JP2004007494A - Recording medium, recording device, reading device, program, method - Google Patents

Abstract

[PROBLEMS] To provide a recording medium capable of setting a copy permission / prohibition setting in which a user can make a private copy while prohibiting an act of uploading a digital stream onto a network.
[Solution]
VOBUs constituting the digital stream of the MPEG2-PS format are encrypted with the content key Kc except for the RDI-Pack at the head. The content key Kc is an encryption key obtained by adding the title key Kt and CCI and converting the time-varying coefficient Dtkc using the addition result, and has a property that changes for each VOBU. Since the content key Kc is changed in small units of VOBU, the copyright holder of the digital stream is strongly protected. The CCI in the RDI-Pack indicates conditional copy free on condition that the same encryption as this encryption is performed.
[Selection diagram] FIG.

Description

[0001]
TECHNICAL FIELD OF THE INVENTION
The present invention relates to a recording medium such as a DVD, a recording device, a reading device, and a program, and particularly to an improvement in a case where a digital work is privately used in a home network.
[0002]
[Prior art]
In research and development of recording media and recording devices, how to integrate recording media and recording devices with a home network is a major issue. The home network is a private network constructed by connecting devices having a digital interface to each other with a digital cable such as IEEE1394. In a home network incorporating a STB (Set Top Box), a digital TV, a personal computer, and a recording device, digital data received by the personal computer or the STB is transferred on the home network and reproduced by a digital TV provided in a separate room in the home. be able to. In addition, recording can be performed on a DVD using a recording device provided in a separate room in the home. Since digital data can be shared between devices, convenience for the user is dramatically increased.
[0003]
When digital data is freely distributed in a home network, handling of video data and audio data protected by a copyright holder becomes a problem. Even if the digital work has copyrights such as distribution rights, duplication rights, and transmission rights, the act of privately copying and reproducing it on a home network is permitted. This is because the use of digital works on a home network is a private use and the copyright does not extend. A technique for recording digital video data on a DVD for private copying is described in Patent Document 1 below.
[0004]
[Patent Document 1]
Japanese Patent No. 3162044
[0005]
[Problems to be solved by the invention]
In private copying, however, there is a problem in how to protect the copyright of video data recorded on a recording medium and how to set whether to permit or prohibit copying. If there is no copyright protection, a copy obtained by a private copy on the home network may be uploaded to an Internet site without permission of the author and distributed to an unspecified number of people. However, as described in Patent Literature 1, the copy control information is set to “one-time only copy” and “copy prohibited (NoMore Copy)” to stop private copying in the home network. This would curb the right of private copying and buy back on the part of the user.
[0006]
Such a problem is particularly prominent when dealing with the work of a TV program where private copying is customarily made. If digital data obtained by encoding a TV program is distributed to an unspecified number of people without permission of the author, the author will be hit. The reason is that even if the rightful owner sells the packaged software recording the TV program, it cannot be sold. On the other hand, if copying in a good state is possible, but private copying of such digital data is prohibited, repulsion on the user side increases. Conventionally, there is no copy permission / prohibition setting for adjusting the demands of both parties, and the maker is forced to be in a difficult position by being pinched between the user and the copyright holder.
[0007]
SUMMARY OF THE INVENTION It is an object of the present invention to provide a recording medium, a recording device, a reading device, and a duplicating device capable of setting copy permission / prohibition such that a user can perform a private copy while prohibiting an act of uploading a digital stream onto a network. It is to provide.
[0008]
[Means for Solving the Problems]
The object is a recording medium on which a digital stream is recorded, wherein copy control information indicating whether or not the part is conditional copy free is associated with each part of the digital stream, The copy free is achieved by a recording medium characterized by being copy free on condition that a part of the digital stream is encrypted and written to a copy destination recording medium.
[0009]
Conditional copy free is copy free in which copying can be performed any number of times as long as the condition of “writing by encryption” is satisfied.
A concept that is easily confused with conditional copy-free is copy processing such as moving, migrating, and checking out. The difference between these copy processes and conditional copy free is as follows.
[0010]
Moving is a copying process that involves deleting the content of the copy source, and is used when moving content between a plurality of recording media. Conditional copy-free is clearly different from this move because it is not necessary to delete the copy source.
Migrate is a movement process on the premise that use condition information is generated in a copy destination recording medium. Like the transfer, the deletion of the copy source is not obligatory, and the generation of the use condition information is not obligatory, so that it is clearly different from this migrate.
[0011]
Check-out is a type of copy with a limited number of times, and the content is copied after the number of copies is decremented by one. The difference between copy, which is generally limited in number of times, and checkout, is that the number of copies can be incremented. The number of copies is incremented after performing a process of making the content recorded on the recording medium by copying unplayable (called “check-in”). Conditional copy-free is different from check-out because there are no restrictions on the number of copies. For these reasons, conditional copy-free is pure copy-free excluding restrictions such as the number of copies and deletion of the copy source, and is performed repeatedly as long as the condition of "writing with encryption" is satisfied. be able to.
[0012]
BEST MODE FOR CARRYING OUT THE INVENTION
Hereinafter, an embodiment of a recording medium according to the present invention will be described. Among the practicing actions, the use action of the recording medium according to the present invention will be described. A recording medium according to the present invention is a DVD on which a digital stream in an MPEG2-PS (Program Stream) format is recorded, and is provided for use by a user in a home network. FIG. 1 is a diagram showing a home network, which is a use environment of a recording medium according to the present invention.
[0013]
The home network is configured by connecting devices having an IEEE 1394 digital interface, such as the DVD recorder 100, STB 110, digital TV 120, and HD recorder 130, which are recording devices. Each device in this home network is operated by a user with a single remote controller 200. Each device in the home network can output an MPEG2-TS (Transport Stream) format digital stream received from a broadcasting station to another device via IEEE1394, and another device receives the digital stream from the broadcasting station. Digital streams can be input via IEEE 1394. Digital streams are freely copied in the closed world of home networks. The DVD is loaded in the DVD recorder 100 and receives data writing by the DVD recorder 100. By the data writing by the DVD recorder 100, the recording medium according to the present invention is produced. However, the act of taking out a DVD on which a digital stream of the MPEG2-PS format is recorded from a home network (arrow my1) and uploading it to an Internet site using an unauthorized personal computer (my2) is prohibited. The recording medium (DVD) according to the present invention fulfills a role of preventing a digital stream from flowing out of the home network while realizing free copying within the home network. The above is the mode of use of the recording medium according to the present invention.
[0014]
Next, the production operation of the recording medium according to the present invention will be described. The recording medium according to the present invention is produced by performing data writing shown in FIG. 2 on a DVD.
.
FIG. 2 is a diagram in which the configuration of a digital stream recorded on a DVD is detailed in a stepwise manner. In the figure, the digital stream to be recorded on the DVD is shown at the bottom, the fifth row. This digital stream is a digital stream of the MPEG2-PS format, and is called a VOB (Video Object) in the DVD-Video Recording standard. As shown in the figure, the VOB is obtained by multiplexing the video stream and the audio stream shown in the first row. The video stream located at the first level is an array of a plurality of picture data pj1, 2, 3,.... All of these picture data are displayed in one display period (also called a video frame) of the display. In an NTSC display, a video frame is about 33 msec (accurately, 1 / 29.97 sec), and in a PAL display, a video frame is 40 msec. These picture data have been subjected to compression coding based on the correlation between frames. Therefore, in the picture data constituting the video stream, a Bidirectionally Predictive (B) picture that has been subjected to inter-frame compression encoding using the correlation with the image to be reproduced in the past direction and the future direction, and reproduced in the past direction Predictive (P) picture that has been subjected to inter-frame compression coding using correlation with an image to be performed, intra-frame compression using spatial frequency characteristics within one frame of image without using correlation There is a type such as an encoded Intra (I) picture.
[0015]
The minimum unit that can be decoded in a video stream is called a GOP (Group Of Picture). A GOP is a set of picture data including at least one I picture and having a reproduction time of about 0.4 to 1.0 second. In FIG. 2, the video stream shown at the first level is divided into a plurality of GOPs at the second level. Since the compression coding method for picture data is a variable code length method, the data lengths of GOPs are different from each other. In recording on a DVD, a GOP row is divided into a plurality of GOPs regardless of the size of each GOP. The divided part obtained by the division is stored in the PES packet sequence shown in the third row. On the other hand, the audio stream located on the right side of the first stage is also divided into a plurality, and the divided portion obtained by the division is stored in the PES packet sequence shown in the third stage. A PES (Packetized Elementary Stream) packet is a packet that stores a divided part of a video stream and an audio stream as shown in the third row of FIG. 2, and when the video stream and a part of the audio stream are decoded. "DTS (Decode Time Stamp)" and "PTS (Presentation Time Stamp)" indicating when to display the decoding result of this part are added to the header.
[0016]
The PES packet sequence storing the GOP sequence is divided into a plurality of pieces, interleaved and multiplexed with the PES packets constituting the audio data (tj2), and as shown in the fourth and fifth rows, the AV pack sequence in the VOBU is Constitute. An RDI-Pack (RDI in the drawing) is added to the head of each VOBU.
FIG. 3 is a diagram illustrating a relationship between the PES packet and the AV pack. As shown in the second row of FIG. 3, the AV pack has a size of 2048 bytes and includes a pack header and a payload. The PES packet is stored in this payload. In the pack header, an SCR (System Clock Reference) indicating the time at which the present AV pack is input to a buffer in the device is set. The size of 2048 bytes of the AV pack matches the size of one sector on the DVD, and the AV pack is stored in each sector on the DVD at a one-to-one ratio.
[0017]
FIG. 4 is a diagram showing packs constituting a VOBU. The first row in FIG. 4 shows the overall configuration of the VOBU. As shown in the first row, an RDI (Realtime Data Information) -Pack is at the beginning of the VOBU, followed by an AV pack sequence.
The second row in FIG. 4 shows the internal configuration of the RDI-Pack and AV pack sequence. The RDI-Pack includes “CCI (Copy Control Information)” and “Manufacture Information”, and the AV pack sequence includes “PSC (PES Scrambling Control)” and “time-varying coefficient Dtkc” in the first pack. "Encrypted AV data".
[0018]
“CCI” is control information that defines whether copying is permitted in the VOBU.
“Manufacture Information” is information about the device that has written the VOBU on the DVD, and includes the code Dveri therein.
The above is the internal configuration of the RDI-Pack. Next, the internal configuration of the AV pack sequence will be described.
[0019]
The “AV pack sequence” includes a plurality of video packs and a plurality of audio packs, and includes a GOP and audio data. From the viewpoint of encryption, the AV pack sequence is divided into a plaintext occupying the top part and a ciphertext.
In the plain text, “PES Scrambling Control (PSC)” exists, and a time-varying coefficient Dtkc exists at the position of the 84th byte from the head. The encrypted data exists at a position offset from the time-varying coefficient Dtkc.
[0020]
“PES Scramble Control (PSC)” is set to “11” to indicate that audio data included in the VOBU should be encrypted, and to “00” to indicate that audio data should not be encrypted. It is a flag to indicate. The above is the schematic configuration of the VOBU according to the present embodiment.
“Time-varying coefficient Dtkc” is a coefficient having a time-varying factor. The term “time variation factor” means that a part of the digital stream included in the digital stream varies depending on where the digital stream is on the reproduction time axis. In the present embodiment, 8-byte data 84 bytes ahead of the AV pack sequence head is used as the time-varying coefficient Dtkc. In a normal AV pack sequence, a part of picture data generally exists 84 bytes from the beginning of the AV pack sequence. A part of this picture data is completely different from where the VOBU is on the VOB playback time axis, so it can be said that it is a time variation factor.
[0021]
The “encrypted AV data” is located at a predetermined offset from the time-varying coefficient Dtkc. In this AV pack sequence, the head is plain text, and at first glance, it seems that the GOP included in the AV pack sequence is reproduced. However, the size of this plain text is about 128 bytes, which is only a little in view of the size of the GOP. Therefore, even if the head is plain text, the VOBU is not normally decoded. Therefore, a VOBU including encrypted data is not normally reproduced unless it is decrypted.
[0022]
Next, information indicating whether copying is permitted or not will be described in more detail. FIG. 5 is a diagram illustrating a configuration of the CCI according to the first embodiment. In the present embodiment, the CCI is composed of "CGMS (Copy Generation Management System)", "APSTB (Analog Protection System Trigger Bits)", and "EPN flag". In the current DVD-Video Recording standard, CCI includes CGMS and APSTB. The CCI in this embodiment is new in that an EPN flag is added.
[0023]
“CGMS” is information indicating that the VOBU is copy-free when set to “00”, and that the VOBU is “No More Copy” when set to “11”. “APSTB” is a 2-bit value indicating whether or not to protect the analog output when converting and outputting the VOBU. If APSTB is "01", it indicates that protection is performed by disturbing the AGC circuit of the VTR, and if "10", protection is performed by disturbing AGC and inverting the color stripe by two lines. Show. A value of "11" indicates that protection is performed by AGC disturbance and by inverting four lines of the color stripe. If APSTB is "00", it indicates that protection by analog output is not performed.
[0024]
The “EPN (Encrypted Plus Non-asserted) flag” is a flag used in combination with the CGMS. When the CGMS is set to “11”, the flag is set to “1” to enable the EPN Asserted copy-free. Indicates that there is. EPN Asserted Copy Free means so-called conditional copy free. The condition is that encryption is performed when writing the digital stream to the copy destination.
[0025]
The CCI setting of EPN Asserted Copy Free is born from the following requirements for the spread of home networks. Since a device constructing a home network according to IEEE 1394 is manufactured by a legitimate manufacturer, it can be said that it is almost impossible to make a copy that distributes a digital stream to an unspecified number of people. However, when a removable medium such as a DVD is selected as a copy destination of a digital stream instead of the HD built in the device, a DVD is taken out of the home network and loaded into an unauthorized personal computer. my1, my2). In such a case, if the digital stream is distributed to an unspecified large number, the interests of the author will be greatly impaired. Therefore, in the present embodiment, a new copy permission / prohibition setting of EPN Asserted Copy Free is introduced. In the EPN Asserted Copy Free, when writing a digital stream to a copy destination, a digital stream in the MPEG2-TS format is transferred to another device on condition that encryption is performed. As long as the conditions in EPN Asserted Copy Free are satisfied, grandchild copy and great-grandchild copy are permitted, and free private copy for generations is possible in the home network. As long as the conditional copy-free condition is satisfied, multiple generations of copies are allowed in the home network, thereby increasing the convenience for the user. Copy-free in EPN Asserted Copy-Free imposes a restriction on encryption on private copies, and can be said to be copy-free with encryption restriction.
[0026]
EPN Asserted Copy Free allows free copy if it is encrypted. However, strict identity between the encryption methods such as an encryption algorithm and a data structure is not required, and the encryption method of the copy source and the encryption method of the copy destination may be different. For example, if the copy destination is a recording medium different from a DVD and there is an encryption method unique to the copy destination medium, the condition is satisfied if the copy destination medium is encrypted.
[0027]
Also, as long as the condition of encryption is satisfied, the compression encoding method at the copy destination may be different from the compression encoding method at the copy source. For example, if the copy source recording medium is a DVD and the digital stream that is the object of the copy is in the MPEG2-PS format, the MPEG2-PS format is converted to the MPEG2-TS format if the condition of encryption is satisfied. Writing to the destination above is also allowed. Similarly, conversion into the MPEG1 and MPEG4 formats and writing are permitted. However, since the condition of encryption is an essential condition and the minimum condition, there is no copyright protection, and a digital stream cannot be written on a recording medium for which encryption is not required. Recording media without such obligation include Microdrive and CompactFlash (registered trademark).
[0028]
Conversely, recording media for which copyright protection exists and whose encryption is obligatory include SD memory cards and Blu-ray Discs in addition to DVDs. An exception to EPN Asserted Copy Free is that writing is performed not on a removable medium such as a DVD but on a recording medium (built-in HD) built in the device. This HD does not necessarily require encryption. This is because it is difficult to remove such a built-in recording medium from the device and carry it away.
[0029]
The above is the technical significance of the EPN Asserted Copy Free indicated by the EPN flag. Next, how to combine the CGMS and the EPN flag will be described with reference to FIG. FIG. 6 shows the possible values of the CGMS, PSC and EPN flags and the meaning of the CGMS, PSC and EPN flags. When the EPN flag is set to off “0”, copy permission is set by CGMS and PSC. If the CGMS is “00” and the PSC is “00”, it indicates unconditional copy free. If the CGMS is “11”, and the PSC is “11”, it indicates “No More Copy”.
[0030]
On the other hand, when the EPN flag is set to “1”, it indicates that CGMS is “11” and PSC is “11”, indicating that conditional copy is free. When the CCI indicates conditional copy free, the purpose of setting CGMS and PSC to “11 (No More Copy)” is as follows. That is, when a DVD on which this VOBU is recorded is inserted into a device that conforms to the current standard that cannot support the EPN flag, the intention is that the VOBU should not be copied unconditionally. The current standard-compliant device cannot interpret the intention of the EPN flag, and performs copy control using CGMS and PES Scrambling Control. Since the CGMS is set to “No More Copy” as described above, no VOBU is copied. When a DVD is loaded in a current device that does not support the EPN flag, copying is completely prohibited and the copy is handled more strictly, so that it is possible to prevent a flood of duplicates set to be conditional copy-free. This is the same when tampering is performed to remove the EPN flag from the CCI.
[0031]
Next, the encryption process of the encrypted AV data will be described. FIG. 7 is a diagram showing what kind of encryption process the encrypted AV data is generated. AV data is encrypted based on the CPRM (Copy Protection for Recordable Media) system, which is compatible with the current DVD-Video Recording standard. The first row in FIG. 7 shows the VOBU before encryption. In the first stage, the AV data is not encrypted. The third row shows the VOBU after encryption. The middle frame hw1 in the middle shows the process of encrypting the AV data. As shown in the frame hw1, the encrypted AV data is obtained by encrypting the original plural video packs and plural audio packs in the C2-ECBC mode using the content key Kc.
[0032]
The encryption in the C2_ECBC mode is to divide AV data in a VOBU into 64 bits or less, and to encrypt each divided portion. In encrypting each divided part, the content key Kc is used for encrypting the leading divided part. The encryption result is used for encrypting the next divided part. This C2_ECBC mode repeats the process of encrypting the next divided part using a certain encryption. A mode in which decoding is performed by following the reverse procedure is referred to as C2_DCBC mode. “C2” in C2_ECBC means an encryption method based on CPRM.
[0033]
A frame hw2 in the figure is a diagram showing a process of generating the content key Kc. The content key Kc is obtained by adding the APSTB in the RDI-Pack and the title key Kt unique to the recording medium and performing a C2_G conversion on the time-varying coefficient Dtkc using the addition result. Hw3 in the figure emphasizes that only the APSTB in the CCI is referenced.
In the process of generating the content key Kc, the C2-G conversion is a one-way function, and performs irreversible conversion on the linked data. The general encryption is a reversible conversion, whereas the C2-G conversion is an irreversible conversion. Therefore, it has a property that the input value cannot be specified from the output value. Since the time-varying coefficient Dtkc existing in the same VOBU is used as a parameter for generating the content key Kc, the content key Kc for the VOBU can be obtained even if the previous or next VOBU is deleted. Since the time-varying coefficient Dtkc has a time-varying factor, the content key Kc obtained therefrom has the property of changing for each VOBU.
[0034]
The problem in this encryption process is that the content key Kc is generated only from the APSTB instead of generating the content key Kc from the entire CCI.
The reason is as follows. There are only two copy permission / non-permission states in the conventional DVD, namely, copy prohibited after encryption and copy free without encryption. It means "encrypted and not equal copy prohibited", so if it is encrypted, the copyright holder's protection is sufficient, and if the alteration of rewriting APSTB is watched out, Was good. That is, since reproduction output is possible even when copy is prohibited, the reproduced and output analog video signal may be recorded on the VTR. Therefore, when APSTB is set so that analog video output is protected, a content key Kc is generated from APSTB, and encryption is performed using this content key Kc. As a result, dubbing of falsifying APSTB and recording an analog video signal on a VTR can be prevented.
[0035]
However, the present embodiment introduces a new state of “copy free on condition of encryption”. If a CGMS that is originally set to copy prohibition is falsified with conditional copy free, it can be decrypted freely as long as the APSTB matches, so it is copied freely. The same is true even if CCI including CGMS indicating copy prohibition is replaced with RDI-Pack including CCI indicating conditional copy free.
[0036]
Thus, the code Dveri is provided. The code Dveri exists in the Manufacture Information in the RDI-Pack shown in FIG. FIG. 8 shows how the code Dveri is generated. FIG. 8 illustrates the generation process of the code Dveri in the same notation as FIG. The first row in FIG. 8 shows the VOBU before encryption. The fourth row shows the VOBU after encryption. The second frame hw1 indicates the process of encrypting the AV data.
[0037]
The third stage between the encrypted VOBU and the process of encrypting the AV data shows the process of generating the code Dveri. As shown in the third row, the code Dveri is obtained by performing C2-G conversion of CCI using the content key Kc.
The process until the code Dveri is obtained is shown in a frame cw1 in FIG. As shown in the frame, the code Dveri is a process pc1 of storing the entire CCI in which the CGMS is set to “11” and the EPN flag is set to “1” in a register, and waiting for the generation of the content key Kc. , The process of converting the entire CCI stored in the register into C2-G pc2, the conversion result of the C2-G conversion is written back into the register (pc3), and the CPU writes it into the Manufacture Information of the RDI-Pack (pc4). It consists of obtaining the code Dveri.
[0038]
Since the code Dveri is generated in such a process, the following can be said.
Since the code Dveri is generated from the CCI and the content key Kc used for encrypting the AV data, the device corresponding to the EPN Asserted Copy Free generates the code Dveri according to the illustrated procedure, and generates the code Dveri. By collating with the code Dveri existing in the RDI-Pack, it is possible to detect whether the CCI has been tampered with or the RDI-Pack has been replaced. That is, it is assumed that the CCI has been falsified after the VOBU has been generated. Then, it is assumed that the user commands the EPN-compatible device to copy the VOBU. At this time, the EPN-compatible device generates the content key Kc through the same process as in FIG. 8, converts the CCI into a C2-G using the content key Kc, and compares the result with the code Dveri in the RDI-Pack. I do. Since the CGMS and EPN flags of the CCI have been rewritten, the result of the C2-G conversion by the EPN-compatible device is significantly different from the code Dveri in the RDI-Pack.
[0039]
If the result of the verification is significantly different, the EPN-capable device stops decoding. Thus, it is possible to prevent the replacement of the RDI-Pack and the falsification of the CCI in the EPN-compatible device while ensuring the compatibility with the current DVD-Video Recording standard-compatible device.
The provision of the code Dveri in the RDI-Pack has a deep causal relationship with the offset from the time-varying coefficient Dtkc to the AV data (see FIG. 4).
[0040]
FIG. 9 is a diagram showing the basis of the offset from the time-varying coefficient Dtkc to the AV data. The offset is determined based on the sum of the time required to obtain the content key Kc (C2_G) and the time required to obtain the code Dveri (C2_G). Since the processing timings of the generation of the content key Kc, the calculation of the code Dveri, and the encryption / decryption of the AV data are separated, these processings can be time-divided. By this time division, even with a single cryptographic operation circuit, a series of processes such as generation of the content key Kc, calculation of the code Dveri, and encryption / decryption of AV data can be realized without lowering the processing efficiency. can do. It is desirable that the value of the offset from the time-varying coefficient Dtkc to the encrypted data be at least the minimum unit of the encrypted block. In the case of the DES system or the C2 system, since the encryption block has 8 bytes, the above-described offset is preferably set to 8 bytes or more. The above is the form of the production operation of the recording medium according to the present embodiment. The procedure for obtaining the unit-specific encryption key (content key Kc) from the time-varying coefficient (time-varying coefficient Dtkc), medium unique key (title key Kt), and CCI is merely an example. An operation other than such an operation may be applied, or a conversion other than the C2-G conversion may be applied.
[0041]
Next, an embodiment of a recording apparatus according to the present invention will be described. The usage is the same as that of the recording medium, and is used by the user on the home network. FIG. 10 is a diagram illustrating a form in which a recording device is used in a home network.
As shown in FIG. 10, the DVD recorder 100 receives the digital stream of the MPEG2-TS format transmitted from the STB 110 as shown by the arrow gy1, converts the digital stream into the MPEG2-PS format, and writes the digital stream on the DVD. The digital stream written in the digital TV 120 can be read and reproduced by the digital TV 120. Alternatively, the digital stream in the MPEG2-PS format written on the DVD may be read, converted into the MPEG2-TS format, and recorded on the HD recorder 130.
[0042]
Upon transfer on the home network, the recording apparatus transfers the digital stream in the MPEG2-TS format to another device based on the DTCP (Digital Transmission Content Protection) standard protocol. The protocol based on the DTCP standard includes procedures such as mutual authentication between devices and encryption / decryption of TS packets. However, the details are not the main focus of the present application, and thus are omitted. Devices that transmit and receive TS packets according to the DTCP standard exclude connections with devices that do not comply with copyright protection at the stage of mutual authentication. Therefore, the digital stream is not transferred to the micro drive or the compact flash (registered trademark) drive device (see the mark x in the figure).
[0043]
Whether a digital stream can be written to a DVD or HD is specified in a DTCP_Descriptor in the DTCP standard and transmitted to another device. FIG. 11 is a diagram illustrating an example of the DTCP_Descriptor. DTCP_Descriptor indicates “retention move mode” indicating whether temporary storage or moving mode of the digital stream is defined, “retention state” indicating the period of temporary storage, and whether copying of the MPEG2-TS format digital stream is permitted. "Copy Control Information" (CCI) indicating whether or not the CCI indicates copy free, an "EPN flag" indicating whether the copy free is an EPN Asserted copy free, and a digital stream in MPEG2-TS format In the playback output of “Image Constraint Token” indicating that the resolution is restricted, the digital stream of the MPEG2-TS format is converted into an analog signal. When outputting, an “APS (Analog Protection System)” indicating whether or not protection is provided by analog output is included. The transmission of the DTCP_Descriptor is performed after the DTCP_Descriptor is stored in the TS packet. Among the DTCP_Descriptors, the CCI and EPN flags are compatible with the CCI and EPN flags in RDI-Pack. In such a home network, a recording device is provided for use by a user.
[0044]
Next, a production operation of the recording apparatus according to the present invention will be described. The recording device is manufactured industrially based on the internal configuration diagram of FIG. Hereinafter, the internal configuration of the recording apparatus will be described. FIG. 12 is a diagram showing the internal configuration of the DVD recorder 100.
As shown in FIG. 12, the DVD recorder 100 includes a drive 1, a CPU 2, a buffer memory 3, a stream controller 4, an analog tuner 9, an analog protect detector 10, an IEEE 1394 receiver 11, a digital tuner 12, a TS decoder 13, and an AV encoder. 14, a stream encryption unit 15, a stream decryption unit 16, an AV decoder 17, a TS encoder 18, and an IEEE 1394 transmission unit 19.
[0045]
First, components (drive 1, buffer memory 3, stream control unit 4) used for both reading a VOBU from a DVD and writing a VOBU to a DVD will be described.
The drive 1 loads a removable recording medium such as a DVD.
The CPU 2 controls the overall control of the recording device.
[0046]
The buffer memory 3 is a buffer for storing VOBU. The VOBU read from the DVD and the VOBU to be written to the HDD or DVD are temporarily stored in the buffer.
The stream control unit 4 connects the drive 1 and the HDD by the IDE I / F, and performs real-time transmission of the VOBU among the drive 1, the HDD, the buffer memory 3, the stream encryption unit 15, and the stream decryption unit 16.
[0047]
FIG. 13 is a diagram showing the internal configuration of the stream control unit 4. As shown in FIG. 13, the stream control unit 4 includes a memory control unit 5 for reading / writing the buffer memory 3, a memory scrambling unit 6 for performing scrambling / descrambling for the VOBU when reading / writing the buffer memory 3, and a stream encryption unit 15. A DMA controller 7 for executing DMA transfer between the buffer memories 3 and between the buffer memory 3 and the stream decoder 16; an IDE I / F 8 which is an interface with the drive 1 and the HDD;
[0048]
Next, components used when writing a digital stream of the MPEG2-PS format to a DVD will be described. FIG. 14 is a diagram showing components used for writing data to a DVD. In the figure, the stream control unit 4 is shown as being replaced with the internal bus of the stream control unit 4. The VOBU to be written on the DVD is obtained by encoding an analog signal input to the DVD recorder 100 (1), and is obtained by converting a multi-program MPEG2-TS format digital stream input to the DVD recorder 100. There are three types, one obtained (2) and one obtained by converting a digital stream input from IEEE1394 (3). Arrows wv 1, 2, 3, and 4 in the figure indicate routes from which the digital streams (1), (2), and (3) are transferred to the drive 1, and arrows wv 6 indicate input of analog signals to the AV encoder 4 Is shown. An arrow wv5 in the figure indicates a route from the digital stream of (2) to the AV encoder 14. The arrow wv7 in the figure indicates the route from the digital stream of (3) to the AV encoder 14. Components related to these routes (analog tuner 9, analog protect detection unit 10, IEEE 1394 reception unit 11, digital tuner 12, TS decoder 13, AV encoder 14, stream encryption unit 15) will be described below.
[0049]
The analog tuner 9 receives an analog broadcast signal and obtains an analog video signal and an audio signal. These signals are output to the AV encoder 14 via the A / D converter.
The analog protection detection unit 10 detects copy control information (CGMS-A) superimposed on a vertical blanking interval (VBI) of an analog broadcast signal and an analog protection signal such as macrovision or color stripe.
[0050]
The IEEE 1394 receiving unit 11 receives a TS packet input from another device via IEEE 1394 based on DTCP_Descriptor, and outputs the TS packet to the TS decoder 13. If the CCI in the DTCP_Descriptor indicates “No More Copy”, the IEEE 1394 receiver 11 does not perform reception. An MPEG2-TS format digital stream with CCI set to “No More Copy” is originally transferred on a home network for the purpose of being played back on a digital TV, and is erroneously recorded on a DVD. This is to prevent them from doing anything. Upon receiving the TS packet, the IEEE 1394 receiver 11 delivers the received DTCP_Descriptor to the AV encoder 14. This is because the AV encoder 14 sets the CCI and EPN flags in the RDI-Pack based on the CCI and EPN flags in the DTCP_Descriptor.
[0051]
The digital tuner 12 receives a broadcast wave and obtains a digital stream in a multi-program TS format.
The TS decoder 13 demultiplexes the digital stream of the multi-program TS format obtained by the digital tuner 12, and sends the video stream, audio stream and service information time-division multiplexed to these TS packets to the AV encoder 14. Output. The reason for outputting the service information is to cause the IEEE 1394 receiving unit 11 to set the CCI and EPN flags in the RDI-Pack based on the service information. Demultiplexing by the TS decoder 13 is also performed on TS packets obtained by the IEEE 1394 receiving unit 11. That is, the TS packet obtained by the IEEE 1394 receiving unit 11 is demultiplexed, and a video stream and an audio stream are obtained and output to the AV encoder 14.
[0052]
The AV encoder 14 compresses and encodes the video signal and the audio signal obtained by demodulation of the tuner and digitized by the A / D converter to obtain video data and audio data of 0.4 to 1.0 seconds. Further, these are multiplexed to obtain a VOBU. The video stream and the audio stream obtained by the digital tuner 12 and the TS decoder 13 are also multiplexed to obtain a VOBU. In obtaining the VOBU, the CDI is set and the RDI-Pack is generated based on the detection result of the analog protection detection unit 10, the DTCP_Descriptor from the IEEE1394 reception unit 11, and the service information from the digital tuner 12. This setting is based on the CCI and service information of CGMS-A and DTCP_Descriptor.
[0053]
When the encoder obtains the VOBU, the stream encryption unit 15 determines the content key from the DVD-specific title key Kt, the CCI set in the RDI-Pack by the encoder, and the time-varying coefficient Dtkc generated in the encoding process by the encoder. Kc and the code Dveri are obtained, encrypted in the C2-ECBC mode using the content key Kc, and stored in the buffer memory 3. The VOBU stored in the buffer memory 3 is written on the DVD by the drive 1.
[0054]
As long as the input of the analog broadcast signal and the input of the TS packet constituting the digital stream of the MPEG2-TS format continue, the analog tuner 9 to the stream encryption unit 15 continue the above-described operation. It will be recorded in PS format.
These are the components related to VOBU writing. Next, components related to VOBU reading will be described. There are two types of VOBUs read from DVDs: one that is reproduced as video and audio by the AV decoder 17 (1) and one that is transferred from IEEE 1394 to another device (2). FIG. 15 is a diagram in which the components used for reading the VOBU are extracted from the components shown in FIG. In the figure, the stream control unit 4 is shown as being replaced with the internal bus of the stream control unit 4. Arrows rv1 and rv2 in the figure indicate routes from the former VOBU to the stream decoder 16 after the latter VOBU is read from the DVD. An arrow rv3 indicates a route through which the former VOBU is reproduced by the AV decoder 17, and an arrow rv4 indicates a route through which the latter VOBU is output to another device via the IEEE1394. Hereinafter, the components (the AV decoder 17, the TS encoder 18, and the IEEE 1394 transmission unit 19) used for reading data will be described.
[0055]
The stream decoding unit 16 is configured to, when reproducing a VOBU from a DVD or copying a VOBU from a DVD to another device in a home network, use a DVD-specific title key Kt, a CCI set by the encoder in RDI-Pack, The content key Kc and the code Dveri are obtained from the time-varying coefficient Dtkc, and the VOBU is decrypted in the C2-DCBC mode using the content key Kc.
[0056]
The AV decoder 17 performs a decompression process specified by MPEG2 on the VOBU decoded by the stream decoding unit 16, and obtains and reproduces a video signal and an audio signal.
The TS encoder 18 converts the VOBU decoded by the stream decoding unit 16 into a TS packet, and outputs the TS packet to the IEEE 1394 transmission unit 19.
The IEEE 1394 transmission unit 19 encrypts the TS packet body obtained by the conversion of the TS encoder 18 based on the DTCP standard and outputs it.
[0057]
The overall control of the recording apparatus configured as described above is performed by the CPU 2 executing the program shown in FIG. 16, and thereafter, the processing of the CPU 2 at the time of VOBU writing with reference to the flowchart of FIG. The procedure will be described.
Steps S41 to S45 in FIG. 16 are loop processing for generating a VOBU based on an input signal to the DVD recorder 100. The input signals include analog signals, digital broadcast signals, and input signals from other devices in the home network. The copy attribute refers to CGMS-A, service information, and copy permission / non-permission setting indicated by the CCI and EPN flags in the DTCP_Descriptor.
[0058]
In step S41 in the loop processing, it is monitored whether the detection of the copy attribute of the input signal is completed. When the detection of the copy attribute of the input signal is completed, a VOBU is generated in one of steps S43, S45, and S46.
Which of step S43, step S45, and step S46 is executed is defined by three determination steps, step S42, step S44, and step S52.
[0059]
The VOBU is obtained in step S43 when the copy attribute in the input signal from the outside of the apparatus indicates EPN Asserted Copy Free (Yes in step S42). In this case, a VOBU composed of an RDI-Pack including CCI indicating EPN Asserted Copy Free and an AV pack sequence is obtained (step S43).
The VOBU is obtained in step S45 when the copy attribute indicates Only One Copy (Yes in step S44). In this case, Only One Copy is converted to No More Copy. After the conversion, a VOBU including an RDI-Pack including CCI indicating No More Copy and an AV pack sequence is obtained (step S45).
[0060]
If the copy attribute is normal copy free (YES in step S52), a VOBU including CCI indicating normal copy free is recorded (step S46). If stricter copyright protection is desired, the copy attribute may be converted to EPN Asserted Copy Free, and a VOBU including CCI indicating EPN Asserted Copy Free may be recorded. If the copy attribute indicates No More Copy, the process returns to step S41 to wait for detection of a copy attribute in the input signal.
[0061]
If a VOBU is obtained by the above procedure, a process of performing steps S47 to S51 and returning to step S21 is performed.
In the processing of steps S47 to S51, the APSTB in the RDI-Pack of the VOBU is added to the title key Kt (step S47), the time-varying coefficient Dtkc is subjected to C2-G conversion using the addition result, and the content key Kc is obtained. Then, using the content key Kc, the CCI is C2-G converted to obtain the code Dveri, and is arranged in the Manufacture Information in the RDI-Pack (step S49), and the content key Kc is used in the VOBU in the VOBU. The AV pack sequence is encrypted in the C2_ECBC mode (step S50), and the encrypted VOBU in which the code Dveri is arranged is written to the DVD (step S51). By repeating steps S41 to S51, the DVD is repeated. VOBU is written sequentially I will be absorbed.
[0062]
Next, the processing procedure of the CPU 2 at the time of VOBU reading will be described with reference to the flowchart of FIG.
The flowchart of FIG. 17 waits for a VOBU to be stored in the buffer memory 3 (step S61), and if a VOBU is stored, performs steps S62 to S71 and returns to step S61. It is.
[0063]
In the processing of steps S62 to S71, the APSTB in the RDI-Pack of the VOBU is added to the title key Kt (step S62), the time-varying coefficient Dtkc is subjected to C2-G conversion using the addition result, and After obtaining the key Kc (step S63), the CCI is subjected to C2-G conversion using the content key Kc to obtain the code Dveri (step S64).
[0064]
In step S65, it is determined whether the code Dveri generated in step S64 matches the code Dveri present in the RDI-Pack. If the codes Dveri do not match, a display indicating the fact is displayed on the front panel of the recording device or on the TV. After outputting to the monitor, the reading process is forcibly terminated. This is a forced measure for detecting fraud. Rather than taking such forced measures, more flexible measures may be taken. That is, the same processing may be repeated for a subsequent VOBU without reproducing / transmitting only the VOBU in which the code Dveri mismatch is detected.
[0065]
If they match, the encrypted AV pack sequence in the VOBU is decrypted in the C2-DCBC mode using the content key Kc (step S66).
Thereafter, different processing is performed depending on whether the reproduction or the transmission is performed. If it is a reproduction process (reproduction in step S67), a TS packet is extracted from the 32 EX-attached TS packets and output to the AV decoder 17 for reproduction (step S68). In the case of transmission processing, different processing is performed depending on whether the CCI in the RDI-Pack is EPN Asserted Copy Free, No More Copy, or normal copy free (steps S69 and S70).
[0066]
If it is EPN Asserted Copy Free (YES in step S69), the VOBU is converted into a TS packet and transmitted together with DTCP_Descriptor indicating EPN Asserted Copy Free (step S71). If the CCI is No More Copy (YES in step S70), the VOBU is converted into a TS packet and transmitted with DTCP_Descriptor indicating No More Copy (step S72). If it is normal copy free (NO in step S70), the VOBU is converted into a TS packet, and transmitted with DTCP_Descriptor indicating normal copy free (step S73). If copyright protection is to be strictly handled, in step S73, it may be transmitted together with DTCP_Descriptor indicating EPN Asserted Copy Free.
[0067]
As described above, according to the present embodiment, the decryption of the encrypted AV data by the current standard compliant device is guaranteed, and in the case of a fraudulent act such as falsification of the CCI or replacement of the RDI-Pack, the verification by the code Dveri is performed. Can be detected, so that copying on the premise of fraudulent acts can be effectively prohibited.
(2nd Embodiment)
Although the first embodiment focuses on preventing CCI tampering using the code Dveri, the second embodiment discloses an improvement that can prevent tampering of the CCI without using the code Dveri. For this, instead of generating the content key Kc only from the APSTB, the content key Kc may be generated straight from the entire CCI.
FIG. 18 is a diagram showing an encryption process when the content key Kc is generated from the entire CCI in the same notation as FIG. In this case, compatibility with the current standard-compliant device cannot be maintained, but tampering of CCI can be prevented without using the code Dveri. This is because if the CCI is rewritten, the content key Kc generated by the device at the time of decryption will be significantly different from the original content key Kc, and decryption cannot be performed properly.
[0068]
In this case, since the code Dveri becomes unnecessary, there is no need to wait for the generation of the code Dveri, and the offset from the time-varying coefficient Dtkc to the AV data can be shortened.
(Third embodiment)
The first embodiment and the second embodiment are modes in which a digital stream in the MPEG2-PS format is written on a recording medium, but the third embodiment relates to a mode in which a digital stream in the MPEG2-TS format is written on a recording medium.
[0069]
Writing in the MPEG2-TS format is convenient for writing a digital stream to an HD or Blu-ray Disc.
How the GOP shown in the first embodiment is converted when writing the digital stream to the recording medium in the MPEG2-TS format will be described.
FIG. 19 is a diagram in which the configuration of a digital stream recorded on a Blu-ray Disc is detailed in a stepwise manner. In FIG. 19, the first to third rows are the same as those in FIG. 2, and show a picture sequence, GOP division, and a PES packet sequence, respectively. The fourth and fifth stages are significantly different from FIG. The PES packet sequence storing the GOP sequence is multiplexed (tj1 in the figure) with the PES packet sequence storing the audio stream to form a digital stream in the MPEG2-TS format shown in the fourth row. The video stream and the audio stream constituting the TV program are transmitted in a transmission path such as a satellite wave, a terrestrial wave, and a cable in the fourth stage.
[0070]
Next, the internal configuration of the TS packet will be described. The third row in FIG. 20 shows the structure of a TS packet. As shown in the third row of FIG. 20, the TS packet is composed of a “TS packet header” and a “payload part”, and has a size of 188 bytes. The “payload” stores a divided portion obtained by dividing the PES packet into a plurality. As shown by arrows ct1, ct2, and ct3, these are stored in the payload of the TS packet in the third stage. This concludes the description of the TS packet.
[0071]
Next, how the MPEG2-TS format is written to the Blu-ray Disc will be described. FIG. 21 is a diagram showing a process of writing a TS packet constituting the MPEG2-TS format to a Blu-ray Disc. The first row of the figure shows the TS packets that make up the digital stream in the MPEG2-TS format.
As shown in the second row, TP_extra_header (“EX” in the figure) is added to the TS packets that constitute the digital stream in the MPEG2-TS format.
[0072]
The third and fourth rows show the correspondence between the physical unit of the Blu-ray Disc and the TS packets. As shown in the fourth row, a plurality of sectors are formed on the Blu-ray Disc. TS packets with extra_header (hereinafter abbreviated as EX-attached TS packets) are grouped every 32 packets and written into three sectors. A group consisting of 32 EX-attached TS packets is 6144 bytes (= 32 × 192), which is equivalent to three sector sizes of 6144 bytes (= 2048 × 3). The 32 EX-attached TS packets contained in the three sectors are called "Aligned Units", and when writing to a Blu-ray Disc, encryption is performed in units of Aligned Units. The sectors in the fourth row are provided with error correction codes in units of 16 and constitute an ECC block. The recording device can obtain 32 complete EX-attached TS packets as long as the Blu-ray Disc is accessed in the unit of Aligned Unit.
[0073]
The above is the process of writing the digital stream in the MPEG2-TS format to the Blu-ray Disc. Next, the internal configuration of TP_extra_header will be described. FIG. 22A is a diagram illustrating the internal configuration of TP_extra_header.
TP_extra_header includes “Arrival_Time_Stamp” and “copy_permission_indicator”.
[0074]
“Arrival_Time_Stamp” is a time-varying coefficient in the digital stream of the MPEG2-TS format. This is because Arrival_Time_Stamp has a time-varying factor that varies depending on where the Aligned Unit is on the reproduction time axis of the digital stream. What makes the time-varying coefficient a time-varying coefficient is the time when the TS packet arrives at the device. This Arrival_Time_Stamp is used to refer to a time stamp such as PCR or PTS at the time of stream reproduction. Generally, a PCR and PTS are set on the assumption that an MPEG2-TS format digital stream transmitted from a broadcasting station is received and reproduced in real time. However, in storage reproduction, an MPEG2-TS format digital stream is temporarily stored in a Blu-ray Disc, HD, and then reproduced with a considerable delay in time. In this accumulation reproduction, the values of PCR and PTS adjusted for the purpose of reproducing in real time are wasted. Therefore, Arrival_Time_Stamp in TP_extra_header indicates the time at which the TS packet arrived at the recording device. For this reason, when this Arrival_Time_Stamp is referred to during reproduction, even if a digital stream in the MPEG2-TS format is reproduced after being stored in a Blu-ray Disc or the like, the reproduction timing control by PTS and PCR is performed in the same manner as in real-time reproduction. Can be realized.
[0075]
“Copy_permission_indicator” is CCI in an MPEG2-TS format digital stream. At the time of recording on a Blu-ray Disc, information indicating permission / prohibition of copying is precisely set for each TS packet. The copy_permission_indicator is 2-bit information, and is set to four values shown in FIG. "00" is normal copy free, "11" is "No More Copy", "01" is encrypted but free copy without conditions, and "10" is EPN Asserted. It means copy free.
[0076]
Next, the process of encrypting the aligned unit will be described. Although it takes the form of the MPEG2-TS format, it is the same as the first and second embodiments in that the encryption is performed using three parameters such as a time-varying coefficient, CCI, and a medium unique key (title key Kt). In addition, the first embodiment and the second embodiment also have a point that an operation is performed using two of these parameters, and an encryption key (content key Kc) for each unit is obtained from the operation result and the remaining one parameter. It is no different from the embodiment.
[0077]
FIG. 23 is a diagram showing a process of Aligned Unit being encrypted. The first row in FIG. 23 shows the Aligned Unit before encryption. Before encryption, the Aligned Unit of 6144 bytes is divided into TP_extra_header of the TS packet with EX at the head and Dblk following it. Dblk means a 6136-byte (6144-8) portion of the 6144-byte Aligned Unit excluding the 8-byte TP_extra_header.
[0078]
The third row shows the Aligned Unit after encryption. Since TP_extra_header of the first EX-attached TS packet is a plain text, it does not change before and after encryption. Dblk is converted to De_blk.
The second-stage dashed line dc1 indicates the process of encrypting Dblk. Dblk is encrypted in a DES_ECBC mode using a 64-bit block key Kblk. This key Kblk corresponds to the content key Kc according to the first embodiment. This is because the key Kblk is also unique to the unit and changes from unit to unit.
[0079]
The encryption in the DES_ECBC mode is to divide an aligned unit of 6136 bytes into 64 bits or less and encrypt each divided portion, which can be regarded as C2_ECBC in the first embodiment. On the other hand, a mode in which decoding is performed by following the reverse procedure is called a DES_DCBC mode.
A frame dc2 in the figure indicates a process of generating the 64-bit block key Kblk. “‖” In the figure indicates a concatenation operation. This concatenation operation is one of predetermined operations, and corresponds to the addition operation performed on the title key Kt and the CCI in the first embodiment. The target of the concatenation operation is a 2-bit copy_permission_indicator, a 30-bit Arrival_Time_Stamp, and a 32-bit parameter Vbkg. And encryption in the TDES_E mode.
[0080]
The parameter Vbkg is a common parameter included in a device compliant with copyright protection.
Krec is an encryption key corresponding to the title key Kt in the first embodiment, and is an encryption key unique to a recording medium. Krec is derived from a plurality of parameters in the Blu-ray Disc and a plurality of parameters in the device, but the details are omitted because they are not the main focus of the present application.
[0081]
Expressing the generation of the block key Kblk in the TDES_E mode by an expression is as follows.
Block key Kblk = DES_E (K1, DES_D (K2, DES_E (K1, d)))
K1 indicates the upper 64 bits of the recording key Krec, and K2 indicates the lower 64 bits of the recording key Krec.
[0082]
DES_E is encrypted in ECB (Electric Codebook) mode of DES encryption,
DES_D indicates decoding in the ECB (Electric Codebook) mode of DES encryption.
To generate the block key Kblk, a TDES_E mode in which encryption in the DES method is repeated three times is used.
[0083]
Here, if copyright protection is to be thoroughly enforced, a question arises as to whether the block key should be changed for each TS packet, not for each Aligned Unit. However, when trying to obtain the block key Kblk for each TS packet, encryption in the TDES_E mode is required for each TS packet, so that the processing load is large. Therefore, in the present embodiment, the generation of the block key Kblk is performed once per Aligned Unit. Since the Aligned Unit includes 32 TS packets and is recorded in three sectors, the key Kblk is generated once for every three sectors, and the processing load on the device side can be reduced.
[0084]
Subsequently, an internal configuration of the recording apparatus according to the present embodiment will be described. FIG. 24 is a diagram illustrating the internal configuration of the recording apparatus according to the third embodiment. The TS encoder 18 is connected to an output stage of the analog tuner 9 and the analog protection detector 10. This is because the Blu-ray Disc records the digital stream in the MPEG2-TS format, so that it is sufficient to connect the TS encoder 18 to the output stage of the analog tuner 9 and the analog protection detector 10. The TS decoder 13 is connected not to the output stage of the IEEE 1394 receiving unit 11 and the digital tuner 12, but to the input stage of the AV decoder 17. This is because in the Blu-ray Disc, since a digital stream is recorded in the MPEG2-TS format, it is not necessary to temporarily convert the digital stream into a video stream and an audio stream. In addition, the stream encrypting unit 15 and the stream decrypting unit 16 are replaced with a stream encrypting unit 23 and a stream decrypting unit 24, and the IEEE 1394 receiving unit 11 and the IEEE 1394 transmitting unit 19 are replaced with the IEEE 1394 receiving unit 20 and the IEEE 1394 transmitting unit 25. Has been replaced. Further, a TS decoder 21 is added to the output stage of the stream control unit 4.
[0085]
Next, components used when writing a digital stream in the MPEG2-TS format to the Blu-ray Disc will be described. FIG. 25 is a diagram showing, in the same notation as FIG. 14, the internal configuration of the recording apparatus according to the third embodiment, which relates to data writing (IEEE 1394 receiving unit 20 to stream encrypting unit 23). Hereinafter, the IEEE 1394 receiving unit 20 to the stream encrypting unit 23 will be described.
[0086]
The IEEE 1394 receiving unit 20 receives a TS packet transferred via IEEE 1394 based on DTCP. An isochronous packet is inserted everywhere in a TS packet input via IEEE1394, and Arrival_Time_Stamp is generated based on the clock time of the internal clock 22 at the time when the isochronous packet arrives. If the isochronous packet input from IEEE 1394 is generated on the sender side based on Arrival_Time_Stamp, the Arrival_Time_Stamp generated by the IEEE 1394 receiver 11 is almost the same as the Arrival_Time_Stamp on the sender side. The TP_extra_header including Arrival_Time_Stamp and copy_permission_indicator thus generated is attached to each TS packet to obtain a TS packet with EX.
[0087]
The TS decoder 21 demultiplexes the multi-program TS output from the digital tuner 12 to obtain a TS packet. If a TS packet is obtained, TP_extra_header is generated and attached to the TS packet. At the time of generation, a copy_permission_indicator in TP_extra_header is generated based on the service information with reference to service information about a TV program to which the TS packet belongs. Arrival_Time_Stamp is set based on the time measured by the internal clock 22 when the TS packet reaches the device.
[0088]
When the IEEE 1394 reception unit 20 and the TS decoder 21 obtain the EX-attached TS packet, the stream encryption unit 23 reads a plurality of predetermined parameters from the Blu-ray Disc, and reads these Blu-ray Disc-side parameters, A recording key Krec is obtained from a plurality of parameters stored in the recording device in advance. Thereafter, every time an Aligned Unit is obtained on the buffer memory 3, a concatenation operation is performed on the Aligned Unit's copy_permission_indicator, Arrival_Time_Stamp, and parameter Vbkg, and the 64-bit operation result is encrypted in the TDES_E mode using the recording key Krec. I do. By this encryption, a 64-bit block key Kblk is obtained. When the block key Kblk is obtained in this way, De_blk is obtained by encrypting the Aligned Unit other than the first TP_extra_header. The Aligned Unit thus encrypted is stored in the buffer memory 3 and written to the Blu-ray Disc.
[0089]
Next, components used for reading a TS packet from a Blu-ray Disc will be described. FIG. 26 is a diagram illustrating a recording device (a stream decoding unit 24 and an IEEE 1394 transmission unit 25) related to data reading among the recording devices. Hereinafter, the stream decoding unit 24 and the IEEE 1394 transmission unit 25 will be described.
The stream decoding unit 24 performs a decoding process on each of the Aligned Units included in the ECC block read into the buffer memory 3. This decryption process is a decryption process in the DES_DCBC mode using a block key Kblk unique to Aligned Unit. The block key Kblk unique to Aligned Unit is generated as follows. Since the TP_extra_header at the head of each Aligned Unit is not encrypted, a concatenation operation is performed on the copy_permission_indicator, the Arrival_Time_Stamp, and the parameter Vbkg in the TP_extra_header to obtain a 64-bit operation result. By decrypting the concatenation result in the TDES_D mode using the recording key Krec, the Dblk of the Aligned Unit is obtained. Arrows rt5 and rt6 in FIG. 26 indicate transmission routes of the Aligned Unit at the time of reproduction. It can be seen that the Aligned Unit is decoded by the TS decoder 13 as shown by arrows rt5 and rt6, and is decoded by the AV decoder 17 into a video signal and an audio signal. By outputting the Dblk to the IEEE 1394 transmission unit 25 as indicated by arrows rt7 and rt8, the Aligned Unit is transmitted to other devices in the home network.
[0090]
When decoding the Aligned Unit, the IEEE 1394 transmission unit 25 removes TP_extra_header from each of the 32 EX-attached TS packets included in the Aligned Unit, and encrypts and outputs the TS packet body based on the DTCP standard. When outputting the TS packets, an isochronous packet is inserted anywhere between the TS packets. This insertion point is a position based on the time indicated in Arrival_Time_Stamp of TP_extra_header. With the output of the TS packet, the IEEE 1394 transmission unit 25 outputs DTCP_Descriptor. DTCP_Descriptor indicates a copy permission / prohibition setting in TP_extra_header.
[0091]
The overall control of the recording apparatus configured as described above is performed by the CPU 2 executing the program shown in FIG. Hereinafter, the processing procedure of the CPU 2 at the time of Aligned Unit writing will be described with reference to the flowchart of FIG.
Steps S1 to S6 in FIG. 27 are loop processing for storing the EX-attached TS packet in the buffer memory 3. In this loop processing, in step S1, the input of a broadcast wave and a TS packet from IEEE 1394 is monitored. If a TS packet is input, TP_extra_header is added to the TS packet in any of steps S3, S5, and S14.
[0092]
Which of step S3, step S5, and step S14 is executed is defined by three determination steps, step S2, step S4, and step S13.
TP_extra_header is added in step S3 when the copy attribute in the service information or DTCP_Descriptor indicates EPN Asserted Copy Free (YES in step S2). In this case, since the copy attribute is EPN Asserted Copy Free, TP_extra_header including copy_permission_indicator indicating EPN Asserted Copy Free is added to the TS packet (step S3).
[0093]
The addition of TP_extra_header in step S5 is performed when the copy attribute in the service information and DTCP_Descriptor indicates Only One Copy (step S4). In this case, Only One Copy is converted to No More Copy. A TP_extra_header including a copy_permission_indicator indicating No More Copy is added to the TS packet (step S5).
[0094]
The addition of TP_extra_header in step S14 is performed when the copy attribute in the service information and DTCP_Descriptor indicates normal copy free (YES in step S13). In this case, since the copy attribute is normal copy free, TP_extra_header including copy_permission_indicator indicating normal copy free is added to the TS packet (step S14).
[0095]
If the copy attribute indicates No More Copy, the process returns to step S1 to wait for a TS packet to be received. By doing so, it is guaranteed that the TS packet of No More Copy is not written to the Blu-ray Disc.
Step S6 is a step of determining whether or not 32 EX-attached TS packets have been generated. If they have been generated, the processing of steps S7 to S12 is performed, and the process returns to step S1. If 32 EX-attached TS packets are generated, a recording key Krec is generated from the plurality of parameters in the Blu-ray Disc and the parameters in the recording device (step S7), and an Arrival_Time_Stamp, a copy_permission_indicator, and a parameter Vbkg are generated. A concatenation operation is performed (step S8), and a block key Kblk is obtained by encrypting the operation result in the TDES_E mode using the recording key Krec (step S9).
[0096]
When the key Kblk is obtained, the block Dblk of the Aligned Unit is encrypted in the DES_ECBC mode except for the leading TP_extra_header to obtain the block De_blk and store it in the buffer memory 3 (step S10). Thereafter, the processing of steps S1 to S10 is repeated until 16 Aligned Units are stored in the buffer memory 3 (step S11 is No). If 16 Aligned Units are stored in the buffer memory 3 (Yes in step S11), the 16 Aligned Units stored in the buffer memory 3 are attached with error correction codes to obtain three ECC blocks. Then, the three ECC blocks are written to the Blu-ray Disc (step S12). By repeating Steps S7 to S12, the Aligned Unit is sequentially written into the Blu-ray Disc.
[0097]
Next, the processing procedure of the CPU 2 at the time of reading Aligned Unit will be described with reference to the flowchart of FIG.
The structure of the flowchart of FIG. 28 waits for three ECC blocks to be stored in the buffer memory 3, and if stored, performs steps S21 to S32 and returns to step S21. That is.
[0098]
The loop processing from step S22 to step S23 is to repeat the processing from step S24 to step S32 for each of the 16 Aligned Units included in the ECC block.
The process repeated here connects the copy_permission_indicator, the Arrival_Time_Stamp, and Vbkg of the Aligned Unit (step S24), and generates a recording key Krec from a plurality of parameters in the Blu-ray Disc and the parameters in the recording device (step S25). ), The result of the concatenation operation is encrypted in the TDES_E mode using the recording key Krec to obtain the block key Kblk (step S26), and the block De_blk of the Aligned Unit is decrypted in the DES_DCBC mode using the block key Kblk. , 32 EX-attached TS packets are obtained (step S27).
[0099]
Thereafter, different processing is performed depending on whether the reproduction or the transmission is performed. If it is a reproduction process (reproduction in step S28), a TS packet is extracted from the 32 EX-attached TS packets and output to the TS decoder 13-AV decoder 17 for reproduction (step S29).
If it is a transmission process (transmitted in step S28), different processes are performed depending on whether copy_permission_indicator in TP_extra_header is EPN Asserted Copy Free, No More Copy, or normal copy free.
[0100]
If it is EPN Asserted Copy Free (YES in step S30), a TS packet is extracted from the 32 EX-attached TS packets and transmitted together with DTCP_Descriptor indicating EPN Asserted Copy Free (step S31). If it is normal copy free (YES in step S33), a TS packet is extracted from the 32 EX-attached TS packets and transmitted together with DTCP_Descriptor indicating normal copy free (step S34).
[0101]
If it is No More Copy (NO in step S33), a TS packet is extracted from the 32 EX-attached TS packets, and transmitted together with DTCP_Descriptor indicating No More Copy (step S32). With this repetition, the Aligned Unit is sequentially read.
As described above, according to the present embodiment, the encryption key is generated using a parameter whose value changes for each Aligned Unit and whose value also changes depending on the setting of copy permission / prohibition. While realizing, a free copy of the digital stream can be implemented in the home network.
[0102]
(Fourth embodiment)
In the first embodiment, the VOBU is copied between devices in the home network. However, in the fourth embodiment, the VOBU is copied in one device.
FIG. 29 is a diagram illustrating an internal configuration of a recording apparatus according to the fourth embodiment. In this figure, one of the drive 1 and the HDD is a copy source, and the other is a copy destination.
[0103]
The stream decryption unit 16 generates the content key Kc and the code Dveri from the copy source recording medium at the time of copying, and checks the generated code Dveri against the code Dveri existing in the RDI-Pack. If they match, the encrypted VOBU read from the copy source recording medium is decrypted.
The stream encryption unit 15 generates a content key Kc unique to the copy destination recording medium, and encrypts the VOBU in the buffer memory 3 with the content key Kc.
[0104]
FIG. 30 is a diagram showing VOBU reading from the copy source drive.
An arrow (2-1) indicates reading from the copy source drive to the buffer memory 3, and an arrow (2-2) indicates reading of the title key Kt by the copy source drive. (2-3) shows decryption of a VOBU based on the title key Kt. (2-4) shows the output of the decryption result to the stream encryption unit 15.
[0105]
FIG. 31 shows VOBU writing to the copy destination drive. (3-1) is the reading of the title key Kt from the copy destination recording medium by the stream encryption unit 15, and the stream encryption unit 15 generates the content key Kc from the title key Kt and encrypts the VOBU. . (3-2) indicates writing of the encryption result to the buffer memory 3, and (3-3) indicates writing of the encrypted VOBU to the copy destination drive.
[0106]
As described above, according to the present embodiment, it is possible to realize the copy of the VOBU as described in the first embodiment in a hybrid recording apparatus having both the HD and DVD drive devices. it can.
In the fourth embodiment, the VOBU is copied in one device, but the Aligned Unit may be copied in one device.
[0107]
(Note)
Although the description has been given based on the above embodiment, it is merely presented as an example of a system in which the best effect can be expected at present. The present invention can be modified and implemented without departing from the gist thereof. Representative modified embodiments include the following (A), (B), (C),....
[0108]
(A) The recording device according to the first to fourth embodiments is a recording device of a type used by connecting to a digital television in a home network, but is a recording device integrated with a liquid crystal display. There may be. Further, the recording apparatus shown in the first embodiment has the drive 1 and the AV decoder 17 built therein in advance. However, the recording apparatus may not be provided with them and may be connected via an IEEE1394 connector. Furthermore, in the recording apparatus of each embodiment, only a part that forms an essential part of the processing may be used as the recording apparatus. Since all of these recording apparatuses are the inventions described in the specification of the present application, any of these aspects is based on the internal configuration of the recording apparatuses described in the first to fourth embodiments. The act of manufacturing the recording device is an act of practicing the invention described in the specification of the present application. The transfer of the recording apparatus shown in the first to fourth embodiments for a fee or free of charge (sales in the case of a fee, gifts in the case of a free charge), lending, and importing are also the actions of the present invention. . The act of inviting the general user to transfer or lend them through store display, solicitation of catalogs, and distribution of pamphlets is also an act of implementing the present recording device.
[0109]
(B) Since the information processing by the programs shown in FIGS. 16, 17, 27, and 28 is specifically realized using hardware resources, the program whose processing procedure is shown in the above flowchart is It is established as an invention by itself. In the first to fourth embodiments, the embodiment relating to the execution of the program according to the present invention is shown as being incorporated in the recording device. However, the first embodiment to the fourth embodiment are separated from the recording device. The program alone shown in the fourth embodiment may be executed. The act of implementing the program alone includes the act of producing these programs (1), the act of transferring (2), lending (3), importing (4), and bidding (4) There is an act (5) of offering the program to the public via an electronic communication line, and an act of asking (6) a general user to transfer or lend a program by exhibiting at a store, soliciting a catalog, or distributing a pamphlet.
[0110]
(C) In the flowcharts of FIG. 16, FIG. 17, FIG. 27, and FIG. 28, the "time" element of each step executed in chronological order is considered as an essential matter for specifying the invention. Then, it can be understood that the processing procedures based on these flowcharts disclose the use form of the recording method. By performing the processing of each step in time series, the original object of the present invention is achieved, and if the processing of these flowcharts is performed so as to exert the function and effect, the recording according to the present invention is performed. It goes without saying that this corresponds to the act of implementing the method.
[0111]
(D) In the first embodiment, recording, encryption, and decryption are performed in units of VOBUs. However, this is one mode for implementing the recording device according to the present invention in accordance with the DVD-Video Recording standard. Not just. It may be recorded in units of a plurality of VOBUs, or may be a data unit in another recording standard and corresponding to a VOBU.
(E) In the first and second embodiments, the content key Kc and the block key Kblk are generated using the medium-specific title key Kt and Krec, but the content key Kc is generated using the digital stream-specific encryption key. The block key Kblk may be generated. This eliminates the dependency on the recording medium, so that there is no need to perform decryption and encryption when reading from and writing to the recording medium, and high-speed copying can be realized.
[0112]
(F) In the second embodiment, the content key Kc is obtained using the time-varying coefficient Dtkc existing in the same VOBU. However, instead of this time-varying coefficient Dtkc, the time-varying coefficient Dtkc present in the preceding and following VOBUs is used. To generate the content key Kc. In this case, if the VOBUs before and after the VOBU are deleted, the content key Kc in the VOBU cannot be obtained. From this, it is possible to maintain consistency in the entire VOB by using the time-varying coefficient Dtkc existing in the preceding and following VOBUs.
[0113]
(G) The AV encoder 14 may encode not the analog video signal and the audio signal output from the analog tuner 9 but the analog video signal and the audio signal output from the VTR.
(H) Although the content key Kc is calculated from only the APSTB and the title key Kt in the first embodiment, the content key Kc may be calculated from the CGMS and the title key Kt for compatibility with the current device. Although the CCI is stored in a header such as RDI-Pack or TP_extra_header, it may be embedded in a digital stream in the form of a digital watermark.
[0114]
【The invention's effect】
As described above, according to the recording medium of the present invention, it is a recording medium on which a digital stream is recorded, and for each part of the digital stream, a copy indicating whether or not the part is conditional copy free. Control information is associated with the conditional copy free, and the conditional copy free is characterized in that it is copy free on condition that a part of a digital stream is encrypted and written to a copy destination recording medium.
[0115]
In the recording medium, a part of the digital stream is written to the copy destination recording medium on condition that encryption is performed. That is, a part of the digital stream can be freely copied as long as the condition of encryption is satisfied. This allows the user to enjoy a free private copy. Because of the condition of encryption, unauthorized devices that cannot perform encryption / decryption are excluded from such free copy. Excluding unauthorized devices from private copying can prevent digital streams from being distributed to the general public.
[0116]
If emphasis is placed on compatibility with existing equipment, the following can be done.
That is, the copy control information includes generation management information and an extension flag, and the fact that the copy control information is conditional copy free is set when the generation management information is set to a value indicating that copying is not allowed and the extension flag is set. , On (2). When the present recording medium is loaded in an unsupported device that does not support the setting of the copy control information of “conditional copy free”, the device performs a copy operation based on the generation management information in the copy control information. Since the generation management information is set to copy prohibition, the digital stream is not copied. Since free copy is prevented on a device that does not support “conditional copy free”, it is possible to prevent a flood of duplicates of the digital stream.
[0117]
Allowing conditional copying after encryption here raises a question. It is a question that if copy control information of a digital stream that was originally encrypted for setting copy prohibition is falsified with conditional copy free, it may be copied freely in a home network.
This can be solved as follows.
[0118]
That is, a part of the digital stream is encrypted using a predetermined encryption key and recorded on a recording medium, and the predetermined encryption key has a value according to whether copy control information indicates conditional copy free. Is a good encryption key to change (4).
A part of the digital stream is encrypted with the encryption key generated based on the copy control information. If the copy control information is tampered with such that the digital stream originally set to copy prohibition is changed to conditional copy free, the encryption key obtained at the time of decryption is different from the encryption key used at the time of encryption. It becomes. If the encryption key is different, the digital stream cannot be decrypted. Therefore, the introduction of the conditional copy-free does not weaken the protection of the copyright holder of the digital stream.
[0119]
However, on the other hand, a device that does not generate an encryption key from copy control information cannot detect tampering. In this case, it should be as follows.
That is, a part of the digital stream is encrypted using a predetermined encryption key and recorded on a recording medium, and the part is recorded on a recording medium in association with a check code. This is a code obtained by converting the copy control information using the encryption key, and the value should be changed depending on whether the copy control information indicates conditional copy free (9).
[0120]
When an encryption key is generated from an information element having no relation to copy control information for compatibility with past devices, the presence or absence of tampering with the copy control information can be detected by checking a check code. This makes it possible to prevent falsification of the copy control information while maintaining compatibility with past encryption methods.
[Brief description of the drawings]
FIG. 1 is a diagram showing a home network which is a use environment of a recording medium and a recording apparatus according to the present invention.
FIG. 2 is a diagram showing a process of generating a VOBU.
FIG. 3 is a diagram showing a relationship between a PES packet and an AV pack.
FIG. 4 is a diagram showing an internal configuration of a VOBU.
FIG. 5 is a diagram illustrating a configuration of a CCI according to the first embodiment.
FIG. 6 shows possible values of the CGMS, PSC, and EPN flags and the meaning of the CGMS, PSC, and EPN flags.
FIG. 7 is a diagram showing what kind of encryption process the encrypted AV data in the VOBU is generated.
FIG. 8 is a diagram showing a generation process of a code Dveri in the same notation as FIG. 7;
FIG. 9 is a diagram showing the basis for setting an offset from a time-varying coefficient Dtkc to AV data.
FIG. 10 is a diagram showing a home network which is a use environment of a recording medium and a recording apparatus according to the present invention.
FIG. 11 is a diagram illustrating an example of a DTCP_Descriptor.
FIG. 12 is a diagram showing an internal configuration of the DVD recorder 100 according to the first embodiment.
FIG. 13 is a diagram showing an internal configuration of a stream control unit 4.
FIG. 14 is a diagram in which components used for writing a VOBU are extracted from the components shown in FIG. 12;
FIG. 15 is a diagram in which components used for reading a VOBU are extracted from the components shown in FIG. 12;
FIG. 16 is a flowchart illustrating a processing procedure of overall control during writing according to the first embodiment;
FIG. 17 is a flowchart illustrating a processing procedure of overall control at the time of reading according to the first embodiment;
FIG. 18 is a diagram showing an encryption process in a case where a content key Kc is generated from the entire CCI in the same notation as FIG. 7;
FIG. 19 is a diagram in which the configuration of a partition TS recorded on a Blu-ray Disc is detailed in a stepwise manner.
FIG. 20 is a diagram showing an internal configuration of a TS packet.
FIG. 21 is a diagram showing a process through which writing to a Blu-ray Disc is performed.
FIG. 22 is a diagram showing the internal configuration of TP_extra_header.
FIG. 23 is a diagram showing a process through which an Aligned Unit is encrypted.
FIG. 24 is a diagram illustrating an internal configuration of a recording apparatus according to a third embodiment.
FIG. 25 is a diagram in which the components used for writing a TS packet are extracted from the components shown in FIG. 24;
FIG. 26 is a diagram in which the components used for reading a TS packet are extracted from the components shown in FIG. 24;
FIG. 27 is a flowchart illustrating a processing procedure of overall control during writing according to the third embodiment;
FIG. 28 is a flowchart showing a processing procedure of overall control at the time of reading according to the third embodiment;
FIG. 29 is a diagram illustrating an internal configuration of a recording apparatus according to a fourth embodiment.
FIG. 30 is a diagram showing Aligned Unit reading from a copy source drive.
FIG. 31 is a diagram showing Aligned Unit writing to a copy destination drive device.
[Explanation of symbols]
1 drive
3 buffer memory
4 Stream control unit
5 Memory control unit
6 Memo risk scramble department
9 Analog tuner
10 Analog protection detector
11 IEEE1394 receiving unit
12 Digital tuner
13 TS decoder
14 AV encoder
15 Stream encryption unit
16 stream decoding unit
17 AV decoder
18 TS encoder
19 IEEE1394 transmission unit
20 IEEE1394 receiving unit
21 TS decoder
22 Internal clock
23 Stream encryption unit
24 stream decoding unit
25 IEEE 1394 transmission unit
100 DVD recorder
120 Digital TV
130 HD Recorder
200 remote control

Claims (35)

A recording medium on which a digital stream is recorded,
For each part of the digital stream, copy control information indicating whether the part is conditional copy free is associated,
The conditional copy free
A recording medium characterized by being copy-free on condition that a part of a digital stream is encrypted and written to a copy destination recording medium. The copy control information includes generation management information, an extension flag, and indicates that the copy control information is conditional copy free.The generation management information is set to a value indicating that copying is not allowed,
2. The recording medium according to claim 1, wherein the extension flag is set to ON. The absence of conditional copy-free means that a part of the digital stream cannot be copied (1), or that a part of the digital stream is unconditional copy-free (2),
If the generation management information cannot be copied and the extension flag is set to off, the copy control information indicates that a part of the digital stream cannot be copied (1).
If the generation management information can be copied and the extended flag is set to off,
The copy control information indicates that the copy is free without any condition (2)
The recording medium according to claim 2, wherein: Part of the digital stream is
Encrypted using a predetermined encryption key, recorded on a recording medium,
The predetermined encryption key is
2. The recording medium according to claim 1, wherein the recording medium is an encryption key whose value changes depending on whether or not the copy control information indicates conditional copy free. The encryption key is calculated from three parameters using copy control information as a first parameter, a time-varying coefficient for a part of a digital stream as a second parameter, and recording medium-specific data as a third parameter,
The recording medium according to claim 4, wherein the time-varying coefficient is a value that varies depending on where the reproduction time of the part exists on the reproduction time axis of the digital stream. The encryption key is calculated by performing a calculation on two of the three parameters, and using one of the calculation result and one of the remaining parameters to convert the other. The recording medium according to claim 5, wherein Of the three parameters, the operation target is copy control information as a first parameter and data unique to a recording medium as a third parameter,
7. The recording medium according to claim 6, wherein the conversion target is a time-varying coefficient that is a second parameter, and the parameter used for the conversion is the calculation result. The recording medium according to claim 7, wherein the conversion according to claim 7 is a conversion based on a one-way function. Part of the digital stream is encrypted using a predetermined encryption key, recorded on a recording medium,
The part is recorded on a recording medium in association with a check code,
The check code is a code obtained by converting copy control information using the encryption key, and a value of the check code changes depending on whether the copy control information indicates conditional copy free. The recording medium according to claim 1. The encryption key has three parameters in which analog protection information for a part of the digital stream is a first parameter, a time-varying coefficient for a part of the digital stream is a second parameter, and data unique to a recording medium is a third parameter. Calculated from
The analog protection information, when converting the digital stream to an analog signal, is information indicating whether to apply a copy restriction to the analog signal,
10. The recording medium according to claim 9, wherein the time-varying coefficient is a value that varies depending on where the reproduction time of the part exists on the reproduction time axis of the digital stream. A part of the encrypted digital stream is arranged on the recording medium at a predetermined offset from the time-varying coefficient,
The offset is set based on the sum of a time required to obtain an encryption key from the three parameters and a time required to obtain a check code by converting copy control information using the encryption key. The recording medium according to claim 10. Determining means for determining a copy attribute of a signal which is a recording device and which is input from outside the device,
When the copy attribute indicates conditional copy free, a writing unit that writes a part of the digital stream to a recording medium in association with copy control information indicating that the copy is conditional copy free,
Conditional copy free
A recording apparatus which is copy-free on condition that the data is encrypted and then written to a copy destination recording medium. The writing means,
13. The recording method according to claim 12, wherein even when the copy attribute indicates unconditional copy free, a part of the digital stream is written on a recording medium in association with copy control information indicating that the copy is conditional copy free. apparatus. The signal input from outside the device is a digital broadcast signal,
The copy attribute is
13. The recording device according to claim 12, wherein the recording device is indicated in service information in a digital broadcast signal. The signal input from the outside of the device is a signal transmitted from another device,
The copy attribute is
13. The recording device according to claim 12, wherein the recording device is indicated in a protocol descriptor transmitted from another device. The input signal from the outside of the device includes a plurality of transport packets,
The recording device includes a transport decoder that converts a plurality of transport packets into an elementary stream,
16. The recording apparatus according to claim 14, wherein the part of the digital stream includes a part of an elementary stream. The signal input from outside the device is an analog broadcast signal,
13. The recording apparatus according to claim 12, wherein the copy attribute is indicated by information superimposed on an analog broadcast signal. The recording device includes an encryption unit that encrypts a part of the digital stream using a predetermined encryption key,
The writing means,
Write the encrypted part to the recording medium in association with the check code,
The predetermined encryption key is
13. The recording apparatus according to claim 12, wherein the copy control information is an encryption key whose value changes according to whether or not the copy control information indicates conditional copy free. The copy control information includes generation management information and an extension flag,
The fact that the copy control information indicates that the copy is conditionally free is set when the generation management information is set to a value indicating that copying is not allowed,
13. The recording apparatus according to claim 12, wherein the extension flag is set to ON. The recording device includes an encryption unit that encrypts a part of the digital stream using a predetermined encryption key,
The writing means,
Write the encrypted part to the recording medium in association with the check code,
The check code is a code obtained by converting copy control information using the encryption key, and a value of the check code changes depending on whether the copy control information indicates conditional copy free. Item 13. The recording device according to Item 12. The encryption key has three parameters in which analog protection information for a part of the digital stream is a first parameter, a time-varying coefficient for a part of the digital stream is a second parameter, and data unique to a recording medium is a third parameter. Calculated from
The analog protection information, when converting the digital stream to an analog signal, is information indicating whether to apply a copy restriction to the analog signal,
21. The recording apparatus according to claim 20, wherein the time-varying coefficient is a value that varies depending on where the reproduction time of the part exists on the reproduction time axis of the digital stream. A part of the encrypted digital stream is arranged on the recording medium at a predetermined offset from the time-varying coefficient,
The offset is set based on the sum of the time required to obtain an encryption key from the three parameters and the time required to convert the copy control information using the encryption key and obtain a check code. The recording device according to claim 21. A reading device for reading a digital stream from a recording medium,
Reading means for reading, from a recording medium, a portion of the encrypted digital stream and copy control information associated with the portion,
Determining means for determining whether or not the copy control information indicates a conditional copy free on condition that the data is written on the copy destination recording medium after being encrypted;
If the copy control information indicates conditional copy free, the transmitting means transmits a part of the digital stream to another device based on a protocol on the transmission path together with the copy control information indicating conditional copy free. Reading device. 24. The reading apparatus according to claim 23, wherein the copy control information is converted into a protocol descriptor and transmitted to another device. The reading device includes a transport encoder that converts a part of the digital stream into a plurality of transport packets,
24. The reading device according to claim 23, wherein the transmission unit transmits a plurality of transport packets obtained by a transport encoder. The copy control information includes generation management information and an extension flag,
Transmission of the digital stream after decoding by the transmission means
24. The reading apparatus according to claim 23, wherein the generation is performed only when the generation management information is set to a value indicating that copying is disabled and the extension flag is set to ON. A part of the digital stream is encrypted on the recording medium,
The reading device is
Decryption means for decrypting a part of the digital stream read by the read means, using an encryption key whose value changes depending on whether the copy control information indicates conditional copy free,
24. The reading device according to claim 23, wherein the transmitting unit transmits a part of the digital stream after decoding. A part of the digital stream is encrypted on the recording medium,
The reading device,
A check code is generated (1), and the generated check code is compared with a check code recorded in a recording medium in advance (2). A decryption unit for decrypting a part of the digital stream read by the read unit using the encryption key;
The generation of the check code includes:
24. The reading apparatus according to claim 23, wherein the reading is performed by converting the copy control information using the encryption key. The encryption key is calculated from three parameters using analog protection information in the copy control information as a first parameter, a time-varying coefficient for a part of a digital stream as a second parameter, and recording medium-specific data as a third parameter. And
The analog protection information, when converting the digital stream to an analog signal, is information indicating whether to apply a copy restriction to the analog signal,
29. The reading apparatus according to claim 28, wherein the time-varying coefficient is a value that varies depending on where the reproduction time of the part exists on the reproduction time axis of the digital stream. A part of the encrypted digital stream is arranged on the recording medium at a predetermined offset from the time-varying coefficient,
The offset is set based on the sum of a time required to obtain an encryption key from three parameters and a time required to convert copy control information using the encryption key and obtain a check code. Item 30. The reading device according to Item 29. A copying apparatus for copying a digital stream recorded on a recording medium to another recording medium,
Reading means for reading a part of the encrypted digital stream from the copy source recording medium with which the copy control information is associated,
A check code is generated, and the generated check code is compared with a check code recorded on a recording medium in advance, and when the two check codes match, an encryption key unique to the recording medium of the copy source is used. Decoding means for decoding a part of the digital stream read by the reading means,
Encryption means for encrypting a part of the decrypted digital stream using an encryption key unique to the copy destination recording medium;
Writing means for writing a part of the encrypted digital stream to the copy destination recording medium in association with the copy control information if the copy control information indicates conditional copy free;
The check code is
A copy apparatus, wherein the copy control information is generated by converting the copy control information using the encryption key. A program,
A determination step of determining a copy attribute of a signal input from outside the apparatus;
When the copy attribute indicates copy free, the computer performs a writing step of writing a part of the digital stream to a recording medium in association with copy control information indicating whether or not the copy is conditional copy free;
Conditional copy free
A copy-free program that is encrypted and written on a copy destination recording medium. A program that causes a computer to perform processing of reading a digital stream from a recording medium,
Reading a portion of the encrypted digital stream and copy control information associated with the portion from the recording medium;
A determination step of determining whether or not the copy control information indicates a conditional copy free on condition that the data is written on the copy destination recording medium after being encrypted;
If the copy control information indicates conditional copy free, the computer performs a transmission step of transmitting a part of the digital stream to another device based on a protocol on the transmission path together with the copy control information indicating conditional copy free. A program characterized by the following. A recording method,
A determination step of determining a copy attribute of a signal input from outside the apparatus;
When the copy attribute indicates copy free, the computer performs a writing step of writing a part of the digital stream to a recording medium in association with copy control information indicating whether or not the copy is conditional copy free;
Conditional copy free
A recording method characterized by being copy-free on condition that the data is encrypted and then written to a copy destination recording medium. A reading method,
Reading a portion of the encrypted digital stream and copy control information associated with the portion from the recording medium;
A determination step of determining whether or not the copy control information indicates a conditional copy free on condition that the data is written on the copy destination recording medium after being encrypted;
If the copy control information indicates conditional copy free, the transmitting step of transmitting a part of the digital stream to another device based on the protocol on the transmission path together with the copy control information indicating conditional copy free is performed by the computer. A reading method characterized by the above-mentioned.

Images