module unit further includes:
    - an authentication sub-unit operable to perform mutual device authentication with the playback apparatus, and permit the playback apparatus to read information only when the authentication is successful.
  - 24. The recording medium apparatus of claim 14, wherein the decryption sub-unit is provided in advance with a plurality of decryption methods, and decrypts using one decryption method selected from among the plurality of decryption methods, the selected decryption method being a inverse conversion of an encryption method used in the transmission apparatus, and the encryption sub-unit is provided in advance with a plurality of encryption methods, and encrypts using one encryption method selected from among the plurality of encryption methods.
  - 25. The recording medium apparatus of claim 14, wherein the key storage sub-unit stores a plurality of distribution decryption key candidates, and one distribution decryption key candidate is selected from among the plurality of distribution decryption key candidates as the distribution decryption key, and the decryption sub-unit uses the selected distribution decryption key.
  - 26. The recording medium apparatus of claim 14, wherein the tamper-proof module unit is made tamper-proof according to one of software, hardware, and a combination of software and hardware.
  - 28. The playback apparatus of claim 27, wherein the transmission apparatus (a) stores in advance original content and an original content key that is unique to the original content, (b) obtains the distribution encryption key that is used in distributing digital content, (c) encrypts the original content using the original content key, to generate encrypted content, (d) encrypts the original content key using the obtained distribution encryption key, to generate a first encrypted content key, and (e) transmits the first encrypted information that includes the generated encrypted content and the first encrypted content key, the tamper-proof module unit (a) stores in advance the distribution decryption key and the medium unique key, (b) obtains the output first encrypted information, (c) decrypts the first encrypted content key using the distribution decryption key, to generate an intermediate content key, (d) encrypts the generated intermediate content key using the medium unique key, to generate a second encrypted content key, and (e) writes the second encrypted information to the information storage area, the reading unit reads the second encrypted information, and the decryption unit decrypts the read second encrypted content key using the obtained medium unique key, to generate a decrypted content key, and decrypts the read encrypted content using the generated decryption content key, to generate decrypted content.
  - 29. The playback apparatus of claim 28, wherein the transmission apparatus further (a) stores usage condition information that shows conditions for using the digital work, and an original usage condition key that is unique to the usage condition information, (b) encrypts the original usage condition key using the distribution encryption key, to generate a first encrypted usage condition key, (c) encrypts the usage condition information using the original usage condition key, to generate first encrypted usage condition information, and (d) transmits the first encrypted usage condition key and the first encrypted usage condition information via the network to the reception apparatus, the recording medium apparatus further (a) obtains via the network the first encrypted usage condition key and the first encrypted usage condition information, (b) decrypts the first encrypted usage condition key using the distribution decryption key, to generate an intermediate usage condition key, (c) decrypts the first encrypted usage condition information using the generated intermediate usage condition key, to generate intermediate usage condition information, (d) encrypts the intermediate usage condition information, using the medium unique key, to generate second encrypted usage condition information, and (e) writes the generated second encrypted usage condition information to the information storage area, the reading unit further reads the second encrypted usage condition information from the information storage area, the decryption unit further decrypts the second encrypted usage condition information, based on the medium unique key, to generate decrypted usage condition information, and the playback unit further judges, based on the generated decrypted usage condition information, whether playback of the generated decrypted content is permitted, and plays back the decrypted content only when playback is judged to be permitted.
  - 30. The playback apparatus of claim 29, wherein the usage condition information includes at least one of information that limits a number of times the decrypted content is played back, information that limits a period in which the decrypted content is played back, and information that limits an accumulated amount of time that the decrypted content is played back, and the playback unit judges whether playback of the decrypted content is permitted, based on the one or more of the information that limits a number of times the decrypted content is played back, the information that limits a period in which the decrypted content is played back, and the information that limits an accumulated amount of time that the decrypted content is played back.
  - 31. The playback apparatus of claim 28, further comprising:
    - an authentication unit operable perform mutual device authentication with the recording medium apparatus, the key obtaining unit obtains only when authentication succeeds, and the reading unit reads only when the authentication succeeds.

13. A portable recording medium apparatus on which is recorded a digital work that is transmitted from a transmission apparatus via a reception apparatus, the recording medium apparatus being connected to the reception apparatus, and the transmission apparatus encrypting original content that is a digital work, based on a distribution encryption key, to generate first encrypted information, and transmitting the generated first encrypted information via a network to the reception apparatus, the recording medium apparatus comprising:
- an information storage unit that includes an information storage area; and
  
  a tamper-proof module unit including;
  
  a key storage sub-unit operable to store in advance a distribution decryption key and a medium unique key that is unique to the recording medium apparatus;
  
  an obtaining sub-unit operable to obtain the transmitted first encrypted information via the reception apparatus;
  
  an decryption sub-unit operable to decrypt the first encrypted information, based on the distribution decryption key, to generate intermediate information;
  
  an encryption sub-unit operable to encrypt the intermediate information, based on the medium unique key, to generate second encrypted information; and
  
  a writing sub-unit operable to write the generated second encrypted information to the information storage unit.

27. A playback apparatus that plays back a digital work that is transmitted by a transmission apparatus via a network and a reception apparatus, and written to a recording medium apparatus, the transmission apparatus encrypting original content that is the digital work, based on a distribution encryption key, to generate first encrypted information, and transmits the generated first encrypted information via the network to the reception apparatus, in a state in which the recording medium apparatus is connected to the reception apparatus, the recording medium apparatus comprising:
- an information storage area; and
  
  a tamper-proof module unit operable to (a) obtain the output first encrypted information, (b) decrypt the obtained first encrypted information based on a distribution decryption key, to generate intermediate information, (c) encrypt the intermediate information based on a medium unique key that is unique to the recording medium apparatus, to generate second encrypted information, and (d) write the generated second encrypted information to the information storage area, in a state in which the recording medium apparatus to which the second encrypted information has been written is connected to thereto, and the playback apparatus, comprising;
  
  a key obtaining unit operable to obtain securely the medium unique key from the recording medium apparatus;
  
  a reading unit operable to read the second encrypted information from the information storage area;
  
  a decryption unit operable to decrypt the read second encrypted information, based on the medium unique key, to generate decrypted content; and
  
  a playback unit operable to play back the generated content.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Panasonic Corporation (Panasonic Holdings Corporation)
Original Assignee
Panasonic Corporation (Panasonic Holdings Corporation)
Inventors
Futa, Yuichi, Matsuzaki, Natsume, Harada, Shunji, Miyazaki, Masaya, Sekibe, Tsutomu, Nakanishi, Yoshiaki

Application Number

US10/179,856
Publication Number

US 20030009681A1
Time in Patent Office

Days
Field of Search
US Class Current

713/193
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G11B 20/00086   Circuits for prevention of ...

G11B 20/0021   involving encryption or dec...

G11B 20/00224   wherein the key is obtained...

G11B 20/00246   wherein the key is obtained...

G11B 20/00731   involving a digital rights ...

Digital work protection system, recording medium apparatus, transmission apparatus, and playback apparatus

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

175 Citations

31 Claims

Specification

Solutions

Use Cases

Quick Links

Digital work protection system, recording medium apparatus, transmission apparatus, and playback apparatus

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

175 Citations

31 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links