Method and apparatus for recording/playing back information

US 7,362,870 B2
Filed: 04/17/2002
Issued: 04/22/2008
Est. Priority Date: 04/19/2001
Status: Expired due to Fees

First Claim

Patent Images

1. An information recording apparatus for recording information onto a recording medium, said apparatus comprising:

storage means for storing a device node key (DNK) set that includes one or more leaf keys and a plurality of node keys, the one or more leaf keys being associated with one or more leaves such that a unique one of the one or more leaf keys is associated with a particular one of the one or more leaves, the plurality of node keys being associated with a plurality of nodes such that a respective one of the plurality of node keys is associated with a specific one of the plurality of nodes, the plurality of nodes and the one or more leaves being arranged according to a hierarchical tree structure having a plurality of levels, the one or more leaves being further associated with one or more information recording apparatuses such that a given one of the one or more leaves is associated with an individual one of the one or more information recording apparatuses; and

cryptographic means for encrypting content data to be stored in the recording medium, said cryptographic means including;

means for producing a first encryption key (Kst) by encrypting, using a second encryption key (Kcon), a value uniquely assigned to a specific data playback apparatus that is to play back the content data,means for producing encrypted data Enc(Kst, DATA) by encrypting the content data using the first encryption key (Kst),means for producing encrypted key data by encrypting the second encryption key (Kcon) using a selected one of at least a portion of the plurality of node keys located along at least one path within the hierarchical tree structure, the at least portion of the plurality of node keys being stored in an enabling key block (EKB) and being encrypted such that each one of the at least portion of the plurality of node keys is encrypted using at least another one of the at least portion of the plurality of node keys that is located at a lower level along the at least one path than the one of the at least portion of the plurality of node keys or using one of the one or more leaf keys, andmeans for storing a data file including the encrypted data, the encrypted key data, and the enabling key block (EKB) into the recording medium.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A data processing apparatus extracts a root key by decrypting an enabling key block. The data processing apparatus then produces a content key on the basis of a random number and encrypts the content key using the root key. Furthermore, the data processing apparatus encrypts an ID of the data processing apparatus using the produced content key thereby producing a storage key. The data processing apparatus then produces encrypted content by encrypting a content using the storage key. Furthermore, the data processing apparatus stores the encrypted content together with the data produced by encrypting the content by the root key into a removable storage medium.

The content, stored into the removable storage medium in the above-described manner, can be played back only by a specific limited device.

Citations

30 Claims

1. An information recording apparatus for recording information onto a recording medium, said apparatus comprising:
- storage means for storing a device node key (DNK) set that includes one or more leaf keys and a plurality of node keys, the one or more leaf keys being associated with one or more leaves such that a unique one of the one or more leaf keys is associated with a particular one of the one or more leaves, the plurality of node keys being associated with a plurality of nodes such that a respective one of the plurality of node keys is associated with a specific one of the plurality of nodes, the plurality of nodes and the one or more leaves being arranged according to a hierarchical tree structure having a plurality of levels, the one or more leaves being further associated with one or more information recording apparatuses such that a given one of the one or more leaves is associated with an individual one of the one or more information recording apparatuses; and
  
  cryptographic means for encrypting content data to be stored in the recording medium, said cryptographic means including;
  
  means for producing a first encryption key (Kst) by encrypting, using a second encryption key (Kcon), a value uniquely assigned to a specific data playback apparatus that is to play back the content data,means for producing encrypted data Enc(Kst, DATA) by encrypting the content data using the first encryption key (Kst),means for producing encrypted key data by encrypting the second encryption key (Kcon) using a selected one of at least a portion of the plurality of node keys located along at least one path within the hierarchical tree structure, the at least portion of the plurality of node keys being stored in an enabling key block (EKB) and being encrypted such that each one of the at least portion of the plurality of node keys is encrypted using at least another one of the at least portion of the plurality of node keys that is located at a lower level along the at least one path than the one of the at least portion of the plurality of node keys or using one of the one or more leaf keys, andmeans for storing a data file including the encrypted data, the encrypted key data, and the enabling key block (EKB) into the recording medium.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. An information recording apparatus according to claim 1, wherein said information recording apparatus is the specific data playback apparatus, and the uniquely assigned value is a value uniquely assigned to said information recording apparatus.
  - 3. An information recording apparatus according to claim 1, wherein said information recording apparatus is a content distribution terminal for distributing a content, the specific data playback apparatus is a data playback apparatus which plays back content downloaded from the content distribution terminal, the uniquely assigned value is an externally supplied value uniquely assigned to the data playback apparatus, and said information recording apparatus performs the encryption process by applying the second encryption key (Kcon) to the externally supplied value.
  - 4. An information recording apparatus according to claim 1, wherein the value uniquely assigned to the data playback apparatus is a unique telephone number of the data playback apparatus or is unique identification data associated with the data playback apparatus.
  - 5. An information recording apparatus according to claim 1, wherein the recording medium is a removable recording medium which can be removably attached to said information recording apparatus.
  - 6. An information recording apparatus according to claim 1, wherein the selected one of the at least portion of the plurality of node keys is a root key (Kroot) assigned to the root node of the hierarchical tree structure.
  - 7. An information recording apparatus according to claim 1, wherein the selected one of the at least portion of the plurality of node keys is a key which can be acquired by decrypting the enabling key block (EKB) using the device node key (DNK) set.
  - 8. An information recording apparatus according to claim 1, wherein the selected one of the at least portion of the plurality of node keys is renewable, and said information recording apparatus acquires a renewed selected one of the at least portion of the plurality of node keys by decrypting the enabling key block (EKB) using the device node key (DNK) set.
  - 9. An information recording apparatus according to claim 1, wherein said cryptographic means produces the second encryption key (Kcon) based on a random number.

10. An information playback apparatus for playing back data stored in a storage medium, said apparatus comprising:
- storage means for storing a device node key (DNK) set that includes one or more leaf keys and a plurality of node keys, the one or more leaf keys being associated with one or more leaves such that a unique one of the one or more leaf keys is associated with a particular one of the one or more leaves, the plurality of node keys being associated with a plurality of nodes such that a respective one of the plurality of node keys is associated with a specific one of the plurality of nodes, the plurality of nodes and the one or more leaves being arranged according to a hierarchical tree structure having a plurality of levels, the one or more leaves being further associated with one or more information recording apparatuses such that a given one of the one or more leaves is associated with an individual one of the one or more information recording apparatuses; and
  
  cryptographic means for decrypting content data stored in the storage medium, including;
  
  means for acquiring, by decrypting an enabling key block (EKB) stored in the storage medium using the device node key (DNK) set, a selected one of at least a portion of the plurality of node keys located along at least one path within the hierarchical tree structure, the at least portion of the plurality of node keys being stored in the enabling key block (EKB) and being encrypted such that each one of the at least portion of the plurality of node keys is encrypted using at least another one of the at least portion of the plurality node keys that is located at a lower level along the at least one path than the one of the at least portion of the plurality of node keys or using one of the one or more leaf keys,means for acquiring a second decryption key (Kcon) by decrypting encrypted key data using the selected one of the at least a portion of the plurality of node keys,means for producing a first decryption key (Kst) by encrypting a value uniquely assigned to the information playback apparatus using the second decryption key (Kcon), andmeans for decrypting encrypted data Enc(Kst, DATA) stored in the storage medium using the first decryption key (Kst) to obtain the content data.
- View Dependent Claims (11, 12, 13, 14)
- - 11. An information playback-apparatus according to claim 10, wherein the value uniquely assigned to the information playback apparatus is a unique telephone number of the information playback apparatus or is unique identification data associated with the information playback apparatus.
  - 12. An information playback apparatus according to claim 10, wherein the storage medium is a removable storage medium which can be removably attached to the information playback apparatus.
  - 13. An information playback apparatus according to claim 10, wherein the selected one of the at least portion of the plurality of node keys is a root key (Kroot) assigned to the root node of the hierarchical tree structure.
  - 14. An information playback apparatus according to claim 10, wherein the selected one of the at least portion of the plurality of node keys is renewable, and the information playback apparatus acquires a renewed one of the at least portion of the plurality of node keys by decrypting the enabling key block (EKB) using the device node key (DNK) set.

15. In an information recording apparatus, a method of recording information into a recording medium, said method comprising:
- storing a device node key (DNK) set that includes one or more leaf keys and a plurality of node keys, the one or more leaf keys being associated with one or more leaves such that a unique one of the one or more leaf keys is associated with a particular one of the one or more leaves, the plurality of node keys being associated with a plurality of nodes such that a respective one of the plurality of node keys is associated with a specific one of the plurality of nodes, the plurality of nodes and the one or more leaves being arranged according to a hierarchical tree structure having a plurality of levels, the one or more leaves being further associated with one or more information recording apparatuses such that a given one of the one or more leaves is associated with an individual one of the one or more information recording apparatuses;
  
  producing a first encryption key (Kst) by encrypting, using a second encryption key (Kcon), a value uniquely assigned to a specific data playback apparatus that is to play back the content data;
  
  producing encrypted data Enc(Kst, DATA) by encrypting the content data using the first encryption key (Kst);
  
  producing encrypted key data by encrypting the second encryption key (Kcon) using a selected one of at least a portion of the plurality of node keys located along at least one path within the hierarchical tree structure, the at least portion of the plurality of node keys being stored in an enabling key block (EKB) and being encrypted such that each one of the at least portion of the plurality of node keys is encrypted using at least another one of the at least portion of the plurality of node keys that is located at a lower level along the at least one path than the one of the at least portion of the plurality of node keys or using one of the one or more leaf keys;
  
  storing a data file including the encrypted data, the encrypted key data, and the enabling key block (EKB) into the recording medium.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23)
- - 16. A method according to claim 15, wherein said information recording apparatus is the specific data playback apparatus, and the uniquely assigned value is a value uniquely assigned to said information recording apparatus.
  - 17. A method according to claim 15, wherein said information recording apparatus is a content distribution terminal for distributing content, the specific data playback apparatus is a data playback apparatus which plays back content downloaded from the content distribution terminal, the uniquely assigned value is an externally supplied value uniquely assigned to the data playback apparatus, and said step of producing the first encryption key (Kst) includes encrypting the externally supplied value using the second encryption key (Kcon).
  - 18. A method according to claim 15, wherein the value uniquely assigned to the data playback apparatus is a unique telephone number of the data playback apparatus or is unique identification data associated with the data playback apparatus.
  - 19. A method according to claim 15, wherein the recording medium is a removable recording medium which can be removably attached to the information recording apparatus.
  - 20. A method according to claim 15, wherein the selected one of the at least portion of the plurality of node keys is a root key (Kroot) assigned to the root node of the hierarchical tree structure.
  - 21. A method according to claim 15, wherein the selected one of the at least portion of the plurality of node keys is a key which can be acquired by decrypting the enabling key block (EKB) using the device node key (DNK) set.
  - 22. A method according to claim 15, wherein the selected one of the at least portion of the plurality of node keys is renewable, and said method further comprises:
    - acquiring a renewed selected one of the at least portion of the plurality of node keys by decrypting the enabling key block (EKB) using the device node key (DNK) set.
  - 23. A method according to claim 15, further comprising:
    - producing the second encryption key (Kcon) based on a random number.

24. In an information playback apparatus, a method of playing back data stored in a storage medium, said method comprising:
- storing a device node key (DNK) set that includes one or more leaf keys and a plurality of node keys, the one or more leaf keys being associated with one or more leaves such that a unique one of the one or more leaf keys is associated with a particular one of the one or more leaves, the plurality of node keys being associated with a plurality of nodes such that a respective one of the plurality of node keys is associated with a specific one of the plurality of nodes, the plurality of nodes and the one or more leaves being arranged according to a hierarchical tree structure having a plurality of levels, the one or more leaves being further associated with one or more information recording apparatuses such that a given one of the one or more leaves is associated with an individual one of the one or more the information playback apparatus is a unique telephone number of the information playback apparatus or is unique identification data associated with the information playback apparatus.
- View Dependent Claims (25, 26, 27, 28)
- - 25. A method according to claim 24, wherein the value uniquely assigned to medium, said method comprising:
    - storing a device node key (DNK) set that includes one or more leaf keys and a plurality of node keys, the one or more leaf keys being associated with one or more leaves such that a unique one of the one or more leaf keys is associated with a particular one of the one or more leaves, the plurality of node keys being associated with a plurality of nodes such that a respective one of the plurality of node keys is associated with a specific one of the plurality of nodes, the plurality of nodes and the one or more leaves being arranged according to a hierarchical tree structure having a plurality of levels, the one or more leaves being further associated with one or more information recording apparatuses such that a given one of the one or more leaves is associated with an individual one of the one or more information recording apparatuses;
      
      producing a first encryption key (Kst) by encrypting, using a second encryption key (Kcon), a value uniquely assigned to a specific data playback apparatus that is to play back the content data;
      
      producing encrypted data Enc(Kst, DATA) by encrypting the content data using the encryption key (Kst);
      
      producing encrypted key data by encrypting the second encryption key (Kcon) using a selected one of at least a portion of the plurality of node keys located along at least one path within the hierarchical tree structure, the at least portion of the plurality of node keys being stored in an enabling key block (EKB) and being encrypted such that each one of the at least portion of the plurality of node keys is encrypted using at least another one of the at least portion of the plurality of node keys that is located at a lower level along the at least one path than the one of the at least portion of the plurality of node keys or using one of the one or more leaf keys;
      
      storing a data file including the encrypted data, the encrypted key data, and the enabling key block (EKB) into the recording medium.
  - 26. A method according to claim 24, wherein the storage medium is a removable storage medium which can be removably attached to the information playback apparatus.
  - 27. A method according to claim 24, wherein the selected one of the at least portion of the plurality of node keys is a root key (Kroot) assigned to the root node of the hierarchical tree structure.
  - 28. A method according to claim 24, wherein the selected one of the at least portion of the plurality of node keys is renewable, and said method further comprises:
    - acquiring a renewed one of the at least portion of the plurality of node keys by decrypting the enabling key block (EKB) using the device node key (DNK) set.

29. A processor having a program for carrying out, in an information recording apparatus, a method of recording information into a recording information recording apparatuses;
- acquiring, by decrypting an enabling key block (EKB) stored in the storage medium using the device node key (DNK) set, a selected one of at least a portion of the plurality of node keys located along at least one path within the hierarchical tree structure, the at least portion of the plurality of node keys being stored in the enabling key block (EKB) and being encrypted such that each one of the at least portion of the plurality of node keys is encrypted using at least another one of the at least portion of the plurality node keys that is located at a lower level along the at least one path than the one of the at least portion of the plurality of node keys or using one of the one or more leaf keys;
  
  acquiring a second decryption key (Kcon) by decrypting encrypted key data using the selected one of the at least a portion of the plurality of node keys;
  
  producing a first decryption key (Kst) by encrypting a value uniquely assigned to the information playback apparatus using the second decryption key (Kcon); and
  
  decrypting encrypted data Enc(Kst, DATA) stored in the storage medium using the first decryption key (Kst) to obtain the content data.

30. A processor having a program for carrying out, in an information playback apparatus, a method of playing back data stored in a storage medium, said method comprising:
- storing a device node key (DNK) set that includes one or more leaf keys and a plurality of node keys, the one or more leaf keys being associated with one or more leaves such that a unique one of the one or more leaf keys is associated with a particular one of the one or more leaves, the plurality of node keys being associated with a plurality of nodes such that a respective one of the plurality of node keys is associated with a specific one of the plurality of nodes, the plurality of nodes and the one or more leaves being arranged according to a hierarchical tree structure having a plurality of levels, the one or more leaves being further associated with one or more information recording apparatuses such that a given one of the one or more leaves is associated with an individual one of the one or more information recording apparatuses;
  
  acquiring, by decrypting an enabling key block (EKB) stored in the storage medium using the device node key (DNK) set, a selected one of at least a portion of the plurality of node keys located along at least one path within the hierarchical tree structure, the at least portion of the plurality of node keys being stored in the enabling key block (EKB) and being encrypted such that each one of the at least portion of the plurality of node keys is encrypted using at least another one of the at least portion of the plurality node keys that is located at a lower level along the at least one path than the one of the at least portion of the plurality of node keys or using one of the one or more leaf keys;
  
  acquiring second decryption key (Kcon) by decrypting encrypted key data using the selected one of the at least a portion of the plurality of node keys;
  
  producing a first decryption key (Kst) by encrypting a value uniquely assigned to the information playback apparatus using the second decryption key (Kcon); and
  
  decrypting encrypted data Enc(Kst, DATA) stored in the storage medium using the first decryption key (Kst) to obtain the content data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sony Corporation (Sony Group Corp.)
Original Assignee
Sony Corporation (Sony Group Corp.)
Inventors
Okaue, Takumi
Primary Examiner(s)
Moise; Emmanuel L.
Assistant Examiner(s)
Gergiso; Techane J.

Application Number

US10/311,488
Publication Number

US 20040019795A1
Time in Patent Office

2,197 Days
Field of Search

380/281, 380/277, 713/157, 713/177
US Class Current

380/281
CPC Class Codes

G06F 21/107   License processing; Key pro...

G06F 21/1076   Revocation

G06F 2221/2107   File encryption

G11B 20/00086   Circuits for prevention of ...

G11B 20/00188   involving measures which re...

G11B 20/00195   using a device identifier a...

G11B 20/0021   involving encryption or dec...

G11B 20/00536   wherein encrypted content d...

G11B 20/00557   wherein further management ...

G11B 2020/10546   specifically adapted for au...

G11B 2220/60   Solid state media

H04L 2209/60   Digital content management,...

H04L 2463/101   applying security measures ...

H04L 63/0428   wherein the data content is...

H04L 63/104   Grouping of entities

H04L 9/0822   using key encryption key

H04L 9/0836   using tree structure or hie...

H04L 9/0891   Revocation or update of sec...

Y04S 40/20   Information technology spec...

Method and apparatus for recording/playing back information

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for recording/playing back information

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links