Client apparatus and content processing method in client apparatus, and content provision system
First Claim
1. A client apparatus that is connectable to a network for receiving content data and key information from a server connected to the network, the client apparatus comprising:
- an interface unit operable to capture encrypted content data sent from the server via the network, and key information in which a content key used for generating the encrypted content data is encrypted and stored;
a content data using unit operable to receive the encrypted content data captured by the interface unit, to decrypt the encrypted content data, and to use the content data;
an authority managing unit operable to extract the content key from the key information captured by the interface unit; and
a common bus operable to connect the interface unit, the content data using unit, and the authority managing unit and to transmit at least the encrypted content data and the key information, wherein the authority managing unit encrypts the content key using a distribution key to obtain a second encrypted content key and distributes the second encrypted content key to the content data using unit, and the content data using unit decrypts the second encrypted content key using the distribution key to obtain a decrypted content key, decrypts the encrypted content data using the decrypted content key, and uses the content data.
1 Assignment
0 Petitions
Accused Products
Abstract
A client apparatus can protect a content key, which is required for decrypting encrypted content, from a malicious third party. In the client apparatus, an authority managing unit and a content using unit share a session key (distribution key) provided in common to all apparatuses before shipment. Therefore, when the authority managing unit sends a content key to the content using unit, the authority managing unit encrypts the content key with the session key that the authority managing unit itself has. Then, the authority managing unit sends the encrypted content key to the content using unit via a common bus. The content using unit, having received the encrypted content key, decrypts the encrypted content key with the session key, which the content using unit itself also has, to obtain the content key.
-
Citations
16 Claims
-
1. A client apparatus that is connectable to a network for receiving content data and key information from a server connected to the network, the client apparatus comprising:
-
an interface unit operable to capture encrypted content data sent from the server via the network, and key information in which a content key used for generating the encrypted content data is encrypted and stored;
a content data using unit operable to receive the encrypted content data captured by the interface unit, to decrypt the encrypted content data, and to use the content data;
an authority managing unit operable to extract the content key from the key information captured by the interface unit; and
a common bus operable to connect the interface unit, the content data using unit, and the authority managing unit and to transmit at least the encrypted content data and the key information, wherein the authority managing unit encrypts the content key using a distribution key to obtain a second encrypted content key and distributes the second encrypted content key to the content data using unit, and the content data using unit decrypts the second encrypted content key using the distribution key to obtain a decrypted content key, decrypts the encrypted content data using the decrypted content key, and uses the content data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A content processing method in a client apparatus that is connectable to a network for receiving content data and key information from a server connected to the network, the content processing method comprising:
-
a receiving step of receiving encrypted content data sent from the server via the network, and key information in which a content key used for generating the encrypted content data is encrypted and stored;
an authority managing step of;
extracting the content key from the key information; and
encrypting the content key using a distribution key to obtain a second encrypted content key; and
a content data using step of;
receiving the second encrypted content key from the authority managing step;
decrypting the second encrypted content key using the distribution key to obtain a decrypted content key;
decrypting the encrypted content data using the decrypted content key; and
using the content data. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A content provision system, comprising:
-
a client apparatus; and
a server connected to the client apparatus via a network for providing content to the client apparatus, the client apparatus including;
an interface unit operable to capture encrypted content data sent from the server via the network, and key information in which a content key used for generating the encrypted content data is encrypted and stored;
a content data using unit operable to receive the encrypted content data captured by the interface unit, to decrypt the encrypted content data, and to use the content data;
an authority managing unit operable to extract the content key from the key information captured by the interface unit; and
a common bus operable to connect the interface unit, the content data using unit, and the authority managing unit, and to transmit at least the encrypted content data and the key information, wherein the authority managing unit encrypts the content key using a distribution key to obtain a second encrypted content key and distributes the second encrypted content key to the content data using unit, and the content data using unit decrypts the second encrypted content key using the distribution key to obtain a decrypted content key, decrypts the encrypted content data using the decrypted content key, and uses the content data.
-
Specification