Revocation information updating method, revocation information updating apparatus and storage medium
First Claim
1. A storage medium that is used having been loaded into an electronic appliance, the storage medium comprising:
- a content storage area for storing a digital content;
a revocation information storage area for storing, as revocation information, information that corresponds to identification information of an electronic appliance that is prohibited from accessing the digital content stored in the content storage area;
a master revocation information storage area storing, as master revocation information, information that corresponds to identification information of an electronic appliance that is prohibited from updating the revocation information stored in the revocation information storage area;
content protecting means for performing a first judgment as to whether an electronic appliance into which the storage medium has been loaded has identification information that corresponds to the revocation information stored in the revocation information storage region, and allowing the electronic appliance to access the digital content stored in the content storage region only if the first judgment is negative; and
revocation information updating means for performing a second judgment as to whether the electronic appliance into which the storage medium has been loaded has identification information that corresponds to the master revocation information stored in the master revocation information storage region, and allowing the electronic appliance to update the revocation information stored in the revocation information storage region only if the second judgment is negative.
3 Assignments
0 Petitions
Accused Products
Abstract
A storage medium (PM) 13 includes a controller 130 and two types of storage regions, the concealed region 134 and the open region 131. The open region 131 includes an open RW 133 storing a digital content, an open ROM-W region 132a storing, as revocation information, identification information of an electronic appliance that is prohibited from accessing the digital content, and an open ROM region 132 storing, as master revocation information, identification information of an electronic appliance that is prohibited from updating the revocation information. When the storage medium is loaded into an electronic appliance that has identification information which is registered in the open ROM region 132, the controller 130 prohibits the electronic appliance from updating the revocation information.
-
Citations
18 Claims
-
1. A storage medium that is used having been loaded into an electronic appliance, the storage medium comprising:
-
a content storage area for storing a digital content;
a revocation information storage area for storing, as revocation information, information that corresponds to identification information of an electronic appliance that is prohibited from accessing the digital content stored in the content storage area;
a master revocation information storage area storing, as master revocation information, information that corresponds to identification information of an electronic appliance that is prohibited from updating the revocation information stored in the revocation information storage area;
content protecting means for performing a first judgment as to whether an electronic appliance into which the storage medium has been loaded has identification information that corresponds to the revocation information stored in the revocation information storage region, and allowing the electronic appliance to access the digital content stored in the content storage region only if the first judgment is negative; and
revocation information updating means for performing a second judgment as to whether the electronic appliance into which the storage medium has been loaded has identification information that corresponds to the master revocation information stored in the master revocation information storage region, and allowing the electronic appliance to update the revocation information stored in the revocation information storage region only if the second judgment is negative. - View Dependent Claims (2, 3, 4, 5, 6)
wherein the master revocation information storage region is provided in a ROM (read only memory) in which the master revocation information is stored in advance. -
3. A storage medium in accordance with claim 1, further comprising:
-
a mutual authentication means for performing mutual authentication with the electronic appliance into which the storage medium has been loaded before the revocation information updating means performs the second judgment and, if the mutual authentication succeeds, for generating a secret key that can be shared with the electronic appliance, wherein the revocation information updating means updates the revocation information using the secret key generated by the mutual authentication means.
-
-
4. A storage medium in accordance with claim 1,
wherein the revocation information updating means transmits a secret key, which the electronic appliance needs to update the revocation information, to the electronic appliance only if the second judgment is negative. -
5. A storage medium in accordance with claim 1,
wherein the revocation information is sorted into a plurality of groups, the revocation information storage region includes a plurality of storage areas, and each group is stored in a different storage area, and as the second judgment, the revocation information updating means judges (1) whether the electronic appliance into which the storage medium has been loaded as identification information that does not correspond to the master revocation information stored in the master revocation information storage region, and (2) whether the electronic appliance has identification information that does not correspond to the revocation information in a specified group of revocation information that the electronic appliance wishes to update, the second judgment being negative only when both (1) and (2) are affirmative, and the revocation information updating means allowing the electronic appliance to update only the revocation information in the specified group. -
6. A storage medium in accordance with claim 1,
wherein the revocation information storage region stores, as the revocation information, information that has been generated by encrypting a predetermined secret key using identification information of an electronic appliance that is prohibited from accessing the digital content as a key, the content protecting means transmits the revocation information stored in the revocation information storage region to the electronic appliance into which the storage medium is loaded, and judges whether information received in reply from the electronic appliance exhibits a predetermined regularity to determine whether the electronic appliance has identification information that corresponds to the revocation information stored in the revocation information storage region, the master revocation information storage region stores, as the master revocation information, information that has been generated by encrypting a predetermined secret key using identification information of an electronic appliance that is prohibited from updating the revocation information as a key, and the revocation information updating means transmits the master revocation information stored in the master revocation information storage region to the electronic appliance, and judges whether information received in reply from the electronic appliance exhibits a predetermined type of regularity so as to judge whether the electronic appliance has identification information that corresponds to the master revocation information stored in the master revocation information storage region.
-
-
7. A method for updating revocation information on a storage medium, the storage medium being used having been loaded into an electronic appliance and including (1) a content storage area for storing a digital content, (2) a revocation information storage area for storing, as revocation information, information that corresponds to identification information of an electronic appliance that is prohibited from accessing the digital content stored in the content storage area, and (3) a master revocation information storage area storing, as master revocation information, information that corresponds to identification information of an electronic appliance that is prohibited from updating the revocation information stored in the revocation information storage area,
the method comprising: -
a detection step for detecting whether the storage medium has been loaded into an electronic appliance;
a judgment step for performing a first judgment as to whether first identification information of the electronic appliance does not correspond to the master revocation information stored in the master revocation information storage region of the storage medium; and
an updating step for updating the revocation information stored in the revocation information storage region only when the first judgment is affirmative. - View Dependent Claims (8, 9, 10, 11, 12)
wherein the updating step has information corresponding to second identification information of an electronic appliance stored in the revocation information storage region as new revocation information. -
9. A revocation information updating method in accordance with claim 8, further comprising:
-
a mutual authentication step where mutual authentication is performed between the electronic appliance and the storage medium and, only if the mutual authentication succeeds, a secret key that is to be shared by the electronic appliance and the storage medium is generated, wherein the updating step updates the revocation information using the secret key generated during the mutual authentication step.
-
-
10. A revocation information updating method in accordance with claim 9,
wherein the updating step includes: -
a transfer substep for encrypting, when the first judgment is affirmative, information that corresponds to the second identification information of the electronic appliance using the secret key generated during the mutual authentication step, and having the encrypted information transferred from the electronic appliance to the storage medium; and
a storage substep for decrypting the transferred encrypted information using the secret key and storing the information in the revocation information storage region as new revocation information.
-
-
11. A revocation information updating method in accordance with claim 8,
wherein the judging step includes a judging substep for performing a third judgment as to whether the second identification information corresponds to the revocation information stored in the revocation information storage region, and when the first judgment is affirmative and the third judgment is negative, the updating step has the second identification information stored in the revocation information storage region as new revocation information. -
12. A revocation information updating method in accordance with claim 8,
wherein the master revocation information storage region stores, as the master revocation information, information produced by encrypting a special secret key using identification information of an electronic appliance that is prohibited from updating the revocation information as a key, and the judging step transmitting the master revocation information stored in the master revocation information storage region to the electronic appliance into which the storage medium has been loaded and judging whether the identification information of the electronic appliance corresponds to the master revocation information stored in the master revocation information restricted region on the storage medium by judging whether a response received from the electronic appliance exhibits a predetermined type of regularity.
-
-
13. A revocation information updating apparatus for updating revocation information on a storage medium, the storage medium being used having been loaded into an electronic appliance and including (1) a content storage area for storing a digital content, (2) a revocation information storage area for storing, as revocation information, information that corresponds to identification information of an electronic appliance that is prohibited from accessing the digital content stored in the content storage area, and (3) a master revocation information storage area storing, as master revocation information, information that corresponds to identification information of an electronic appliance that is prohibited from updating the revocation information stored in the revocation information storage area,
the apparatus comprising: -
a first identification information storage means for storing first identification information that does not correspond to the master restricted region stored in the master revocation information storage region of the storage medium;
a permission obtaining means for obtaining, using information corresponding to the first identification information stored in the first identification information storage means, permission from the storage medium to update the revocation information stored on the storage medium; and
updating means for updating the revocation information stored on the storage medium in accordance with the permission obtained by the permission obtaining means. - View Dependent Claims (14, 15, 16, 17, 18)
wherein the updating means updates the revocation information using information that is stored beforehand and corresponds to second identification information. -
15. A revocation information updating apparatus in accordance with claim 14, further comprising:
-
a mutual authentication means for performing mutual authentication with the storage medium before the permission obtaining means tries to obtain permission to update the revocation information and, only when the mutual authentication has succeeded, generating a secret key that can be shared with the storage medium, wherein the updating means updates the revocation information using the secret key generated by the mutual authentication means.
-
-
16. A revocation information updating apparatus in accordance with claim 15, further comprising:
wherein the updating means updates the revocation information by encrypting new revocation information corresponding to the second identification information using the secret key generated by the mutual authentication means and has the encrypted information transferred from the electronic appliance to the storage medium.
-
17. A revocation information updating apparatus in accordance with claim 14,
wherein the revocation information is sorted into a plurality of groups and the revocation information storage region includes a plurality of storage regions that each store a different group, the updating means only updating the revocation information in a group that corresponds to the second identification information. -
18. A revocation information updating apparatus in accordance with claim 14,
wherein the master revocation information storage region stores, as the master revocation information, information produced by encrypting a predetermined secret key using identification information of an electronic appliance that is prohibited from updating the revocation information as a secret key, and the permission obtaining means obtaining the permission by receiving the master revocation information sent from the storage medium, decrypting the master revocation information using the first identification information of the electronic appliance, and sending a decrypted result and information that exhibits a predetermined type of regularity to the storage medium.
-
Specification