Data distribution system and recording device for use therein

US 7,945,517 B2
Filed: 12/05/2000
Issued: 05/17/2011
Est. Priority Date: 12/06/1999
Status: Expired due to Fees

First Claim

Patent Images

1. A recording device, comprising:

an interface unit for externally communicating data;

a storage unit for storing therein data storage and access restriction information received through said interface unit, said access restriction information being used to control outputting said data storage from said recording device;

an authentication data hold unit holding a first public encryption key determined to correspond to said recording device and encrypted in a state decryptable with an authentication key, for external output via said interface unit when said data storage and said access restriction information are received;

a first key hold unit holding a first private decryption key provided to decrypt data encrypted with said first public encryption key;

a first decryption unit receiving externally via said interface unit a first symmetric key encrypted with said first public encryption key, and decrypting said first symmetric key;

a second key hold unit holding a second public encryption key different for each said recording device;

a session key generation unit producing a second symmetric key updated whenever said data storage is communicated;

a first encryption unit encrypting said second symmetric key and said second public encryption key with said first symmetric key for output externally via said interface unit;

a second decryption unit receiving said data storage and access restriction information input via said interface unit, for decryption with said second symmetric key, said data storage and access restriction information being encrypted with said second symmetric key and said second public encryption key;

a third key hold unit holding a second private decryption key provided to decrypt data encrypted with said second public encryption key;

a third decryption unit using said second private decryption key to decrypt said data storage and access restriction information encrypted;

a control unit operative, when an external instruction is issued to output said data storage recorded in said storage unit, to refer to said access restriction information in said storage unit to determine whether reproduction information for said data storage may be output, whereinsaid storage unit records therein said data storage in one of a state encrypted with said second public encryption key and a state decrypted by said third decryption unit, andwhen said control unit determines that said data storage may be output said data storage is output and thereafter as required said control unit changes said access restriction information recorded in said storage unit.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A memory card (110) stores access restriction information (AC1) to a license information hold unit (1440) arranged in a TRM area. Access restriction information (AC1) has information for example of a frequency of reproduction allowed and a number of licenses owned. A controller (1420) in reproducing and transferring content initially confirms access restriction information (AC1) and thereafter effects reproduction and transfer and after the reproduction and transfer are effected updates access restriction information (AC1), as required, for storage in a license information hold unit (1440).

Citations

10 Claims

1. A recording device, comprising:
- an interface unit for externally communicating data;
  
  a storage unit for storing therein data storage and access restriction information received through said interface unit, said access restriction information being used to control outputting said data storage from said recording device;
  
  an authentication data hold unit holding a first public encryption key determined to correspond to said recording device and encrypted in a state decryptable with an authentication key, for external output via said interface unit when said data storage and said access restriction information are received;
  
  a first key hold unit holding a first private decryption key provided to decrypt data encrypted with said first public encryption key;
  
  a first decryption unit receiving externally via said interface unit a first symmetric key encrypted with said first public encryption key, and decrypting said first symmetric key;
  
  a second key hold unit holding a second public encryption key different for each said recording device;
  
  a session key generation unit producing a second symmetric key updated whenever said data storage is communicated;
  
  a first encryption unit encrypting said second symmetric key and said second public encryption key with said first symmetric key for output externally via said interface unit;
  
  a second decryption unit receiving said data storage and access restriction information input via said interface unit, for decryption with said second symmetric key, said data storage and access restriction information being encrypted with said second symmetric key and said second public encryption key;
  
  a third key hold unit holding a second private decryption key provided to decrypt data encrypted with said second public encryption key;
  
  a third decryption unit using said second private decryption key to decrypt said data storage and access restriction information encrypted;
  
  a control unit operative, when an external instruction is issued to output said data storage recorded in said storage unit, to refer to said access restriction information in said storage unit to determine whether reproduction information for said data storage may be output, whereinsaid storage unit records therein said data storage in one of a state encrypted with said second public encryption key and a state decrypted by said third decryption unit, andwhen said control unit determines that said data storage may be output said data storage is output and thereafter as required said control unit changes said access restriction information recorded in said storage unit.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The recording device of claim 1, wherein:
    - said access restriction information includes output frequency limit information limiting a frequency of outputting said data storage from said recording device to different equipment;
      
      said session key generation unit produces a third symmetric key in response to an external first instruction issued to output said data storage to another equipment;
      
      said recording device further includesan authentication unit receiving via said interface unit a third public encryption key predetermined to correspond to said another equipment and encrypted in a state decryptable with said authentication key, for decryption with said authentication key, anda second encryption unit operative in response to said first instruction to use said third public encryption key received from said authentication unit, to encrypt said third symmetric key for output to said another equipment, wherein;
      
      in response to said first instruction said interface unit receives and transmits to said second decryption unit a fourth symmetric key produced in said another equipment and encrypted with said third symmetric key and returned;
      
      in response to said first instruction said second decryption unit uses said third symmetric key received from said session key generation unit, to extract said fourth symmetric key encrypted with said third symmetric key;
      
      said storage unit is controlled by said control unit to output said data storage in response to said first instruction;
      
      in response to said first instruction said third decryption unit decrypts said data storage encrypted and output from said storage unit, to extract said data storage;
      
      in response to said first instruction said first encryption unit receives said data storage from one of said third decryption unit and said storage unit for encryption with said fourth symmetric key extracted by said second decryption unit, for output via said interface unit to said another equipment; and
      
      in response to said first instruction said control unit controls an operation of each component internal to said recording device and said control unit refers to said access restriction information to determine whether said data storage may be output and said control unit refers to said output frequency limit information in said storage unit to determine whether said data storage may be output and when said control unit so determines said data storage is output and thereafter as required said control unit changes said output frequency limit information recorded in said storage unit.
  - 3. The recording device of claim 1, wherein:
    - said access restriction information includes replication frequency limit information limiting a frequency of outputting said data storage from said recording device to another recording device;
      
      said session key generation unit produces said third symmetric key in response to an external second instruction issued to output said data storage from said recording device to another recording device;
      
      said recording device further comprises an authentication unit receiving through said interface unit and obtaining through decryption said first public encryption key decryptably encrypted with said authentication key and corresponding to said another recording device, and a second encryption unit responsive to said second instruction to use said first public encryption key corresponding to another recording device to encrypt said third symmetric key generated at said session key generation unit, for output to said another recording device;
      
      in response to said second instruction said interface unit receives a fourth symmetric key generated at said another recording device and encrypted with said third symmetric key and returned, and transmits said fourth symmetric key to said second decryption unit;
      
      in response to said second instruction said second decryption unit decrypts data encrypted with said third symmetric key corresponding to said recording device, and returned from said another recording device, to obtain said second symmetric key produced by said another recording device and said second public encryption key corresponding to said another recording device;
      
      said storage unit is controlled by said control unit to output said data storage in response to said second instruction;
      
      in response to said second instruction said third decryption unit decrypts said data storage output from said storage unit and encrypted, to extract said data storage;
      
      said recording device further has a third encryption unit operative, when said second instruction issued, to encrypt said data storage received from one of said third decryption unit and said storage unit, with said second public encryption key corresponding to said another recording device;
      
      in response to said second instruction said first encryption unit further encrypts an output of said third encryption unit with said second symmetric key produced by said another recording device, for output via said interface unit to said another recording device; and
      
      in response to external said second instruction said control unit controls an operation of each component of said recording device, and refers to said replication frequency limit information in said storage unit to determine whether said data storage may be output and when said control unit so determines said data storage is output and thereafter as required said control unit changes said replication frequency limit information stored in said storage unit.
  - 4. The recording device of claim 1, wherein:
    - said storage unit further records therein encrypted content data input externally via said interface unit; and
      
      said data storage includes a license key serving as a decryption key decrypting said encrypted content data to obtain plaintext content data.
  - 5. The recording device of claim 1, provided in a form of a memory card.
  - 6. The recording device of claim 1, wherein said storage unit is arranged in a security area inaccessible directly from outside.
  - 7. The recording device of claim 1, wherein:
    - said storage unit includes a first storage block arranged in a security area inaccessible directly from outside and a second storage block accessible directly from outside;
      
      said access restriction information is recorded in said first storage block; and
      
      said data storage is encrypted and recorded in said second storage block.
  - 8. The recording device of claim 1, wherein:
    - a storage unit includes a first storage block arranged in a security area inaccessible directly from outside and a second storage block accessible directly from outside; and
      
      said data storage and access restriction information are recorded in said first storage block.
  - 9. The recording device of claim 3, wherein:
    - in response to said second instruction said control unit outputs said access restriction information for another recording device together with said data storage;
      
      said control unit produces said reproduction limit information for said another recording device and also changes said replication limit information in said access restriction information in said storage unit to said replication limit information produced; and
      
      said third encryption unit encrypts said access restriction information changed, together with said data storage, for application to said first encryption unit.
  - 10. The recording device of claim 1, wherein:
    - said storage unit further has a third storage block storing therein encrypted data through said interface unit, said third storage block being accessible externally through said interface.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Fujitsu Limited, Sanyo Electric Company Limited (Panasonic Holdings Corporation), Renesas Electronics Corporation
Original Assignee
Fujitsu Limited, Sanyo Electric Company Limited (Panasonic Holdings Corporation), Renesas Electronics Corporation
Inventors
Anazawa, Takeaki, Hioki, Toshiaki, Hatakeyama, Takahisa, Takahashi, Masataka, Yoshioka, Makoto, Hori, Yoshihiro, Tonegawa, Tadaaki, Kanamori, Miwa, Hasebe, Takayuki
Primary Examiner(s)
Augustin; Evens J

Application Number

US10/148,178
Publication Number

US 20020191764A1
Time in Patent Office

3,815 Days
Field of Search

705/51, 705/57, 705/24, 707/9, 709/219
US Class Current

705/51
CPC Class Codes

G06F 21/109 by using specially-adapted ...

Data distribution system and recording device for use therein

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

10 Claims

Specification

Solutions

Use Cases

Quick Links

Data distribution system and recording device for use therein

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

10 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links