JP2003016287A - Data distribution system for promoting selling of newly sold contents data, server, data terminal equipment and data distribution promoting method to be used therefor - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a data distribution system for promoting selling of newly sold contents data, a server, data terminal equipment and a data distribution promoting method to be used therefor. SOLUTION: When copying enciphered contents data among portable telephone sets 100, 102, 104 and 106, which receive the enciphered contents data from a distribution server 10, each of portable telephone sets 100, 102, 104 and 106 adds personal information to the enciphered contents data and transmits the data to the destination of copy. The portable telephone set receiving the enciphered contents data, with which a number of times of copying reaches a prescribed number of times, extracts a plurality of personal information added to the enciphered contents data and transmits the extracted personal information to a managing server 20 as the route information of copy. When a new musical composition is sold, the distribution server 10 promotes selling of the new musical composition on the basis of the route information of copy held by the managing server 20.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a data distribution system that enables copyright protection for copied information, and a server, a data terminal device, and a server used therein.
The present invention relates to a data distribution promotion method.

[0002]

2. Description of the Related Art In recent years, with the advancement of information communication networks such as the Internet, it has become possible for each user to easily access network information using personal terminals such as mobile phones.

In such an information communication network, information is transmitted by digital signals. Therefore, for example, even when each individual user makes a copy of music or video data transmitted in the above-described information communication network, the data is copied with almost no deterioration in sound quality or image quality due to such a copy. It is possible.

Therefore, in the case where a creative product such as music data or image data having the copyright of the author is transmitted on such an information communication network, appropriate measures for copyright protection have not been taken. , There is a risk that the rights of the copyright holder will be seriously infringed.

On the other hand, giving the highest priority to the purpose of copyright protection,
If copyrighted material data cannot be distributed through the rapidly expanding digital information communication network, basically, copyright holders who can collect a certain copyright fee when copying copyrighted material data On the contrary, it is a disadvantage.

Considering a recording medium recording digital data as an example, instead of the distribution through the digital information communication network as described above, a CD (compact disc) on which music data which is usually sold is recorded. With regard to (4), in principle, music data can be freely copied from a CD to a magneto-optical disk (MD, etc.) as long as the copied music is not used for personal use. However, an individual user who performs digital recording or the like indirectly pays a certain amount of the price of the digital recording device itself or a medium such as an MD as a deposit to the copyright holder.

In addition, when music data, which is a digital signal, is copied from a CD to an MD, the music information is transferred from the recordable MD to another MD in view of the fact that the information is digital data with almost no copy deterioration. Due to copyright protection, copying as digital data is not possible due to the configuration of the device.

Under these circumstances, the distribution of music data and image data to the public through the digital information communication network is an act itself restricted by the public transmission right of the copyright holder. Sufficient measures need to be taken.

[0009] In this case, it is possible to prevent the content data once received of the content data such as music data and image data, which is a copyrighted work transmitted to the public through the information communication network, from being further copied without permission. Will be needed.

Therefore, the distribution server that holds the encrypted content data obtained by encrypting the content data distributes the encrypted content data via the terminal device to the memory card installed in the terminal device such as a mobile phone. A delivery system has been proposed. In this data distribution system, the public encryption key of the memory card that has been previously authenticated by the certificate authority and its certificate are sent to the distribution server when the encrypted content data is requested to be distributed, and the distribution server sends the authenticated certificate. After confirming the reception, the encrypted content data and the license key for decrypting the encrypted content data are transmitted to the memory card. Then, when distributing the encrypted content data and the license key, the distribution server and the memory card generate a different session key for each distribution, encrypt the public encryption key by the generated session key, Exchange keys between memory cards.

Finally, the distribution server transmits the license encrypted with the public encryption key of each memory card and further encrypted with the session key, and the encrypted content data to the memory card. Then, the memory card records the received license key and encrypted content data on the memory card.

When the encrypted content data recorded on the memory card is reproduced, the memory card is mounted on the mobile phone. In addition to the normal telephone function, the mobile phone also has a dedicated circuit for decrypting, reproducing, and outputting the encrypted content data from the memory card, to the outside.

As described above, the user of the mobile phone can receive the encrypted content data from the distribution server using the mobile phone and reproduce the encrypted content data.

[0014]

However, in the conventional data distribution system, the distribution server cannot transmit the content data to each mobile phone unless the distribution request for the content data from each user's mobile phone is received. When new content data is released, there is a problem that the sale of the released content data cannot be promoted.

Therefore, the present invention has been made to solve such a problem, and its object is to provide a data distribution system capable of promoting the sale of newly released content data, and a server and data used therein. It is to provide a terminal device and a data distribution promotion method.

[0016]

According to the present invention, a data distribution system distributes encrypted content data obtained by encrypting content data, and a license including a license key for decrypting the encrypted content data. A data distribution system that promotes the distribution of content data by transmitting a request for distribution of the content data via a communication network, and transmits encrypted content data and a license via the communication network using a public key encryption method. A distribution server and a distribution request for content data are sent to the distribution server via a communication network, encrypted content data and a license are received from the distribution server via the communication network using a public key encryption method, and the received encryption is performed. Multiple to record content data and license on the installed data recording device A data terminal device, replication of the encrypted content data recorded in the data recording device among the plurality of data terminal equipment is repeated, and, the replication of n (n
Is a natural number) times, the data terminal receives the encrypted content data that has been copied n times using n pieces of unique information unique to the n data terminal devices that have made copies as the path information of the copies. A management server which receives a plurality of route information each of which is composed of n pieces of unique information and which is received from the device via the communication network, and when the encrypted content data is copied, the encrypted content data is first copied. The data terminal device adds its own unique information to the encrypted content data and transmits it to the copy destination, and the data terminal device that copies the encrypted content data after the second time has the unique information of the copy source added. It adds its own unique information to the encrypted content data and sends it to the copy destination, and receives the encrypted content data that is the nth copy of the encrypted content data. The data terminal device transmits n pieces of unique information added to the received encrypted content data to the management server, and at the time of release of new content data, the distribution server has a plurality of route information stored in the management server. On the basis of the above, the data terminal device which transmits the notification indicating that the new content data has been released is specified, and the notification is transmitted to the specified data terminal device.

Therefore, according to the present invention, sales of new content data can be promoted by using the past duplication route of the content data.

Further, according to the present invention, the server includes encrypted content data obtained by encrypting the content data,
A server that distributes a license including a license key for decrypting encrypted content data to a plurality of data terminal devices to promote distribution of the content data, holds the encrypted content data and the license, and The duplication of the encrypted content data is repeated between the distribution server that transmits the encrypted content data and the license to the data terminal device that requested the distribution via the communication network by the public key encryption method, and the plurality of data terminal devices. And, every time the number of times of duplication reaches n (n is a natural number), the n-th duplication is performed by using the n unique information unique to the n data terminal devices that have performed duplication as the route information of the duplication. A plurality of encrypted content data received from a data terminal device via a communication network, each of which includes n unique information. The distribution server includes a management server that holds route information, and when the new content data is released, the distribution server indicates that the new content data has been released based on the plurality of route information held by the management server. The data terminal device that transmits the notification is specified, and the notification is transmitted to the specified data terminal device.

Therefore, according to the present invention, the distribution server can notify the user of the data terminal device, which copied the content data in the past, that new content data has been released, and can promote the sale of the content data.

[0020] Preferably, the distribution server further uses a plurality of route information stored in the management server as a duplication source data terminal device that first duplicates the content data previously created by the author of the released content data. Identify,
A notification indicating that new content data has been released is transmitted to the specified copy source data terminal device.

Therefore, according to the present invention, the content data created by the author who the user likes can be preferentially distributed to the user.

Preferably, the distribution server further receives the distribution request of the content data released from the data terminal device of the replication source, based on the n pieces of unique information included in the extracted route information, the replication source. N-1 data terminal devices that duplicated the encrypted content data subsequent to the data terminal device of No. 1 are specified, and the encrypted content data corresponding to the released content data and the specified n-1 are specified.
The n-1 unique information corresponding to the data terminal devices are transmitted to the duplication source data terminal device.

Therefore, according to the present invention, it is possible to notify many users that new content data has been released.

[0024] Preferably, the management server holds n pieces of unique information in association with the route numbers representing each of the plurality of route information.

Therefore, according to the present invention, desired route information can be easily extracted from a plurality of route information.

Preferably, the management server generates a new path number each time it receives n pieces of unique information, and holds the n pieces of unique information received corresponding to the generated path numbers.

Therefore, according to the present invention, n pieces of unique information newly received from the data terminal device can be managed as the route information in association with the route number.

Further, according to the present invention, the data terminal device acquires the encrypted content data obtained by encrypting the content data and the license including the license key for decrypting the encrypted content data, and acquires the data recording device. A data terminal device for recording the content data in order to promote the distribution of content data, and a key operation unit for inputting an instruction,
An interface for exchanging data with the data recording device, a transmission / reception unit for exchanging data with the outside, a storage unit for holding unique information, and a control unit are provided, and the control unit inputs through the key operation unit. In response to a request to copy the encrypted content data, the encrypted content data to be copied is acquired from the data recording device via the interface, the unique information is read from the storage unit, and the read unique information is acquired and encrypted. It is added to the content data and given to the transmission / reception unit, and the transmission / reception unit transmits the encrypted content data to which the unique information is added to the data terminal device of the copy destination.

Therefore, according to the present invention, the copy source can be easily specified from the unique information added to the encrypted content data to be copied.

Preferably, 2 of the encrypted content data
At the time of duplication after the first time, the control means responds to a duplication request of the encrypted content data input via the key operation unit,
The encrypted content data to which the first unique information of the copy source is added is acquired from the data recording device via the interface, the second unique information that is its own unique information is read from the storage means, and the read second Unique information is added to the acquired encrypted content data and given to the transmitting / receiving unit, and the transmitting / receiving unit transmits the encrypted content data added with the first and second unique information to the data terminal device of the copy destination.

Therefore, according to the present invention, the number of times of copying can be detected from the number of unique information added to the encrypted content data to be copied. Moreover, the copy path of the encrypted content data can be easily specified.

Preferably, when the encrypted content data that has been copied n times (n is a natural number) has been received, the control means extracts n pieces of unique information added to the received encrypted content data. The extracted n unique information is given to the transmission / reception unit, and the transmission / reception unit transmits the n unique information to the management server that manages the path for copying the encrypted content data.

Therefore, according to the present invention, a new copy path can be stored in the management server each time the encrypted content data is copied.

Preferably, the data terminal device further includes a display unit for giving visual information to the user, and controls when the notification of the release of new content data is received from the distribution server holding the encrypted content data and the license. The means provides the display unit with the notification received via the transmitting / receiving unit, and the display unit displays the notification.

Therefore, according to the present invention, the user can easily know that the content data has been newly released.

Preferably, the control means gives a transmission request of the new content data to the transmission / reception section in response to the purchase request of the new content data input from the key operation section, and the transmission / reception section transmits the distribution request to the distribution server. Send to.

Therefore, according to the present invention, sales of newly released content data can be promoted.

[0038] Preferably, when the control means receives the encrypted content data corresponding to the new content data and the unique information of the copy destination of the encrypted content data via the transmitting / receiving section, the control means specifies the unique information. The transmission / reception unit is controlled to transmit the encrypted content data received to the data terminal device, and the transmission / reception unit transmits the encrypted content data to the data terminal device specified by the unique information.

Therefore, according to the present invention, the distribution of newly released content data can be promoted.

Preferably, the copy destination is the data terminal device included in the path of the copy of the encrypted content data that has been previously performed.

Therefore, according to the present invention, distribution of newly released content data by copying can be promoted.

Further, according to the present invention, the data distribution promoting method includes a plurality of data terminal devices which include encrypted content data obtained by encrypting the content data and a license including a license key for decrypting the encrypted content data. Is a data distribution promotion method for promoting distribution of content data by distributing the encrypted content data repeatedly, and each time n copies (n is a natural number) are replicated, n copies are made. Specific to each data terminal device
The first step of receiving from the data terminal device that has received the encrypted content data that has been copied the nth time using the unique information of each piece as the path information of the copy, and the data for transmitting the notification notifying the release of new content data A second step of specifying the terminal device based on the route information, a third step of transmitting a notification to the specified data terminal device, and a request for distribution of new content data from the data terminal device that received the notification. Accordingly, the fourth step of transmitting the encrypted content data corresponding to the new content data and the unique information of the copy destination of the encrypted content data to the data terminal device is included.

Therefore, according to the present invention, sales of newly released content data can be promoted.

Preferably, in the second step, the route information of the duplication including the data terminal device previously duplicating the content data created by the author of the new content data in the route is extracted, and the extracted route information is set to the extracted route information. Based on the n pieces of unique information included, the duplication source data terminal device that first duplicated the encrypted content data is detected, and the detected duplication source data terminal device is notified that new content data has been released. The data terminal device that transmits the notification is identified.

Therefore, according to the present invention, it is possible to notify the data terminal device, which is highly likely to copy the content data, of the release of the new content data.

Preferably, the unique information of the copy destination transmitted in the fourth step is the unique information of the data terminal device that has copied the encrypted content data subsequently to the copy source data terminal device.

Therefore, according to the present invention, the distribution of new content data can be promoted by copying.

Preferably, the data distribution promoting method further comprises a fifth step of transmitting the encrypted content data corresponding to the new content data to the data terminal device specified by the unique information of the copy destination.

Therefore, according to the present invention, newly released content data can be distributed to many users.

[0050]

BEST MODE FOR CARRYING OUT THE INVENTION Embodiments of the present invention will be described in detail with reference to the drawings. In the drawings, the same or corresponding parts will be denoted by the same reference characters and description thereof will not be repeated.

FIG. 1 is a schematic diagram for conceptually explaining the overall configuration of the data distribution system according to the present invention.

In the following, digital music data is transmitted to a user's mobile phone 100, 102, 1 via a mobile phone network.
Memory cards 110 and 11 mounted on 04 and 106
The structure of the data distribution system for distributing data to 2, 114, and 116 will be described as an example, but as will be apparent from the following description, the present invention is not limited to such a case, and can be used as another copyrighted work. It can also be applied when distributing content data such as image data and moving image data.

Referring to FIG. 1, distribution carrier 30 relays a distribution request (distribution request) from the user, which is obtained through its mobile phone network, to distribution server 10. The distribution server 10 that manages copyrighted music data is
Whether or not the memory cards 110, 112, 114, 116 mounted on the mobile phones 100, 102, 104, 106 of mobile phone users who have accessed for data distribution have valid authentication data, that is, whether the memory cards are legitimate. This is a distribution carrier for performing the authentication process to determine whether the memory card is a specified memory card, encrypting music data (hereinafter also referred to as content data) to a valid memory card by a predetermined encryption method, and then distributing the data. The mobile telephone company, which is 30, is provided with a license including such encrypted content data and a license key for decrypting the encrypted content data as information necessary for reproducing the encrypted content data.

The distribution carrier 30 transmits the distribution request through its own mobile phone network to the mobile phones 100, 102,
Memory cards 110 and 11 mounted on 104 and 106
2, the encrypted content data and the license are distributed to the mobile phones 2, 114, 116 via the mobile phone network and the mobile phones 100, 102, 104, 106.

In FIG. 1, for example, removable mobile memory cards 110, 112, 11 are attached to mobile phone users 100, 102, 104, 106, respectively.
4, 116 are mounted. The memory cards 110, 112, 114, and 116 respectively receive the encrypted content data received by the mobile phones 100, 102, 104, and 106, decrypt the encryption performed in the distribution, and then receive the mobile phone 10.
0, 102, 104, 106 are provided to a music reproducing unit (not shown).

Further, for example, the mobile phone user can “play” and listen to such content data via the headphones 130 connected to the mobile phone 100. In FIG. 1, the mobile phone 10
Although the connection of the headphones to 2, 104 and 106 is omitted, the content data reproduced through the headphones can be heard also in the mobile phones 102, 104 and 106.

With such a configuration, first, unless the memory cards 110, 112, 114, and 116 are used, it is difficult to receive the content data from the distribution server 10 and reproduce the music. Become.

In addition, in the distribution carrier 30, for example, by counting the number of times each time one piece of content data is distributed, a copyright fee is generated each time the mobile phone user receives (downloads) the content data. If the distribution carrier 30 collects the fee together with the call charge of the mobile phone, the copyright holder can easily secure the copyright fee.

Further, in FIG. 1, the mobile phones 100, 10 are delivered from the delivery server 10 via the delivery carrier 30.
Copying of the encrypted content data distributed to the plurality of mobile phones 100, 102, 10
4 and 106, and when the number of duplications reaches a predetermined number, the management server 20 receives, via the delivery carrier 30, unique information unique to the mobile phone that has duplicated the encrypted content data. Then, the received unique information is held as the route information indicating the route of the duplication. In this case, the mobile phone 100 (or 102, 104, 106) that first copies the encrypted content data has the memory card 110 (or 112Z, 11) mounted therein.
4, 116), the encrypted content data recorded in (4, 116) is read, its unique information is added to the read encrypted content data, and the encrypted content data is transmitted to the copy destination mobile phone. Also, the mobile phone 100 (or 102, 104, 106) that duplicates the encrypted content data after the second time.
Is a memory card 110 (or 112) loaded with encrypted content data to which unique information of the copy source is added.
(Z, 114, 116), adds its own unique information to the read encrypted content data, and sends it to the copy destination mobile phone. Furthermore, the mobile phone 1 that has received the encrypted content data that has been copied a predetermined number of times
00 (or 102, 104, 106) transmits the unique information added to the received encrypted content data to the management server 20 via the mobile phone network.

When new content data is released, the distribution server 10 receives the route information from the management server 20 and promotes the sale of the new content data by the method described later based on the received route information. .

In the configuration as shown in FIG. 1, in order for the user side of the portable telephone to be able to reproduce the content data that is encrypted and distributed, the system firstly requires communication. Is a method for distributing the encryption key, and second is the method itself for encrypting the content data to be distributed, and third is the unauthorized copying of the content data thus distributed. This is a configuration for realizing protection of content data for prevention.

In the embodiment of the present invention, in particular, at the time of each session of distribution and reproduction, the function of authenticating and checking the moving destination of these content data is enhanced so that the non-authentication or the decryption key is broken. A configuration will be described in which the copyright protection of the content data is strengthened by preventing the output of the content data to the recording device and the data reproduction terminal (the data reproduction terminal capable of reproducing the content is also referred to as a mobile phone.

In the following description, the process of transmitting content data from the distribution server 10 to each mobile phone will be referred to as "distribution".

FIG. 2 is a diagram for explaining characteristics of data, information, etc. for communication used in the data distribution system shown in FIG.

First, the data distributed by the distribution server 10 will be described. Dc is content data such as music data. The content data Dc is encrypted so that it can be decrypted with the license key Kc. License key K
The encrypted content data {Dc} Kc that has been encrypted by c can be distributed from the distribution server 10 to the users of the mobile phones 100, 102, 104 and 106 in this format.

In the following, the notation {Y} X indicates that the data Y is encrypted so that it can be decrypted with the decryption key X.

Further, the distribution server 10 distributes, together with the encrypted content data, additional information Dc-inf as plaintext information relating to copyright or server access related to the content data. Further, as the license, the transaction key, which is a management code for specifying the distribution of the license key Kc, the license key from the distribution server 10, etc., is distributed server 10 and mobile phone 10.
0, 102, 104, 106 are exchanged.

Further, the license is a content I which is a code for identifying the content data Dc.
License purchase condition A including information such as D, the number of licenses determined by designation from the user side, and function limitation
Access control information ACm, which is information based on restrictions on access to a license in a recording device (memory card) and reproduction control information ACp, which is control information related to reproduction in a data reproduction terminal, are generated based on C.
And so on. Specifically, the access control information ACm is control information for outputting the license or license key from the memory card to the outside, and includes the number of reproducible times (the number of times the license key is output for reproduction) and the transfer of the license. -Restriction information about replication and security level of license. Reproduction control information ACp
Is information that restricts reproduction after the content reproduction circuit receives a license key for reproduction, and includes reproduction time limit, reproduction speed change restriction, reproduction range designation (partial license), and the like.

Hereinafter, the transaction ID and the content ID are collectively referred to as a license ID, and the license key Kc, the license ID, the access control information ACm, and the reproduction control information ACp are collectively referred to as a license.

Further, in the following, for simplification, the access control information ACm is the control information for limiting the number of times of reproduction.
255: no restriction), and a transfer / copy flag that restricts license transfer and copy (0: move copy prohibited, 1: move only, 2: move copy possible), and the reproduction control information ACp is reproducible. Only the reproduction time limit (UTCtime code) which is the control information defining the time limit is limited.

In the embodiment of the present invention, the prohibited class list C is set so that the distribution and the reproduction of the content data can be prohibited for each class of the recording device (memory card) and the mobile phone that reproduces the content data.
RL (Class Revocation List)
The operation of. In the following, the data in the prohibited class list may be represented by the symbol CRL as necessary.

The prohibited class list related information includes prohibited class list data CRL which lists classes of mobile phones and memory cards for which license distribution and reproduction are prohibited. All devices and programs that manage, store, and reproduce licenses related to protection of content data are subject to list.

The prohibited class list data CRL is managed in the distribution server 10 and also recorded and held in the memory card. Such a prohibited class list needs to be updated and the data updated at any time. However, basically, regarding the change of the data, the encrypted content data and / or the license such as the license key is distributed. , Judges the updated date and time of the prohibited class list received from the mobile phone and owns the prohibited class list C
When it is determined that the updated RL has not been updated compared with the updated date and time, the updated prohibited class list is delivered to the mobile phone. Further, regarding the change of the prohibited class list, a difference CRL, which is difference data reflecting only the changed points, is generated from the distribution server 10 side, and in response to this, the difference CRL is added to the prohibited class list CRL in the memory card. It is also possible. Further, it is assumed that the update date and time CRLdate is also recorded in the prohibited class list CRL managed in the memo card at the time of updating.

In this way, the prohibited class list CRL is
By holding and operating not only the distribution server but also the memory card that records and manages licenses, it is class-specific, that is, specific to the type of content playback circuit (mobile phone and playback terminal) when playing, moving or copying licenses, etc. The supply of the license key or license to the content reproduction circuit (mobile phone and reproduction terminal) whose decryption key has been broken is prohibited. Therefore, the mobile phone cannot reproduce the content data and the memory card cannot acquire the license, so that new content data cannot be received.

In this way, the prohibited class list CRL in the memory card is constructed so that the data is updated one after another during distribution. In addition, the prohibited class list C in the memory card
The RL management is independent of the upper level, and in the memory card, a high level tamper resistant module (Tamper Resistant Mo
record).

FIG. 3 is a diagram for explaining characteristics of data, information, etc. for communication used in the data distribution system shown in FIG.

The content reproduction circuit and the memory card are provided with unique public encryption keys KPpy and KPmw, respectively. The public encryption keys KPpy and KPmw are the secret decryption key Kpy unique to the content reproduction circuit and the secret decryption unique to the memory card. Each can be decrypted by the key Kmw. These public encryption key and secret decryption key have different values depending on the type of content reproduction device and memory card. These public encryption keys and secret decryption keys are collectively referred to as class keys, these public encryption keys are referred to as class public encryption keys, secret decryption keys are referred to as class secret decryption keys, and units sharing class keys are referred to as classes. Classes vary depending on the manufacturer, the type of product, the lot at the time of manufacturing, and so on.

In addition, a content reproduction circuit (mobile phone,
Cpy is provided as the class certificate of the playback terminal), and Cmw is provided as the class certificate of the memory card.
These class certificates have different information for each class of the content reproduction circuit and the memory card. Classes for which the tamper resistant module is broken or the encryption by the class key is broken, that is, the secret decryption key is leaked, are listed in the prohibited class list and are prohibited from license acquisition.

The class public encryption key and class certificate of these content reproduction circuits are the authentication data {KPpy /
In the format of / Cpy} KPa, the class public encryption key and class certificate of the memory card are the authentication data {KPmw //
It is recorded in the data reproducing circuit and the memory card at the time of shipment in the format of Cmw} KPa. As will be described in detail later, KPa is a public authentication key common to the entire distribution system.

Further, the memory cards 110, 112, 11
As a key to manage the data processing in 4,116,
Public encryption key K that is set for each memory card medium
Pmcx and a private decryption key Kmcx unique to each capable of decrypting the data encrypted with the public encryption key KPmcx exist. The individual public encryption key and private decryption key for each memory card are collectively referred to as an individual key, and the public encryption key KPmcx is the individual public encryption key and private decryption key Km.
cx is called an individual secret decryption key.

Each time content data is distributed and reproduced as an encryption key for maintaining confidentiality when data is exchanged between the memory card and between memory cards, the distribution server 10 and the mobile phones 100, 102, 104 and 10 are used.
6. The common keys Ks1 to Ks3 generated in the memory cards 110, 112, 114 and 116 are used.

Here, the common keys Ks1 to Ks3 are "sessions" which are communication units or access units between the distribution server, the content reproduction circuit or the memory card.
Each of these common keys Ks1 to Ks3 is also called a "session key" in the following.

These session keys Ks1 to Ks3
By having a unique value for each session,
It is managed by the distribution server, the content reproduction circuit, and the memory card. Specifically, the session key Ks
1 is generated by the distribution server for each distribution session. The session key Ks2 is generated by the memory card for each distribution session and reproduction session, and the session key Ks3 is generated for each reproduction session in the content reproduction circuit. In each session, these session keys are exchanged, the session key generated by another device is received, encryption is performed using this session key, and then the license key etc. is transmitted, so that the security level in the session is increased. Can be improved.

FIG. 4 is a schematic block diagram showing the configuration of distribution server 10 shown in FIG. The distribution server 10 has an information database 304 for holding distribution information such as data obtained by encrypting content data according to a predetermined method and a content ID, and charging according to the start of access to the content data for each user of the mobile phone. A billing database 302 for holding information, a CRL database 306 for managing the prohibited class list CRL, a menu database 307 for holding a menu of content data held in the information database 304, and content data for each license distribution. A distribution record database 308 that holds a log relating to distribution of transaction IDs that specify distribution of license keys and the like;
Information database 304, billing database 302, C
RL database 306, menu database 30
7 and data from the distribution record database 308 via the bus BS1 and performing a predetermined process, and between the distribution carrier 30 and the data processing unit 310 via the communication network. And a communication device 350 for giving and receiving.

The data processing unit 310 is controlled by the distribution control unit 315 for controlling the operation of the data processing unit 310 and the distribution control unit 315 according to the data on the bus BS1, and the session key Ks1 at the distribution session. And the authentication data {KPmw / for authentication that is sent from the memory card.
/ Cmw} KPa, an authentication key holding unit 313 that holds a public authentication key KPa for decoding, and authentication data {KPmw // Cm for authentication sent from the memory card.
w} KPa via the communication device 350 and the bus BS1, and a decryption processing unit 312 that performs decryption processing using the public authentication key KPa from the authentication key holding unit 313, and a session that generates a session key Ks1 for each distribution session. An encryption processing unit 31 for encrypting the session key Ks1 generated by the key generation unit 316 and the session key generation unit 316 using the class public encryption key KPmw obtained by the decryption processing unit 312 and outputting the encrypted key to the bus BS1.
8 and a decryption processing unit 320 that receives the data encrypted by the session key Ks1 and transmitted from the bus BS1 and performs the decryption process.

The data processing unit 310 further encrypts the license key Kc and the access control information ACm given from the distribution control unit 315 with the public encryption key KPmcx unique to each memory card obtained by the decryption processing unit 320. Of the encryption processing unit 326 and the output of the encryption processing unit 326 are further encrypted by the session key Ks2 provided from the decryption processing unit 320, and the bus B
And an encryption processing unit 328 for outputting to S1.

The operation of the distribution server 10 in the distribution session will be described later in detail using a flowchart.

FIG. 5 is a schematic block diagram for explaining the configuration of the management server 20 shown in FIG. When the encrypted content data is copied a predetermined number of times, the management server 20 holds the unique information unique to the mobile phone involved in the copying, that is, the personal information database 201 holding the personal information of the user of the mobile phone. A control unit 202 for controlling writing / reading of personal information to / from the personal information database 201;
The bus BS2 for exchanging data between the control unit 202 and the communication device 203, the mobile phones 100, 102,
104, 106 or a communication device 203 for transmitting / receiving data to / from the distribution server 10.

FIG. 6 shows the mobile phone 100 shown in FIG.
FIG. 3 is a schematic block diagram for explaining the configurations of 102, 104, and 106.

Mobile phones 100, 102, 104, 10
Reference numeral 6 denotes an antenna 1100 that receives a signal wirelessly transmitted by a mobile phone network, and a signal from the antenna 1100 that is received and converted into a baseband signal.
A transmission / reception unit 1102 that modulates data from 0, 102, 104 and 106 and applies it to antenna 1100, and a bus BS3 that exchanges data with each unit of mobile phones 100, 102, 104 and 106 are included.

Mobile phones 100, 102, 104, 10
6 is a mobile phone 100, 102, 104, 1
The voice data of 06 users is taken in and the voice data is AD
A microphone 1104 that outputs to the conversion unit 1106, an AD conversion unit 1106 that converts voice data from an analog signal into a digital signal, and a voice encoding unit 1108 that encodes the voice signal converted into the digital signal in a predetermined system. Including.

Mobile phones 100, 102, 104, 10
6 is a voice reproduction unit 1110 for decoding a voice signal received from another mobile phone, and a DA conversion unit 1112 for converting a voice signal from the voice reproduction unit 1110 from a digital signal to an analog signal and outputting voice data. And a speaker 1114 for outputting audio data to the outside.

Mobile phones 100, 102, 104, 10
6 further receives an external instruction from the mobile phones 100, 1
Operation panel 111 for giving to 02, 104, 106
6 and a display panel 1118 for giving information output from the controller 1120 or the like to the user as visual information.
And a memory 1119 for storing personal information, which will be described later, and mobile phones 100, 102, 104, via the bus BS3.
A controller 1120 for controlling the operation of 106.

Mobile phones 100, 102, 104, 10
6 is a removable memory card 110, 112, 114, 1 for storing content data (music data) from the distribution server 10 and for performing a decoding process.
16 and memory cards 110, 112, 114, 116
And a memory card interface 1200 for controlling the exchange of data with the bus BS3.

Mobile phones 100, 102, 104, 10
Further, reference numeral 6 denotes authentication data {KP which is encrypted so that its validity can be authenticated by decrypting the class public encryption key KPp1 and the class certificate Cp1 with the public authentication key KPa.
authentication data holding unit 1 holding p1 // Cp1} KPa
Including 500. Here, the class y of the mobile phone 100
, Y = 1.

Mobile phones 100, 102, 104, 10
6 further decrypts the data received from the bus BS3 with the Kp1 holding unit 1502 that holds the class-specific decryption key Kp1, using the Kp1 memory cards 110, 1
Decryption processing unit 1504 for obtaining the session key Ks2 generated by 12, 114, 116.

Mobile phones 100, 102, 104, 10
6 further includes memory cards 110, 112, 114,
In the reproduction session for reproducing the content data stored in the memory card 110, 112, 1
A session key generation unit 1508 that generates a session key Ks3 for encrypting data exchanged with the bus BS3 on the bus BS3 by a random number or the like.
And when receiving the license key Kc and the reproduction control information ACp from the memory cards 110, 112, 114 and 116 in the reproduction session of the encrypted content data,
An encryption processing unit 1506 that encrypts the session key Ks3 generated by the session key generation unit 1508 with the session key Ks2 obtained by the decryption processing unit 1504 and outputs the encrypted session key Ks3 to the bus BS3.

Mobile phones 100, 102, 104, 10
6 further receives the decryption processing unit 1510 that decrypts the data on the bus BS3 with the session key Ks3 and outputs the license key Kc and the reproduction control information ACp, and the encrypted content data {Dc} Kc from the bus BS3. , The license key Kc acquired from the decryption processing unit 1510
A decoding processing unit 1516 for decoding and outputting the content data, and a music reproducing unit 1518 for receiving the output of the decoding processing unit 1516 and reproducing the content data.
A DA converter 1519 for converting the output of the music reproducing unit 1518 from a digital signal to an analog signal, and a DA converter 1
A terminal 1530 for outputting the output of 519 to an external output device (not shown) such as headphones.

In FIG. 6, the area surrounded by a dotted line constitutes a content reproducing device 1550 which decrypts encrypted content data and reproduces music data.

Mobile phones 100, 102, 104, 10
The operation of each component of No. 6 in each session will be described later in detail using a flowchart.

FIG. 7 is a schematic block diagram for explaining the configuration of memory card 110 shown in FIG.

As described above, KPmw is used as the class public encryption key and the class secret decryption key of the memory card.
And Kmw are provided, and the class certificate Cmw of the memory card is provided. In the memory card 110, it is assumed that the natural number w = 3. A natural number x for identifying the memory card is represented by x = 4.

Therefore, the memory card 110 holds the authentication data holding unit 1400 holding the authentication data {KPm3 // Cm3} KPa and the individual secret decryption key Kmc4 which is a unique decryption key set for each memory card. Kmc holding unit 1402, Km holding unit 1421 holding the class secret decryption key Km3, and individual secret decryption key Kmc4
K that holds the public encryption key KPmc4 that can be decrypted by
And a Pmc holding unit 1416.

As described above, by providing an encryption key of a recording device called a memory card, management of distributed content data and an encrypted license key is executed in units of memory cards, as will be apparent from the following description. It becomes possible to do.

The memory card 110 further includes an interface 1424 for exchanging signals with the memory interface 1200 via the terminal 1426, and a bus BS4 for exchanging signals with the interface 1424.
The class secret decryption key Km3 is stored in the Km holding unit 142 from the data given to the bus BS4 from the interface 1424.
1, the decryption processing unit 1422 outputs the session key Ks1 generated in the distribution session by the distribution server 10 to the contact Pa, and the public authentication key KPa from the KPa holding unit 1414, and the data is provided to the bus BS4. The controller 1420 receives the decryption result and the obtained class certificate by executing the decryption process using the authentication key KPa.
With the decryption processing unit 1408 that outputs the obtained class public key to the encryption processing unit 1410 and the key that is selectively given by the changeover switch 1442, the changeover switch 144
And an encryption processing unit 1406 that encrypts the data selectively given by 6 and outputs the encrypted data to the bus BS4.

The memory card 110 further uses the session key Ks2 in each session of distribution and reproduction.
And a session key Ks2 output by the session key generation unit 1418.
Is encrypted with the class public encryption key KPpy or KPmw obtained by the decryption processing unit 1408, and the bus B is encrypted.
An encryption processing unit 1410 for sending to S4, a decryption processing unit 1412 for receiving the data encrypted by the session key Ks2 from the bus BS4 and decrypting it with the session key Ks2 obtained from the session key generation unit 1418,
In the reproduction session of the encrypted content data, the license key Kc and the reproduction control information ACp read from the memory 1415 are decrypted by the decryption processing unit 1412 and the individual public encryption key KPmcx (≠
4) and the encryption processing unit 1417 for encryption.

The memory card 110 further includes a bus BS.
4 is sequentially updated by the decryption processing unit 1404 for decrypting the individual public encryption key KPmc4 with the individual secret decryption key Kmc4 of the memory card 110 and the data CRL_dat for updating the version of the prohibited class list. The prohibited class list data CRL, the encrypted content data {Dc} Kc, and the license (K for reproducing the encrypted content data {Dc} Kc
c, ACp, ACm, license ID) and additional information D
Memory 1 for receiving and storing ata-inf, a reproduction list of encrypted content data, and a license management file for managing a license from bus BS4.
415 and. The memory 1415 is composed of, for example, a semiconductor memory. Also, the memory 1515 is a CR
It includes an L area 1415A, a license area 1415B, and a data area 1415C. CRL area 1415A
Is an area for recording the prohibited class list CRL. The license area 1415B is an area for recording a license. The data area 1415C is stored in the encrypted content data {Dc} Kc, the related information Dc-inf of the encrypted content data, the license management file that records information necessary for managing the license for each encrypted content, and the memory card. This is an area for recording a play list file that records basic information for accessing the recorded encrypted content data and the license. Then, the data area 1415C
Can be directly accessed from the outside. Details of the license management file and the playlist file will be described later.

The license area 1415B stores a license in a recording unit dedicated to the license called an entry for recording the license (license key Kc, reproduction control information ACp, access restriction information ACm, license ID). When the license is accessed, the license is stored or the entry for which the license is to be recorded is designated by the entry number.

The memory card 110 further includes a bus BS.
Data is exchanged with the outside via the bus BS.
4 includes a controller 1420 for receiving reproduction information and the like and controlling the operation of the memory card 110.

All the structures except the data area 1415C are formed in the tamper resistant module area.

The memory cards 112, 114 and 116 are
It has the same configuration as the memory card 110. In this case, in the memory cards 112, 114 and 116, the natural number w is set to a natural number other than 3, and the natural number x is set to a natural number other than 4.

The operation of each session in the data distribution system shown in FIG. 1 will be described below.

[Distribution 1] First, in the data distribution system shown in FIG. 1, from the distribution server 10 to the mobile phone 100.
The operation of distributing the encrypted content data and the license to the memory card 110 attached to the will be described. This operation is called "delivery".

FIGS. 8 to 11 show a memory card 110 mounted on the mobile phone 100, which occurs when the encrypted content data is purchased in the data distribution system shown in FIG.
5 is a first to a fourth flowchart for explaining a delivery operation (hereinafter, also referred to as a delivery session) to the.

Before the processing in FIG. 8, the mobile telephone 10
It is premised that the user of 0 has connected to the distribution server 10 and has acquired the content ID for the content desired to be purchased.

Referring to FIG. 8, the user of mobile phone 100 issues a distribution request by designating the content ID via operation panel 1116 (step S10).
0). Then, the purchase condition A for purchasing the license of the encrypted content data via the operation panel 1116
C is input (step S102). That is, the license key Kc for decrypting the selected encrypted content data
In order to purchase, the access control information ACm of the encrypted content data and the reproduction control information ACp are set, and the purchase condition AC is input.

When the purchase condition AC for the encrypted content data is input, the controller 1120 gives an instruction to output the authentication data to the memory card 110 via the bus BS3 and the memory card interface 1200 (step S104). Controller 1 of memory card 110
420 receives the authentication data output instruction via terminal 1426, interface 1424 and bus BS4.
Then, the controller 1420 receives the authentication data {KPm3 / from the authentication data holding unit 1400 via the bus BS4.
/ Cm3} KPa is read and {KPm3 // Cm3} K
Pa is output via the bus BS4, the interface 1424 and the terminal 1426 (step S106).

Controller 1120 of mobile phone 100
Authentication data from the memory card 110 {KPm3 /
In addition to / Cm3} KPa, the content ID, the license purchase condition data AC, and the distribution request are transmitted to the distribution server 10 (step S108).

In the distribution server 10, the distribution request, the content ID, the authentication data {KP from the mobile phone 100 are sent.
m3 // Cm3} KPa and the license purchase condition data AC are received (step S110), and the decryption processing unit 312 decrypts the authentication data output from the memory card 110 with the public authentication key KPa (step S112). ).

The distribution control unit 315 performs an authentication process for judging whether or not the authentication data encrypted by the legitimate institution to prove its validity is received from the decryption processing result in the decryption processing unit 312. Perform (step S114).
When it is determined that the authentication data is valid, the distribution control unit 315 approves and accepts the class public encryption key KPm3 and the class certificate Cm3. Then, the process proceeds to the next process (step S116). If the authentication data is not valid, the distribution session is ended without accepting the class public encryption key KPm3 and the class certificate Cm3 (step S198).

When the class public encryption key KPm3 and the class certificate Cm3 are accepted as a result of the authentication, the distribution control unit 31.
5 is the class certificate Cm3 of the memory card 110
The CRL database 306 is inquired whether or not is listed in the forbidden class list CRL, and if these class certificates are included in the forbidden class list, the distribution session is ended here (step S).
198).

On the other hand, when the class certificate of the memory card 110 is not included in the prohibited class list, the process proceeds to the next process (step S116).

If the result of the authentication is that the access is from a mobile phone equipped with a memory card having valid authentication data, and the class is out of the prohibited class list, the distribution control unit in the distribution server 10 315 is
A transaction ID, which is a management code for specifying distribution, is generated (step S118). The session key generation unit 316 also generates a session key Ks1 for distribution (step S120). The session key Ks1 is encrypted by the encryption processing unit 318 with the class public encryption key KPm3 corresponding to the memory card 110 obtained by the decryption processing unit 312 (step S122).

The transaction ID and the encrypted session key Ks1 are the transaction ID //
As {Ks1} Km3, the bus BS1 and the communication device 3
It is output to the outside via 50 (step S124).

Referring to FIG. 9, when mobile phone 100 receives transaction ID // {Ks1} Km3 (step S126), controller 1120 inputs transaction ID // {Ks1} Km3 into memory card 110. (Step S128). Then,
In the memory card 110, the decoding processing unit 1422 causes the holding unit 142 to decode the reception data given to the bus BS4 via the terminal 1426 and the interface 1424.
The session key Ks1 is decrypted by the decryption process using the class secret decryption key Km3 unique to the memory card 110 held in No. 1 and the session key Ks1 is accepted (step S130).

The controller 1420 is the distribution server 10
Upon confirming acceptance of the session key Ks1 generated in step 1, the session key generation unit 1418 is instructed to generate the session key Ks2 generated in the memory card 110 during the distribution operation. Then, the session key generation unit 1418 generates the session key Ks2 (step S132).

In the distribution session, the controller 1420 uses the memory 14 in the memory card 110.
The update date and time CRLdate is extracted from the prohibited class list CRL recorded in No. 15 and output to the changeover switch 1446 (step S134).

The encryption processing unit 1406 has the changeover switch 1
By the session key Ks1 provided from the decryption processing unit 1422 via the contact Pa of 442, the changeover switch 1
The session key Ks2, the individual public encryption key KPmc4, and the update date and time CRLdate of the prohibited class list, which are given by sequentially switching the contact points of 446, are encrypted as one data string, and {Ks2 // KPmc4 //
CRLdate} Ks1 is output to the bus BS4 (step S136).

Encrypted data output to the bus BS4 {K
s2 // KPmc4 // CRLdate} Ks1 is from the bus BS4 to the interface 1424 and the terminal 142.
6 is output to the mobile phone 100, and the mobile phone 1
00 to the distribution server 10 (step S13)
8).

The distribution server 10 uses the transaction ID.
// {Ks2 // KPmc4 // CRLdate} Ks
1 is received, the decryption processing unit 320 performs decryption processing using the session key Ks1, and the memory card 110
Session key Ks2 generated in, memory card 11
0 public encryption key KPmc4 and memory card 1
Update date and time CRL of the prohibited class list CRL in 10
The date is accepted (step S142).

The distribution control unit 315 generates the access control information ACm and the reproduction control information ACp according to the content ID and the license purchase condition data AC acquired in step S110 (step S144). Further, the license key Kc for decrypting the encrypted content data is acquired from the information database 304 (step S146).

The delivery control unit 315 generates the generated license, that is, the transaction ID and the content I.
The D, the license key Kc, the reproduction control information ACp, and the access control information ACm are given to the encryption processing unit 326.
The encryption processing unit 326 obtains the public encryption key KPmc4 unique to the memory card 110 obtained by the decryption processing unit 320.
The license is encrypted by and encrypted data {transaction ID // content ID // Kc // ACm
// ACp} Kmc4 is generated (step S14)
8).

Referring to FIG. 10, in distribution server 10, update date and time CRLdate of the prohibited class list transmitted from memory card 110 is CRL database 3
Prohibition class list C of distribution server 10 held in 06
It is determined whether the prohibited class list CRL held by the memory card 110 is the latest by comparing with the update date and time of the RL. When it is determined that the prohibited class list CRL held by the memory card 110 is the latest, step S15
Move to 2. If the prohibited class list CRL held by the memory card 110 is not the latest, step S1
The process moves to 60 (step S150).

When it is judged as the latest, the encryption processing unit 32
8 is the encrypted data output from the encryption processing unit 326 {transaction ID // content ID // Kc /
/ ACm // ACp} Kmc4 is encrypted by the session key Ks2 generated in the memory card 110, and encrypted data {{transaction ID // content ID // Kc // ACm // ACp} Kmc
4} Ks2 is output to the bus BS1. Then, the distribution control unit 315 determines that the encrypted data on the bus BS1 {{transaction ID // content ID // Kc // ACm /
/ ACp} Kmc4} Ks2 is transmitted to the mobile phone 100 via the communication device 350 (step S152).

Then, the controller 1120 of the mobile phone 100 sends the encrypted data {{transaction ID /
/ Content ID // Kc // ACm // ACp} Km
c4} Ks2 is received (step S154), and the bus BS
3 and the memory card interface 1200 to input to the memory card 110. The decryption processing unit 1412 of the memory card 110 displays the encrypted data {{transaction ID // content ID // Kc // ACm // A
Cp} Kmc4} Ks2 is received via the terminal 1426 and the interface 1424, decrypted by the session key Ks2 generated by the session key generation unit 1418, and {Transaction ID // content I
D // Kc // ACm // ACp} Kmc4 is accepted (step S158). Then, it transfers to step S172.

On the other hand, when the distribution server 10 determines that the prohibited class list CRL held by the memory card 110 is not the latest, the distribution control unit 315 determines that the bus BS1 is in use.
The latest prohibited class list CRL is acquired from the CRL database 306 via the
Is generated (step S160).

The encryption processing unit 328 is the encryption processing unit 32.
6 and the difference CRL of the prohibited class list supplied by the distribution control unit 315 via the bus BS1, the session key Ks generated in the memory card 110.
Encrypt by 2. Encrypted data output from the encryption processing unit 328 {difference CRL // {transaction ID // content ID // Kc // ACm // AC
p} Kmc4} Ks2 is connected to the bus BS1 and the communication device 3
It is transmitted to the mobile phone 100 via 50 (step S162).

The mobile telephone 100 sends the transmitted encrypted data {difference CRL // {transaction ID // content ID // Kc // ACm // ACp} Kmc4}.
Ks2 is received (step S164) and input to the memory card 110 via the bus BS3 and the memory card interface 1200 (step S166). In the memory card 110, the decoding processing unit 1412 decodes the reception data given to the bus BS4 via the terminal 1426 and the interface 1424. The decryption processing unit 1412 decrypts the reception data on the bus BS4 using the session key Ks2 provided from the session key generation unit 1418 and outputs the decrypted data to the bus BS4 (step S).
168).

At this stage, the encrypted license {transaction ID // content ID // Kc // ACm // ACp} Kmc4 that can be decrypted by the private decryption key Kmc4 held in the Kmc holding unit 1402 is stored in the bus BS4. ,
The difference CRL is output (step S168). The CRL area 1415A in the memory 1415 is updated based on the differential CRL by the differential CRL received according to the instruction from the controller 1420 (step S170).

Steps S152, S154, S156,
S158 is the prohibited class list C of the memory card 110.
This is a distribution operation of the license to the memory card 110 when the RL is the latest, and steps S160, S162, S1.
64, S166, S168, and S170 are distribution operations of the license to the memory card 110 when the prohibited class list CRL of the memory card 110 is not the latest. In this way, the prohibited class list CR of the memory card 110 that is requested to be delivered is updated based on the updated date and time CRLdate of the prohibited class list sent from the memory card 110.
Whether or not L is the latest is checked one by one, and when it is not the latest, the latest prohibited class list CRL is updated to the CRL database 30.
6, the differential CRL is distributed to the memory card 110, so that the distribution of the license to the memory card whose license has been broken can be prevented.

Step S158 or step S170
Then, according to an instruction from the controller 1420, the encrypted license {transaction ID // content ID /
/ Kc // ACm // ACp} Kmc4 is decrypted in the decryption processing unit 1404 with the individual secret decryption key Kmc4, and the license (license key Kc, transaction ID, content ID, access control information ACm and reproduction control information ACp) is obtained. Accepted (step S1)
72).

Referring to FIG. 11, controller 1120 of mobile phone 100 inputs the entry number for instructing the entry for storing the license accepted by memory card 110, to memory card 110 (step S).
174). Then, the controller 1420 of the memory card 110 causes the terminal 1426 and the interface 1 to operate.
The entry number is received via 424, and the license (license key Kc, transaction ID, content ID, access control information ACm, and playback control) acquired in step S172 is stored in the license area 1415B of the memory 1415 designated by the received entry number. The information ACp) is stored (step S17).
6).

Then, the controller 1120 of the mobile phone 100 transmits the transaction ID sent from the distribution server 10 and the distribution request for the encrypted content data to the distribution server 10 (step S178).

The distribution server 10 uses the transaction ID.
And the distribution request for the encrypted content data is received (step S180), and the encrypted content data {Dc} Kc and the additional information Dc− are read from the information database 304.
Inf is acquired and these data are output via the bus BS1 and the communication device 350 (step S18).
2).

The mobile phone 100 has {Dc} Kc // D
When the c-inf is received, the encrypted content data {D
c} Kc and additional information Dc-inf are accepted (step S184). Then, the controller 1120 of the mobile phone 100 receives the encrypted content data {Dc}.
Kc and the additional information Dc-inf are input to the memory card 110 via the bus BS3 and the memory card interface 1200 as one content file (step S186).

Then, the controller 1420 of the memory card 110 has the terminal 1426 and the interface 14
24 and the encrypted content data {Dc} Kc and the additional information Dc-inf via the bus BS4,
The received encrypted content data {Dc} Kc and additional information Dc-inf are stored in the memory 1 via the bus BS4.
It records in the data area 1415C of 415 (step S
187). Further, the controller 1420 has the encrypted entry data {Dc} Kc including the entry number of the license stored in the memory card 110, the plaintext transaction ID and the content ID, and the additional information Dc−.
A license management file for inf is generated, and a data area 1415C of the memory 1415 is generated via the bus BS4.
(Step S188). Further, the controller 1420, as the information of the content received in the content list file recorded in the memory 1415, the names of the recorded content file and the license management file, and the information about the encrypted content data extracted from the additional information Dc-inf. (Song name, artist name) and the like are added (step S190). Then, the controller 1120 of the mobile phone 100 transmits the transaction ID and the acceptance of delivery to the delivery server 10 (step S192).

The distribution server 10 uses the transaction ID.
// When the delivery acceptance is received (step S194), the billing data is stored in the billing database 302, the transaction ID is recorded in the delivery record database 308, and the delivery ending process is executed (step S1).
96) and the whole process is completed (step S198).

As described above, the memory card 110 mounted on the mobile phone 100 is a device that holds the proper authentication data, and at the same time, the public encryption key KPm3 that can be encrypted and transmitted together with the class certificate Cm3 is valid. After confirming that the class certificate Cm3 is not included in the prohibited class list, that is, the class certificate list in which the encryption by the public encryption key KPm3 is broken, only for the distribution request from the memory card. Content data can be distributed, and distribution to an unauthorized memory card and distribution using a decrypted class key can be prohibited.

The distribution operation of encrypted content data to the memory card 112 mounted on the mobile phone 102, the memory card 114 mounted on the mobile phone 104, and the memory card 116 mounted on the mobile phone 106 is also shown in FIGS. This is performed according to the flowchart shown in FIG.

[Reproduction] Next, with reference to FIGS. 12 and 13, the reproduction operation of the content data recorded in the memory card 110 in the mobile phone 100 will be described. Before the processing in FIG. 12, the mobile phone 10
The user of 0 is the data area 141 of the memory card 110.
Description will be made assuming that the content (music piece) to be reproduced is determined according to the reproduction list recorded in 5C, the content file is specified, and the license management file is acquired.

Referring to FIG. 12, when the reproduction operation is started, the user of mobile phone 100 operates operation panel 1116.
A reproduction instruction is input to the mobile phone 100 via (step S700). Then, controller 1
120 is an authentication data holding unit 150 via the bus BS3.
Authentication data {KPp1 // Cp1} KPa from 0, and authentication data {KPp1 // Cp1} K to the memory card 110 via the memory card interface 1200.
Pa is output (step S702).

Then, memory card 110 receives authentication data {KPp1 // Cp1} KPa (step S704). Then, the decryption processing unit 1408 of the memory card 110 receives the accepted authentication data {KPp1 // C
p1} KPa is decrypted by the public authentication key KPa held in the KPa holding unit 1414 (step S706),
The controller 1420 performs authentication processing based on the decryption processing result in the decryption processing unit 1408. That is, an authentication process is performed to determine whether the authentication data {KPp1 // Cp1} KPa is authentic authentication data (step S).
708). If it cannot be decrypted, the process moves to step S748, and the reproduction operation ends. When the authentication data can be decrypted, the controller 1420 acquires the acquired certificate Cm1.
Is included in the prohibited class list CRL read from the CRL area 1415A of the memory 1415 (step S710). In this case, the class certificate Cp1
Is assigned an identification number, and the controller 1420
Determines whether the identification number of the received class certificate Cp1 is present in the prohibited class list data. When it is determined that the class certificate Cp1 is included in the prohibited class list data, the process proceeds to step S748, and the reproducing operation ends.

When it is determined in step S710 that the class certificate Cp1 is not included in the prohibited class list data CRL, the session key generation unit 1418 of the memory card 110 generates the session key Ks2 for the reproduction session ( Step S712). And
The cryptographic processing unit 1410 has a session key generation unit 1418.
From the public key KPp1 decrypted by the decryption processing unit 1408. {K
s2} Kp1 is output to the bus BS4 (step S71).
4). Then, the controller 1420 outputs {Ks2} Kp1 to the memory card interface 1200 via the interface 1424 and the terminal 1426 (step S716). The controller 1120 of the mobile phone 100 has a memory card interface 1200.
{Ks2} Kp1 is acquired via. And Kp1
The holding unit 1502 decrypts the secret decryption key Kp1 with the decryption processing unit 15
Output to 04.

The decoding processing unit 1504 has the Kp1 holding unit 15
02, the private decryption key Kp1 paired with the public encryption key KPp1 is used to decrypt {Ks2} Kp1 and the session key Ks2 is output to the encryption processing unit 1506 (step S718). Then, the session key generation unit 1508 generates the session key Ks3 for the reproduction session and outputs the session key Ks3 to the encryption processing unit 1506 (step S720). The encryption processing unit 1506 encrypts the session key Ks3 from the session key generation unit 1508 with the session key Ks2 from the decryption processing unit 1504 and outputs {Ks3} Ks2, and the controller 1120 connects the bus BS3 and the memory card interface 1200. Through {Ks3}
Ks2 is output to the memory card 110 (step S7)
22).

Then, the decoding processing unit 1412 of the memory card 110 has the terminal 1426 and the interface 142.
4, and {Ks3} Ks2 is input via the bus BS4 (step S724).

Referring to FIG. 13, decoding processing section 1412
Decrypts {Ks3} Ks2 by the session key Ks2 generated by the session key generation unit 1418, and the session key K generated by the mobile phone 100.
Accept s3 (step S726).

Controller 1120 of mobile phone 100
Acquires the entry number in which the license is stored from the license management file of the reproduction request song acquired in advance from the memory card 110, and outputs the acquired entry number to the memory card 110 via the memory card interface 1200 (step S727).

In response to the entry of the entry number, controller 1420 confirms access restriction information ACm (step S728).

In step S728, the access restriction information ACm, which is the information regarding the restriction on the access to the memory, is confirmed. Specifically, the number of times of reproduction is confirmed. When the reproduction operation is ended and the number of reproduction times of the access restriction information is limited, the number of reproduction times of the access restriction information ACm is updated (decremented by 1) and then the process proceeds to the next step (step S730). On the other hand, when the reproduction is not restricted by the number of times of reproduction of the access restriction information ACm,
Step S730 is skipped and access restriction information A
The process proceeds to the next step (step S732) without updating the number of Cm reproductions.

When it is determined in step S728 that the reproduction is possible in the reproduction operation, the license key Kc and the reproduction control information ACp of the reproduction request music recorded in the license area 1415B of the memory 1415 are stored on the bus BS4. Is output to (step S73
2).

The obtained license key Kc and reproduction control information ACp are sent to the encryption processing unit 1406 via the contact Pf of the changeover switch 1446. Encryption processing unit 1406
Encrypts the license key Kc and the reproduction control information ACp received via the changeover switch 1446 with the session key Ks3 received from the decryption processing unit 1412 via the contact Pb of the changeover switch 1442, and the encrypted data {Kc
// ACp} Ks3 is output to the bus BS4 (step S734).

The encrypted data output to the bus BS4 is
The mobile phone 10 via the interface 1424, the terminal 1426, and the memory card interface 1200.
Sent to 0.

In the mobile phone 100, the decryption processing unit 1510 decrypts the encrypted data {Kc // ACp} Ks3 transmitted to the bus BS3 via the memory card interface 1200, and the license key K
c and the reproduction control information ACp are accepted (step S7).
36). The decryption processing unit 1510 transmits the license key Kc to the decryption processing unit 1516 and outputs the reproduction control information ACp to the bus BS3.

Controller 1120 accepts reproduction control information ACp via bus BS3 to confirm whether reproduction is possible (step S740).

In step S740, if the reproduction control information ACp determines that reproduction is not possible, the reproduction operation is ended.

When it is determined in step S740 that reproduction is possible, the controller 1120 requests the memory card 110 for the encrypted content data {Dc} Kc via the memory card interface 1200. Then, the controller 1420 of the memory card 110
Encrypted content data {Dc} K from memory 1415
c is acquired and output to the memory card interface 1200 via the bus BS4, the interface 1424, and the terminal 1426 (step S742).

Controller 1120 of mobile phone 100
Acquires the encrypted content data {Dc} Kc via the memory card interface 1200, and uses the bus BS3.
The encrypted content data {Dc} Kc is given to the decryption processing unit 1516 via.

Then, the decryption processing unit 1516 decrypts the encrypted content data {Dc} Kc with the license key Kc output from the decryption processing unit 1510 to obtain the content data Dc (step S744).

Then, the decrypted content data Dc
Is output to the music reproduction unit 1518, and the music reproduction unit 1518
Reproduces the content data, the DA converter 1519 converts the digital signal into an analog signal, and the terminal 1530
Output to. Then, the music data is output from the terminal 1530 to the headphones 130 via the external output device and reproduced (step S746). This ends the reproduction operation.

In the above description, the case where the encrypted content data recorded in the memory card 110 is reproduced by the mobile phone 100 has been described. However, the case where the encrypted content data recorded in the memory card 112 is reproduced by the mobile phone 102. , The encrypted content data recorded in the memory card 114, the mobile phone 104
The reproduction operation is performed according to the flow charts shown in FIGS. 12 and 13 also in the case of reproduction by the mobile phone 106 and in the case of reproducing the encrypted content data recorded in the memory card 116 by the mobile phone 106.

FIG. 14 shows the memory 1 of the memory card 110.
4 shows a license area 1415B and a data area 1415C in 415. Data area 1415
C has a playlist file 160, content files 1611 to 161n, and a license management file 16
21 to 162n are recorded. The content files 1611 to 161n record the received encrypted content data {Dc} Kc and the additional information Dc-inf as one file. The license management files 1621 to 162n are recorded corresponding to the content files 1611 to 161n, respectively.

When the memory card 110 receives the encrypted content data and the license from the distribution server 10, the memory card 110 records the encrypted content data and the license in the memory 1415. Then, the license is recorded in the area designated by the entry number of the license area 1415B of the memory 1415, and the playlist file 1 recorded in the data area 1415C of the memory 1415.
By reading the license management file 60, the entry number can be acquired, and the license corresponding to the acquired entry number can be read from the license area 1415B.

Also, the license management file 1622
Indicates that it is not actually recorded although it is shown by a dotted line. The content file 1612 exists but is not licensed and cannot be reproduced. This corresponds to, for example, a case where the mobile phone receives only the encrypted content data from another mobile phone.

Further, the content file 1613 is shown by a dotted line, but this means that, for example, the mobile phone receives the encrypted content data and the license from the distribution server 10, and only the received encrypted content data is transferred. This means that the license exists in the memory 1415 but the encrypted content data does not exist.

In the present invention, the memory cards 110, 112, 114, 116 mounted on the mobile phones 100, 102, 104, 106 from the distribution server 10 respectively.
The encrypted content data distributed to each other is copied (copied) between a plurality of mobile phones, and when the number of times of duplication reaches a predetermined number, route information indicating the route of the duplication is transmitted to the management server 20. It And the management server 20
Holds the received route information, and the distribution server 10 controls the management server 20 when new content data is released.
Promotes the sale of newly released content data based on the route information held by.

In this case, the mobile phone that repeats the duplication of the encrypted content data adds its own personal information to the encrypted content data and sends it to the copy destination. Then, the mobile phone that has received the encrypted content data that has been duplicated a predetermined number of times extracts a plurality of personal information added to the received encrypted content data, and indicates the duplication route of the extracted personal information. Management server 20 as route information
Send to.

For example, the mobile phone 100 shown in FIG.
It is assumed that the encrypted content data is copied between 102 and 104. Mobile phones 100, 102, 104
Adds the personal information of each mobile phone to the content data and transmits it to the copy destination as follows. That is, FIG.
5, the controller 1120 of the mobile phone 100, which is the source of copying the content data, reads the encrypted content data 1 to be copied from the attached memory card 110, and then reads the read encrypted content data 1
Is added to the personal information 2 of the mobile phone 100 held by itself and transmitted to the mobile phone 102. Mobile phone 102
Is encrypted content data 1 to which personal information 2 is added
Is received and the encrypted content data 1 to which the received personal information 2 is added is recorded in the mounted memory card 112. Then, the controller 1 of the mobile phone 102
When copying the encrypted content data 1 to which the personal information 2 is added, 120 reads the encrypted content data 1 to which the personal information 2 is added from the memory card 112,
The personal information 3 of the mobile phone 102 held by itself is further added to the encrypted content data 1 to which the personal information 2 is added and transmitted to the mobile phone 104.

Then, when the mobile phone 104 receives the encrypted content data 1 to which the personal information 2 and 3 are added, the mobile phone 104 records the received encrypted content data 1 in the mounted memory card 114. Mobile phone 104
When copying the encrypted content data 1 to which the personal information 2 and 3 are added, the controller 1120 reads out the encrypted content data 1 to which the personal information 2 and 3 are added from the memory card 114, and carries it Phone 1
The personal information 4 of 04 is further added and transmitted to the mobile phone of the copy destination.

As described above, in the present invention, when the duplication of the encrypted content data is repeated among a plurality of mobile phones, the personal information of the mobile phones involved in the duplication is sequentially transferred to the encrypted contents to be copied. It is added to the data and sent to the copy destination. Then, when the number of times of copying reaches a predetermined number, the mobile phone which receives the encrypted content data which has been copied a predetermined number of times extracts a plurality of personal information added to the received encrypted content data, The plurality of extracted personal information is transmitted to the management server 20.

For example, when the predetermined number of times is 3, FIG.
In the example shown in (2), the mobile phone that has received the encrypted content data 1 from the mobile phone 104 extracts the personal information 2 to 4 from the received encrypted content data, and sends the extracted personal information to the management server 20.

The management server 20 receives the personal information 2 to 4 and stores the received personal information 2 to 4 in the personal information database 201. In this case, referring to the order of the personal information 2 to 4, the order of copying the encrypted content data,
That is, the duplication route is known. That is, in the example shown in FIG. 15, it is found that the encrypted content data is copied in the order of the mobile phone 100 having the personal information 2, the mobile phone 102 having the personal information 3, and the mobile phone 104 having the personal information 4. To do.

With reference to FIG. 16, the data format in the case where the encrypted content data to which the personal information is added is transmitted between a plurality of mobile phones will be described. The data 40 transmitted at the time of copying the content data includes a content data header 50 and elements 51 to 5n. The content data header 50 includes management information for each of the elements 51-5n. Elements 51-
5n stores the encrypted content data to be copied, the index, and the personal information. For example, the element 51 stores the encrypted content data to be copied, and the element 53 stores the personal information. The element 53 in which personal information is stored is a personal information header 530.
And personal information 531 to 53n. The personal information head 530 stores the number of personal information. Personal information 531
Each of ~ 53n stores the content of personal information added to the encrypted content data each time it is copied. When the number of duplications increases and the personal information cannot be stored in one element, the personal information is stored in the elements other than the element 53.

The mobile phone which has received the encrypted content data which has been copied a predetermined number of times receives the received data 4
The personal information stored in the element 0 of 0 is extracted, and the extracted personal information is transmitted to the management server 20.

The configuration of personal information will be described with reference to FIG. Personal information 60 is name 61, phone number 6
2, email address 63, URL 64, card number 6
5, terminal number 66, hobby 67, age 68, sex 69, impression 70, and content ID 71. Name 61
Stores the name of the user of the mobile phone. Phone number 6
2 stores the telephone number of the mobile phone. The mail address 63 stores the mail address of the user of the mobile phone. The URL 64 stores access information to the home page of the user of the mobile phone. The card number 65 stores the number of the credit card held by the user of the mobile phone. The terminal number 66 stores the number given to the mobile phone. The hobby 67 stores the hobby of the user of the mobile phone. The age 68 stores the age of the user of the mobile phone. The sex 69 stores the sex of the user of the mobile phone. The impression 70 stores the impression when the user of the mobile phone reproduces and listens to the music data as the content data. The content ID 71 is the distribution server 1
The identification number of the content data downloaded from 0 is stored.

As described above, since the personal information 60 includes the telephone number of the mobile phone and the terminal number of the mobile phone held by each user, if the personal information held by the management server 20 is viewed, the encrypted content data is copied. The mobile phone involved in can be specified.

The table stored in the personal information database 201 of the management server 20 will be described with reference to FIG. The table 80 includes a content ID 81, a path number 82, and personal information numbers 83 to 85. The content ID 81 stores the content number of the content data to be copied. Route number 82 is 1
Stores the number that indicates the path of duplication of one content data. The personal information numbers 83 to 85 store numbers uniquely assigned to each personal information. Personal information number 83-8
Each number stored in 5 corresponds to each personal information and one body 1 having the configuration shown in FIG. That is, by reading each number stored in the personal information numbers 83 to 85, the contents of the personal information corresponding to the number can be viewed. Therefore, the personal information database 201 of the management server 20 stores the table 80 and the personal information 601 to 612 corresponding to the numbers stored in the personal information numbers 83 to 85 shown in FIG.

With reference to FIG. 19, personal information 601 to 61
2 corresponds to the personal information numbers 1 to 12 shown in FIG. 18, respectively. And if you specify personal information number 1,
The personal information 601 is read. When the personal information numbers 2 to 12 are designated, the personal information 602 to 612 are read out, respectively.

Referring to FIGS. 18 and 19, for example, the content data specified by the content ID “0012398348787” means that the content data is copied via the path specified by the path number 1.
The route identified by the route number 1 is the personal information 601 through the personal information numbers 1, 2, and 3.
It is three mobile phones corresponding to 603. in this case,
The three mobile phones are specified by specifying the mobile phone in which the content data is first copied by the phone number or the terminal number of the mobile phone included in the personal information 601 corresponding to the personal information number "1", and the personal information number "2". The mobile phone which duplicated the content data for the second time is specified by the telephone number or the terminal number of the mobile phone included in the personal information 602 corresponding to the personal information 602, and the mobile phone included in the personal information 603 corresponding to the personal information number “3”. The mobile phone that last copied the content data is specified by the phone number or the terminal number of. The paths for copying the content data specified by the other content IDs are similarly specified.

In FIG. 18, "001239834
The content data identified by the content ID "787" describes two duplication routes identified by the route number "1" and the route number "4". This is because one content data may be copied through one path and then copied through another path.

With reference to FIG. 20, the operation of each mobile phone when copying the encrypted content data will be described. When the operation starts, the mobile phone 100
(Or 102, 104, 106) controller 11
20 determines whether or not to start copying the encrypted content data (step S200). In this case, the controller 1120 determines that copying is started when a copy request is input via the operation panel 1116, and determines that copying is not started if the copy request is not input. The controller 1120 repeats step S200 until a copy request is input. When the copy request is input, the controller 1120 determines whether to add personal information to the encrypted content data to be copied (step S20).
2). When it is determined in step S202 that the personal information is not added, the process proceeds to step S210. In this way, whether or not to add the personal information is determined because the mobile phones 100, 102, 104, 10 are used even when copying the encrypted content data without adding the personal information.
This is because 6 can handle it. However, in the present invention, the personal information is added to the encrypted content data for copying, so that in step S202,
Usually, it is determined that the personal information is added.

Mobile phone 100 (or 102, 10)
4, 106) controller 1120 performs step S2.
02, the personal information of the mobile phone 100 (or 102, 104, 106) is read from the memory 1119 (step S20).
4) Then, the read personal information is organized into a format to be added to the content data (step S206). Then, the controller 1120 receives the memory card 110 via the bus BS3 and the memory card interface 1200.
(Or 112, 114, 116), the encrypted content data to be copied is read, and the read encrypted content data and personal information are stored in a predetermined element according to the data format shown in FIG. Personal information is added to (step S20)
8).

After that, the controller 1120 gives the encrypted content data to which the personal information is added to the transmission / reception unit 1102 via the bus BS3, and the transmission / reception unit 1102 so as to transmit the encrypted content data to which the personal information is added to the copy destination. The transmitter / receiver 1102 controls the antenna 11
The encrypted content data added with the personal information is transmitted to the copy destination via 00 (step S210). In the mobile phone 102 (or 104, 106) that has received the encrypted content data added with the personal information, the controller 1120 uses the received encrypted content data for the bus BS3 and the memory card interface 1200.
Through the memory card 112 (or 114,116)
To record. Then, the controller 1120 of the mobile phone 100 that is the copy source determines whether or not the copy of the encrypted content data is completed (step S212),
When the copying is not completed, step S210 is repeated. When it is determined that the copy is finished, the copy operation of the encrypted content data is finished.

As described above, in copying the encrypted content data, the copy source mobile phone adds the personal information to the encrypted content data.

Referring to FIG. 21, in the process of copying the encrypted content data, mobile phone 100 (or 10)
2, 104, 106) transmits personal information indicating a duplication route to the management server 20. When the operation starts, the mobile phone 100 (or 102, 104,
The controller 1120 of 106) determines whether the number of pieces of personal information added to the received encrypted content data is the number that can be transferred to the management server 20 (step S30).
0). When the number of pieces of personal information has not reached the transferable number, step S300 is repeated until the number of pieces of personal information reaches the transferable number.

When it is determined that the number of pieces of personal information has reached the transferable number, the controller 1120 extracts the personal information added to the received encrypted content data and the content ID of the encrypted content data (step). S
302). Specifically, the controller 1120 is shown in FIG.
The content ID stored in the element 50 of the data 40 shown in 6 and the personal information stored in the element 53 are extracted.

After that, the controller 1120 determines whether or not the extracted personal information is ready to be transferred to the management server 20 (step S304). If the transfer is not ready, step S304 is performed until the transfer is ready. Repeated. When the preparation for transferring the personal information to the management server 20 is completed, the controller 1120 gives the extracted personal information and the content ID to the transmission / reception unit 1102, and the management server 2
The transmission / reception unit 1102 is controlled to transmit to 0. Then, the transmission / reception unit 1102 transmits the personal information and the content ID to the management server 20 via the antenna 1100 (step S306). Then, the controller 112
0 is a management server 20 for personal information and content ID
It is determined whether or not the transfer has been completed (step S30
8) When the transfer is completed, a series of operations ends.

As described above, the mobile phone which has received the encrypted content data whose number of duplications has reached the predetermined number of times has the personal information added to the received encrypted content data,
Content I of the encrypted content data to be copied
D and the extracted personal information and content ID
And are transmitted to the management server 20. Therefore, the management server 20 receives the plurality of pieces of personal information indicating the duplication route and the content ID of the encrypted content data to be duplicated from the mobile phone every time the number of duplications reaches a predetermined number.

The operation when the management server 20 receives personal information from the mobile phone 100 (or 102, 104, 106) will be described with reference to FIG. When the operation starts, the control unit 202 of the management server 20 determines whether or not the personal information is received via the communication device 203 (step S400). Then, the control unit 202
When it is determined that the personal information is received, the received personal information is added to the table 80 (see FIG. 18) stored in the personal information database 201 (step S402). In this case, the control unit 202 generates a personal information number corresponding to each of the plurality of received personal information and a route number indicating a duplication route specified by the received plurality of personal information, and the generated personal information. Bus number B for information number and route number
Table 8 of personal information database 201 via S2
Write to 0.

Then, the control unit 202 sends the received plurality of personal information to the personal information database 2 via the bus BS2.
01 (step S404). After that, the control unit 202 determines whether the writing to the personal information database 201 is completed (step S406). When it is determined that the writing has not been completed, steps S402, S404, and S406 are repeated. When it is determined in step S406 that the writing has ended, the series of operations ends.

Referring to FIG. 23, the operation when new content data is released will be described. The distribution control unit 315 of the distribution server 10 transmits to the management server 20 via the bus BS1 and the communication device 350 a request to output copy path information regarding the previous song of the artist who has released the new song. In this case, the distribution control unit 315 requests the output of the copy path information and the content ID of the previous song.
Is transmitted to the management server 20.

The control unit 202 of the management server 20 receives the output request of the copy path information and the content ID via the communication device 203, and the table 80 stored in the personal information database 201 based on the received content ID. To search. Then, if the received content ID is included in the table 80, the control unit 202 stores the personal information number corresponding to the content ID and the personal information corresponding to the personal information number in the personal information database 20.
1 is read out, the read-out personal information is arranged in the order of duplication and is transmitted to the distribution server 10. Then, the distribution control unit 315 of the distribution server 10 receives the plurality of pieces of personal information as copy path information via the communication device 350 and the bus BS1 (step S500).

After that, the distribution control unit 315 extracts the top user of the copy route based on the acquired plurality of personal information, and transmits a notification indicating that the new song has been released to the mobile phone of the extracted top user. Yes (step S50
2). Then, the notification is downloaded for a certain period of time (step S504), and the notification is downloaded to the mobile phone via the telephone network (step S506). When the download of the notification is completed, the distribution control unit 315 of the distribution server 10 determines in step S500 the management server 20.
Based on the plurality of pieces of personal information acquired from the user, the user who has copied the encrypted content data subsequently to the first user is extracted, and the extracted user is set as the next copy destination user (step S508).

When the distribution control unit 315 receives the distribution request for the new song from the mobile phone that has transmitted the notification indicating that the new song has been released, it downloads the new song to the mobile phone according to the flowcharts shown in FIGS. (Step S510). Then, the distribution control unit 315 determines whether the download is completed (step S51).
2) When the download is completed, the next copy destination extracted in step S508 is transmitted to the mobile phone that has downloaded the new song (step S514). Then, a series of operations ends.

The mobile phone which has received the next copy destination duplicates the new song downloaded based on the received next copy destination. That is, if the mobile phone receives five next copy destinations, it copies the downloaded new song to the five mobile phones. The mobile phone which has received the copy of the new song records the received new song on the memory card in which it is installed, and purchases a license for decoding and reproducing the new song from the distribution server 10 according to the flowcharts shown in FIGS. Then, the user of the mobile phone receiving the new song can reproduce and listen to the new song.

In the above-mentioned example, an example in which the transmission of the next copy destination from the distribution server 10 to the mobile phone is transmitted to the mobile phone which has downloaded a new song each time the download is completed, is described. The mobile phone that downloaded the new song sends the copy route information to the mobile phone that downloaded the new song, and the mobile phone that downloaded the new song sends the downloaded new song and the copy route information to the mobile phone of the next user based on the copy route information. Alternatively, a new song may be transmitted between mobile phones.

As described above, according to the embodiment of the present invention, when a new song is released, the user of the mobile phone who presents the new song to the duplication path of the past encrypted content data and receives the new song, If you want to listen to the new song, you can access the distribution server 10 and purchase a license to decrypt and reproduce the encrypted content data of the new song. Therefore, it is possible to promote the sale of the released new song while protecting the copyright of the encrypted content data.

The embodiments disclosed this time are to be considered as illustrative in all points and not restrictive. The scope of the present invention is shown not by the above description of the embodiments but by the claims, and is intended to include meanings equivalent to the claims and all modifications within the scope.

[Brief description of drawings]

FIG. 1 is a schematic diagram conceptually explaining a data distribution system.

FIG. 2 is a diagram showing characteristics of data, information, etc. for communication in the data distribution system shown in FIG.

3 is a diagram showing characteristics of data, information, etc. for communication in the data distribution system shown in FIG.

4 is a schematic block diagram showing a configuration of a distribution server in the data distribution system shown in FIG.

5 is a schematic block diagram showing a configuration of a management server in the data distribution system shown in FIG.

6 is a schematic block diagram showing a configuration of a mobile phone in the data distribution system shown in FIG.

7 is a schematic block diagram showing a configuration of a memory card in the data distribution system shown in FIG.

8 is a first flowchart for explaining a content data distribution operation in the data distribution system shown in FIG. 1. FIG.

9 is a second flowchart for explaining a content data distribution operation in the data distribution system shown in FIG. 1. FIG.

FIG. 10 is a third flowchart for explaining a content data distribution operation in the data distribution system shown in FIG.

11 is a fourth flow chart for explaining a distribution operation of content data in the data distribution system shown in FIG.

FIG. 12 is a first flowchart for explaining a reproducing operation in the mobile phone.

FIG. 13 is a second flowchart for explaining a reproduction operation in the mobile phone.

FIG. 14 is a diagram showing a structure of a play list file in a memory card.

FIG. 15 is a diagram conceptually illustrating an operation of the mobile phone at the time of copying content data.

FIG. 16 is a data format when content data is copied.

FIG. 17 is a configuration diagram of personal information.

FIG. 18 is a diagram showing a table for managing personal information held by the management server shown in FIG. 1.

19 is a diagram showing personal information stored in the personal information database shown in FIG.

FIG. 20 is a flowchart for explaining an operation of the mobile phone when copying content data.

FIG. 21 is a flowchart for explaining the operation of transferring personal information to the management server.

FIG. 22 is a flowchart for explaining the operation of the management server when receiving personal information.

FIG. 23 is a flowchart for explaining the operation when a new song is released.

[Explanation of symbols]

1 content data, 2 to 4, 60, 531 to 53
n, 601-612 personal information, 10 distribution servers, 2
0 management server, 30 distribution carriers, 40 data,
50 content data header, 51 to 5n elements, 61 name, 62 telephone number, 63 mail address, 64 URL, 65 card number, 66 terminal number, 67 hobby, 68 age, 69 sex, 70 impression, 71 content ID, 80 table , 81 content ID, 82 route number, 83 to 85 personal information number, 100, 102, 104, 106 mobile phone, 1
10,112,114,116 memory card, 130
Headphones, 160 playlist file, 201
Personal information database, 202 control unit, 203, 3
50 communication device, 302 billing database, 304
Information database, 306 CRL database, 307
Menu database, 308 Distribution record database, 310 Data processing unit, 312, 320, 140
4,1408,1412,1422,1504,151
0,1516 Decryption processing unit, 313 Authentication key holding unit, 3
15 delivery control unit, 316 session key generation unit, 3
18, 326, 328, 1406, 1410, 141
7,1506 Cryptographic processing unit, 530 Personal information header,
1120, 1420 Controller, 1426, 153
0 terminal, 1100 antenna, 1102 transceiver unit,
1104 Microphone, 1106 AD Converter, 1108
Audio encoding unit, 1110 audio reproducing unit, 1112 DA
Converter, 1114 speaker, 1116 operation panel,
1118 display panel, 1119, 1415 memory,
1200 memory card interface, 1400, 1
500 authentication data holding unit, 1402 Kmc holding unit,
1414 KPa holding section, 1415A CRL area, 1
415B license area, 1415C data area,
1416 KPmc holding unit, 1418 session key generation unit, 1421 Km holding unit, 1424 interface, 1442, 1446 changeover switch, 1502
Kp1 holding unit, 1518 music reproducing unit, 1519 DA
Converter, 1621 to 162n license management file, 1611 to 161n content file, 155
0 Content playback device.

─────────────────────────────────────────────────── ─── Continuation of front page (51) Int.Cl. ⁷ Identification code FI theme code (reference) G06F 17/30 110 G06F 17/30 110F 120 120A G10K 15/02 G10K 15/02 H04L 9/08 H04N 7 / 173 610Z H04N 7/173 610 H04L 9/00 601B 601E F term (reference) 5B075 KK07 KK13 KK20 KK33 KK37 KK43 KK54 KK63 MM02 MM04 MM24 BCND07 ND14 ND20 ND20 ND20 AA16 EA01 EA04 EA19 NA02 PA02 PA07 PA14

Claims (17)

[Claims] 1. A data distribution system for distributing encrypted content data and a license including a license key for decrypting the encrypted content data to promote distribution of the content data. A distribution server that transmits the encrypted content data and the license via the communication network when the distribution request for the content data is received via the communication network; A distribution request for the content data is transmitted to the distribution server, the encrypted content data and the license are received from the distribution server via the communication network by the public key encryption method, and the received encrypted content data is received. And a plurality of licenses to be recorded on the installed data recording device. And over data terminal device, the plurality of the data recording device replication of the recorded encrypted content data between the data terminal equipment is repeated,
And every time the number of replications reaches n (n is a natural number),
The n number of unique information unique to the n number of duplicated data terminal devices is used as the route information of the duplicate, and the data terminal device receives the encrypted content data which has been duplicated the nth time via the communication network. And a management server that holds a plurality of route information each consisting of n pieces of unique information, the data terminal device performing the duplication of the encrypted content data first when the encrypted content data is duplicated. , A data terminal device that adds its own unique information to the encrypted content data and transmits the encrypted content data to a copy destination, and performs the copy of the encrypted content data from the second time onward is encrypted by adding the unique information of the copy source. The encrypted content data obtained by adding the unique information of its own to the content data and transmitting it to the copy destination, and performing the n-th copy of the encrypted content data The received data terminal device is
N pieces of unique information added to the received encrypted content data are transmitted to the management server, and at the time of release of new content data, the distribution server uses the plurality of route information stored in the management server. A data distribution system that specifies a data terminal device that sends a notification indicating that new content data has been released based on the data, and sends the notification to the specified data terminal device. 2. The encrypted content data obtained by encrypting the content data and a license including a license key for decrypting the encrypted content data are distributed to a plurality of data terminal devices to promote distribution of the content data. A server for storing the encrypted content data and the license, and transmitting the encrypted content data and the license to a data terminal device that has requested distribution of the content data via a communication network by a public key encryption method. When the copy of the encrypted content data is repeated between the distribution server for transmitting and the plurality of data terminal devices, and the copy reaches n (n is a natural number) times, n copies are made. Duplication is performed by using n pieces of unique information peculiar to each data terminal device as the path information of the duplication. A management server that receives a plurality of pieces of route information, each of which includes n pieces of unique information, from a data terminal device that has received the encrypted content data via the communication network. When content data is released, a data terminal device that transmits a notification indicating that new content data has been released is specified based on the plurality of route information held in the management server, and the specified data is specified. A server that sends the notification to the terminal device. 3. The distribution server further comprises a plurality of routes in which the management server holds a data terminal device of a duplication source that first duplicates the content data previously created by the author of the released content data. The server according to claim 2, wherein the server is identified from the information, and the notification is transmitted to the data terminal device of the identified duplication source. 4. When the distribution server further receives a distribution request for the released content data from the duplication source data terminal device, the distribution server is based on n unique information included in the extracted route information. , N-1 data terminal devices that copied the encrypted content data subsequently to the copy source data terminal device are specified, and the encrypted content data corresponding to the released content data and the specified The server according to claim 3, which transmits n-1 unique information corresponding to n-1 data terminal devices to the data terminal device of the duplication source. 5. The management server according to claim 2, wherein the management server holds the n pieces of unique information in association with a route number representing each of the plurality of route information. server. 6. The management server generates a new path number each time it receives n pieces of unique information, and holds the received n pieces of unique information in association with the generated path number. The server according to Item 5. 7. An encrypted content data obtained by encrypting the content data and a license including a license key for decrypting the encrypted content data are acquired and recorded in a data recording device to distribute the content data. A data terminal device to promote, a key operation unit for inputting an instruction, an interface for exchanging data with the data recording device, a transmission / reception unit for exchanging data with the outside, and holding unique information. A storage unit and a control unit are provided, wherein the control unit is a target of duplication from the data recording device via the interface in response to a duplication request of the encrypted content data input via the key operation unit. The encrypted content data is acquired, the unique information is read from the storage unit, and the read unique information is read as A data terminal device, which is added to the acquired encrypted content data and given to the transmission / reception unit, wherein the transmission / reception unit transmits the encrypted content data to which the unique information is added, to a copy destination data terminal device. 8. When the encrypted content data is copied for the second time or later, the control means, via the interface, in response to a copy request of the encrypted content data input via the key operation unit. The encrypted content data to which the first unique information of the copy source is added is acquired from the data recording device, the second unique information that is its own unique information is read from the storage means, and the read second unique information is read. Information is added to the acquired encrypted content data and given to the transmission / reception unit, and the transmission / reception unit transmits the encrypted content data to which the first and second unique information are added to a data terminal device of a copy destination. The data terminal device according to claim 7. 9. When the encrypted content data that has been copied n times (n is a natural number) has been received, the control means extracts n pieces of unique information added to the received encrypted content data. And the extracted n
9. The unique information is given to the transmission / reception unit, and the transmission / reception unit transmits the n unique information to a management server that manages a path for copying the encrypted content data. Data terminal equipment. 10. The control unit further comprises a display unit for giving visual information to a user, and when receiving a notification notifying the release of new content data from a distribution server holding the encrypted content data and the license, the control unit: The data terminal device according to claim 7, wherein the notification received via the transmission / reception unit is given to the display unit, and the display unit displays the notification. 11. The control means gives a distribution request for the new content data to the transmission / reception unit in response to a purchase request for the new content data input from the key operation unit, and the transmission / reception unit, The data terminal device according to claim 10, which transmits the distribution request to the distribution server. 12. The control means, when receiving the encrypted content data corresponding to the new content data and the unique information of the copy destination of the encrypted content data via the transmission / reception unit, The transmitting / receiving unit is controlled to transmit the received encrypted content data to the specified data terminal device, and the transmitting / receiving unit transmits the encrypted content data to the data terminal device specified by the unique information. ,
The data terminal device according to claim 11. 13. The data terminal device according to claim 12, wherein the duplication destination is a data terminal device included in a path of duplication of the encrypted content data performed previously. 14. The encrypted content data obtained by encrypting the content data and a license including a license key for decrypting the encrypted content data are distributed to a plurality of data terminal devices to promote distribution of the content data. A method for promoting data distribution, wherein each time the duplication of the encrypted content data is repeated and the duplication reaches n (n is a natural number) times, n unique to the n data terminal devices that have performed the duplication is performed. A first step of receiving, from the data terminal device that has received the encrypted content data that has been copied n times by using the unique information as the path information of the copy, and transmitting a notification notifying the release of the new content data. A second step of identifying a data terminal device to be performed based on the route information; A third step of transmitting a notification, encrypted content data corresponding to the new content data in response to a distribution request for the new content data from the data terminal device receiving the notification, and the encrypted content And a fourth step of transmitting the unique information of the data copy destination to the data terminal device. 15. In the second step, path information of duplication including a data terminal device previously duplicating the content data created by the author of the new content data is extracted, and the extracted path information is extracted. Of the copy source data terminal device that first copies the encrypted content data based on the n unique information included in the data terminal device, and identifies the detected copy source data terminal device as the data terminal device that transmits the notification. The method for promoting data distribution according to claim 14, wherein 16. The unique information of the copy destination transmitted in the fourth step is unique information of a data terminal device that has copied the encrypted content data subsequently to the data terminal device of the copy source. The data distribution promotion method according to claim 15. 17. The method according to claim 14, further comprising a fifth step of transmitting encrypted content data corresponding to the new content data to a data terminal device specified by the unique information of the copy destination. The method for promoting data distribution according to any one of items.