[go: up one dir, main page]

TW201303814A - Content delivery system, content delivery subsystem and reproduc - Google Patents

Content delivery system, content delivery subsystem and reproduc Download PDF

Info

Publication number
TW201303814A
TW201303814A TW101106516A TW101106516A TW201303814A TW 201303814 A TW201303814 A TW 201303814A TW 101106516 A TW101106516 A TW 101106516A TW 101106516 A TW101106516 A TW 101106516A TW 201303814 A TW201303814 A TW 201303814A
Authority
TW
Taiwan
Prior art keywords
encrypted
block
encryption
content
unit
Prior art date
Application number
TW101106516A
Other languages
Chinese (zh)
Inventor
布田裕一
山本雅哉
村瀨薰
Original Assignee
松下電器產業股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 松下電器產業股份有限公司 filed Critical 松下電器產業股份有限公司
Publication of TW201303814A publication Critical patent/TW201303814A/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

According to the present invention, a first encryption unit (221) in a first server device (101) generates a first encrypted block by performing a first encryption of a part of a plain text block, and generates an intermediate encrypted content constituted by the plain text block and the first encrypted block, while a first summarizing unit (222) generates a first summarized value from each block in the intermediate encrypted content. A second encryption means in a second server device (102) generates a second encrypted block by performing a second encryption of the plain text block in the intermediate encrypted content, and generates an encrypted content constituted by the first encrypted block and the second encrypted block. A selection unit (521) in a reproduction device (104) selects the second encrypted block, and a decryption unit (522) applies a decryption corresponding to the second encryption to the second encrypted block thereby generating the plain text block, and a second summarizing unit (523) generates a second summarized value from the plain text block, and a verification unit (524) verifies the encrypted content by using a plurality of the first summarized values and the second summarized values.

Description

內容發送系統、內容發送子系統及再生裝置 Content delivery system, content delivery subsystem, and reproduction device 發明領域 Field of invention

本發明係有關於一種檢出內容之非法取代的技術。 The present invention relates to a technique for illegally replacing detected content.

發明背景 Background of the invention

近年來,在家庭用電化製品、手機等之間透過網路進行通信之機會增加了。在此種裝置間,為了著作物的保護、或者防止通信內容洩漏,在進行機器認證及金鑰共有之後,使用共有之金鑰進行暗號通信。認證金鑰共有方式之一限定了稱為DTCP(DigitalTransmissionContentProtection)之規格(專利文獻2、非專利文獻2)。 In recent years, opportunities for communication between household electrical products, mobile phones, and the like through the Internet have increased. Between such devices, for the protection of the work or the prevention of leakage of the communication content, after the machine authentication and the key sharing, the shared key is used for the secret communication. One of the authentication key sharing methods defines a standard called DTCP (Digital Transmission Content Protection) (Patent Document 2 and Non-Patent Document 2).

在此種家庭用電化製品、手機等之間通信的結果是,電影或音樂等數位內容記錄於搭載有快閃記憶體之記憶卡,利用再生裝置來再生記錄於記憶卡之數位內容。 As a result of communication between such household electric products, mobile phones, and the like, digital contents such as movies or music are recorded on a memory card in which a flash memory is mounted, and the digital device recorded on the memory card is reproduced by the reproducing device.

數位內容通常為了防止非法複製,係使用加密演算法,在業經加密化之狀態下記錄於記憶卡。在此,業經加密演算法之一例為可利用128位元之金鑰之AES(AdvancedEncryptionStandard)。 In order to prevent illegal copying, digital content is recorded on a memory card in a state of being encrypted using an encryption algorithm. Here, an example of the encrypted algorithm is AES (Advanced Encryption Standard) which can utilize a 128-bit key.

用以將數位內容解密之金鑰係對用以再生數位內容之資訊處理裝置而賦與。一般而言,將此稱為元件金鑰。最簡單的構成中,只要使用元件金鑰先將數位內容加密化即可,但可將在此加密化之數位內容解密的僅限於保存該元件金鑰之特定的資訊處理裝置。因此,使用標題金鑰(也稱 為內容金鑰),先將數位內容加密化,進一步使用元件金鑰將該標題金鑰加密化,除使之外將加密化內容與加密化標題金鑰一起記錄於記憶卡。 The key used to decrypt the digital content is assigned to the information processing device for reproducing the digital content. In general, this is called a component key. In the simplest configuration, the digital content may be encrypted first using the component key, but the digitized content encrypted here may be limited to the specific information processing device that holds the component key. Therefore, use the title key (also known as For the content key, the digital content is first encrypted, and the title key is further encrypted using the component key, and the encrypted content is recorded on the memory card together with the encrypted title key.

然而,該構成中,若欲在例如100萬台之資訊處理裝置再生的話,則需要合計100萬個業經加密化之標題金鑰,並不實際。。因此,例如若為SD記憶卡的情況,則採用CPRM(ContentProtectionforRecordableMedia)之方式,若為Blu-rayDisc的情況,則採用AACS(AdvancedAccessContentSystem)之方式。該等方式中,藉將元件金鑰群配置成矩陣狀或樹狀,大幅削減應先記錄之加密化標題金鑰之個數。此種構成稱為MKB(MediaKeyBlock)。 However, in this configuration, if it is desired to reproduce, for example, 1 million information processing apparatuses, it is not practical to total 1 million encrypted title keys. . Therefore, for example, in the case of an SD memory card, CPRM (Content Protection for Recording Media) is used, and in the case of Blu-ray Disc, AACS (Advanced Access Content System) is used. In these methods, by arranging the component key groups in a matrix or a tree shape, the number of encrypted title keys that should be recorded first is greatly reduced. This configuration is called MKB (MediaKeyBlock).

若是資訊處理裝置受到攻撃,而標題金鑰非法暴露時,使用業經暴露之標題金鑰時,業經加密化之內容(合法之加密化內容)可非法解密。結果,會洩漏非法明文化之內容。 If the information processing device is attacked and the title key is illegally exposed, the encrypted content (legal encrypted content) can be illegally decrypted when the exposed title key is used. As a result, the content of the illegal culture will be revealed.

【先行技術文獻】 [First technical literature]

【專利文獻1】日本特開平6-103694號公報 [Patent Document 1] Japanese Patent Laid-Open No. 6-103694

【專利文獻2】日本特表2007-529162號公報【非專利文獻】 [Patent Document 2] Japanese Patent Publication No. 2007-529162 [Non-Patent Literature]

【非專利文獻1】DONALDE.KNUTH、「THEARTOFCOMPUTERPROGRAMMINGVol.2SEMINU MERICALALGORITHMS」、AddisonWesleyLongman [Non-Patent Document 1] DONALDE.KNUTH, "THEARTOFCOMPUTERPROGRAMMINGVol.2SEMINU MERICALALGORITHMS", AddisonWesleyLongman

【非專利文獻2】「DigitalTransmissionContentProtectionSpecificationVolum e1(InformationalVersion)」、Revision1.6、2010年3月19日 [Non-Patent Document 2] "DigitalTransmissionContentProtectionSpecificationVolum E1 (InformationalVersion), Revision1.6, March 19, 2010

可是,標題金鑰非法暴露時,一旦使用已暴露之標題金鑰,不僅合法之加密化內容會非法解密,且會使用已暴露之標題金鑰,將非法明文之內容加密化,生成非法加密化內容,並將合法之加密化內容取代成非法加密化內容之受到取代攻撃的可能性。 However, when the title key is illegally exposed, once the exposed title key is used, not only the legal encrypted content will be illegally decrypted, but also the content of the illegal plaintext will be encrypted using the exposed title key to generate illegal encryption. Content, and the replacement of legitimate encrypted content with illegally encrypted content is replaced by the possibility of attack.

受到此種攻撃時,合法之再生裝置中,可能會進行非法加密化內容之解密及再生,而有合法之再生裝置成為非法內容之流通的溫床等問題。 In the case of such a attack, in a legitimate reproduction device, decryption and reproduction of illegally encrypted content may occur, and a legitimate reproduction device may become a hotbed of illegal content distribution.

本發明之目的在於提供一種可檢出內容之非法取代之內容發送系統、內容發送子系統、再生裝置、控制方法、控制程式、記錄媒體及積體電路,以解決此種問題點。 It is an object of the present invention to provide a content transmission system, a content transmission subsystem, a reproduction device, a control method, a control program, a recording medium, and an integrated circuit that can detect illegally replaced content, thereby solving such a problem.

為達成上述目的,本發明係一種內容發送系統,係由第一伺服器裝置、第二伺服器裝置及再生裝置所構成者,其特徵在於:前述第一伺服器裝置具有:第一加密化機構,係僅對構成明文內容之複數明文區塊中,一部份之前述明文區塊施行第一加密化而生成第一加密化區塊,並生成由未經前述第一加密化之前述明文區塊及業已生成之前述第一加密化區塊所構成之中間加密化內容;及 第一彙總機構,係將構成前述中間加密化內容之複數區塊之各個進行彙總而生成複數之第一彙總值,前述第二伺服器裝置具有第二加密化機構,該第二加密化機構係在前述中間加密化內容所含之前述區塊中,對未經前述第一加密化之前述明文區塊施行第二加密化,生成第二加密化區塊,並生成由前述第一加密化區塊及前述第二加密化區塊所構成之加密化內容,前述再生裝置具有:選擇機構,係在構成前述加密化內容之複數前述加密化區塊中,選擇一個前述第二加密化區塊;解密機構,係於經選擇之前述第二加密化區塊,施行對應於前述第二加密化之解密,生成明文區塊;第二彙總機構,係將生成之前述明文區塊進行彙總而生成第二彙總值;驗證機構,係使用複數之前述第一彙總值及生成之前述第二彙總值進行前述加密化內容之驗證;及再生機構,係當前述驗證失敗時,停止前述加密化內容之解密,並在驗證成功時,將前述加密化內容解密後再生。 In order to achieve the above object, the present invention is a content transmission system, which is composed of a first server device, a second server device, and a reproduction device, wherein the first server device has a first encryption mechanism. And performing a first encryption on a part of the plaintext block in the plurality of plaintext blocks constituting the plaintext content to generate a first encrypted block, and generating the plaintext area without the first encryption Blocking the intermediate encrypted content formed by the first encrypted block that has been generated; and The first aggregation means aggregates each of the plurality of blocks constituting the intermediate encrypted content to generate a first summary value of the plurality, and the second server device has a second encryption mechanism, and the second encryption mechanism is And performing, in the foregoing block included in the intermediate encrypted content, performing second encryption on the plaintext block without the first encryption, generating a second encrypted block, and generating the first encrypted area by using the foregoing first encrypted area And the encryption device comprising the block and the second encrypted block, wherein the playback device includes: a selection means for selecting one of the second encrypted blocks in the plurality of encrypted blocks constituting the encrypted content; The decryption mechanism is configured to perform the decryption corresponding to the second encryption to generate a plaintext block in the selected second encrypted block, and the second summary mechanism aggregates the generated plaintext block to generate the first a summary value; the verification institution performs verification of the encrypted content using the first summary value of the plurality and the generated second summary value; and a regeneration mechanism, When the aforementioned verification fails, stops decryption of said encrypted content, and the authentication is successful, the encryption of the decrypted content after reproduction.

根據該構成,前述加密化內容中,當所選擇之前述第二加密化區塊受到取代成將非法明文區塊加密化而生成之非法加密化區塊的攻撃時,可藉由比較生成之前述第二彙總值、與對應於取代成非法加密化區塊前之第二加密化區 塊而生成之第一彙總值,達到可檢出內容之取代之優異效果。 According to this configuration, in the encrypted content, when the selected second encrypted block is replaced by an attack of an illegally encrypted block generated by encrypting the illegal plaintext block, the foregoing may be generated by comparison. a second summary value, corresponding to the second encrypted area before being replaced by the illegally encrypted block The first summary value generated by the block achieves the excellent effect of the replacement of the detectable content.

圖式簡單說明 Simple illustration

第1圖係顯示作為本發明之實施形態1之內容發送系統10的全體構成圖。 Fig. 1 is a view showing the overall configuration of a content transmission system 10 as a first embodiment of the present invention.

第2圖係顯示作為本發明之實施形態2之內容發送系統10a的全體構成圖。 Fig. 2 is a view showing the overall configuration of a content transmission system 10a according to the second embodiment of the present invention.

第3圖係顯示內容簽章生成伺服器裝置101a之構成的區塊圖。 Fig. 3 is a block diagram showing the configuration of the content signature creation server device 101a.

第4圖係顯示內容保存機構201保存之原內容701之資料構造的一例。 The fourth figure shows an example of the data structure of the original content 701 stored in the content storage unit 201.

第5圖係顯示單元生成機構204進行之分割內容721之生成概要的概念圖。 Fig. 5 is a conceptual diagram showing an outline of generation of the divided content 721 by the display unit generating unit 204.

第6圖係顯示藉由單元生成機構204生成之單元選出資訊780之資料構造之一例。 Fig. 6 shows an example of a data structure of the unit selection information 780 generated by the unit generation unit 204.

第7圖係顯示加密化機構206進行之加密化處理之一部份。且為顯示加密化分割檔案800之生成概要的概念圖。 Figure 7 shows a portion of the encryption process performed by the encryption mechanism 206. It is also a conceptual diagram showing the generation summary of the encrypted split file 800.

第8圖係顯示藉由加密化機構206生成之加密化內容820之資料構造之一例。 FIG. 8 shows an example of a data structure of the encrypted content 820 generated by the encryption unit 206.

第9圖係顯示標頭資訊生成機構207進行之標頭資訊860之生成之概要的概念圖。 Fig. 9 is a conceptual diagram showing an outline of the generation of the header information 860 by the header information generating unit 207.

第10圖係顯示標頭資訊生成機構207進行之第一散列表861之生成之概要的概念圖。 Fig. 10 is a conceptual diagram showing an outline of generation of the first hash table 861 by the header information generating unit 207.

第11圖係顯示藉由標頭資訊生成機構207生成之第二 散列表865之資料構造之一例。 Figure 11 shows the second generated by the header information generating unit 207. An example of the data structure of the hash table 865.

第12圖係顯示簽章生成機構209進行之簽章資訊890之生成之概要的概念圖。 Fig. 12 is a conceptual diagram showing an outline of the generation of the signature information 890 by the signature generation unit 209.

第13圖係顯示發送伺服器裝置102a之構成的區塊圖。 Fig. 13 is a block diagram showing the configuration of the transmission server device 102a.

第14圖係顯示加密化機構306進行之使用了標題金鑰旗標資訊之加密化單元之選擇概要的概念圖。 Fig. 14 is a conceptual diagram showing a selection outline of an encryption unit using the title key flag information by the encryption unit 306.

第15圖係顯示加密化機構306進行之發送用加密化檔案901之生成之概要的概念圖。 Fig. 15 is a conceptual diagram showing an outline of generation of the encrypted file 901 for transmission by the encryption unit 306.

第16圖係顯示藉由加密化機構306生成之發送用加密化內容900之資料構造之一例。 Fig. 16 shows an example of a data structure of the encrypted content 900 for transmission generated by the encryption unit 306.

第17圖係顯示發送伺服器裝置102a之公開金鑰証明書921之概略之資料構造之一例。 Fig. 17 is a diagram showing an example of a data structure of the public key certificate 921 of the transmission server device 102a.

第18圖係顯示記錄用資訊處理裝置103a之構成的區塊圖。 Fig. 18 is a block diagram showing the configuration of the information processing device 103a for recording.

第19圖係顯示再生用資訊處理裝置104a之構成的區塊圖。 Fig. 19 is a block diagram showing the configuration of the information processing device for reproduction 104a.

第20圖係顯示替換結合體生成機構506進行之替換第二散列表931之生成之概要的概念圖。 Fig. 20 is a conceptual diagram showing an outline of the replacement of the second hash table 931 by the replacement combination generating means 506.

第21圖係顯示替換結合體生成機構506進行之來自單元選出資訊780之檔案資訊之選擇之概要的概念圖。 Fig. 21 is a conceptual diagram showing an outline of selection of file information from the unit selection information 780 by the replacement combination generating means 506.

第22圖係顯示替換結合體生成機構506進行之替換第一散列表941之生成之概要的概念圖。 Fig. 22 is a conceptual diagram showing an outline of the replacement of the first hash table 941 by the replacement combination generating means 506.

第23圖係顯示替換結合體生成機構506進行之替換第二散列表931之生成之概要的概念圖。 Fig. 23 is a conceptual diagram showing an outline of replacement of the second hash table 931 by the replacement combining unit generating means 506.

第24圖係顯示簽章驗證機構507進行之簽章資訊890之驗證之概要的概念圖。 Fig. 24 is a conceptual diagram showing an outline of verification of the signature information 890 by the signature verification unit 507.

第25圖係顯示資訊記錄媒體裝置105a之構成的區塊圖。 Fig. 25 is a block diagram showing the configuration of the information recording medium device 105a.

第26圖係顯示資訊記錄媒體裝置105a之公開金鑰証明書951之概略之資料構造之一例。 Fig. 26 is a view showing an example of a schematic data structure of the public key certificate 951 of the information recording medium device 105a.

第27圖係顯示內容發送系統10a中之內容簽章生成之動作的順序圖。 Fig. 27 is a sequence diagram showing an action of generating a content signature in the content distribution system 10a.

第28圖係顯示內容發送系統10a中之內容發送之動作的順序圖。 Fig. 28 is a sequence diagram showing the action of content transmission in the content distribution system 10a.

第29圖係顯示內容發送系統10a中之內容之再生之動作的順序圖。 Fig. 29 is a sequence diagram showing an operation of reproducing the content in the content distribution system 10a.

第30圖係顯示作為本發明之實施形態3之內容發送系統10b的全體構成圖。 Fig. 30 is a view showing the overall configuration of a content transmission system 10b as a third embodiment of the present invention.

第31圖係顯示發送伺服器裝置102b之構成的區塊圖。 Fig. 31 is a block diagram showing the configuration of the transmission server device 102b.

第32圖係顯示標題金鑰發送証明書1000之概略之資料構造之一例。 Fig. 32 is a view showing an example of the structure of the outline of the title key transmission certificate 1000.

第33圖係顯示再生用資訊處理裝置104b之構成的區塊圖。 Fig. 33 is a block diagram showing the configuration of the information processing device for reproduction 104b.

第34圖係顯示資訊記錄媒體裝置105b之構成的區塊圖。 Figure 34 is a block diagram showing the construction of the information recording medium device 105b.

第35圖係顯示內容發送系統10b中之內容發送之動作的順序圖。 Fig. 35 is a sequence diagram showing the action of content transmission in the content distribution system 10b.

第36圖係顯示內容發送系統10b中之內容再生之動作 的順序圖。 Figure 36 shows the action of content reproduction in the content delivery system 10b. Sequence diagram.

第37圖係顯示作為本發明之實施形態3之內容發送系統10c的全體構成圖。 Fig. 37 is a view showing the overall configuration of a content transmission system 10c as a third embodiment of the present invention.

第38圖係顯示內容簽章生成伺服器裝置101c之構成的區塊圖。 Fig. 38 is a block diagram showing the configuration of the content signature creation server device 101c.

第39圖係顯示附有WM分割內容1100之資料構造之一例。 Fig. 39 shows an example of a data structure with WM divided content 1100.

第40圖係顯示數位浮水印嵌入機構210進行之附有WM分割檔案1131之生成的概要。 Fig. 40 is a view showing an outline of the generation of the WM split file 1131 by the digital watermark embedding mechanism 210.

第41圖係顯示加密化機構206c進行加密化附有WM分割檔案1161之生成的概要。 Fig. 41 is a view showing an outline in which the encryption unit 206c encrypts and generates the WM divided file 1161.

第42圖係顯示藉由加密化機構206c生成之加密化附有WM內容1201之資料構造之一例。 Fig. 42 is a view showing an example of a data structure in which the WM content 1201 is encrypted by the encryption unit 206c.

第43圖係顯示標頭資訊生成機構207c進行之附有WM標頭資訊1251之生成的概要。 Fig. 43 is a view showing an outline of the generation of the WM header information 1251 by the header information generating unit 207c.

第44圖係顯示標頭資訊生成機構207c進行之附有WM第一散列表1271之生成流程。 Fig. 44 shows a flow of generation of the WM first hash table 1271 by the header information generating unit 207c.

第45圖係顯示藉由標頭資訊生成機構207c生成之附有WM第二散列表1261之資料構造之一例。 Fig. 45 shows an example of a data structure with the WM second hash table 1261 generated by the header information generating unit 207c.

第46圖係顯示簽章生成機構209c進行之簽章資訊1300之生成處理。 Fig. 46 shows the generation processing of the signature information 1300 by the signature generation unit 209c.

第47圖係顯示發送伺服器裝置102c之構成的區塊圖。 Fig. 47 is a block diagram showing the configuration of the transmission server device 102c.

第48圖係顯示加密化機構306c進行之標題金鑰旗標資訊之選擇之處理。 Fig. 48 shows the processing of selecting the title key flag information by the encryption unit 306c.

第49圖係顯示加密化機構306c進行之發送用加密化附有WM檔案1371之生成處理。 Fig. 49 shows the generation processing of the WM file 1371 with the encryption for transmission by the encryption unit 306c.

第50圖係顯示藉由加密化機構306c生成之發送用加密化附有WM內容1361之資料構造之一例。 Fig. 50 shows an example of a data structure in which the WM content 1361 is encrypted for transmission by the encryption unit 306c.

第51圖係顯示再生用資訊處理裝置104c之構成的區塊圖。 Fig. 51 is a block diagram showing the configuration of the information processing device for reproduction 104c.

第52圖係顯示替換結合體生成機構506c進行之替換附有WM第二散列表1391之生成處理的概要。 Fig. 52 is a view showing an outline of the process of generating the replacement WM second hash table 1391 by the replacement combination generating means 506c.

第53圖係顯示標題金鑰旗標資訊為「0」時,替換結合體生成機構506c進行之替換附有WM第一散列表1381之生成流程。 Fig. 53 is a flow chart showing the generation of the replacement of the WM first hash table 1381 by the replacement combining unit 506c when the title key flag information is "0".

第54圖係顯示標題金鑰旗標資訊為「1」時,替換結合體生成機構506c進行之替換附有WM第一散列表1381之生成流程。 Fig. 54 is a flow chart showing the generation of the WM first hash table 1381 by the replacement combining unit 506c when the title key flag information is "1".

第55圖係顯示替換結合體生成機構506c進行之替換附有WM第二散列表1391之生成流程。 Fig. 55 shows a flow of generation in which the replacement combining body generating means 506c is replaced with the WM second hash table 1391.

第56圖係顯示簽章驗證機構507c進行之簽章資訊1300之驗證處理。 Fig. 56 shows the verification processing of the signature information 1300 by the signature verification unit 507c.

第57圖係顯示內容發送系統10c之內容簽章生成之動作的順序圖。 Fig. 57 is a sequence diagram showing the action of generating the content signature of the content distribution system 10c.

第58圖係顯示內容發送系統10c之內容發送之動作的順序圖。 Fig. 58 is a sequence diagram showing the action of the content transmission by the content distribution system 10c.

第59圖係顯示內容發送系統10c之內容再生之動作的順序圖。 Fig. 59 is a sequence diagram showing the operation of content reproduction by the content distribution system 10c.

第60圖係顯示變形例(9)中,數位浮水印嵌入機構210進行之附有WM分割檔案1401之生成之概要。 Fig. 60 is a view showing the outline of the generation of the WM split file 1401 by the digital watermark embedding unit 210 in the modification (9).

第61圖係顯示變形例(9)中,加密化機構206c進行之加密化附有WM分割檔案1431之生成之概要。 Fig. 61 is a view showing the outline of the generation of the WM split file 1431 by the encryption by the encryption unit 206c in the modification (9).

第62圖係顯示變形例(9)中,標頭資訊生成機構207c進行之附有WM第一散列表1451之生成之概要。 Fig. 62 is a view showing the outline of the generation of the WM first hash table 1451 by the header information generating unit 207c in the modification (9).

第63圖係顯示變形例(9)中,加密化機構306c進行之發送用加密化附有WM檔案1501之生成之概要。 Fig. 63 is a view showing the outline of the generation of the WM file 1501 by the encryption unit 306c in the modification (9).

第64圖係顯示變形例(9)中,替換結合體生成機構506c進行之替換附有WM第一散列表1521之生成之概要。該圖中,標題金鑰旗標資訊為「0」。 Fig. 64 is a view showing an outline of the generation of the WM first hash table 1521 in place of the replacement combined body generating means 506c in the modification (9). In the figure, the title key flag information is "0".

較佳實施例之詳細說明 Detailed description of the preferred embodiment

本發明之一態樣係一種內容發送系統,係由第一伺服器裝置、第二伺服器裝置及再生裝置所構成者,其特徵在於:前述第一伺服器裝置具有:第一加密化機構,係僅對構成明文內容之複數明文區塊中,一部份之前述明文區塊施行第一加密化而生成第一加密化區塊,並生成由未經前述第一加密化之前述明文區塊及業已生成之前述第一加密化區塊所構成之中間加密化內容;及第一彙總機構,係將構成前述中間加密化內容之複數區塊之各個進行彙總而生成複數之第一彙總值, 前述第二伺服器裝置具有第二加密化機構,該第二加密化機構係在前述中間加密化內容所含之前述區塊中,對未經前述第一加密化之前述明文區塊施行第二加密化,生成第二加密化區塊,並生成由前述第一加密化區塊及前述第二加密化區塊所構成之加密化內容,前述再生裝置具有:選擇機構,係在構成前述加密化內容之複數前述加密化區塊中,選擇一個前述第二加密化區塊;解密機構,係於經選擇之前述第二加密化區塊,施行對應於前述第二加密化之解密,生成明文區塊;第二彙總機構,係將生成之前述明文區塊進行彙總而生成第二彙總值;驗證機構,係使用複數之前述第一彙總值及生成之前述第二彙總值進行前述加密化內容之驗證;及再生機構,係當前述驗證失敗時,停止前述加密化內容之解密,並在驗證成功時,將前述加密化內容解密後再生。 One aspect of the present invention is a content transmission system, which is composed of a first server device, a second server device, and a reproduction device, wherein the first server device has a first encryption mechanism. And performing a first encryption on a part of the plaintext block in the plurality of plaintext blocks constituting the plaintext content to generate a first encrypted block, and generating the plaintext block without the first encryption. And the first summary unit configured to generate the first summary value of the plurality of complex blocks constituting the intermediate encrypted content, and the first summary unit The second server device has a second encryption mechanism, and the second encryption mechanism performs a second block on the plaintext block that is not encrypted by the first encryption in the block included in the intermediate encrypted content. Encrypting, generating a second encrypted block, and generating encrypted content composed of the first encrypted block and the second encrypted block, wherein the reproducing device has a selection mechanism configured to constitute the encryption Selecting, in the foregoing encrypted block, a second encrypted block; the decrypting mechanism is configured to perform decryption corresponding to the second encryption to generate a plaintext area by using the selected second encrypted block a second summary unit that aggregates the generated plaintext blocks to generate a second summary value, and the verification unit performs the encrypted content by using the first summary value of the plurality and the generated second summary value. Verification; and the regenerative mechanism stops the decryption of the encrypted content when the verification fails, and decrypts the encrypted content after the verification is successful

在此,前述第一伺服器裝置進一步包含簽章機構,該簽章機構係對至少結合業已生成之複數前述第一彙總值而得之結合體施行簽章,生成簽章資料,前述再生裝置進一步包含替換結合體生成機構,該替換結合體生成機構係將前述結合體中對應於前述第二彙總值之前述第一彙總值替換成該第二彙總值,生成替換結合體, 前述驗證機構係使用前述替換結合體來驗證前述簽章資料。 Here, the first server device further includes a signature mechanism for signing a combination of at least a plurality of the first summary values that have been generated, to generate signature data, and the regeneration device further And a replacement combination generating mechanism, wherein the replacement combination generation mechanism replaces the first summary value corresponding to the second summary value in the combination body with the second summary value to generate a replacement combination body, The aforementioned verification mechanism uses the aforementioned replacement combination to verify the aforementioned signature data.

在此,前述第二伺服器裝置係透過一個記錄媒體裝置而將前述加密化內容往前述再生裝置輸出,前述第一伺服器裝置之前述第一加密化機構係使用與複數之記錄媒體裝置共通之共通標題金鑰,對前述明文區塊施行前述第一加密化,前述第二伺服器裝置之前述第二加密化機構係使用前述一個記錄媒體裝置固有之個別標題金鑰,對未經前述第一加密化之前述明文區塊施行前述第二加密化,前述再生裝置之前述解密機構係使用前述個別標題金鑰,於經選擇之前述第二加密化區塊施行對應於前述第二加密化之解密。 Here, the second server device outputs the encrypted content to the playback device via a recording medium device, and the first encryption device of the first server device is used in common with a plurality of recording media devices. Performing the first encryption on the plaintext block by using the common title key, and the second encryption mechanism of the second server device uses the individual title key inherent to the one recording medium device, Performing the second encryption on the encrypted plaintext block, the decryption mechanism of the playback device performing the decryption corresponding to the second encryption in the selected second encrypted block by using the individual title key .

本發明之其他態樣係一種內容發送子系統,係由第一伺服器裝置及第二伺服器裝置構成者,其特徵在於:前述第一伺服器裝置具有:第一加密化機構,該第一加密化機構係僅對構成明文內容之複數明文區塊中,一部份之前述明文區塊施行第一加密化而生成第一加密化區塊,並生成由未經前述第一加密化之前述明文區塊及生成之前述第一加密化區塊所構成之中間加密化內容;及第一彙總機構,係將構成前述中間加密化內容之複數區塊之各個進行彙總而生成複數第一彙總值,前述第二伺服器裝置具有第二加密化機構,該第二加 密化機構係對前述中間加密化內容所含之前述區塊中,未經前述第一加密化之前述明文區塊施行第二加密化,生成第二加密化區塊,並生成由前述第一加密化區塊及前述第二加密化區塊所構成之加密化內容。 Another aspect of the present invention is a content transmission subsystem, which is composed of a first server device and a second server device, wherein the first server device has: a first encryption mechanism, the first The encryption mechanism generates a first encrypted block by performing a first encryption on a part of the plaintext block in the plurality of plaintext blocks constituting the plaintext content, and generates the foregoing by the first encryption without the foregoing first encryption. The plaintext block and the intermediate encrypted content formed by the generated first encrypted block; and the first summary mechanism sums each of the plurality of blocks constituting the intermediate encrypted content to generate a plurality of first summary values The second server device has a second encryption mechanism, and the second encryption The densification mechanism generates a second encrypted block in the block included in the intermediate encrypted content, and performs the second encryption on the plaintext block without the first encryption, and generates the first encrypted block. Encrypted content formed by the encrypted block and the second encrypted block.

前述第一伺服器裝置進一步包含簽章機構,該簽章機構係對至少結合所生成之複數前述第一彙總值而得之結合體施行簽章,生成簽章資料。 The first server device further includes a signature mechanism that performs signature on the combination obtained by combining at least the plurality of the first summary values generated to generate the signature data.

在此,前述第二伺服器裝置係透過一個記錄媒體裝置,將前述加密化內容往再生裝置輸出,並且前述第一伺服器裝置之前述第一加密化機構使用複數記錄媒體裝置共通之共通標題金鑰,對前述明文區塊施行前述第一加密化,前述第二伺服器裝置之前述第二加密化機構使用前述一個記錄媒體裝置固有之個別標題金鑰,對未經前述第一加密化之前述明文區塊施行前述第二加密化。 Here, the second server device transmits the encrypted content to the playback device via a recording medium device, and the first encryption device of the first server device uses a common title gold common to the plurality of recording media devices. And performing, by the key, the first encryption on the plaintext block, wherein the second encryption unit of the second server device uses the individual title key unique to the one recording medium device, and the foregoing The plaintext block performs the aforementioned second encryption.

在此,前述第一伺服器裝置進一步包含共通標題金鑰生成機構,該共通標題金鑰生成機構係用以生成複數記錄媒體裝置共通之前述共通標題金鑰,且前述第一加密化機構使用所生成之前述共通標題金鑰。 Here, the first server device further includes a common title key generation unit for generating the common title key common to the plurality of recording medium devices, and the first encryption mechanism is used by the first encryption device. The aforementioned common title key is generated.

前述第二伺服器裝置進一步包含個別標題金鑰生成機構,該個別標題金鑰生成機構係生成前述一個記錄媒體裝置固有之前述個別標題金鑰,且前述第二加密化機構係使用所生成之前述個別標題金鑰。 The second server device further includes an individual title key generation unit that generates the individual title key unique to the one recording medium device, and the second encryption mechanism uses the generated Individual title key.

在此,前述第二伺服器裝置進一步包含媒體識別子取得機構,該媒體識別子取得機構包含用以取得識別前述一個記錄媒體裝置之媒體識別子,且前述個別標題金鑰生成機構生成包含取得之前述媒體識別子之前述個別標題金鑰。 Here, the second server device further includes a media identifier obtaining unit that includes a media identifier for identifying the one of the recording media devices, and the individual title key generating unit generates the media identifier including the acquired media identifier The aforementioned individual title key.

前述個別標題金鑰生成機構係生成亂數,將前述媒體識別子與前述亂數結合而生成結合體,並將生成之結合體加密化,生成前述個別標題金鑰。 The individual title key generation means generates a random number, combines the media identifier with the random number to generate a combination, and encrypts the generated combination to generate the individual title key.

在此,述第二伺服器裝置進一步包含證明書生成機構,該證明書生成機構係對結合前述共通標題金鑰、前述個別標題金鑰及前述媒體識別子而得之結合體施行簽章,生成標題金鑰發送證明書。 Here, the second server device further includes a certificate generating unit that performs a signature on the combination of the common title key, the individual title key, and the media identifier to generate a title. The key is sent to the certificate.

在此,前述第一伺服器裝置進一步包含數位浮水印嵌入機構,該數位浮水印嵌入機構係對前述第一加密化機構中,成為前述第一加密化之對象之各明文區塊嵌入1種或複數種之數位浮水印,藉此重新生成嵌入有前述數位浮水印之1個或複數個之嵌入區塊之組, 前述第一加密化機構進一步對業已生成之1個或複數個之嵌入區塊之組,施行前述第一加密化,並生成1個或複數個之第一加密化嵌入區塊之組,且生成進一步包含業已生成之1個或複數個之前述第一加密化嵌入區塊之組的前述中間加密化內容, 構成前述媒體識別子之部分資訊在該媒體識別子內的位置與前述中間加密化內容所含之前述第一加密化區塊及 1個或複數個之前述第一加密化嵌入區塊之組在前述中間加密化內容內中的位置係相對應,前述第二加密化機構選擇與前述部分資訊在該媒體識別子內之位置對應之前述中間加密化內容內之前述第一加密化區塊及1個或複數個前述第一加密化嵌入區塊之組,使用前述部分資訊之內容,由第一加密化區塊及1個或複數個前述第一加密化嵌入區塊之組選擇任一區塊,並生成包含選擇之區塊作為前述第一加密化區塊之前述加密化內容。 Here, the first server device further includes a digital watermark embedding mechanism that embeds one of the plaintext blocks that are the first encryption target in the first encryption mechanism or a plurality of digital watermarks, thereby regenerating a group of one or a plurality of embedded blocks embedded with the aforementioned digital watermark, The first encryption unit further performs the foregoing first encryption on a group of one or a plurality of embedded blocks that have been generated, and generates one or a plurality of first encrypted embedded blocks, and generates Further comprising the foregoing intermediate encrypted content of one or more of the foregoing first encrypted embedded blocks that have been generated, Configuring a location of the portion of the media identifier in the media identifier and the first encrypted block included in the intermediate encrypted content and One or more of the groups of the first encrypted embedding blocks correspond to positions in the intermediate encrypted content, and the second encryption mechanism selects a position corresponding to the position of the partial information in the media identifier. And the group of the first encrypted block and the one or more of the first encrypted embedded blocks in the intermediate encrypted content, using the content of the partial information, by the first encrypted block and one or plural The foregoing group of the first encrypted embedded blocks selects any of the blocks, and generates the encrypted content including the selected block as the first encrypted block.

在此,前述數位浮水印嵌入機構係對各明文區塊嵌入1種數位浮水印,藉此重新生成嵌入有前述數位浮水印之1個嵌入區塊,前述第一加密化機構係對業已生成之1個前述嵌入區塊施行前述第一加密化,並生成1個第一加密化嵌入區塊,且生成進一步包含業已生成之1個前述第一加密化嵌入區塊之前述中間加密化內容,前述部分資訊為構成前述媒體識別子之1位元的位元資訊,前述位元資訊在該媒體識別子內的位元位置與前述中間加密化內容所含之前述第一加密化區塊及1個前述第一加密化嵌入區塊在前述中間加密化內容內的位置係相對應,前述第二加密化機構係選擇與前述位元資訊在該媒體識別子內之位元位置對應之前述中間加密化內容內之前述 第一加密化區塊及1個前述第一加密化嵌入區塊,使用前述位元資訊之值,由第一加密化區塊及1個之前述第一加密化嵌入區塊選擇任一區塊。 Here, the digital watermark embedding mechanism embeds one type of digital watermark for each plaintext block, thereby regenerating one embedded block in which the digital watermark is embedded, and the first encryption mechanism is generated. Performing the first encryption on the first embedded block, and generating one first encrypted embedded block, and generating the intermediate encrypted content further including one of the first encrypted embedded blocks that has been generated, the foregoing The partial information is bit information constituting one bit of the media identifier, the bit position of the bit information in the media identifier and the first encrypted block and one of the foregoing included in the intermediate encrypted content. An encryption embedding block corresponds to a position in the intermediate encrypted content, and the second encryption mechanism selects the intermediate encrypted content corresponding to the bit position of the bit information in the media identifier. The foregoing a first encryption block and a first encryption embedding block, and using the value of the bit information, selecting any block from the first encryption block and one of the first encryption embedding blocks .

在此,前述第一伺服器裝置之前述數位浮水印嵌入機構係對前述第一加密化機構中未成為前述第一加密化之對象之各明文區塊,嵌入1種或複數種之數位浮水印,藉此重新生成嵌入有前述數位浮水印之1個或複數個之嵌入區塊之組,前述第一加密化機構生成進一步包含業已生成之1個或複數個前述嵌入區塊之組之前述中間加密化內容,且構成前述媒體識別子之部分資訊在該媒體識別子內之位置與前述中間加密化內容所含之前述明文區塊及1個或複數個前述嵌入區塊之組在前述中間加密化內容內的位置係相對應,前述第二加密化機構係選擇與前述部分資訊在該媒體識別子內的位置對應之前述中間加密化內容內之前述明文區塊及1個或複數個前述嵌入區塊之組,並使用前述部分資訊之內容,由前述明文區塊及1個或複數個前述嵌入區塊之組選擇任一區塊,並於選擇之區塊施行前述第二加密化,生成前述第二加密化區塊,且生成包含業已生成之前述第二加密化區塊的前述加密化內容。 Here, the digital watermark embedding mechanism of the first server device embeds one or more kinds of digital watermarks for each plaintext block of the first encryption unit that is not the target of the first encryption. Thereby regenerating a group of one or a plurality of embedded blocks embedded with the aforementioned digital watermark, the first encryption mechanism generating the middle of the group further comprising one or a plurality of the embedded blocks that have been generated. Encrypting the content, and constituting the portion of the media identifier in the media identifier and the group of the plaintext block and the one or more embedded blocks included in the intermediate encrypted content in the middle encrypted content Corresponding to the location, the second encryption mechanism selects the plaintext block and one or more of the embedded blocks in the intermediate encrypted content corresponding to the location of the partial information in the media identifier. Grouping, and using the content of the foregoing part of the information, selecting any block from the aforementioned plaintext block and one or a plurality of the aforementioned embedded block groups, and Optional block of the second encryption purposes of generating the encryption of the second block, and the generating comprises generating the encrypted content has the encryption of the second block.

在此,前述數位浮水印嵌入機構係對未成為前述第一加密化之對象之各明文區塊嵌入1種數位浮水印,藉此重新生成嵌入有前述數位浮水印之1個嵌入區塊, 前述第一加密化機構生成進一步包含業已生成之1個前述嵌入區塊的前述中間加密化內容,前述部分資訊為構成前述媒體識別子之1位元之位元資訊,前述位元資訊在該媒體識別子內之位元位置與前述中間加密化內容所含之前述明文區塊及1個前述嵌入區塊在前述中間加密化內容內的位置係相對應,前述第二加密化機構係選擇與前述位元資訊在該媒體識別子內之位元位置對應之前述中間加密化內容內之前述明文區塊及1個前述嵌入區塊,並使用前述位元資訊之值,由前述明文區塊及1個前述嵌入區塊,選擇任一區塊。 Here, the digital watermark embedding mechanism embeds one type of digital watermark for each plaintext block that is not the target of the first encryption, thereby regenerating one embedded block in which the digital watermark is embedded. The first encryption unit generates the intermediate encrypted content further including one embedded block that has been generated, and the partial information is bit information constituting one bit of the media identifier, and the bit information is in the media identifier. The bit position in the middle corresponds to the position of the plaintext block and the one embedded block included in the intermediate encrypted content in the intermediate encrypted content, and the second encryption mechanism selects the bit and the bit The information in the media identifier corresponds to the plaintext block and the one embedded block in the intermediate encrypted content, and uses the value of the bit information to be used by the plaintext block and one of the foregoing embedded Block, select any block.

本發明之其他態樣為一種再生裝置,係藉由第一伺服器裝置,僅對構成明文內容之複數明文區塊中一部份之前述明文區塊,施行第一加密化而生成第一加密化區塊,並生成由未經前述第一加密化之前述明文區塊及業已生成之前述第一加密化區塊所構成之中間加密化內容,並將構成前述中間加密化內容之複數區塊之各個進行彙總而生成複數第一彙總值,並藉由第二伺服器裝置,對前述中間加密化內容所含之前述區塊中未經前述第一加密化之前述明文區塊施行第二加密化,生成第二加密化區塊,並生成由前述第一加密化區塊及前述第二加密化區塊所構成之加密化內容,前述再生裝置具有:選擇機構,係在構成前述加密化內容之複數前述加密 化區塊中,選擇一個前述第二加密化區塊;解密機構,係於經選擇之前述第二加密化區塊,施行對應於前述第二加密化之解密,生成明文區塊;第二彙總機構,係將生成之前述明文區塊進行彙總而生成第二彙總值;驗證機構,係使用複數之前述第一彙總值及生成之前述第二彙總值,進行前述加密化內容之驗證;及再生機構,係當前述驗證失敗時,停止前述加密化內容之解密,並在驗證成功時,將前述加密化內容解密後再生。 Another aspect of the present invention is a reproducing apparatus for performing a first encryption by using a first server device to generate a first encryption only for a portion of the plaintext block constituting a plurality of plaintext blocks of the plaintext content. And generating an intermediate encrypted content composed of the aforementioned plaintext block without the first encryption and the first encrypted block that has been generated, and constituting the plurality of blocks of the intermediate encrypted content Generating each of the plurality of first summary values, and performing second encryption on the plaintext block without the first encryption in the block included in the intermediate encrypted content by the second server device Generating a second encrypted block and generating encrypted content composed of the first encrypted block and the second encrypted block, wherein the reproducing device has a selection mechanism for constructing the encrypted content Multiple encryption In the block, a second encrypted block is selected; the decryption mechanism is configured to perform the decryption corresponding to the second encryption to generate a plaintext block by using the selected second encrypted block; The mechanism collects the generated plaintext blocks to generate a second summary value; the verification institution performs verification of the encrypted content by using the first summary value of the plurality and the generated second summary value; and regeneration The mechanism stops the decryption of the encrypted content when the verification fails, and decrypts the encrypted content and reproduces when the verification is successful.

在此,係藉前述第一伺服器裝置,進一步對至少結合業已生成之複數前述第一彙總值而得之結合體施行簽章,生成簽章資料,前述再生裝置進一步包含替換結合體生成機構,該替換結合體生成機構係將前述結合體中對應於前述第二彙總值之前述第一彙總值,替換成該第二彙總值而生成替換結合體,前述驗證機構係使用前述替換結合體來驗證前述簽章資料。 Here, the first server device further performs a signature on at least a combination of the plurality of the first summary values that have been generated to generate the signature data, and the regeneration device further includes a replacement combination generation mechanism. The replacement combination generating mechanism generates a replacement combination by replacing the first summary value corresponding to the second summary value in the combination with the second summary value, and the verification mechanism uses the replacement combination to verify The aforementioned signature information.

在此,前述再生裝置係由前述第二伺服器裝置,透過一個記錄媒體裝置接受前述加密化內容,並藉由前述第一伺服器裝置,使用與複數之記錄媒體裝置共通之共通標題金鑰,對前述明文區塊施行前述第一加密化, 藉由前述第二伺服器裝置,使用前述一個記錄媒體裝置固有之個別標題金鑰,對未經前述第一加密化之前述明文區塊施行前述第二加密化,前述解密機構係使用前述個別標題金鑰,於經選擇之前述第二加密化區塊施行對應於前述第二加密化之解密。 Here, the playback device receives the encrypted content through a recording medium device by the second server device, and uses a common title key common to a plurality of recording media devices by the first server device. Performing the aforementioned first encryption on the aforementioned plaintext block, And using the second server device to perform the second encryption on the plaintext block without the first encryption by using the individual title key unique to the one recording medium device, wherein the decryption mechanism uses the foregoing individual title And deleting, by the selected second encrypted block, the decryption corresponding to the foregoing second encryption.

在此,係藉由前述第二伺服器裝置,對結合前述共通標題金鑰、前述個別標題金鑰及用以識別前述一個紀錄媒體裝置之媒體識別子而得之結合體,施行簽章,生成標題金鑰發送證明書,且前述共通標題金鑰、前述個別標題金鑰及前述標題金鑰發送證明書寫入至前述記錄媒體裝置,前述再生裝置進一步包含:取得機構,係由前述記錄媒體裝置,取得前述媒體識別子、前述共通標題金鑰、前述個別標題金鑰及前述標題金鑰發送證明書;及標題金鑰發送證明書驗證機構,係結合前述共通標題金鑰、前述個別標題金鑰及前述媒體識別子而生成結合體,並使用生成之結合體,對取得之前述標題金鑰發送證明書進行驗證。 Here, the second server device performs a signature on the combination of the common title key, the individual title key, and the media identifier for identifying the one recording medium device, and generates a title. a key transmission certificate, wherein the common title key, the individual title key, and the title key transmission certificate are written to the recording medium device, and the playback device further includes: an acquisition unit obtained by the recording medium device The media identifier, the common title key, the individual title key, and the title key transmission certificate; and the title key transmission certificate verification unit, combining the common title key, the individual title key, and the media The combination is generated to generate a combination, and the generated combination of the title key is used to verify the acquired certificate.

在此,係藉前述第一伺服器裝置,進一步對成為前述第一加密化之對象之各明文區塊嵌入1種或複數種之數位浮水印,藉此重新生成嵌入有前述數位浮水印之1個或複數個嵌入區塊之組,並且進一步對業已生成之1個或複數個嵌入區塊之組施行前述第一加密化,生成1個或複數個第一加密化嵌入區塊之組,並且生成進一步包含業已生成 之1個或複數個前述第一加密化嵌入區塊之組的前述中間加密化內容,構成前述媒體識別子之部分資訊在該媒體識別子內的位置與前述中間加密化內容所含之前述第一加密化區塊及1個或複數個之前述第一加密化嵌入區塊之組在前述中間加密化內容內的位置係相對應,藉由前述第一伺服器裝置,選擇與前述部分資訊在該媒體識別子內之位置對應之前述中間加密化內容內之前述第一加密化區塊及1個或複數個前述第一加密化嵌入區塊之組,並使用前述部分資訊之內容,由第一加密化區塊及1個或複數個前述第一加密化嵌入區塊之組選擇任一區塊,生成包含選擇之區塊作為前述第一加密化區塊之前述加密化內容,前述再生裝置進一步包含選擇機構,該選擇機構係在前述加密化內容內中,選擇特定位置之前述第一加密化區塊,前述解密機構進一步將選擇之前述第一加密化區塊進行解密,生成明文區塊,前述再生裝置進一步包含:數位浮水印判斷機構,係判斷業已生成之前述明文區塊是否嵌入有1種或複數種之前述數位浮水印之任一者,並將判斷結果輸出;及媒體識別子生成機構,係在對應於前述特定位置之前述媒體識別子內之位置,將根據前述判斷結果之內容作為 構成該媒體識別子之前述部分資訊而生成。 Here, the first server device further embeds one or more types of digital watermarks for each of the plaintext blocks to be the target of the first encryption, thereby regenerating the first digital watermark embedded therein. Or a plurality of groups of embedded blocks, and further performing the foregoing first encryption on a group of one or a plurality of embedded blocks that have been generated, generating one or a plurality of groups of first encrypted embedded blocks, and Build further contains generated The intermediate encrypted content of one or a plurality of the first encrypted embedding blocks, the position of the partial information of the media identifier in the media identifier and the first encryption included in the intermediate encrypted content The group of the first block or the plurality of the first encrypted embedded blocks corresponds to the position in the intermediate encrypted content, and the first server device selects the part of the information in the medium. Identifying, in the intermediate encrypted content, the first encrypted block and one or a plurality of the first encrypted embedded blocks in the intermediate encrypted content, and using the content of the partial information, by the first encryption And selecting one of the blocks and one or more of the first encrypted embedded blocks to generate the encrypted content including the selected block as the first encrypted block, and the foregoing reproducing device further includes selecting a mechanism, wherein the selection mechanism selects the first encrypted block at a specific location in the encrypted content, and the decryption mechanism further selects the foregoing The first encrypted block is decrypted to generate a plaintext block, and the foregoing reproducing device further comprises: a digital watermark determining mechanism for determining whether the aforementioned plaintext block has been embedded with one or more of the foregoing digital watermarks. And outputting the judgment result; and the media identifier generation mechanism is located at a position corresponding to the media identifier in the specific position, and the content of the judgment result is used as The partial information of the media identifier is generated and generated.

在此,係藉由前述第一伺服器裝置,進一步對成為前述第一加密化之對象之各明文區塊嵌入1種數位浮水印,藉此重新生成嵌入有前述數位浮水印之1個嵌入區塊,再對業已生成之1個嵌入區塊施行前述第一加密化,生成1個第一加密化嵌入區塊,並生成進而包含業已生成之1個前述第一加密化嵌入區塊之前述中間加密化內容,前述部分資訊為構成前述媒體識別子之1位元之位元資訊,前述位元資訊在該媒體識別子內之位元位置、與前述中間加密化內容所含之前述第一加密化區塊及1個前述第一加密化嵌入區塊在前述中間加密化內容內之位置係相對應,藉由前述第一伺服器裝置1選擇與前述位元資訊在該媒體識別子內之位元位置對應之前述中間加密化內容內之前述第一加密化區塊及1個前述第一加密化嵌入區塊,並使用前述位元資訊之值,由第一加密化區塊及1個前述第一加密化嵌入區塊選擇任一區塊,生成包含選擇之區塊作為前述第一加密化區塊之前述加密化內容,前述數位浮水印判斷機構係判斷業已生成之前述明文區塊是否嵌入有1種前述數位浮水印,且前述媒體識別子生成機構在對應於前述特定位置之前述媒體識別子內之位元位置中,生成根據前述判斷結果之值,作為構成該媒體識別子之前述位元資訊。 Here, the first server device further embeds one type of digital watermark for each plaintext block to be the target of the first encryption, thereby regenerating an embedded region in which the digital watermark is embedded. Blocking, performing the foregoing first encryption on one embedded block that has been generated, generating one first encrypted embedded block, and generating and further including the foregoing intermediate portion of the first encrypted embedded embedded block that has been generated Encrypting the content, the part of the information is bit information constituting one bit of the media identifier, the bit position of the bit information in the media identifier, and the first encrypted area included in the intermediate encrypted content The block and one of the first encrypted embedding blocks correspond to positions in the intermediate encrypted content, and the first server device 1 selects and corresponds to the bit position of the bit information in the media identifier. The first encrypted block and the first encrypted embedded block in the intermediate encrypted content, and using the value of the bit information, by the first encrypted block and 1 The foregoing first encrypted embedding block selects any block, and generates the encrypted content including the selected block as the first encrypted block, and the digital watermark judging mechanism judges the aforementioned plaintext block that has been generated. Whether one type of the aforementioned digital watermark is embedded, and the media identifier generation means generates a value according to the determination result as a bit constituting the media identifier in a bit position in the media identifier corresponding to the specific position News.

在此,係藉前述第一伺服器裝置,對未成為前述第一加密化之對象之各明文區塊嵌入1種或複數種之數位浮水印,藉此重新生成嵌入有前述數位浮水印之1個或複數個嵌入區塊之組,並生成進而包含業已生成之1個或複數個前述嵌入區塊之組之前述中間加密化內容,且構成前述媒體識別子之部分資訊在該媒體識別子內之位置、與前述中間加密化內容所含之前述明文區塊及1個或複數個前述嵌入區塊之組在前述中間加密化內容內之位置係相對應,藉前述第二伺服器裝置,選擇與前述部分資訊在該媒體識別子內之位置對應之前述中間加密化內容內之前述明文區塊及1個或複數個前述嵌入區塊之組,並使用前述部分資訊之內容,由前述明文區塊及1個或複數個前述嵌入區塊之組選擇任一區塊,並於選擇之區塊施行前述第二加密化,生成前述第二加密化區塊,且生成包含生成之前述第二加密化區塊之前述加密化內容,前述選擇機構進一步在前述加密化內容內中選擇特定位置之前述第二加密化區塊,且前述解密機構進一步將經選擇之前述第二加密化區塊解密,生成明文區塊,前述數位浮水印判斷機構進一步判斷於前述第二加密化區塊解密而生成之前述明文區塊是否嵌入有1種或複數種之前述數位浮水印任一者,並輸出判斷結果,前述媒體識別子生成機構進一步在與前述第二加密化 區塊之前述特定位置對應之前述媒體識別子內之位置中,生成根據前述判斷結果之內容,作為構成該媒體識別子之前述部分資訊。 Here, by using the first server device, one or a plurality of digital watermarks are embedded in each plaintext block that is not the target of the first encryption, thereby regenerating the digital watermark embedded with the digital watermark. And a plurality of embedded blocks, and generating the intermediate encrypted content further comprising a group of one or a plurality of the embedded blocks that have been generated, and constituting a part of the information of the media identifier in the media identifier Corresponding to the location of the plaintext block and one or more of the embedded blocks included in the intermediate encrypted content in the intermediate encrypted content, and the foregoing second server device selects the foregoing Part of the information in the media identifier corresponding to the plaintext block and one or a plurality of the embedded blocks in the intermediate encrypted content, and using the content of the partial information, the plaintext block and the Or a plurality of the foregoing groups of embedded blocks select any block, and perform the foregoing second encryption on the selected block to generate the second encrypted block, and generate And including the encrypted content of the generated second encrypted block, the selecting mechanism further selecting the second encrypted block of the specific location in the encrypted content, and the decrypting mechanism further selects the foregoing Decrypting the encrypted block to generate a plaintext block, the digital watermark determining unit further determining whether the plaintext block generated by the decrypting of the second encrypted block is embedded with one or more kinds of the digital watermarks And outputting the judgment result, the media identifier generation mechanism further performing the second encryption In the position in the media identifier corresponding to the specific position of the block, the content of the determination result is generated as the partial information constituting the media identifier.

在此,係藉前述第一伺服器裝置,對未成為前述第一加密化之對象之各明文區塊嵌入1種數位浮水印,藉此重新生成嵌入有前述數位浮水印之1個嵌入區塊,並生成進而包含業已生成之1個前述嵌入區塊之前述中間加密化內容,前述部分資訊為構成前述媒體識別子之1位元之位元資訊,前述位元資訊在該媒體識別子內之位元位置、與前述中間加密化內容所含之前述明文區塊及1個前述嵌入區塊在前述中間加密化內容內之位置係相對應,藉前述第二伺服器裝置,選擇與前述位元資訊在該媒體識別子內之位元位置對應之前述中間加密化內容內之前述明文區塊及1個前述嵌入區塊,並使用前述位元資訊之值,由前述明文區塊及1個前述嵌入區塊選擇任一區塊,並於選擇之區塊施行前述第二加密化,生成前述第二加密化區塊,並生成包含生成之前述第二加密化區塊之前述加密化內容,前述選擇機構在前述加密化內容內,選擇特定位置之前述第二加密化區塊,前述解密機構將經選擇之前述第二加密化區塊解密,生成明文區塊, 前述數位浮水印判斷機構判斷於前述第二加密化區塊解密而生成之前述明文區塊是否嵌入有1種前述數位浮水印,並輸出判斷結果,且前述媒體識別子生成機構在與前述第二加密化區塊之前述特定位置對應之前述媒體識別子內之位置,生成根據前述判斷結果之內容,作為構成該媒體識別子之前述位元資訊。 Here, the first server device embeds one type of digital watermark for each plaintext block that is not the target of the first encryption, thereby regenerating one embedded block in which the digital watermark is embedded. And generating the intermediate encrypted content, which further comprises one of the embedded blocks that have been generated, wherein the partial information is bit information constituting one bit of the media identifier, and the bit information is in a bit of the media identifier. a location corresponding to the location of the plaintext block and one of the embedded blocks included in the intermediate encrypted content in the intermediate encrypted content, and the second server device selects and stores the bit information The plaintext block and one of the embedded blocks in the intermediate encrypted content corresponding to the bit position in the media identifier, and using the value of the bit information, the plaintext block and one of the embedded blocks Selecting any block, and performing the foregoing second encryption on the selected block to generate the second encrypted block, and generating the generated second encrypted block In the encrypted content, the selection means selects the second encrypted block at a specific location in the encrypted content, and the decryption mechanism decrypts the selected second encrypted block to generate a plaintext block. The digital watermark determining unit determines whether the aforementioned plaintext block is decoded by the second encrypted block, and the first digital floating watermark is embedded, and outputs a determination result, and the media identifier generating unit is in the second encryption. The position in the media identifier corresponding to the specific position of the block is generated, and the content of the determination result is generated as the bit information constituting the media identifier.

又,本發明之其他態樣一種控制方法,係在由第一伺服器裝置、第二伺服器裝置及再生裝置所構成之內容發送系統中使用,其特徵在於包含有以下步驟:第一加密化步驟,係藉前述第一伺服器裝置,僅對構成明文內容之複數明文區塊中對一部份之前述明文區塊,施行第一加密化而生成第一加密化區塊,並生成由未經前述第一加密化之前述明文區塊及業已生成之前述第一加密化區塊所構成之中間加密化內容;第一彙總步驟,係藉前述第一伺服器裝置,將構成前述中間加密化內容之複數區塊之各個進行彙總而生成複數第一彙總值;第二加密化步驟,係藉前述第二伺服器裝置,在前述中間加密化內容所含之前述區塊中,對未經前述第一加密化之前述明文區塊施行第二加密化而生成第二加密化區塊,並生成由前述第一加密化區塊及前述第二加密化區塊所構成之加密化內容;選擇步驟,係藉前述再生裝置,在構成前述加密化內 容之複數前述加密化區塊中,選擇一個前述第二加密化區塊;解密步驟,係藉前述再生裝置,於業經選擇之前述第二加密化區塊施行對應於前述第二加密化之解密,生成明文區塊;第二彙總步驟,係藉前述再生裝置,將生成之前述明文區塊進行彙總而生成第二彙總值;驗證步驟,係藉前述再生裝置,使用複數之前述第一彙總值及生成之前述第二彙總值,進行前述加密化內容之驗證;及再生步驟,係藉前述再生裝置,在前述驗證失敗時,停止前述加密化內容之解密,並於驗證成功時,將前述加密化內容解密後再生。 Further, a control method according to another aspect of the present invention is used in a content transmission system including a first server device, a second server device, and a reproduction device, and includes the following steps: first encryption In the step of the first server device, only a part of the plaintext block in the plurality of plaintext blocks constituting the plaintext content is subjected to the first encryption to generate the first encrypted block, and the generated first block is generated. The intermediate encrypted content formed by the first encrypted first block and the first encrypted block that has been generated; the first summary step is to form the intermediate encryption by using the first server device. Each of the plurality of blocks of the content is aggregated to generate a plurality of first summary values; and the second encryption step is performed by the second server device in the block included in the intermediate encrypted content, The first encrypted block of the first encryption is subjected to second encryption to generate a second encrypted block, and is generated by the first encrypted block and the second encrypted block. The encrypted content; selecting step, based by the reproducing apparatus, in the configuration of the encryption Selecting, in the plurality of encrypted blocks, a second encrypted block; and the decrypting step, by using the foregoing reproducing device, performing the decryption corresponding to the second encryption by using the selected second encrypted block Generating a plaintext block; the second summarizing step is to collect the generated plaintext block by the foregoing reproducing device to generate a second summary value; and the verifying step is to use the foregoing first summary value by the foregoing reproducing device And generating the second summary value to perform verification of the encrypted content; and the reproducing step, by the reproducing device, stopping decryption of the encrypted content when the verification fails, and encrypting the encrypted content when the verification succeeds The content is decrypted and reproduced.

又,本發明之其他態樣一種控制程式,係在由第一伺服器裝置、第二伺服器裝置及再生裝置所構成之內容發送系統中使用,其特徵在於:於為電腦之前述第一伺服器裝置執行下述步驟:第一加密化步驟,僅對構成明文內容之複數明文區塊中一部份之前述明文區塊,施行第一加密化而生成第一加密化區塊,並生成由未經前述第一加密化之前述明文區塊及業已生成之前述第一加密化區塊所構成之中間加密化內容;及第一彙總步驟,藉前述第一伺服器裝置,將構成前述中間加密化內容之複數區塊之各個進行彙總而生成複數第 一彙總值,並在為電腦之前述第二伺服器裝置執行第二加密化步驟,該第二加密化步驟係在前述中間加密化內容所含之前述區塊中,對未經前述第一加密化之前述明文區塊施行第二加密化而生成第二加密化區塊,並生成由前述第一加密化區塊及前述第二加密化區塊所構成之加密化內容;於為電腦之前述再生裝置執行下述步驟:選擇步驟,係藉前述再生裝置,在構成前述加密化內容之複數前述加密化區塊中,選擇一個前述第二加密化區塊;解密步驟,係藉前述再生裝置,於經選擇之前述第二加密化區塊施行對應於前述第二加密化之解密,生成明文區塊;第二彙總步驟,係藉前述再生裝置,將生成之前述明文區塊進行彙總而生成第二彙總值;驗證步驟,係藉前述再生裝置,使用複數之前述第一彙總值及生成之前述第二彙總值,進行前述加密化內容之驗證;及再生步驟,係藉前述再生裝置,在前述驗證失敗時,停止前述加密化內容之解密,並於驗證成功時,將前述加密化內容解密後再生。 Furthermore, a control program according to another aspect of the present invention is used in a content transmission system including a first server device, a second server device, and a playback device, and is characterized in that: the first servo of the computer The device performs the following steps: the first encryption step, performing only the first encryption on the part of the plaintext block in the plurality of plaintext blocks constituting the plaintext content to generate the first encrypted block, and generating the The intermediate encrypted content formed by the aforementioned plaintext block without the first encryption and the first encrypted block that has been generated; and the first summary step, by the first server device, constitutes the intermediate encryption Each of the plural blocks of the content is aggregated to generate a complex number a summary value, and performing a second encryption step for the aforementioned second server device of the computer, the second encryption step being in the foregoing block included in the intermediate encrypted content, without the first encryption The second plaintext block is generated by the second plaintext block to generate a second encrypted block, and the encrypted content composed of the first encrypted block and the second encrypted block is generated; The reproducing apparatus performs the following steps: a selecting step of selecting one of the second encrypted blocks in the plurality of encrypted blocks constituting the encrypted content by the reproducing device; and the decrypting step is performed by the reproducing device And generating, by the selected second encrypted block, the decryption corresponding to the second encryption, to generate a plaintext block; and the second summarizing step, by using the foregoing regeneration device, summarizing the generated plaintext block to generate the first a summary value; the verification step is performed by using the foregoing regenerative device, using the first summary value of the plurality and the second summary value generated to perform the verification of the encrypted content ; And a regeneration step, by the Department of the reproducing apparatus when the authentication fails, stops decryption of said encrypted content, and in the authentication is successful, the encryption of the decrypted content after reproduction.

又,本發明之其他態樣一種電腦可讀取之記錄媒體,係記錄有在由第一伺服器裝置、第二伺服器裝置及再生裝置所構成之內容發送系統中使用之控制程式,其特徵在於: 於為電腦之前述第一伺服器裝置執行下述步驟:第一加密化步驟,係僅對構成明文內容之複數明文區塊中一部份之前述明文區塊施行第一加密化,生成第一加密化區塊,並生成由未經前述第一加密化之前述明文區塊及業已生成之前述第一加密化區塊所構成之中間加密化內容;第一彙總步驟,係藉前述第一伺服器裝置對構成前述中間加密化內容之複數區塊之各個進行彙總而生成複數第一彙總值,且於為電腦之前述第二伺服器裝置執行第二加密化步驟,該第二加密化步驟係前述中間加密化內容所含之前述區塊中未經前述第一加密化之前述明文區塊施行第二加密化,生成第二加密化區塊,並生成由前述第一加密化區塊及前述第二加密化區塊所構成之加密化內容,且於為電腦之前述再生裝置執行下述步驟:選擇步驟,係在構成前述加密化內容之複數前述加密化區塊中,選擇一個前述第二加密化區塊;解密步驟,係於經選擇之前述第二加密化區塊施行對應於前述第二加密化之解密,生成明文區塊;第二彙總步驟,係將生成之前述明文區塊進行彙總而生成第二彙總值;驗證步驟,係使用複數之前述第一彙總值及生成之前述第二彙總值,進行前述加密化內容之驗證;及再生步驟,係在前述驗證失敗時,停止前述加密化內 容之解密,並於驗證成功時,將前述加密化內容解密後再生。 Further, another aspect of the present invention is a computer readable recording medium in which a control program used in a content transmission system composed of a first server device, a second server device, and a reproduction device is recorded, and is characterized. Lie in: Performing the following steps for the first server device of the computer: the first encryption step is to perform the first encryption on the plaintext block of a part of the plurality of plaintext blocks constituting the plaintext content to generate the first Encrypting the block, and generating intermediate encrypted content formed by the foregoing plaintext block without the first encryption and the first encrypted block that has been generated; the first summary step is by using the first servo The device device aggregates each of the plurality of blocks constituting the intermediate encrypted content to generate a plurality of first summary values, and performs a second encryption step for the second server device of the computer, the second encryption step And performing, by the second block, the second encrypted block in the foregoing block included in the intermediate encrypted content without the first encryption, generating a second encrypted block, and generating the first encrypted block and the foregoing Encrypting the content of the second encrypted block, and performing the following steps on the reproducing device for the computer: the selecting step is performed by the plurality of the above-mentioned encrypted content a second encrypted block is selected in the block, and the decrypting step is performed by performing the decryption corresponding to the second encryption by using the selected second encrypted block to generate a plaintext block; and the second summary step Generating the generated plaintext block to generate a second summary value; the verifying step is to perform verification of the encrypted content using the first summary value of the plurality and the generated second summary value; and a regeneration step When the aforementioned verification fails, the above encryption is stopped. The decryption is performed, and when the verification is successful, the encrypted content is decrypted and reproduced.

又,本發明之其他態樣一種積體電路,係構成第一伺服器裝置者,其特徵在於具有: 第一加密化機構,係僅對構成明文內容之複數明文區塊中一部份之前述明文區塊施行第一加密化,生成第一加密化區塊,並生成由未經前述第一加密化之前述明文區塊及業已生成之前述第一加密化區塊所構成之中間加密化內容;及第一彙總機構,係對構成前述中間加密化內容之複數區塊之各個進行彙總而生成複數第一彙總值。 Moreover, another aspect of the present invention is an integrated circuit that constitutes a first server device and is characterized by: The first encryption unit performs the first encryption on the plaintext block of a part of the plurality of plaintext blocks constituting the plaintext content to generate the first encrypted block, and generates the first encrypted layer without the foregoing first encryption. And the first summary unit is configured to aggregate the plurality of blocks constituting the intermediate encrypted content to generate a plurality of the encrypted blocks; A summary value.

又,本發明之其他態樣一種積體電路,係構成第二伺服器裝置者,其特徵在於具有第二加密化機構,該第二加密化機構係藉第一伺服器裝置,僅對構成明文內容之複數明文區塊中一部份之前述明文區塊施行第一加密化,生成第一加密化區塊,且生成由未經前述第一加密化之前述明文區塊及業已生成之前述第一加密化區塊所構成之中間加密化內容,並且構成前述中間加密化內容之複數區塊之各個進行彙總而生成複數之第一彙總值,並且對前述中間加密化內容所含之前述區塊中未經前述第一加密化之前述明文區塊施行第二加密化,生成第二加密化區塊,並生成由前述第一加密化區塊及前述第二加密化區塊所構成之加密化內容。 Further, another aspect of the present invention is an integrated circuit that constitutes a second server device and is characterized in that it has a second encryption mechanism that borrows the first server device and constitutes only plaintext. The first plaintext block of a part of the plurality of plaintext blocks of the content is subjected to the first encryption, the first encrypted block is generated, and the foregoing plaintext block without the first encryption is generated and the foregoing generated An intermediate encrypted content formed by an encrypted block, and each of the plurality of blocks constituting the intermediate encrypted content is aggregated to generate a first summary value of the plurality, and the foregoing block included in the intermediate encrypted content Performing the second encryption in the foregoing plaintext block without the foregoing first encryption, generating a second encrypted block, and generating an encryption formed by the first encrypted block and the second encrypted block. content.

又,本發明之其他態樣一種再生方法,係再生裝置所 使用者,其特徵在於:前述再生方法係藉第一伺服器裝置,僅對構成明文內容之複數明文區塊中一部份之前述明文區塊施行第一加密化,生成第一加密化區塊,並生成由未經前述第一加密化之前述明文區塊及業已生成之前述第一加密化區塊所構成之中間加密化內容,且對構成前述中間加密化內容之複數區塊之各個進行彙總而生成複數第一彙總值,並藉第二伺服器裝置,對前述中間加密化內容所含之前述區塊中未經前述第一加密化之前述明文區塊,施行第二加密化,生成第二加密化區塊,並生成由前述第一加密化區塊及前述第二加密化區塊所構成之加密化內容,前述再生方法包含:選擇步驟,係在構成前述加密化內容之複數前述加密化區塊中,選擇一個前述第二加密化區塊;解密步驟,係於經選擇之前述第二加密化區塊施行對應於前述第二加密化之解密,生成明文區塊;第二彙總步驟,係將生成之前述明文區塊進行彙總而生成第二彙總值;驗證步驟,係使用複數之前述第一彙總值及生成之前述第二彙總值,進行前述加密化內容之驗證;及再生步驟,係在前述驗證失敗時,停止前述加密化內容之解密,並於驗證成功時,將前述加密化內容解密後再生。 Further, another aspect of the present invention is a regeneration method, which is a regeneration device The user is characterized in that the foregoing regeneration method is performed by the first server device, and only the first plaintext block of a part of the plurality of plaintext blocks constituting the plaintext content is subjected to the first encryption to generate the first encrypted block. And generating intermediate encrypted content composed of the foregoing plaintext block without the foregoing first encryption and the first encrypted block that has been generated, and performing each of the plurality of blocks constituting the intermediate encrypted content Generating a plurality of first summary values, and using the second server device, performing the second encryption on the plaintext block without the first encryption in the block included in the intermediate encrypted content, and generating Encrypting the second encrypted block and generating encrypted content composed of the first encrypted block and the second encrypted block, wherein the reproducing method includes: a selecting step of forming a plurality of the encrypted content In the encryption block, one of the foregoing second encryption blocks is selected; and the decrypting step is performed on the selected second encryption block to perform the second encryption. The second summary step is to generate the second summary value by combining the generated plaintext blocks; the verification step is to use the first summary value of the plurality and the second summary value generated, And performing the verification of the encrypted content; and the reproducing step stops the decryption of the encrypted content when the verification fails, and decrypts the encrypted content and then reproduces when the verification is successful.

又,本發明之其他態樣一種再生程式,係再生裝置所 使用者,其特徵在於:前述再生程式係藉第一伺服器裝置,僅對構成明文內容之複數明文區塊中一部份之前述明文區塊施行第一加密化,生成第一加密化區塊,並生成由未經前述第一加密化之前述明文區塊及業已生成之前述第一加密化區塊所構成之中間加密化內容,並將構成前述中間加密化內容之複數區塊之各個進行彙總而生成複數之第一彙總值,並藉第二伺服器裝置,對前述中間加密化內容所含之前述區塊中未經前述第一加密化之前述明文區塊施行第二加密化,生成第二加密化區塊,並生成由前述第一加密化區塊及前述第二加密化區塊所構成之加密化內容,前述再生程式係用以在為電腦之前述再生裝置執行下述步驟:選擇步驟,係在構成前述加密化內容之複數前述加密化區塊中,選擇一個前述第二加密化區塊;解密步驟,係於經選擇之前述第二加密化區塊施行對應於前述第二加密化之解密,生成明文區塊;第二彙總步驟,係將生成之前述明文區塊進行彙總而生成第二彙總值;驗證步驟,係使用複數之前述第一彙總值及已生成之前述第二彙總值,進行前述加密化內容之驗證;及再生步驟,係在前述驗證失敗時,停止前述加密化內容之解密,並於驗證成功時,將前述加密化內容解密後再生。 Moreover, another aspect of the present invention is a reproduction program, which is a reproduction device. The user is characterized in that the regenerative program uses the first server device to perform the first encryption on the plaintext block of a part of the plurality of plaintext blocks constituting the plaintext content to generate the first encrypted block. And generating intermediate encrypted content composed of the foregoing plaintext block without the first encryption and the first encrypted block that has been generated, and performing each of the plurality of blocks constituting the intermediate encrypted content Generating a first summary value of the plurality of complexes, and performing, by the second server device, performing second encryption on the plaintext block without the first encryption in the block included in the intermediate encrypted content, to generate And secondly encrypting the block, and generating encrypted content formed by the first encrypted block and the second encrypted block, wherein the reproducing program is configured to perform the following steps on the foregoing reproducing device for the computer: a selecting step of selecting one of the second encrypted blocks in the plurality of encrypted blocks constituting the encrypted content; and the decrypting step is performed by selecting the second The densification block performs decryption corresponding to the foregoing second encryption to generate a plaintext block; and the second aggregation step is to aggregate the generated plaintext blocks to generate a second summary value; the verification step uses the foregoing The first summary value and the generated second summary value are used to perform verification of the encrypted content; and the regeneration step is to stop decryption of the encrypted content when the verification fails, and to perform the encryption when the verification is successful. The content is decrypted and reproduced.

又,本發明之其他態樣一種電腦可讀取之記錄媒體,係記錄有再生裝置所使用之再生程式者,其特徵在於:前述記錄媒體係藉第一伺服器裝置,僅對構成明文內容之複數明文區塊中一部份之前述明文區塊施行第一加密化,生成第一加密化區塊,並生成由未經前述第一加密化之前述明文區塊及業已生成之前述第一加密化區塊所構成之中間加密化內容,並將構成前述中間加密化內容之複數區塊之各個進行彙總而生成複數之第一彙總值,並藉第二伺服器裝置,對前述中間加密化內容所含之前述區塊中未經前述第一加密化之前述明文區塊施行第二加密化,生成第二加密化區塊,並生成由前述第一加密化區塊及前述第二加密化區塊所構成之加密化內容,前述再生程式係用以在為電腦之前述再生裝置執行下述步驟:選擇步驟,係在構成前述加密化內容之複數前述加密化區塊中,選擇一個前述第二加密化區塊;解密步驟,係於經選擇之前述第二加密化區塊施行對應於前述第二加密化之解密,生成明文區塊;第二彙總步驟,係將生成之前述明文區塊進行彙總而生成第二彙總值;驗證步驟,係使用複數之前述第一彙總值及生成之前述第二彙總值,進行前述加密化內容之驗證;及再生步驟,係在前述驗證失敗時,停止前述加密化內容之解密,並於驗證成功時,將前述加密化內容解密後再 生。 According to still another aspect of the present invention, a computer-readable recording medium is a reproduction program used by a reproduction device, wherein the recording medium is a first server device and only constitutes plaintext content. Performing the first encryption on a part of the plaintext block in the plurality of plaintext blocks to generate a first encrypted block, and generating the foregoing plaintext block without the first encryption and the first encryption already generated Intermediate encrypted content formed by the block, and each of the plurality of blocks constituting the intermediate encrypted content is aggregated to generate a first summary value of the plurality, and the intermediate encrypted content is obtained by the second server device Forming, by the second block, the foregoing plaintext block without the foregoing first encryption in the foregoing block, generating a second encrypted block, and generating the first encrypted block and the second encrypted area The encrypted content formed by the block, wherein the reproducing program is configured to perform the following steps in the reproducing device for the computer: the selecting step is performed before the plural of the encrypted content In the encryption block, one of the foregoing second encrypted blocks is selected; and the decrypting step is performed by performing decryption corresponding to the second encryption by using the selected second encrypted block to generate a plaintext block; a step of summarizing the generated plaintext blocks to generate a second summary value; the verifying step is to verify the encrypted content by using the first summary value of the plurality and the generated second summary value; and The step is to stop the decryption of the encrypted content when the verification fails, and decrypt the encrypted content after the verification is successful. Health.

一種積體電路,係構成再生裝置者,其特徵在於:前述積體電路係藉第一伺服器裝置,僅對構成明文內容之複數明文區塊中一部份之前述明文區塊施行第一加密化並生成第一加密化區塊,並生成由未經前述第一加密化之前述明文區塊及業已生成之前述第一加密化區塊所構成之中間加密化內容;及第一彙總機構,係對構成前述中間加密化內容之複數區塊之各個進行彙總而生成複數第一彙總值,且藉第二伺服器裝置,對前述中間加密化內容所含之前述區塊中未經前述第一加密化之前述明文區塊施行第二加密化,生成第二加密化區塊,並生成由前述第一加密化區塊及前述第二加密化區塊構成之加密化內容,前述積體電路具有:選擇機構,係在構成前述加密化內容之複數前述加密化區塊中,選擇一個前述第二加密化區塊;解密機構,係於選擇之前述第二加密化區塊,施行對應於前述第二加密化之解密,生成明文區塊;第二彙總機構,係將生成之前述明文區塊進行彙總而生成第二彙總值;驗證機構,係使用複數之前述第一彙總值及生成之前述第二彙總值進行前述加密化內容之驗證;及再生機構,係當前述驗證失敗時,停止前述加密化內容之解密,並在驗證成功時,將前述加密化內容解密後再 生。 An integrated circuit is a device for constructing a regenerative device, wherein the integrated circuit is configured by the first server device to perform the first encryption only on the plaintext block of a part of the plurality of plaintext blocks constituting the plaintext content. And generating a first encrypted block, and generating intermediate encrypted content formed by the foregoing plaintext block without the first encryption and the first encrypted block that has been generated; and a first summary mechanism, And summing each of the plurality of blocks constituting the intermediate encrypted content to generate a plurality of first summary values, and by using the second server device, the first block included in the intermediate encrypted content is not in the foregoing first block Encrypting the plaintext block to perform second encryption, generating a second encrypted block, and generating encrypted content composed of the first encrypted block and the second encrypted block, wherein the integrated circuit has a selection mechanism for selecting one of the second encrypted blocks in the plurality of encrypted blocks constituting the encrypted content; and a decryption mechanism for selecting the second added a verification block, corresponding to the decryption of the second encryption, to generate a plaintext block; the second summary mechanism sums the generated plaintext block to generate a second summary value; the verification mechanism uses the foregoing The first summary value and the generated second summary value perform verification of the encrypted content; and the reproduction mechanism stops decryption of the encrypted content when the verification fails, and when the verification is successful, the encrypted content is After decryption Health.

1.實施形態1 1. Embodiment 1

在此,參照圖式說明作為本發明之實施形態1之內容發送系統10。 Here, the content transmission system 10 according to the first embodiment of the present invention will be described with reference to the drawings.

(1)內容發送系統10係如第1圖所示,由第一伺服器裝置101、第二伺服器裝置102及再生裝置104所構成。 (1) The content transmission system 10 is composed of the first server device 101, the second server device 102, and the reproduction device 104 as shown in Fig. 1 .

第一伺服器裝置101具有第一加密化部221與第一彙總部222。 The first server device 101 has a first encryption unit 221 and a first summary unit 222.

第一加密化部221係在構成明文內容之複數明文區塊中,僅對一部份之前述明文區塊,施行第一加密化,生成第一加密化區塊,並生成由未經前述第一加密化之前述明文區塊及已生成之前述第一加密化區塊所構成之中間加密化內容。 The first encryption unit 221 performs the first encryption on only a part of the plaintext block in the plurality of plaintext blocks constituting the plaintext content, and generates the first encrypted block, and generates the first encrypted block. The intermediate encrypted content formed by the encrypted plaintext block and the generated first encrypted block.

第一彙總部222係將構成前述中間加密化內容之複數區塊之每一區塊進行彙總而生成複數第一彙總值。 The first summary unit 222 aggregates each of the plurality of blocks constituting the intermediate encrypted content to generate a plurality of first summary values.

第二伺服器裝置102具有第二加密化部321。 The second server device 102 has a second encryption unit 321.

第二加密化部321係對前述中間加密化內容所含之前述區塊中,未經前述第一加密化之前述明文區塊施行第二加密化,生成第二加密化區塊,並生成由前述第一加密化區塊及前述第二加密化區塊構成之加密化內容。 The second encryption unit 321 performs second encryption on the plaintext block that is not encrypted by the first encryption in the block included in the intermediate encrypted content to generate a second encrypted block, and generates and generates a second encrypted block. The encrypted content formed by the first encrypted block and the second encrypted block.

再生裝置104具有選擇部521、解密部522、第二彙總部523、驗證部524及再生部525。 The playback device 104 includes a selection unit 521, a decryption unit 522, a second aggregation unit 523, a verification unit 524, and a reproduction unit 525.

選擇部521係在構成前述加密化內容之複數前述加密化區塊中,選擇一個前述第二加密化區塊。 The selection unit 521 selects one of the second encrypted blocks among the plurality of encrypted blocks constituting the encrypted content.

解密部522係於經選擇之前述第二加密化區塊施行對應於前述第二加密化之解密,而生成明文區塊。 The decryption unit 522 generates a plaintext block by performing decryption corresponding to the second encryption in the selected second encrypted block.

第二彙總部523對生成之前述明文區塊進行彙總而生成第二彙總值。 The second summary unit 523 aggregates the generated plaintext blocks to generate a second summary value.

驗證部524使用複數前述第一彙總值及生成之前述第二彙總值,進行前述加密化內容之驗證。 The verification unit 524 performs verification of the encrypted content using the plurality of first summary values and the generated second summary value.

再生部525在前述驗證失敗時,會停止前述加密化內容之解密,在驗證成功時,則將前述加密化內容解密後再生。 The reproduction unit 525 stops the decryption of the encrypted content when the verification fails, and decrypts the encrypted content and reproduces it when the verification is successful.

根據上述之構成,若受到前述加密化內容中經選擇之前述第二加密化區塊被取代成將非法之明文區塊加密化後生成之非法加密化區塊之如此攻撃時,比較所生成之前述第二彙總值、與對應於取代成非法加密化區塊之前之第二加密化區塊而生成之前述第一彙總值,由於前述第二彙總值與前述第一彙總值不一致,故可檢出取代。 According to the above configuration, when the second encrypted block selected in the encrypted content is replaced by the illegal encrypted block generated by encrypting the illegal plaintext block, the comparison is generated. The second summary value and the first summary value generated corresponding to the second encrypted block before being replaced by the illegally encrypted block, because the second summary value is inconsistent with the first summary value, Replace it.

再者,再生部525亦可在前述驗證失敗時,判斷前述加密化內容非法,取代停止前述加密化內容的解密。 Furthermore, the reproduction unit 525 may determine that the encrypted content is illegal when the verification fails, instead of stopping the decryption of the encrypted content.

又,若受到如前述加密化內容中一個前述第一加密化區塊被取代成非法明文區塊加密化後生成之非法加密化區塊的攻撃時,則將非法加密化區塊解密,得到明文區塊,並由所得之明文區塊生成彙總值,由於將生成之彙總值與由前述第一加密化區塊生成之前述第一彙總值比較時會不一致,故可檢出取代。 Moreover, if the attack is performed by the illegally encrypted block generated by the encryption of the first encrypted block in the encrypted content, the illegal encrypted block is decrypted to obtain the plaintext. The block, and the summary value generated by the obtained plaintext block, may be detected because the summary value generated is inconsistent with the first summary value generated by the first encrypted block.

又,若受到如前述加密化內容中未被選擇之前述第二 加密化區塊被取代成非法明文區塊加密化後生成之非法加密化區塊的攻撃時,則將非法加密化區塊解密,得到明文區塊,並由所得之明文區塊生成彙總值,由於將生成之彙總值與對應於被取代成非法加密化區塊之前之第二加密化區塊對應而生成之第一彙總值比較時會不一致,故可檢出取代。 In addition, if the second content is not selected as described above in the encrypted content When the encrypted block is replaced by an attack of an illegal encrypted block generated by encrypting the illegal plaintext block, the illegal encrypted block is decrypted to obtain a plaintext block, and a summary value is generated from the obtained plaintext block. Since the generated summary value is inconsistent with the first summary value generated corresponding to the second encrypted block before being replaced by the illegally encrypted block, the substitution can be detected.

裝置101進而至少亦可包含簽章部223,簽章部223係對結合已生成之複數前述第一彙總值所得之結合體施行簽章,生成簽章資料。 The apparatus 101 may further include at least a signature unit 223 that issues a signature to the combination obtained by combining the generated plurality of first summary values to generate signature data.

此時,再生裝置104進而包含替換結合體生成部526,替換結合體生成部526係在前述結合體中,將對應於前述第二彙總值之前述第一彙總值替換成該第二彙總值,生成替換結合體。驗證部524係使用前述替換結合體驗證前述簽章資料。 In this case, the regeneration device 104 further includes a replacement combination generation unit 526, and the replacement combination generation unit 526 is connected to the combination, and the first summary value corresponding to the second summary value is replaced with the second summary value. Generate a replacement combination. The verification unit 524 verifies the aforementioned signature data using the aforementioned replacement combination.

根據上述之構成,藉由驗證簽章資料,可檢出內容之取代。 According to the above configuration, by verifying the signature data, the replacement of the content can be detected.

(3)第二伺服器裝置102亦可透過一個記錄媒體裝置105而將前述加密化內容往再生裝置104輸出。 (3) The second server device 102 can also output the encrypted content to the playback device 104 via one of the recording media devices 105.

第一伺服器裝置101之第一加密化部221係使用與複數記錄媒體裝置共通之共通標題金鑰,對前述明文區塊施行前述第一加密化。 The first encryption unit 221 of the first server device 101 performs the first encryption on the plaintext block using a common title key common to the plurality of recording medium devices.

第二伺服器裝置102之第二加密化部321係使用前述一個記錄媒體裝置105固有的個別標題金鑰,對尚未進行前述第一加密化之前述明文區塊施行前述第二加密化。 The second encryption unit 321 of the second server device 102 performs the second encryption on the plaintext block in which the first encryption has not been performed, using the individual title key unique to the one recording medium device 105.

再生裝置104之解密部522係使用前述個別標題金鑰,於經選擇之前述第二加密化區塊施行對應於前述第二加密化之解密。 The decryption unit 522 of the playback device 104 performs decryption corresponding to the second encryption in the selected second encrypted block using the individual title key.

根據上述之構成,在一個加密化內容內,由於混有使用個別標題金鑰加密化之區塊與使用共通標題金鑰加密化之區塊,因此若攻撃者必須取得個別標題金鑰及共通標題金鑰兩者,才可將加密化內容解密,可使內容之非法解密變得更困難。 According to the above configuration, in a piece of encrypted content, since the block encrypted by the individual title key and the block encrypted by the common title key are mixed, if the attacker has to obtain the individual title key and the common title. Both of the keys can decrypt the encrypted content, making it more difficult to illegally decrypt the content.

(4)本發明之一態樣亦可為由第一伺服器裝置101及第二伺服器裝置102構成之內容發送子系統。 (4) An aspect of the present invention may be a content transmission subsystem composed of the first server device 101 and the second server device 102.

第一伺服器裝置101亦可具有:第一加密化部221,係對構成明文內容之複數明文區塊中,僅對一部份之前述明文區塊,施行第一加密化而生成第一加密化區塊,並生成由未經前述第一加密化之前述明文區塊及生成之前述第一加密化區塊構成之中間加密化內容;及第一彙總部222,係將構成前述中間加密化內容之複數區塊之各個進行彙總,生成複數第一彙總值。 The first server device 101 may further include: a first encryption unit 221, configured to perform first encryption on a part of the plaintext block in the plurality of plaintext blocks constituting the plaintext content to generate the first encryption. And generating an intermediate encrypted content composed of the foregoing plaintext block without the first encryption and the generated first encrypted block; and the first summary unit 222, which constitutes the intermediate encryption Each of the plurality of blocks of content is aggregated to generate a first summary value of the plurality.

第二伺服器裝置102亦可具有第二加密化部321,第二加密化部321係在前述中間加密化內容所含之前述區塊中,對未經前述第一加密化之前述明文區塊施行第二加密化,生成第二加密化區塊,並生成由前述第一加密化區塊及前述第二加密化區塊構成之加密化內容。 The second server device 102 may further include a second encryption unit 321 that is in the block included in the intermediate encrypted content, and the plaintext block that is not encrypted by the first encryption. Performing second encryption, generating a second encrypted block, and generating encrypted content composed of the first encrypted block and the second encrypted block.

根據該構成,可生成可檢出取代攻撃之加密化內容。 According to this configuration, it is possible to generate an encrypted content that can detect the replacement attack.

(5)第一伺服器裝置101進而亦可至少含有簽章部 223,簽章部223係對結合所生成之複數前述第一彙總值而得之結合體施行簽章,生成簽章資料。 (5) The first server device 101 may further include at least a signature department 223. The signature department 223 performs a signature on the combination obtained by combining the generated first summary values, and generates signature data.

(6)第二伺服器裝置102亦可透過一個記錄媒體裝置105,將前述加密化內容往再生裝置104輸出。 (6) The second server device 102 can also output the encrypted content to the playback device 104 via a recording medium device 105.

第一伺服器裝置101之第一加密化部221使用與複數記錄媒體裝置共通之共通標題金鑰,對前述明文區塊施行前述第一加密化。 The first encryption unit 221 of the first server device 101 performs the first encryption on the plaintext block using a common title key common to the plurality of recording medium devices.

第二伺服器裝置102之前述第二加密化部321使用前述一個記錄媒體裝置105固有的個別標題金鑰,對未經前述第一加密化之前述明文區塊施行前述第二加密化。 The second encryption unit 321 of the second server device 102 performs the second encryption on the plaintext block that is not encrypted by the first encryption using the individual title key unique to the one recording medium device 105.

根據上述之構成,由於一個加密化內容內,混有使用個別標題金鑰而加密化之區塊、與使用共通標題金鑰而加密化之區塊,因此攻撃者若無法取得個別標題金鑰及共通標題金鑰兩者,則無法將加密化內容解密,使內容之非法解密變得更困難。 According to the above configuration, since an encrypted block is mixed with a block encrypted by using an individual title key and a block encrypted by using a common title key, the attacker cannot obtain the individual title key and If both of the common title keys are used, the encrypted content cannot be decrypted, making it illegal to decrypt the content illegally.

(7)第一伺服器裝置101進而亦可含有共通標題金鑰生成部224,共通標題金鑰生成部224係用以生成與複數記錄媒體裝置共通之前述共通標題金鑰。 (7) The first server device 101 may further include a common title key generation unit 224 for generating the common title key common to the plurality of recording medium devices.

第一加密化部221使用所生成之前述共通標題金鑰。 The first encryption unit 221 uses the generated common title key.

(8)第二伺服器裝置102進而亦可包含個別標題金鑰生成部322,個別標題金鑰生成部322係用以生成記錄媒體裝置105固有之前述個別標題金鑰。 (8) The second server device 102 may further include an individual title key generation unit 322 for generating the individual title key unique to the recording medium device 105.

第二加密化部321使用所生成之前述個別標題金鑰。 The second encryption unit 321 uses the generated individual title key.

(9)第二伺服器裝置102進而亦可包含媒體識別子取得 部323,媒體識別子取得部323可取得用以識別前述一個記錄媒體裝置105之媒體識別子。 (9) The second server device 102 may further include a media identifier The unit 323, the media identifier acquisition unit 323 can acquire a media identifier for identifying the one recording medium device 105.

個別標題金鑰生成部322用以生成包含取得之前述媒體識別子之前述個別標題金鑰。 The individual title key generation unit 322 is configured to generate the individual title key including the acquired media identifier.

根據該構成,由於使用用以識別記錄媒體裝置105之媒體識別子,因此可生成記錄媒體裝置105固有之個別標題金鑰。 According to this configuration, since the media identifier for identifying the recording medium device 105 is used, the individual title key unique to the recording medium device 105 can be generated.

(10)個別標題金鑰生成部322亦可生成亂數,將前述媒體識別子與前述亂數結合而生成結合體,並將生成之結合體加密化,生成前述個別標題金鑰。 (10) The individual title key generation unit 322 may generate a random number, combine the media identifier with the random number to generate a combination, and encrypt the generated combination to generate the individual title key.

根據該構成,由於個別標題金鑰之生成時使用亂數,因此可使攻撃者對個別標題金鑰之非法解析變困難。 According to this configuration, since the random number is used in the generation of the individual title key, it is difficult for the attacker to illegally analyze the individual title key.

(11)第二伺服器裝置102進而亦可包含証明書生成部324,証明書生成部324係對前述共通標題金鑰、前述個別標題金鑰及前述媒體識別子結合而得之結合體施行簽章,生成標題金鑰發送証明書。 (11) The second server device 102 may further include a certificate generating unit 324 that performs a signature on the combination of the common title key, the individual title key, and the media identifier. , generate a title key to send a certificate.

根據該構成,可生成可對共通標題金鑰、個別標題金鑰及媒體識別子之組驗證正當性的証明書。 According to this configuration, it is possible to generate a certificate verifying the validity of the group of the common title key, the individual title key, and the media identifier.

(12)第一伺服器裝置101進而亦可包含數位浮水印嵌入部225,數位浮水印嵌入部225係在第一加密化部221中,對為前述第一加密化之對象之各明文區塊嵌入1種或複數種之數位浮水印,藉此重新生成嵌入有前述數位浮水印之1個或複數個之嵌入區塊之組。 (12) The first server device 101 may further include a digital watermark embedding unit 225, and the digital watermark embedding unit 225 is included in the first encryption unit 221 for each plaintext block that is the object of the first encryption. One or a plurality of digital watermarks are embedded, thereby regenerating a group of one or a plurality of embedded blocks in which the aforementioned digital watermark is embedded.

第一加密化部221進一步對所生成之1個或複數個之 嵌入區塊之組施行前述第一加密化,而生成1個或複數個之第一加密化嵌入區塊之組,並生成進而包含所生成之1個或複數個之前述第一加密化嵌入區塊之組的前述中間加密化內容。 The first encryption unit 221 further pairs one or more of the generated ones Performing the foregoing first encryption on the group of embedded blocks to generate one or a plurality of first encrypted embedded blocks, and generating one or more of the generated first encrypted embedded regions. The aforementioned intermediate encrypted content of the group of blocks.

構成前述媒體識別子之部分資訊在該媒體識別子內的位置、與前述中間加密化內容所含之前述第一加密化區塊及1個或複數個之前述第一加密化嵌入區塊之組在前述中間加密化內容內之位置係相對應。 a group of the information identifying the media identifier in the media identifier, the first encrypted block included in the intermediate encrypted content, and one or a plurality of the first encrypted embedded blocks. The locations within the intermediate encrypted content correspond.

第二加密化部321選擇與前述部分資訊在該媒體識別子內之位置對應之前述中間加密化內容內之位置之前述第一加密化區塊及1個或複數個前述第一加密化嵌入區塊之組,使用前述部分資訊之內容,由第一加密化區塊及1個或複數個前述第一加密化嵌入區塊之組,選擇任一個區塊,生成包含作為前述第一加密化區塊之經選擇之區塊的前述加密化內容。 The second encryption unit 321 selects the first encrypted block and one or a plurality of the first encrypted embedded blocks at positions in the intermediate encrypted content corresponding to the position of the partial information in the media identifier. a group, using the content of the foregoing partial information, selecting one of the first encrypted block and one or a plurality of the first encrypted embedded block, and generating the inclusion as the first encrypted block The aforementioned encrypted content of the selected block.

根據該構成,可生成可特定構成媒體識別子之部分資訊的加密化內容。 According to this configuration, it is possible to generate encrypted content that can specify part of the information of the media identifier.

(13)前述數位浮水印嵌入部225亦可藉由對各明文區塊嵌入1種數位浮水印,重新生成嵌入有前述數位浮水印之1個嵌入區塊。 (13) The digital watermark embedding unit 225 may regenerate one embedding block in which the digital watermark is embedded by embedding one type of digital watermark for each plaintext block.

第一加密化部221對所生成之1個前述嵌入區塊施行前述第一加密化,生成1個第一加密化嵌入區塊,並生成進而包含所生成之1個前述第一加密化嵌入區塊之前述中間加密化內容。 The first encryption unit 221 performs the first encryption on the generated one of the embedded blocks, generates one first encrypted embedded block, and generates one of the generated first encrypted embedded regions. The aforementioned intermediate encrypted content of the block.

前述部分資訊為構成前述媒體識別子之1位元的位元資訊。 The foregoing partial information is bit information constituting one bit of the aforementioned media identifier.

前述位元資訊在該媒體識別子內之位元位置、與前述中間加密化內容所含之前述第一加密化區塊及1個前述第一加密化嵌入區塊在前述中間加密化內容內之位置相對應。 a position of the bit information in the media identifier, a position of the first encrypted block included in the intermediate encrypted content, and a position of the first encrypted embedded block in the intermediate encrypted content. Corresponding.

第二加密化部321選擇與前述位元資訊在該媒體識別子內之位元位置對應之前述中間加密化內容內之位置之前述第一加密化區塊及1個前述第一加密化嵌入區塊,使用前述位元資訊之值,從第一加密化區塊及1個前述第一加密化嵌入區塊選擇任一區塊。 The second encryption unit 321 selects the first encrypted block and one of the first encrypted embedded blocks at positions in the intermediate encrypted content corresponding to the bit position of the bit information in the media identifier. And using the value of the bit information to select any block from the first encrypted block and one of the first encrypted embedded blocks.

根據該構成,可生成可特定構成媒體識別子之位元資訊之加密化內容。 According to this configuration, it is possible to generate encrypted content that can specify the bit information of the media identifier.

(14)第一伺服器裝置101之前述數位浮水印嵌入部225亦可對第一加密化部221中不會成為前述第一加密化之對象之各明文區塊,嵌入1種或複數種之數位浮水印,藉此重新生成嵌入有前述數位浮水印之1個或複數個之嵌入區塊之組。 (14) The digital watermark embedding unit 225 of the first server device 101 may embed one or more kinds of plaintext blocks that are not to be the first encryption target in the first encryption unit 221. The digital watermark is used to regenerate a group of one or a plurality of embedded blocks embedded with the aforementioned digital watermark.

第一加密化部221亦可生成進而包含所生成之1個或複數個前述嵌入區塊之組之前述中間加密化內容。 The first encryption unit 221 may also generate the intermediate encrypted content including the generated one or a plurality of the embedded blocks.

構成前述媒體識別子之部分資訊在該媒體識別子內之位置、與前述中間加密化內容所含之前述明文區塊及1個或複數個之前述嵌入區塊之組在前述中間加密化內容內之位置係相對應。 a position of the partial information of the media identifier in the media identifier, a position of the plaintext block included in the intermediate encrypted content, and a group of the plurality of embedded blocks in the intermediate encrypted content Correspondence.

第二加密化部321選擇與前述部分資訊在該媒體識別子內之位置相應之前述中間加密化內容內之位置之前述明文區塊及1個或複數個之前述嵌入區塊之組,使用前述部分資訊之內容,從前述明文區塊及1個或複數個之前述嵌入區塊之組,選擇任一區塊,對經選擇之區塊施行前述第二加密化,生成前述第二加密化區塊,並生成包含生成之前述第二加密化區塊的前述加密化內容。 The second encryption unit 321 selects the plaintext block and one or a plurality of the embedded blocks at positions in the intermediate encrypted content corresponding to the position of the partial information in the media identifier, and uses the aforementioned portion. For the content of the information, selecting any block from the group of the plaintext block and one or more of the embedded blocks, and performing the second encryption on the selected block to generate the second encrypted block. And generating the aforementioned encrypted content including the generated second encrypted block.

根據該構成,可生成可特定構成媒體識別子之部分資訊之加密化內容。 According to this configuration, it is possible to generate encrypted content that can specify part of the information of the media identifier.

(15)數位浮水印嵌入部225亦可對不成為前述第一加密化之對象之各明文區塊,嵌入1種數位浮水印,藉此重新生成嵌入有前述數位浮水印之1個嵌入區塊。 (15) The digital watermark embedding unit 225 may embed one type of digital watermark for each plaintext block that is not the target of the first encryption, thereby regenerating one embedded block in which the digital watermark is embedded. .

第一加密化部221生成進而包含所生成之1個前述嵌入區塊之前述中間加密化內容。 The first encryption unit 221 generates the intermediate encrypted content including the generated one of the embedded blocks.

前述部分資訊為構成前述媒體識別子之1位元的位元資訊。 The foregoing partial information is bit information constituting one bit of the aforementioned media identifier.

前述位元資訊在該媒體識別子內之位元位置、與前述中間加密化內容所含之前述明文區塊及1個之前述嵌入區塊在前述中間加密化內容內之位置係相對應。 The bit position of the bit information in the media identifier corresponds to a position of the plaintext block included in the intermediate encrypted content and one of the embedded blocks in the intermediate encrypted content.

第二加密化部321選擇與前述位元資訊在該媒體識別子內之位元位置之前述中間加密化內容內之前述明文區塊及1個之前述嵌入區塊,使用前述位元資訊之值,從前述明文區塊及1個之前述嵌入區塊選擇任一區塊。 The second encryption unit 321 selects the plaintext block and one of the embedded blocks in the intermediate encrypted content of the bit position of the bit information in the media identifier, and uses the value of the bit information. Any block is selected from the aforementioned plaintext block and one of the aforementioned embedded blocks.

根據該構成,可生成可特定構成媒體識別子之位元資 訊的加密化內容。 According to this configuration, it is possible to generate a bit element that can specifically constitute a media identifier. The encrypted content of the message.

(16)本發明之其他態樣亦可為再生裝置104。 (16) Other aspects of the invention may also be the regeneration device 104.

藉由第一伺服器裝置101,僅對明文內容之複數明文區塊中一部份之前述明文區塊,施行第一加密化生成第一加密化區塊,並生成由未經前述第一加密化之前述明文區塊及所生成之前述第一加密化區塊所構成之中間加密化內容,並對構成前述中間加密化內容之複數區塊之各個進行彙總,生成複數之第一彙總值。 The first encrypting block is generated by the first server device 101 to generate a first encrypted block only for a part of the plaintext block in the plurality of plaintext blocks of the plaintext content, and the first encrypted block is generated without the foregoing first encryption. The intermediate encrypted content formed by the plaintext block and the generated first encrypted block is aggregated, and each of the plurality of blocks constituting the intermediate encrypted content is aggregated to generate a first summary value of the plurality.

藉由第二伺服器裝置102,對前述中間加密化內容所含之前述區塊中未經前述第一加密化之前述明文區塊施行第二加密化,生成第二加密化區塊,並生成由前述第一加密化區塊及前述第二加密化區塊所構成之加密化內容。 The second server device 102 performs second encryption on the plaintext block without the first encryption in the block included in the intermediate encrypted content to generate a second encrypted block, and generates Encrypted content composed of the first encrypted block and the second encrypted block.

再生裝置104具有選擇部521、解密部522、第二彙總部523、驗證部524及再生部525。 The playback device 104 includes a selection unit 521, a decryption unit 522, a second aggregation unit 523, a verification unit 524, and a reproduction unit 525.

選擇部521在構成前述加密化內容之複數前述加密化區塊中,選擇一個前述第二加密化區塊。 The selection unit 521 selects one of the second encrypted blocks among the plurality of encrypted blocks constituting the encrypted content.

解密部522於經選擇之前述第二加密化區塊,施行對應於前述第二加密化之解密,生成明文區塊。 The decryption unit 522 performs decryption corresponding to the second encryption on the selected second encrypted block to generate a plaintext block.

第二彙總部523對已生成之前述明文區塊進行彙總,生成第二彙總值。 The second summary unit 523 aggregates the generated plaintext blocks to generate a second summary value.

驗證部524使用複數之前述第一彙總值及生成之前述第二彙總值,進行前述加密化內容之驗證。 The verification unit 524 performs verification of the encrypted content using the plurality of first summary values and the generated second summary value.

再生部525在前述驗證失敗時,會停止前述加密化內容之解密,當驗證成功時,則將前述加密化內容解密後進 行再生。 The reproducing unit 525 stops the decryption of the encrypted content when the verification fails, and decrypts the encrypted content after the verification is successful. Line regeneration.

根據該構成,可檢出加密化內容之非法取代攻撃。 According to this configuration, the illegal replacement of the encrypted content can be detected.

(17)藉由第一伺服器裝置101,進而亦可至少對所生成之複數前述第一彙總值結合所得之結合體施行簽章,生成簽章資料。 (17) The first server device 101 may further perform at least a signature on the combination of the generated plurality of first summary values to generate signature data.

再生裝置104進而包含替換結合體生成部526。 The regeneration device 104 further includes a replacement combination generation unit 526.

替換結合體生成部526在前述結合體中,將與前述第二彙總值對應之前述第一彙總值替換成該第二彙總值,生成替換結合體。 The replacement combined body generating unit 526 replaces the first summary value corresponding to the second summary value with the second summary value in the combination, and generates a replacement combination.

驗證部524使用前述替換結合體,驗證前述簽章資料。 The verification unit 524 verifies the aforementioned signature data using the aforementioned replacement combination.

根據該構成,可藉簽章資料之驗證,檢出加密化內容之非法取代攻撃。 According to this configuration, the verification of the signature data can be used to detect the illegal replacement of the encrypted content.

(18)再生裝置104亦可由第二伺服器裝置102,透過一個記錄媒體裝置105接收前述加密化內容。 (18) The reproducing device 104 may also receive the encrypted content through the one recording medium device 105 by the second server device 102.

藉由第一伺服器裝置101,使用與複數記錄媒體裝置共通之共通標題金鑰,對前述明文區塊施行前述第一加密化。 The first encryption is performed on the plaintext block by the first server device 101 using a common title key common to the plurality of recording medium devices.

藉由第二伺服器裝置102,使用前述一個記錄媒體裝置105固有之個別標題金鑰,對未經前述第一加密化之前述明文區塊施行前述第二加密化。 The second encryption is performed by the second server device 102 on the plaintext block that is not encrypted by the first encryption using the individual title key unique to the one recording medium device 105.

解密部522使用前述個別標題金鑰,對經選擇之前述第二加密化區塊施行對應於前述第二加密化之解密。 The decryption unit 522 performs decryption corresponding to the second encryption on the selected second encrypted block using the individual title key.

(19)亦可藉由第二伺服器裝置102,對前述共通標題金鑰、前述個別標題金鑰及用以識別前述一個記錄媒體裝置105之媒體識別子結合所得之結合體施行簽章,生成標題金 鑰發送証明書,並且前述共通標題金鑰、前述個別標題金鑰及前述標題金鑰發送証明書寫入至記錄媒體裝置105。 (19) The second server device 102 may also issue a signature on the combination of the common title key, the individual title key, and the media identifier used to identify the one recording medium device 105 to generate a title. gold The key transmission certificate is written, and the common title key, the individual title key, and the title key transmission certificate are written to the recording medium device 105.

再生裝置104進而亦可包含取得部527及標題金鑰發送証明書驗證部528。 The playback device 104 may further include an acquisition unit 527 and a title key transmission certificate verification unit 528.

取得部527由記錄媒體裝置105取得前述媒體識別子、前述共通標題金鑰、前述個別標題金鑰及前述標題金鑰發送証明書。 The acquisition unit 527 acquires the media identifier, the common title key, the individual title key, and the title key transmission certificate from the recording medium device 105.

標題金鑰發送証明書驗證部528將前述共通標題金鑰、前述個別標題金鑰及前述媒體識別子結合以生成結合體,並使用生成之結合體,對取得之前述標題金鑰發送証明書進行驗證。 The title key transmission certificate verification unit 528 combines the common title key, the individual title key, and the media identifier to generate a combination, and uses the generated combination to verify the acquired title key transmission certificate. .

根據該構成,可使用標題金鑰發送証明書,對共通標題金鑰、個別標題金鑰及媒體識別子之組進行正當性之驗證。 According to this configuration, the certificate can be transmitted using the title key, and the group of the common title key, the individual title key, and the media identifier can be verified for justification.

(20)藉由第一伺服器裝置101,進而亦可對成為前述第一加密化對象之各明文區塊,嵌入1種或複數種之數位浮水印,藉此重新生成嵌入有前述數位浮水印之1個或複數個嵌入區塊之組,進一步,對所生成之1個或複數個嵌入區塊之組,施行前述第一加密化,生成1個或複數個之第一加密化嵌入區塊之組,並生成進而包含所生成之1個或複數個前述第一加密化嵌入區塊之組的前述中間加密化內容。 (20) The first server device 101 may further embed one or more types of digital watermarks for each of the plaintext blocks to be the first encryption target, thereby regenerating the digital watermark embedded therein. 1 or a plurality of embedded blocks, and further performing the foregoing first encryption on the generated one or a plurality of embedded blocks to generate one or a plurality of first encrypted embedded blocks And generating the intermediate encrypted content further comprising a group of the generated one or a plurality of the first encrypted embedded blocks.

構成前述媒體識別子之部分資訊在該媒體識別子內的位置、與前述中間加密化內容所含之前述第一加密化區塊 及1個或複數個之前述第一加密化嵌入區塊之組在前述中間加密化內容內之位置係相對應。 a position of the part of the information identifying the media identifier in the media identifier, and the first encrypted block included in the intermediate encrypted content And a group of one or more of the foregoing first encrypted embedded blocks corresponds to a position within the intermediate encrypted content.

藉由第一伺服器裝置101,選擇與前述部分資訊在該媒體識別子內之位置之前述中間加密化內容內之位置之前述第一加密化區塊及1個或複數個之前述第一加密化嵌入區塊之組,使用前述部分資訊之內容,從第一加密化區塊及1個或複數個之前述第一加密化嵌入區塊之組,選擇任一區塊,生成包含作為前述第一加密化區塊之選擇之區塊的前述加密化內容。 Determining, by the first server device 101, the first encrypted block and one or more of the first encryptions at a position within the intermediate encrypted content of the location of the partial information in the media identifier a group of embedded blocks, using the content of the foregoing partial information, selecting any block from the first encrypted block and one or a plurality of the first encrypted embedded block groups, and generating the inclusion as the first Encrypted content of the selected block of the encrypted block.

再生裝置104進而可包含選擇部521、數位浮水印判斷部529及媒體識別子生成部530。 The playback device 104 may further include a selection unit 521, a digital watermark determination unit 529, and a media identifier generation unit 530.

選擇部521在前述加密化內容內,選擇特定位置之前述第一加密化區塊。 The selection unit 521 selects the first encrypted block at a specific location within the encrypted content.

解密部522進而將所選擇之前述第一加密化區塊解密,生成明文區塊。 The decryption unit 522 further decrypts the selected first encrypted block to generate a plaintext block.

數位浮水印判斷部529判斷所生成之前述明文區塊是否嵌入有1種或複數種之前述數位浮水印之任一者,並輸出判斷結果。 The digital watermark determining unit 529 determines whether or not one of the plurality of types of digital watermarks is embedded in the generated plaintext block, and outputs the determination result.

媒體識別子生成部530在對應於前述特定位置之前述媒體識別子內之位置中,生成根據前述判斷結果之內容,作為構成該媒體識別子之前述部分資訊。 The media identifier generation unit 530 generates a content based on the determination result as the partial information constituting the media identifier in a position in the media identifier corresponding to the specific position.

根據該構成,可特定構成媒體識別子之部分資訊。 According to this configuration, part of the information constituting the media identifier can be specified.

(21)藉由第一伺服器裝置101,進一步亦可對成為前述第一加密化之對象之各明文區塊,嵌入1種類之數位浮水 印,藉此重新生成嵌入有前述數位浮水印之1個嵌入區塊,進一步對所生成之1個嵌入區塊,施行前述第一加密化,並生成1個第一加密化嵌入區塊,並生成進一步包含所生成之1個前述第一加密化嵌入區塊的前述中間加密化內容。 (21) The first server device 101 may further embed one type of digital floating water for each plaintext block to be the target of the first encryption. Printing, thereby regenerating an embedded block embedded with the aforementioned digital watermark, further performing the first encryption on the generated embedded block, and generating a first encrypted embedded block, and The intermediate encrypted content further including the generated one of the first encrypted embedded blocks is generated.

前述部分資訊係構成前述媒體識別子之1位元的位元資訊。 The aforementioned partial information constitutes bit information of one bit of the aforementioned media identifier.

前述位元資訊在該媒體識別子內之位元位置、與前述中間加密化內容所含之前述第一加密化區塊及1個前述第一加密化嵌入區塊在前述中間加密化內容內之位置相對應。 a position of the bit information in the media identifier, a position of the first encrypted block included in the intermediate encrypted content, and a position of the first encrypted embedded block in the intermediate encrypted content. Corresponding.

藉由第一伺服器裝置101,選擇與前述位元資訊在該媒體識別子內之位元位置對應之前述中間加密化內容內之位置之前述第一加密化區塊及1個前述第一加密化嵌入區塊,使用前述位元資訊之值,由第一加密化區塊及1個前述第一加密化嵌入區塊選擇任一區塊,生成包含作為前述第一加密化區塊之選擇之區塊的前述加密化內容。 Determining, by the first server device 101, the first encrypted block and the first first encryption at a position within the intermediate encrypted content corresponding to a bit position of the bit information in the media identifier Embedding the block, using the value of the bit information, selecting any block from the first encrypted block and one of the first encrypted embedded blocks to generate a region including the selection as the first encrypted block The aforementioned encrypted content of the block.

數位浮水印判斷部529判斷在所生成之前述明文區塊是否嵌入有1種前述數位浮水印。 The digital watermark determining unit 529 determines whether or not one type of the aforementioned digital watermark is embedded in the generated plaintext block.

媒體識別子生成部530在對應於前述特定位置之前述媒體識別子內之位置中,生成根據前述判斷結果之值,作為構成該媒體識別子之前述部分資訊。 The media identifier generation unit 530 generates a value based on the determination result as the partial information constituting the media identifier in a position in the media identifier corresponding to the specific position.

根據該構成,可特定構成媒體識別子之位元資訊。 According to this configuration, the bit information constituting the media identifier can be specified.

(22)藉由第一伺服器裝置101,亦可對不成為前述第一加密化之對象之各明文區塊嵌入1種或複數種之數位浮水 印,藉此重新生成嵌入有前述數位浮水印之1個或複數個嵌入區塊之組,並生成進而包含所生成之1個或複數個之前述嵌入區塊之組的前述中間加密化內容。 (22) The first server device 101 may embed one or more types of floating water for each plaintext block that is not the target of the first encryption. Printing, thereby regenerating a group of one or a plurality of embedded blocks in which the aforementioned digital watermark is embedded, and generating the intermediate encrypted content further including a group of the generated one or a plurality of the embedded blocks.

構成前述媒體識別子之部分資訊在該媒體識別子內之位置、與前述中間加密化內容所含之前述明文區塊及1個或複數個之前述嵌入區塊之組在前述中間加密化內容內之位置係相對應。 a position of the partial information of the media identifier in the media identifier, a position of the plaintext block included in the intermediate encrypted content, and a group of the plurality of embedded blocks in the intermediate encrypted content Correspondence.

藉由第二伺服器裝置102,亦可選擇與前述部分資訊在該媒體識別子內之位置對應之前述中間加密化內容內之位置之前述明文區塊及1個或複數個之前述嵌入區塊之組,並使用前述部分資訊之內容,從前述明文區塊及1個或複數個之前述嵌入區塊之組,選擇任一區塊,對選擇之區塊施行前述第二加密化,生成前述第二加密化區塊,並生成包含生成之前述第二加密化區塊的前述加密化內容。 The second server device 102 may also select the plaintext block and one or more of the embedded blocks at the position in the intermediate encrypted content corresponding to the position of the partial information in the media identifier. And using the content of the foregoing part of the information, selecting any block from the group of the plaintext block and the one or more of the embedded blocks, and performing the second encryption on the selected block to generate the foregoing Second encrypting the block and generating the aforementioned encrypted content including the generated second encrypted block.

選擇部521進而在前述加密化內容內中,選擇特定位置之前述第二加密化區塊。 The selection unit 521 further selects the second encrypted block at the specific position in the encrypted content.

解密部522進而將經選擇之前述第二加密化區塊解密,生成明文區塊。 The decryption unit 522 further decrypts the selected second encrypted block to generate a plaintext block.

數位浮水印判斷部529進一步判斷在前述第二加密化區塊解密而生成之前述明文區塊,是否嵌入有1種或複數種之前述數位浮水印之任一者,並輸出判斷結果。 The digital watermark determining unit 529 further determines whether or not one of the plurality of types of digital watermarks is embedded in the plaintext block generated by the decryption of the second encrypted block, and outputs the determination result.

媒體識別子生成部530進一步在對應於前述第二加密化區塊之前述特定位置之前述媒體識別子內的位置中,生成根據前述判斷結果之內容,作為構成該媒體識別子之前 述部分資訊。 The media identifier generation unit 530 further generates a content according to the determination result in the position in the media identifier corresponding to the specific position of the second encrypted block as before the media identifier is constructed. Some of the information.

根據該構成,可特定構成媒體識別子之部分資訊。 According to this configuration, part of the information constituting the media identifier can be specified.

(23)藉由第一伺服器裝置101,亦可對不成為前述第一加密化之對象之各明文區塊,嵌入1種之數位浮水印,藉此重新生成嵌入有前述數位浮水印之1個嵌入區塊,並生成進而包含所生成之1個前述嵌入區塊的前述中間加密化內容。 (23) The first server device 101 may embed one type of digital watermark for each plaintext block that is not the target of the first encryption, thereby regenerating the digital watermark embedded with the digital watermark. Embedding blocks and generating the aforementioned intermediate encrypted content, which in turn includes the generated one of the aforementioned embedded blocks.

前述部分資訊係構成前述媒體識別子之1位元的位元資訊。 The aforementioned partial information constitutes bit information of one bit of the aforementioned media identifier.

前述位元資訊在該媒體識別子內之位元位置、與前述中間加密化內容所含之前述第一加密化區塊及1個前述第一加密化嵌入區塊在前述中間加密化內容內之位置相對應。 a position of the bit information in the media identifier, a position of the first encrypted block included in the intermediate encrypted content, and a position of the first encrypted embedded block in the intermediate encrypted content. Corresponding.

藉由第二伺服器裝置102,亦可選擇與前述位元資訊在該媒體識別子內之位元位置對應之前述中間加密化內容內之位置之前述明文區塊及1個前述嵌入區塊,使用前述位元資訊之值,由前述明文區塊及1個之前述嵌入區塊選擇任一區塊,對選擇之區塊施行前述第二加密化,生成前述第二加密化區塊,並生成包含生成之前述第二加密化區塊的前述加密化內容。 The second server device 102 may also select the plaintext block and one of the embedded blocks at the position in the intermediate encrypted content corresponding to the bit position of the bit information in the media identifier. The value of the bit information is selected by the plaintext block and one of the embedded blocks, and the second encryption is performed on the selected block to generate the second encrypted block, and the generated Generating the aforementioned encrypted content of the aforementioned second encrypted block.

選擇部521在前述加密化內容內中,選擇特定位置之前述第二加密化區塊。 The selection unit 521 selects the second encrypted block at the specific position among the encrypted contents.

解密部522將經選擇之前述第二加密化區塊解密,生成明文區塊。 The decryption unit 522 decrypts the selected second encrypted block to generate a plaintext block.

數位浮水印判斷部529判斷在前述第二加密化區塊解密而生成之前述明文區塊是否嵌入有1種前述數位浮水印,並輸出判斷結果。 The digital watermark determining unit 529 determines whether or not one type of the digital watermark is embedded in the plaintext block generated by the decryption of the second encrypted block, and outputs the determination result.

媒體識別子生成部530對應於前述第二加密化區塊之前述特定位置之前述媒體識別子內的位置中,生成根據前述判斷結果之內容,作為構成該媒體識別子之前述位元資訊。 The media identifier generation unit 530 generates the content based on the determination result as the bit information constituting the media identifier, corresponding to the position in the media identifier of the specific position of the second encrypted block.

根據該構成,可特定構成媒體識別子之位元資訊。 According to this configuration, the bit information constituting the media identifier can be specified.

2.實施形態2 2. Embodiment 2

在此,參照圖面並說明本發明之實施形態2之內容發送系統10a。 Here, the content transmission system 10a according to the second embodiment of the present invention will be described with reference to the drawings.

2.1內容發送系統10a之構成 2.1 Composition of content transmission system 10a

內容發送系統10a係如第2圖所示,由內容簽章生成伺服器裝置101a、發送伺服器裝置102a、記錄用資訊處理裝置103a、再生用資訊處理裝置104a及資訊記錄媒體裝置105a所構成。在此,內容簽章生成伺服器裝置101a及發送伺服器裝置102a構成內容發送子系統30a(未圖示)。 As shown in FIG. 2, the content distribution system 10a is composed of a content signature generation server device 101a, a transmission server device 102a, a recording information processing device 103a, a reproduction information processing device 104a, and an information recording medium device 105a. Here, the content signature generation server device 101a and the transmission server device 102a constitute a content transmission subsystem 30a (not shown).

內容簽章生成伺服器裝置101a與發送伺服器裝置102a可藉由通信用纜線21直接連接。發送伺服器裝置102a與記錄用資訊處理裝置103a可經由網際網路所代表之網路20而連接。 The content signature generation server device 101a and the transmission server device 102a can be directly connected by the communication cable 21. The transmitting server device 102a and the recording information processing device 103a are connectable via the network 20 represented by the Internet.

記錄用資訊處理裝置103a透過使用者裝設資訊記錄媒體裝置105a,且在發送伺服器裝置102a與資訊記錄媒體裝置105a之間,如後述般,經由記錄用資訊處理裝置103a 確立暗號通信路22,發送伺服器裝置102a透過暗號通信路22,將共通標題金鑰241、個別標題金鑰381及發送用內容資料集351寫入資訊記錄媒體裝置105a。再者,關於共通標題金鑰241、個別標題金鑰381及發送用內容資料集351於後敘述。 The recording information processing device 103a is installed in the information recording medium device 105a by the user, and is transmitted between the transmission server device 102a and the information recording medium device 105a via the recording information processing device 103a as will be described later. The secret communication path 22 is established, and the transmission server device 102a transmits the common title key 241, the individual title key 381, and the transmission content data set 351 to the information recording medium device 105a via the secret communication path 22. The common title key 241, the individual title key 381, and the transmission content data set 351 will be described later.

已寫入有共通標題金鑰241、個別標題金鑰381及發送用內容資料集351之資訊記錄媒體裝置105a,係透過使用者而裝設於再生用資訊處理裝置104a,且再生用資訊處理裝置104a對記錄於資訊記錄媒體裝置105a之發送用內容資料集351進行驗證,驗證成功時,則再生發送用內容資料集351,驗證失敗時,則停止發送用內容資料集351之再生。 The information recording medium device 105a to which the common title key 241, the individual title key 381, and the transmission content data set 351 have been written is installed in the reproduction information processing device 104a by the user, and the information processing device for reproduction is provided. 104a verifies the transmission content data set 351 recorded in the information recording medium device 105a, and if the verification is successful, the transmission content data set 351 is reproduced, and when the verification fails, the reproduction of the transmission content data set 351 is stopped.

再者,驗證失敗時,亦可判斷發送用內容資料集351為非法。 Furthermore, when the verification fails, it may be determined that the content data set 351 for transmission is illegal.

又,內容簽章生成伺服器裝置101a、發送伺服器裝置102a及再生用資訊處理裝置104a分別對應於內容發送系統10之第一伺服器裝置101、第二伺服器裝置102及再生裝置104。 Further, the content signature generation server device 101a, the transmission server device 102a, and the reproduction information processing device 104a correspond to the first server device 101, the second server device 102, and the reproduction device 104 of the content transmission system 10, respectively.

2.2內容簽章生成伺服器裝置101a之構成 2.2 Content signature generation server device 101a

內容簽章生成伺服器裝置101a係如第3圖所示,由內容保存機構201、儲存機構202、機器間傳送機構203、單元生成機構204、共通標題金鑰生成機構205、加密化機構206、標頭資訊生成機構207、簽章金鑰保存機構208、簽章生成機構209及控制機構211構成。 As shown in FIG. 3, the content signature generation server device 101a includes a content storage unit 201, a storage unit 202, an inter-machine transfer unit 203, a unit generation unit 204, a common title key generation unit 205, and an encryption unit 206. The header information generating unit 207, the signature key storing unit 208, the signature generating unit 209, and the control unit 211 are configured.

在此,內容簽章生成伺服器裝置101a,具體而言亦可為包含CPU(CentralProcessingUnit)、記憶體、二次記憶裝置、網際網路介面電路等之PC(PersonalComputer)。此種情況下,內容保存機構201、儲存機構202及簽章金鑰保存機構208分別由二次記憶裝置構成,單元生成機構204、共通標題金鑰生成機構205、加密化機構206、標頭資訊生成機構207、簽章生成機構209及控制機構211由CPU及在上面動作之程式所構成,機器間傳送機構203由網際網路介面電路所構成。當然,不受此限。內容簽章生成伺服器裝置101a之構成要素的一部份亦可由專用電路所構成。例如,加密化機構206及簽章生成機構209亦可分別由專用之硬體電路所構成。 Here, the content signature generation server device 101a may specifically be a PC (Personal Computer) including a CPU (Central Processing Unit), a memory, a secondary memory device, an Internet interface circuit, and the like. In this case, the content storage unit 201, the storage unit 202, and the signature key storage unit 208 are each constituted by a secondary storage device, the unit generation unit 204, the common title key generation unit 205, the encryption unit 206, and the header information. The generation unit 207, the signature generation unit 209, and the control unit 211 are constituted by a CPU and a program operating thereon, and the inter-machine transmission unit 203 is constituted by an internet interface circuit. Of course, this is not the limit. A part of the components of the content signature generation server device 101a may also be constituted by dedicated circuits. For example, the encryption mechanism 206 and the signature generation unit 209 may each be configured by a dedicated hardware circuit.

2.2.1內容保存機構201 2.2.1 Content preservation organization 201

內容保存機構201係用以保存原內容701。原內容701係影像資料及聲音資料在未經加密化之狀態下,以MPEG2(MovingPictureExpertGroup2)之TS(TransportStream)方式經編碼者。因此,原內容701為由明文資料構成之明文內容。再者,內容之格式不限定於MPEG2方式,亦可為任意的格式。 The content storage unit 201 is for storing the original content 701. The original content 701 is an image data and sound data that are encoded by the TS (TransportStream) method of MPEG2 (Moving Picture Expert Group 2) in an unencrypted state. Therefore, the original content 701 is plaintext content composed of plaintext materials. Furthermore, the format of the content is not limited to the MPEG2 method, and may be any format.

又,內容保存機構201亦可由外部之機器或記錄媒體接收原內容701,保存已接收之原內容701。 Further, the content storage unit 201 may receive the original content 701 from an external device or a recording medium, and store the received original content 701.

內容保存機構201保存之原內容701之一例係如第4圖所示,由c個(c為1以上之整數)之原檔案711「CNT1」、712「CNT2」、713「CNT3」、‧‧‧、714「CNTc」所構成。 As an example of the original content 701 stored in the content storage unit 201, as shown in FIG. 4, c (c is an integer of 1 or more) of the original files 711 "CNT1", 712 "CNT2", 713 "CNT3", ‧ ‧, 714 "CNTc" is composed.

原內容701所含之影像資料及聲音資料分割成c個,且原檔案711、712、713、‧‧‧、714係分別在分割後之影像資料及聲音資料未經加密化之狀態下,以MPEG2之TS方式經編碼者。 The image data and sound data contained in the original content 701 are divided into c, and the original files 711, 712, 713, ‧ ‧ and 714 are respectively in a state in which the divided image data and sound data are not encrypted The TS mode of MPEG2 is encoded.

2.2.2儲存機構202 2.2.2 Storage Mechanism 202

儲存機構202具有用以記憶後述之共通標題金鑰241與中間內容資料集242之記憶區域。中間內容資料集242係如後述,由單元選出資訊780、加密化內容820、標頭資訊860及簽章資訊890構成。 The storage unit 202 has a memory area for memorizing the common title key 241 and the intermediate content data set 242 which will be described later. The intermediate content data set 242 is composed of unit selection information 780, encrypted content 820, header information 860, and signature information 890, as will be described later.

2.2.3簽章金鑰保存機構208 2.2.3 Signature Key Depository Authority 208

簽章金鑰保存機構208保存有私有金鑰251「KSG」。私有金鑰251係內容簽章生成分配於伺服器裝置101a之私有金鑰,且使用於以公開金鑰暗號方式為基礎之數位簽章之簽章生成演算法S。私有金鑰251由簽章生成機構209使用。 The signature key storage unit 208 stores the private key 251 "KSG". The private key 251 is a content signature that generates a private key assigned to the server device 101a, and is used for the signature generation algorithm S of the digital signature based on the public key cryptographic method. The private key 251 is used by the signature generation unit 209.

在此,簽章生成演算法S係以例如RSA簽章、DSA(DigitalSignatureAlgorithm)或橢圓曲線DSA等之公開金鑰暗號為基礎之簽章方式的演算法。再者,簽章生成演算法S不受此限。其他亦可為以MAC(MessageAuthenticationCode)等之共通金鑰暗號或散列函數為基礎之簽章方式的演算法。 Here, the signature generation algorithm S is a signature-based algorithm based on a public key cipher such as an RSA signature, a DSA (Digital Signature Algorithm), or an elliptic curve DSA. Furthermore, the signature generation algorithm S is not limited to this. Other algorithms may also be signatures based on a common key or hash function such as MAC (Message Authentication Code).

2.2.4單元生成機構204 2.2.4 unit generation mechanism 204

單元生成機構204由內容保存機構201保存之原內容701,藉以下說明之流程而生成分割內容721與單元選出資 訊780。 The unit generation unit 204 generates the divided content 721 and the unit selected capital by the original content 701 held by the content storage unit 201 by the flow described below. News 780.

(a)分割內容721之生成 (a) Generation of split content 721

單元生成機構204係如第5圖所示,由原內容701生成分割內容721。以下使用第5圖,並就分割內容721之生成流程加以說明。 The unit generation unit 204 generates the divided content 721 from the original content 701 as shown in FIG. The fifth diagram will be used below, and the generation flow of the divided content 721 will be described.

單元生成機構204由內容保存機構201依序讀出構成原內容701之原檔案711、712、713、‧‧‧、714。 The unit generation unit 204 sequentially reads the original files 711, 712, 713, ‧ ‧ and 714 constituting the original content 701 by the content storage unit 201.

其次,單元生成機構204就已讀出之各原檔案進行以下處理(1)~(7)。在此,僅記載原檔案711之處理作為代表,單元生成機構204亦可就其他原檔案712、713、‧‧‧、714進行相同處理。 Next, the unit generation unit 204 performs the following processing (1) to (7) on each of the original files that have been read. Here, only the processing of the original file 711 is described as a representative, and the unit generating unit 204 can perform the same processing on the other original files 712, 713, ‧ ‧ and 714

(1)單元生成機構204生成對應於已讀出之原檔案711「CNT1」之檔案識別子「FID1」。在此,檔案識別子「FID1」係藉由以該順序而連結顯示為檔案識別子之固定資訊「FID」與顯示讀出原檔案711之順序之號碼「1」而生成。關於其他原檔案712、713、‧‧‧、714,顯示已讀出之順序的號碼分別為「2」、「3」、‧‧‧、「c」,故生成檔案識別子「FID2」、「FID3」、‧‧‧、「FIDc」。 (1) The unit generation unit 204 generates a file identifier "FID1" corresponding to the read original file 711 "CNT1". Here, the file identifier "FID1" is generated by connecting the fixed information "FID" displayed as the file identifier and the number "1" indicating the order of reading the original file 711 in this order. Regarding the other original files 712, 713, ‧ ‧ and 714, the numbers indicating the order of reading are "2", "3", ‧ ‧ and "c", respectively, so the file identifiers "FID2" and "FID3" are generated. , ‧‧‧, "FIDc"

(2)其次,單元生成機構204依每VOBU(VideoObjectUnit)分割原檔案711「CNT1」分割,生成m個(m為自然數)之單元773「U1_1」、單元774「U1_2」、單元775「U1_3」、單元776「U1_4」、‧‧‧、單元777「U1_m」。其次,生成顯示生成之單元之個數之單元數N1。在此,N1=m。 (2) Next, the unit generation unit 204 divides the original file 711 "CNT1" for each VOBU (VideoObject Unit), and generates m (m is a natural number) unit 773 "U1_1", unit 774 "U1_2", and unit 775 "U1_3". Unit 776 "U1_4", ‧‧‧, unit 777 "U1_m". Next, the number of cells N1 indicating the number of generated cells is generated. Here, N1=m.

(3)其次,單元生成機構204生成由檔案識別子「FID1」與單元數N1構成之檔案資訊「FI1」,並記憶生成之檔案資訊「FI1」。 (3) Next, the unit generation unit 204 generates the file information "FI1" composed of the file identifier "FID1" and the unit number N1, and memorizes the generated file information "FI1".

(4)其次,單元生成機構204就單元773、774、‧‧‧、777之各個生成對應於單元「U1_i_」(i為1到m之整數)之單元識別子「UID1i」。單元識別子係唯一識別各單元之識別資訊。單元識別子將顯示為單元識別子之固定資訊「UID」、顯示讀出原檔案711之順序之號碼「1」、記號「_」、顯示各單元之順序之號碼「i」以該順序結合而生成。 (4) Next, the unit generation unit 204 generates a unit identifier "UID1i" corresponding to the unit "U1_i_" (i is an integer from 1 to m) for each of the units 773, 774, ‧‧, and 777. The unit identification subsystem uniquely identifies the identification information of each unit. The unit identifier is generated by combining the fixed information "UID" displayed as the unit identifier, the number "1" indicating the order in which the original file 711 is read, the symbol "_", and the number "i" indicating the order of each unit in this order.

所謂顯示各單元之順序之號碼「i」,係例如、「1」、「2」、「3」、‧‧‧、「m」由起始單元開始之順序。在此,亦可為從開湍之單元開始之累積位元數等。 The number "i" indicating the order of each unit is, for example, the order in which "1", "2", "3", ‧‧", and "m" are started by the start unit. Here, the number of accumulated bits from the unit of the opening may be used.

(5)其次,單元生成機構204係對單元773、774、‧‧‧、777之各個,也就是對於各單元「U1_i」(i為1到m之整數),決定要使用共通標題金鑰241進行加密化,或者使用個別標題金鑰381進行加密化。 (5) Next, the unit generation unit 204 determines the use of the common title key 241 for each of the units 773, 774, ‧‧, and 777, that is, for each unit "U1_i" (i is an integer from 1 to m). Encryption is performed or encrypted using an individual title key 381.

該決定係例如預先訂定作為個別標題金鑰381進行加密化之對象之單元之數目、與共通標題金鑰241進行加密化之對象之單元之數目的比率,由m個單元中隨機地選擇個別標題金鑰381進行加密化之對象之單元,使之成為該比率,藉此以進行之。又,亦可選擇作為個別標題金鑰381進行加密化之對象的單元,使該比率更接近。 The determination is, for example, a ratio of the number of units to be encrypted by the individual title key 381 and the number of units to be encrypted by the common title key 241, and the individual units are randomly selected from the m units. The header key 381 performs the unit of the object to be encrypted, and makes it into the ratio, thereby performing it. Further, it is also possible to select a unit to be encrypted as the individual title key 381, and to make the ratio closer.

在此之一例之是個別標題金鑰381進行之加密化之對 象的單元之數目、與共通標題金鑰241進行之加密化之對象之單元之數目的比率為1:9。 In this case, the encryption of the individual title key 381 is performed. The ratio of the number of units of the image to the number of units of the object to be encrypted by the common title key 241 is 1:9.

換言之,單元生成機構204由m個單元隨機選擇百分之十的單元,選擇之單元作為個別標題金鑰381進行加密化的對象,未被選擇而剩下之百分之九十的單元作為共通標題金鑰241進行加密化的對象。 In other words, the unit generation unit 204 randomly selects ten percent of the units from the m units, and the selected unit is the object of encryption by the individual title key 381, and the remaining ninety percent of the units are common. The title key 241 is an object to be encrypted.

在此,單元生成機構204係決定例如以個別標題金鑰381將單元774「U1_2」與單元776「U1_4」加密化,以共通標題金鑰241將其他單元773「U1_1」、單元775「U1_3」、單元「U1_5」、單元「U1_6」、‧‧‧、單元777「U1_m」加密化。 Here, the unit generation unit 204 determines, for example, that the unit 774 "U1_2" and the unit 776 "U1_4" are encrypted by the individual title key 381, and the other unit 773 "U1_1" and the unit 775 "U1_3" are shared by the title key 241. The unit "U1_5", the unit "U1_6", ‧‧‧, and the unit 777 "U1_m" are encrypted.

進一步,單元生成機構204生成顯示各單元「U1_i」(i為1到m之整數)以個別標題金鑰381加密化或是以共通標題金鑰241加密化的標題金鑰旗標資訊「TKFI1_i」。標題金鑰旗標資訊只要是可區別為個別標題金鑰381與共通標題金鑰241之何者的資訊皆可,但在此使用個別標題金鑰381時則將標題金鑰旗標資訊定為「0」,使用共通標題金鑰241時,則將標題金鑰旗標資訊定為「1」。 Further, the unit generation unit 204 generates a title key flag information "TKFI1_i" indicating that each unit "U1_i" (i is an integer from 1 to m) encrypted by the individual title key 381 or encrypted by the common title key 241. . The title key flag information may be any information that can be distinguished as the individual title key 381 and the common title key 241. However, when the individual title key 381 is used here, the title key flag information is set to " 0", when the common title key 241 is used, the title key flag information is set to "1".

再者,標題金鑰旗標資訊亦可藉由來自外部之輸入而給與。 Furthermore, the title key flag information can also be given by input from the outside.

其次,單元生成機構204以單元識別子、對應之標題金鑰旗標資訊及對應之單元為一組,生成由該組構成之單元資訊。例如、如第5圖所示,單元生成機構204係以單元識別子771、標題金鑰旗標資訊772及單元773為一組, 生成由該組構成之單元資訊761。其他單元也相同。換言之,單元生成機構204依每單元生成單元資訊。 Next, the unit generation unit 204 generates unit information composed of the unit by using the unit identifier, the corresponding title key flag information, and the corresponding unit as a group. For example, as shown in FIG. 5, the unit generation unit 204 is a group of the unit identifier 771, the title key flag information 772, and the unit 773. Unit information 761 composed of the group is generated. The other units are also the same. In other words, the unit generation mechanism 204 generates unit information for each unit.

進一步,單元生成機構204係如第5圖所示,就單元773、774、‧‧‧、777,以生成之m個單元資訊為一組,生成由該組構成之分割檔案751「splCNT1」。其他原檔案也是相同。換言之,單元生成機構204係依每一原檔案而生成分割檔案。 Further, as shown in FIG. 5, the unit generation unit 204 generates the divided file 751 "splCNT1" composed of the group by using the generated unit information as a group in the units 773, 774, ‧ ‧ and 777. The other original files are the same. In other words, the unit generation unit 204 generates a split file for each original file.

由原檔案711「CNT1」生成之分割檔案751「splCNT1」係如第5圖所示,由m個單元資訊761「UI1_1」、單元資訊762「UI1_2」、單元資訊763「UI1_3」、‧‧‧、單元資訊764「UI1_m」所構成。單元資訊761、762、763、‧‧‧、764,換言之單元資訊「UI1_i」(i為1到m的整數)由對應之單元識別子「UID1_i」、標題金鑰旗標資訊「TKFI1_i」及單元「U1_i」所構成。 The split file 751 "splCNT1" generated from the original file 711 "CNT1" is as shown in Fig. 5, and includes m unit information 761 "UI1_1", unit information 762 "UI1_2", unit information 763 "UI1_3", ‧‧ The unit information 764 "UI1_m" is composed. Unit information 761, 762, 763, ‧‧‧, 764, in other words, the unit information "UI1_i" (i is an integer from 1 to m) by the corresponding unit identifier "UID1_i", the title key flag information "TKFI1_i" and the unit " It is composed of U1_i".

(7)其次,單元生成機構204係就原檔案711生成包含檔案識別子741「FID1」與分割檔案751「splCNT1」之分割檔案資訊731「splFI1」。[(7)終了] (7) Next, the unit generation unit 204 generates the divided file information 731 "splFI1" including the file identifier 741 "FID1" and the divided file 751 "splCNT1" in the original file 711. [(7) End]

單元生成機構204係就全部的原檔案711「CNT1」、712「CNT2」、713「CNT3」、‧‧‧、714「CNTc」重複同樣的處理,生成c個檔案資訊781「FI1」、檔案資訊782「FI2」、檔案資訊783「FI3」、‧‧‧、檔案資訊785「FIc」,並生成c個分割檔案資訊731「splFI1」、分割檔案資訊732「splFI2」、分割檔案資訊733「splFI3」、‧‧‧、分割檔案資訊734「splFIc」。 The unit generation unit 204 repeats the same processing for all the original files 711 "CNT1", 712 "CNT2", 713 "CNT3", ‧‧‧, 714 "CNTc", and generates c file information 781 "FI1", file information 782 "FI2", file information 783 "FI3", ‧‧‧, file information 785 "FIc", and generated c split file information 731 "splFI1", split file information 732 "splFI2", split file information 733 "splFI3" ‧ ‧ ‧ split file information 734 "splFIc"

其次,單元生成機構204生成包含生成之c個分割檔案資訊的分割內容721。 Next, the unit generation unit 204 generates the divided content 721 including the generated c pieces of divided file information.

再者,依每一原檔案生成之單元數m可不同。 Furthermore, the number m of cells generated by each original file may be different.

其次,單元生成機構204將生成之分割內容721往加密化機構206輸出。 Next, the unit generation unit 204 outputs the generated divided content 721 to the encryption unit 206.

上述中,係構成為單元生成機構204生成檔案識別子,但亦可構成為檔案識別子與內容一起由外部輸入。 In the above description, the unit generation unit 204 generates the file identifier, but the file identifier may be externally input together with the content.

又,令原檔案之分割單位為VOBU,但不限定於此。亦可令原檔案依例如每GOP(GroupofPicture),而以每64 量,於每再生時間1秒相當量進行分割。又,亦可藉操作者輸入顯示分割單位之資訊,並根據業經輸入之資訊,分割原檔案。 Further, the division unit of the original file is VOBU, but is not limited thereto. It is also possible to make the original file, for example, every GOP (GroupofPicture), and every 64 The amount was divided into equivalent amounts of 1 second per regeneration time. In addition, the operator may input information indicating the division unit, and divide the original file according to the information input by the operator.

(b)單元選出資訊780之生成 (b) Unit selection information 780 generation

當分割內容721之輸出結束時,單元生成機構204生成由c個檔案資訊781、782、783、‧‧‧、785構成之單元選出資訊780。 When the output of the divided content 721 is completed, the unit generating means 204 generates unit selection information 780 composed of c pieces of archive information 781, 782, 783, ‧‧‧, 785.

將單元選出資訊780之資料構造之一例顯示於第6圖。單元選出資訊780係由c個檔案資訊781「FI1」、檔案資訊782「FI2」、檔案資訊783「FI3」、‧‧‧、檔案資訊785「FIc」所構成。 An example of the data structure of the unit selection information 780 is shown in Fig. 6. The unit selection information 780 is composed of c file information 781 "FI1", file information 782 "FI2", file information 783 "FI3", ‧‧‧, file information 785 "FIc".

單元生成機構204係將生成之單元選出資訊780作為中間內容資料集242之一部份,往儲存機構202寫入,並將生成之單元選出資訊780往簽章生成機構209輸出。 The unit generation unit 204 writes the generated unit selection information 780 as part of the intermediate content data set 242, writes it to the storage unit 202, and outputs the generated unit selection information 780 to the signature generation unit 209.

2.2.5共通標題金鑰生成機構205 2.2.5 Common Title Key Generation Mechanism 205

共通標題金鑰生成機構205係用以生成共通標題金鑰241「CTK」。具體而言,共通標題金鑰生成機構205之一例係生成128位元寬之擬亂數,將生成之擬亂數作為共通標題金鑰241「CTK」。其次,將生成之共通標題金鑰241「CTK」往加密化機構206輸出,並將生成之共通標題金鑰241「CTK」往儲存機構202寫入。 The common title key generation unit 205 is for generating a common title key 241 "CTK". Specifically, one example of the common title key generation unit 205 generates a pseudo random number of 128 bits wide, and the generated pseudo random number is used as the common title key 241 "CTK". Next, the generated common title key 241 "CTK" is output to the encryption unit 206, and the generated common title key 241 "CTK" is written to the storage unit 202.

共通標題金鑰241「CTK」與複數資訊記錄媒體裝置共通。換言之,複數之資訊記錄媒體裝置中,係使用相同的共通標題金鑰。該等複數之資訊記錄媒體裝置會記錄相同的內容。 The common title key 241 "CTK" is common to the plural information recording medium device. In other words, the same common title key is used in the plural information recording media devices. The plurality of information recording media devices record the same content.

在此,共通標題金鑰241「CTK」係為了將原內容701加密化而使用之金鑰。以加密化使用之加密演算法Enc係例如AES(AdvancedEncryptionStandard)暗號。可是,並不受此限。亦可為其他之共通金鑰暗號、例如DES(DataEncryptionStandard)暗號、Triple-DES、C2(CryptomeriaCipher)暗號、Camellia暗號、RC4暗號等。 Here, the common title key 241 "CTK" is a key used to encrypt the original content 701. The encryption algorithm Enc used for encryption is, for example, an AES (Advanced Encryption Standard) code. However, this is not the limit. Other common key ciphers, such as DES (DataEncryptionStandard) cipher, Triple-DES, C2 (Cryptomeria Cipher) cipher, Camellia cipher, RC4 cipher, etc.

又,亦可為RSA暗號或橢圓曲線暗號等的公開金鑰暗號。再者,使用公開金鑰暗號時,共通標題金鑰生成機構205生成共通標題公開金鑰「CTPK」與與其對應之共通標題私有金鑰「CTSK」,來取代共通標題金鑰241「CTK」。 Further, it may be a public key cipher such as an RSA cipher or an elliptic curve cipher. Further, when the public key cipher is used, the common title key generation unit 205 generates the common title public key "CTPK" and the corresponding common title private key "CTSK" instead of the common title key 241 "CTK".

以下之例係加密演算法Enc使用AES暗號,共通標題金鑰241「CTK」使用128位元寬之位元列。 In the following example, the encryption algorithm Enc uses the AES cipher, and the common title key 241 "CTK" uses a 128-bit wide bit column.

再者,共通標題金鑰生成機構205亦可利用信號之雜訊等生成真亂數以取代擬亂數。生成亂數之方法於非專利 文獻1詳述。 Furthermore, the common title key generation unit 205 can also generate a true random number by using a signal noise or the like instead of the pseudo random number. The method of generating random numbers is non-patented Document 1 is detailed.

又,共通標題金鑰241之生成亦可使用非亂數生成之其他方法,亦可將共通標題金鑰241之位元寬配合使用之加密演算法來設定。例如、使用Triple-DES暗號時,則生成168位元(包含同位時為192位元)之金鑰。 Further, the generation of the common title key 241 may be performed by other methods other than random number generation, or may be set by using the bit width of the common title key 241 in conjunction with the encryption algorithm used. For example, when using the Triple-DES key, a key of 168 bits (including 192 bits in the same place) is generated.

2.2.6加密化機構206 2.2.6 Encryption Mechanism 206

加密化機構206由共通標題金鑰生成機構205接受共通標題金鑰241「CTK」。又,加密化機構206由單元生成機構204接受分割內容721。 The encryption unit 206 receives the common title key 241 "CTK" from the common title key generation unit 205. Further, the encryption unit 206 receives the divided content 721 by the unit generation unit 204.

將藉加密化機構206執行之加密化處理之一部份顯示於第7圖,以下就加密化機構206執行之處理做說明。 A part of the encryption processing performed by the encryption unit 206 is shown in Fig. 7, and the processing executed by the encryption unit 206 will be described below.

加密化機構206接受分割內容721時,選擇構成已接收之分割內容721之分割檔案資訊731「splFI1」所含之分割檔案751「splCNT1」。其次,由選擇之分割檔案751「splCNT1」之起始單元資訊761「UI1_1」提取標題金鑰旗標資訊772「TKFI1_1」,判定提取之標題金鑰旗標資訊772「TKFI1_1」為「0」與「1」之何者。 When the encryption unit 206 receives the divided content 721, the encrypted file 751 "splCNT1" included in the divided file information 731 "splFI1" constituting the received divided content 721 is selected. Next, the title key flag information 772 "TKFI1_1" is extracted from the start unit information 761 "UI1_1" of the selected split file 751 "splCNT1", and the extracted title key flag information 772 "TKFI1_1" is determined to be "0" and What is "1"?

若判定為「0」,則意味著係使用個別標題金鑰381加密化,故在此不進行加密化,而是加密化機構206直接將單元資訊761作為加密化單元資訊而生成。因此,生成之加密化單元資訊係與原本的單元資訊761相同。其次,移到下一次單元之處理。 If the determination is "0", it means that the individual title key 381 is used for encryption. Therefore, instead of encrypting, the encryption unit 206 directly generates the unit information 761 as the encrypted unit information. Therefore, the generated encryption unit information is the same as the original unit information 761. Second, move to the next unit of processing.

若判定為「1」,則意味著係以共通標題金鑰241進行加密化,因此加密化機構206由單元資訊761「UI1_1」提 取單元773「U1_1」,並對提取之單元773「U1_1」使用接受之共通標題金鑰241「CTK」施行加密演算法Enc,而生成加密化單元813「EU1_1」。 If the determination is "1", it means that the password is encrypted by the common title key 241. Therefore, the encryption unit 206 is provided by the unit information 761 "UI1_1". The unit 773 "U1_1" is taken, and the extracted unit 773 "U1_1" is subjected to the encryption algorithm Enc using the accepted common title key 241 "CTK" to generate the encryption unit 813 "EU1_1".

在此,EU1_1=Enc(CTK,U1_1)。又,Enc(K,D)顯示使用金鑰K對資料D施行加密演算法Enc而生成之加密化資料。再者,使用公開金鑰暗號作為加密演算法時,使用於加密化之金鑰並非為共通標題金鑰241「CTK」,而是共通標題公開金鑰「CTPK」。 Here, EU1_1=Enc(CTK, U1_1). Further, Enc(K, D) displays the encrypted data generated by performing the encryption algorithm Enc on the data D using the key K. Further, when the public key cipher is used as the encryption algorithm, the key used for encryption is not the common title key 241 "CTK" but the common title public key "CTPK".

再者,加密化機構206所使用之加密演算法Enc進行之加密化稱為第一加密化。又,有時亦將加密化機構206所生成之加密化單元稱為第一加密化單元。 Furthermore, the encryption performed by the encryption algorithm Enc used by the encryption mechanism 206 is referred to as first encryption. Further, the encryption unit generated by the encryption unit 206 may be referred to as a first encryption unit.

加密化機構206生成由單元資訊761「UI1_1」所含之單元識別子771「UID1_1」、標題金鑰旗標資訊772「TKFI1_1」、及在此生成之加密化單元813「EU1_1」所構成之加密化單元資訊801「EUI1_1」。 The encryption unit 206 generates the encryption of the unit identifier 771 "UID1_1" included in the unit information 761 "UI1_1", the title key flag information 772 "TKFI1_1", and the encryption unit 813 "EU1_1" generated here. Unit information 801 "EUI1_1".

加密化機構206對單元資訊762「UI1_2」、單元資訊763「UI1_3」、‧‧‧、單元資訊764「UI1_m」也重複同樣的處理,生成加密化單元資訊802「EUI1_2」、加密化單元資訊803「EUI1_3」、‧‧‧、加密化單元資訊804「EUI1_m」。 The encryption unit 206 repeats the same processing for the unit information 762 "UI1_2", the unit information 763 "UI1_3", ‧‧‧, and the unit information 764 "UI1_m", and generates the encryption unit information 802 "EUI1_2" and the encryption unit information 803. "EUI1_3", ‧‧‧, encryption unit information 804 "EUI1_m".

其次,加密化機構206生成由1個分割檔案751生成之m個加密化單元資訊之組所構成之加密化分割檔案800「EsplCNT1」。如此,加密化機構206由1個分割檔案生成1個加密化分割檔案。再者,由於加密化分割檔案包含未經共通標題金鑰241加密化之單元,因此也稱為中間加 密化分割檔案。 Next, the encryption unit 206 generates an encrypted divided file 800 "EsplCNT1" composed of a group of m pieces of encrypted unit information generated by one divided file 751. In this manner, the encryption unit 206 generates one encrypted divided file from one divided file. Furthermore, since the encrypted split file contains a unit that is not encrypted by the common title key 241, it is also called a middle plus Densify split files.

如第7圖所示,由分割檔案751「splCNT1」藉由上述流程所生成之加密化分割檔案800「EsplCNT1」係由m個加密化單元資訊801「EUI1_1」、加密化單元資訊802「EUI1_2」、加密化單元資訊803「EUI1_3」、‧‧‧、加密化單元資訊804「EUI1_m」所構成。加密化單元資訊801、802、803、‧‧‧、804之每一個,也就是各加密化單元資訊「EUI1_i」(i為1到m的整數)係以構成分割檔案751「splCNT1」之單元資訊761、762、763、‧‧‧、764、也就是以各單元資訊「UI1_i」為基礎而生成,包含單元識別子「UID1_i」、標題金鑰旗標資訊「TKFI1_i」及加密化單元「EU1_i」。 As shown in FIG. 7, the encrypted divided file 800 "EsplCNT1" generated by the above-described flow by the divided file 751 "splCNT1" is composed of m encrypted unit information 801 "EUI1_1" and encrypted unit information 802 "EUI1_2". The encryption unit information 803 "EUI1_3", ‧‧‧, and the encryption unit information 804 "EUI1_m" are formed. Each of the encryption unit information 801, 802, 803, ‧‧‧, 804, that is, each encryption unit information "EUI1_i" (i is an integer from 1 to m) is used to form the unit information of the divided file 751 "splCNT1" 761, 762, 763, ‧‧‧, 764 are generated based on each unit information "UI1_i", and include a unit identifier "UID1_i", a title key flag information "TKFI1_i", and an encryption unit "EU1_i".

其次,加密化機構206由構成生成之加密化分割檔案800「EsplCNT1」之各加密化單元資訊「EUI1_i」(i為1到m的整數)提取加密化單元「EU1_i」。也就是說,加密化機構206係提取第7圖所示之加密化單元813、814、815、816、‧‧‧、817。其次,生成由提取之m個加密化單元之組所構成之加密化檔案821「ECNT1」。 Next, the encryption unit 206 extracts the encryption unit "EU1_i" from each of the encryption unit information "EUI1_i" (i is an integer of 1 to m) constituting the generated encrypted divided file 800 "EsplCNT1". That is, the encryption unit 206 extracts the encryption units 813, 814, 815, 816, ‧ ‧ and 817 shown in FIG. Next, an encrypted file 821 "ECNT1" composed of a group of the extracted m encryption units is generated.

換言之,加密化機構206係用以生成由m個加密化單元813、814、815、816、‧‧‧、817所構成之加密化檔案821「ECNT1」。 In other words, the encryption unit 206 is configured to generate an encrypted file 821 "ECNT1" composed of m encryption units 813, 814, 815, 816, ‧ ‧ and 817.

其次,加密化機構206將分割檔案資訊731「splFI1」所含之分割檔案751「splCNT1」置換成生成之加密化分割檔案800「EsplCNT1」,而生成加密化分割檔案資訊841 「EsplFI1」。即,加密化分割檔案資訊841「EsplFI1」包含檔案識別子「FID1」851與加密化分割檔案852「EsplCNT1」。檔案識別子「FID1」851與檔案識別子「FID1」741相同,加密化分割檔案852「EsplCNT1」與加密化分割檔案800「EsplCNT1」相同。 Next, the encryption unit 206 replaces the divided file 751 "splCNT1" included in the divided file information 731 "splFI1" with the generated encrypted divided file 800 "EsplCNT1" to generate the encrypted divided file information 841. "EsplFI1". In other words, the encrypted divided file information 841 "EsplFI1" includes the file identifier "FID1" 851 and the encrypted divided file 852 "EsplCNT1". The file identifier "FID1" 851 is the same as the file identifier "FID1" 741, and the encrypted divided file 852 "EsplCNT1" is the same as the encrypted divided file 800 "EsplCNT1".

加密化機構206亦就分割檔案資訊732「splFI2」、分割檔案資訊733「splFI3」、‧‧‧、分割檔案資訊734「splFIc」分別同樣地生成加密化分割檔案資訊842「EsplFI2」、加密化分割檔案資訊843「EsplFI3」、‧‧‧、加密化分割檔案資訊844「EsplFIc」。 The encryption unit 206 also generates the encrypted divided file information 842 "EsplFI2" and the encrypted segmentation in the same manner for the divided file information 732 "splFI2", the divided file information 733 "splFI3", ‧ ‧ and the divided file information 734 "splFIc" File Information 843 "EsplFI3", ‧‧‧, Encrypted Split File Information 844 "EsplFIc".

又,加密化機構206亦就分割檔案資訊732「splFI2_」、分割檔案資訊733「splFI3」、‧‧‧、分割檔案資訊734「splFIc」分別同樣地生成加密化檔案822「ECNT2」、加密化檔案823「ECNT3」、‧‧‧、加密化檔案824「ECNTc」。 Further, the encryption unit 206 also generates the encrypted file 822 "ECNT2" and the encrypted file in the same manner for the divided file information 732 "splFI2_", the divided file information 733 "splFI3", ‧ ‧ and the divided file information 734 "splFIc" 823 "ECNT3", ‧‧‧, encrypted file 824 "ECNTc".

其次,加密化機構206係如第9圖所示,生成由生成之c個加密化分割檔案資訊841、842、843、‧‧‧、844之組所構成之加密化分割內容840。 Next, as shown in FIG. 9, the encryption unit 206 generates the encrypted divided content 840 composed of the generated c-encrypted divided file information 841, 842, 843, ‧ ‧ and 844.

其次,加密化機構206將生成之加密化分割內容840往標頭資訊生成機構207輸出。 Next, the encryption unit 206 outputs the generated encrypted divided content 840 to the header information generating unit 207.

其次,加密化機構206係如第8圖所示,將c個加密化檔案821、822、823、‧‧‧、824所構成之組生成作為加密化內容820,並將生成之加密化內容820作為中間內容資料集242之一部份往儲存機構202寫入。再者,加密化內容820也包含未經共通標題金鑰241加密化之單元,因此 有時也稱為中間加密化內容。又,同樣的理由,有時亦將各加密化檔案821、822、823、‧‧‧、824分別稱為中間加密化檔案。 Next, as shown in FIG. 8, the encryption unit 206 generates a group of c encrypted files 821, 822, 823, ‧‧, and 824 as the encrypted content 820, and generates the encrypted content 820. It is written to the storage unit 202 as part of the intermediate content data set 242. Furthermore, the encrypted content 820 also includes a unit that is not encrypted by the common title key 241, so Sometimes referred to as intermediate encrypted content. For the same reason, each encrypted file 821, 822, 823, ‧ ‧ and 824 may also be referred to as an intermediate encrypted file.

如第8圖所示,加密化內容820由c個加密化檔案821「ECNT1」、加密化檔案822「ECNT2」、加密化檔案823「ECNT3」、‧‧‧、加密化檔案824「ECNTc」所構成。 As shown in Fig. 8, the encrypted content 820 is composed of c encrypted files 821 "ECNT1", encrypted file 822 "ECNT2", encrypted file 823 "ECNT3", ‧‧‧, encrypted file 824 "ECNTc" Composition.

加密化檔案821、822、823、‧‧‧、824之各個,也就是各加密化檔案「ECNTj」(J為1到c之整數)係以加密化分割內容840所含之加密化分割檔案資訊841、842、843、‧‧‧、844、也就是各加密化分割檔案資訊「EsplFIj」為基礎而生成,包含複數加密化單元。 Each of the encrypted files 821, 822, 823, ‧‧‧, 824, that is, each encrypted file "ECNTj" (J is an integer from 1 to c) is an encrypted split file information included in the encrypted divided content 840 841, 842, 843, ‧‧‧, 844, which is generated based on each encrypted split file information "EsplFIj", includes a complex encryption unit.

其中一例係如第8圖所示,加密化檔案821「ECNT1」包含了加密化單元813「EU1_1」、加密化單元814「EU1_2」、加密化單元815「EU1_3」、加密化單元816「EU1_4」、‧‧‧、加密化單元817「EU1_m」。 As an example, as shown in FIG. 8, the encrypted file 821 "ECNT1" includes the encryption unit 813 "EU1_1", the encryption unit 814 "EU1_2", the encryption unit 815 "EU1_3", and the encryption unit 816 "EU1_4". ‧‧‧Encryption unit 817 "EU1_m".

如以上所說明,加密化機構206係僅對構成為明文內容之原內容701之複數明文單元(也稱為明文區塊)中一部份之前述明文單元,施行使用了共通標題金鑰241之第一加密化而生成加密化單元(也稱為加密化區塊),生成由未經前述第一加密化之前述明文單元及所生成之前述加密化單元所構成之加密化內容820(也稱為中間加密化內容)。 As described above, the encryption mechanism 206 performs the use of the common title key 241 only for the plaintext unit of a part of the plurality of plaintext units (also referred to as plaintext blocks) of the original content 701 of the plaintext content. Encryption unit (also referred to as an encryption block) is generated by first encryption, and encrypted content 820 composed of the plaintext unit without the first encryption and the generated encryption unit is generated (also called Encrypt content for the middle).

2.2.7標頭資訊生成機構207 2.2.7 Header Information Generation Mechanism 207

標頭資訊生成機構207由加密化機構206接受加密化分割內容840。接受加密化分割內容840時,係如第9圖所 示,使用接受之加密化分割內容840而生成標頭資訊860。 The header information generating unit 207 receives the encrypted divided content 840 by the encryption unit 206. When accepting the encrypted partitioned content 840, it is as shown in Figure 9. The header information 860 is generated using the accepted encrypted partitioned content 840.

第9圖係顯示標頭資訊生成機構207進行之標頭資訊860之生成流程的概要。接受之加密化分割內容840係由c個加密化分割檔案資訊841「EsplFI1」、加密化分割檔案資訊842「EsplFI2」、加密化分割檔案資訊843「EsplFI3」、‧‧‧、加密化分割檔案資訊844「EsplFIc」所構成。加密化分割檔案資訊841、842、843、‧‧‧、844,也就是各加密化分割檔案資訊「EsplFIj」(J為1到c之整數)包含檔案識別子「FIDj」與加密化分割檔案「EsplCNTj」。 Fig. 9 is a view showing an outline of a flow of generation of the header information 860 by the header information generating unit 207. The encrypted partitioned content 840 is received by c-encrypted split file information 841 "EsplFI1", encrypted split file information 842 "EsplFI2", encrypted split file information 843 "EsplFI3", ‧‧‧, encrypted split file information 844 "EsplFIc". Encrypted split file information 841, 842, 843, ‧‧‧, 844, that is, each encrypted split file information "EsplFIj" (J is an integer from 1 to c) including the file identifier "FIDj" and the encrypted split file "EsplCNTj" "."

標頭資訊生成機構207係根據加密化分割檔案資訊841、842、843、‧‧‧、844分別所含之加密化分割檔案而生成第一散列表861、862、863、‧‧‧、864。例如、根據加密化分割檔案資訊841所含之加密化分割檔案852「EsplCNT1」生成第一散列表861「HA1TBL1」。其次,標頭資訊生成機構207由生成之c個第一散列表861、862、863、‧‧‧、864,生成第二散列表865「HA2TBL」。 The header information generating unit 207 generates first hash tables 861, 862, 863, ‧ ‧ and 864 based on the encrypted divided files included in the encrypted divided file information 841, 842, 843, ‧ ‧ and 844, respectively. For example, the first hash table 861 "HA1TBL1" is generated based on the encrypted divided file 852 "EsplCNT1" included in the encrypted divided file information 841. Next, the header information generating unit 207 generates a second hash table 865 "HA2TBL" from the generated c first hash tables 861, 862, 863, ‧ ‧ and 864.

關於上述之第一散列表861、862、63、‧‧‧、864之生成及第二散列表865之生成流程於以下詳細說明。 The generation of the first hash table 861, 862, 63, ‧ ‧ , 864 and the second hash table 865 are described in detail below.

(1)第一散列表861之生成。以下就第一散列表861之生成流程進行說明。再者,第一散列表862、‧‧‧、864之生成流程與第一散列表861之生成流程相同,因此省略說明。 (1) Generation of the first hash table 861. The generation flow of the first hash table 861 will be described below. Furthermore, the generation flow of the first hash table 862, ‧‧‧, 864 is the same as the generation flow of the first hash table 861, and thus the description thereof is omitted.

標頭資訊生成機構207進行之第一散列表861「HA1TBL1」之生成流程的概要顯示於第10圖。 The outline of the flow of generation of the first hash table 861 "HA1TBL1" by the header information generating means 207 is shown in FIG.

首先,標頭資訊生成機構207由構成加密化分割檔案800「EsplCNT1」之起始的加密化單元資訊801「EUI1_1」提取加密化單元813「EU1_1」,並將提取之加密化單元813「EU1_1」代入散列函數SHA-1(SecureHashAlgorithm-1),生成單元散列值「UHA1_1」。 First, the header information generating unit 207 extracts the encryption unit 813 "EU1_1" from the encryption unit information 801 "EUI1_1" which constitutes the start of the encrypted divided file 800 "EsplCNT1", and extracts the extracted encryption unit 813 "EU1_1". Substituting the hash function SHA-1 (SecureHashAlgorithm-1), the unit hash value "UHA1_1" is generated.

在此,對於以加密化機構206使用個別標題金鑰381加密化之單元,加密化單元資訊與單元資訊係相同的,因此不存在相當於加密化單元者。因此,對於使用個別標題金鑰381加密化之單元,將單元當作加密化單元,代入散列函數。對於使用個別標題金鑰381加密化之單元,加密化單元也被視為與單元為相同者。因此,對於使用個別標題金鑰381加密化之單元,將明文單元代入散列函數,對於使用共通標題金鑰241加密化之單元,將加密化單元代入散列函數。 Here, the unit encrypted by the encryption unit 206 using the individual title key 381 has the same encryption unit information as the unit information, and therefore there is no equivalent to the encryption unit. Therefore, for a unit encrypted with an individual title key 381, the unit is treated as an encryption unit and substituted into a hash function. For units that are encrypted using the individual title key 381, the cryptographic unit is also considered to be the same as the unit. Therefore, for the unit encrypted using the individual title key 381, the plaintext unit is substituted into the hash function, and the unit encrypted by the common title key 241 is substituted into the hash function.

在此,散列函數係使用SHA-1,但不受此限。亦可使用SHA-2、SHA-3或使用了區塊暗號之CBC-MAC(CipherBlockChaining-MessageAuthenticationCode)等。 Here, the hash function uses SHA-1, but is not limited to this. It is also possible to use SHA-2, SHA-3, or CBC-MAC (CipherBlock Chaining-Message Authentication Code) using a block number.

在此,將加密化單元資訊801之加密化單元813「EU1_1」置換成生成之單元散列值「UHA1_1」,生成單元散列資訊871「UHI1_1」。即,單元散列資訊871「UHI1_1」由單元識別子881「UID1_1」、標題金鑰旗標資訊882「TKFI1_1」及單元散列值883「UHA1_1」所構成。 Here, the encryption unit 813 "EU1_1" of the encryption unit information 801 is replaced with the generated unit hash value "UHA1_1", and the unit hash information 871 "UHI1_1" is generated. That is, the unit hash information 871 "UHI1_1" is composed of the unit identifier 881 "UID1_1", the title key flag information 882 "TKFI1_1", and the unit hash value 883 "UHA1_1".

在此,單元識別子881「UID1_1」與加密化單元資訊801所含之單元識別子811「UID1_1」相同,因此標題金鑰旗標資訊882「TKFI1_1」與加密化單元資訊801所含之標題金鑰旗標資訊812「TKFI1_1」相同。 Here, the unit identifier 881 "UID1_1" is the same as the unit identifier 811 "UID1_1" included in the encryption unit information 801, so the title key flag information 882 "TKFI1_1" and the title key flag included in the encryption unit information 801. The standard information 812 "TKFI1_1" is the same.

標頭資訊生成機構207亦就加密化單元資訊802「EUI1_2」、加密化單元資訊803「EUI1_3」、‧‧‧、加密化單元資訊804「EUI1_m」重複同樣的處理,並生成單元散列資訊872「UHI1_2」、單元散列資訊873「UHI1_3」、‧‧‧、單元散列資訊874「UHI1_m」。其次,標頭資訊生成機構207係如第10圖所示,生成由生成之m個單元散列資訊871、872、873、‧‧‧、871所構成之第一散列表861「HA1TBL1」。 The header information generating unit 207 also repeats the same processing for the encryption unit information 802 "EUI1_2", the encryption unit information 803 "EUI1_3", ‧‧‧, and the encryption unit information 804 "EUI1_m", and generates unit hash information 872 "UHI1_2", unit hash information 873 "UHI1_3", ‧‧‧, unit hash information 874 "UHI1_m". Next, as shown in FIG. 10, the header information generating unit 207 generates a first hash table 861 "HA1TBL1" composed of the generated m unit hash information 871, 872, 873, ‧ ‧ and 871.

同樣地,標頭資訊生成機構207生成第一散列表861、862、863、‧‧‧、864。 Similarly, the header information generating unit 207 generates first hash tables 861, 862, 863, ‧‧‧, 864.

(2)第二散列表865之生成 (2) Generation of the second hash table 865

標頭資訊生成機構207重複上述之流程,由加密化分割內容完成生成c個第一散列表861、862、863、‧‧‧、864時,接著使用生成之c個第一散列表861、862、863、‧‧‧、864,生成第二散列表865「HA2TBL」。第二散列表865「HA2TBL」係如第11圖所示,由c個檔案散列資訊885「FHI1」、檔案散列資訊886「FHI2」、檔案散列資訊887「FHI3」、‧‧‧、檔案散列資訊888「FHIc」所構成。檔案散列資訊885、886、887、‧‧‧、888之各個,也就是各檔案散列資訊「FHIj」(J為1到c之整數)包含檔案識別子 「FIDj」與檔案散列值「FHAj」。 The header information generating unit 207 repeats the above-described flow, and when the c first partial hash tables 861, 862, 863, ‧‧‧, 864 are generated by the encrypted divided content, the generated c first hash tables 861, 862 are used. , 863, ‧‧‧, 864, generate a second hash table 865 "HA2TBL". The second hash table 865 "HA2TBL" is as shown in Figure 11, which consists of c files hashing information 885 "FHI1", file hashing information 886 "FHI2", file hashing information 887 "FHI3", ‧ ‧ The file hash information 888 "FHIc" is composed. The file hash information 885, 886, 887, ‧‧‧, 888, that is, the file hash information "FHIj" (J is an integer from 1 to c) contains the file identifier "FIDj" and the file hash value "FHAj".

以下說明第二散列表865之生成流程。 The generation flow of the second hash table 865 will be described below.

標頭資訊生成機構207係將構成已生成之第一散列表861「HA1TBL1」之全部的單元散列資訊871、872、873、‧‧‧、874結合所得之結合體代入散列函數SHA-1,生成檔案散列值892「FHA1」。 The header information generating unit 207 substitutes the combination of the unit hash information 871, 872, 873, ‧‧‧, 874 constituting all of the generated first hash table 861 "HA1TBL1" into the hash function SHA-1. , generate file hash value 892 "FHA1".

在此,散列函數係使用SHA-1,但不受此限。如上所述,亦可使用使用了SHA-2、SHA-3或區塊暗號之CBC-MAC(CipherBlockChaining-MessageAuthenticationCode)等。 Here, the hash function uses SHA-1, but is not limited to this. As described above, a CBC-MAC (CipherBlock Chaining-Message Authentication Code) or the like using SHA-2, SHA-3, or a block cipher may be used.

其次,標頭資訊生成機構207係由與第一散列表861「HA1TBL1」對應之加密化分割檔案資訊841「EsplFI1」,提取檔案識別子851「FID1」,並生成由提取之檔案識別子851「FID1」與生成之檔案散列值「FHA1」所構成之檔案散列資訊885「FHI1」。 Next, the header information generating unit 207 extracts the file identifier 851 "FID1" from the encrypted divided file information 841 "EsplFI1" corresponding to the first hash table 861 "HA1TBL1", and generates the extracted file identifier 851 "FID1". The file hash information 885 "FHI1" formed by the generated file hash value "FHA1".

檔案散列資訊885「FHI1」係如第11圖所示,包含了檔案識別子891「FID1」及檔案散列值892「FHA1」。 As shown in Fig. 11, the file hash information 885 "FHI1" includes the file identifier 891 "FID1" and the file hash value 892 "FHA1".

在此,檔案識別子891「FID1」與由加密化分割檔案資訊841「EsplFI1」所提取之檔案識別子851「FID1」相同,而檔案散列值892「FHA1」與代入函數SHA-1而生成之檔案散列值「FHA1」相同。 Here, the file identifier 891 "FID1" is the same as the file identifier 851 "FID1" extracted by the encrypted divided file information 841 "EsplFI1", and the file hash value 892 "FHA1" and the file generated by the function SHA-1 are substituted. The hash value "FHA1" is the same.

標頭資訊生成機構207對第一散列表862「HA1TBL2」、第一散列表863「HA1TBL3」、‧‧‧、第一散列表864「HA1TBLc」也重覆與上述相同的處理,而\ 生成檔案散列資訊886「FHI2」、檔案散列資訊887「FHI3」、‧‧‧、檔案散列資訊888「FHIc」。 The header information generating unit 207 repeats the same processing as the above for the first hash table 862 "HA1TBL2", the first hash table 863 "HA1TBL3", ‧‧‧, and the first hash table 864 "HA1TBLc", and Generate file hash information 886 "FHI2", file hash information 887 "FHI3", ‧‧‧, file hash information 888 "FHIc".

各檔案散列資訊包含檔案識別子及檔案散列值。 Each file hash information includes file identifiers and file hash values.

其次,標頭資訊生成機構207生成由生成之c個檔案散列資訊885、886、887、‧‧‧、888所構成之第二散列表865「HA2TBL」。 Next, the header information generating unit 207 generates a second hash table 865 "HA2TBL" composed of the generated c file hash information 885, 886, 887, ‧ ‧ and 888.

以上已就(1)第一散列表861、862、863、‧‧‧、864之生成及(2)第二散列表865之生成流程作說明。 The flow of generation of (1) the first hash table 861, 862, 863, ‧‧, 864 and (2) the second hash table 865 has been described above.

標頭資訊生成機構207生成包含生成之c個第一散列表861、862、863、‧‧‧、864與1個第二散列表865「HA2TBL」之標頭資訊860,並將生成之標頭資訊860作為中間內容資料集242之一部份,往儲存機構202寫入。 The header information generating unit 207 generates header information 860 including the generated c first hash tables 861, 862, 863, ‧‧‧, 864 and one second hash table 865 "HA2TBL", and generates the header The information 860 is written to the storage mechanism 202 as part of the intermediate content data set 242.

又,標頭資訊生成機構207將生成之第二散列表865「HA2TBL」往簽章生成機構209輸出。 Further, the header information generating unit 207 outputs the generated second hash table 865 "HA2TBL" to the signature generating unit 209.

2.2.8簽章生成機構209 2.2.8 signature generation mechanism 209

簽章生成機構209係如以下所示,使用簽章金鑰保存機構208保存之私有金鑰251,生成對第二散列表865「HA2TBL」等之簽章資訊890。 The signature generation unit 209 generates the signature information 890 for the second hash table 865 "HA2TBL" or the like using the private key 251 stored in the signature key storage unit 208 as will be described below.

具體而言,簽章生成機構209由單元生成機構204接受單元選出資訊780,由標頭資訊生成機構207接受第二散列表865「HA2TBL」。其次,簽章生成機構209由簽章金鑰保存機構208讀出私有金鑰251「KSG」。 Specifically, the signature generation unit 209 receives the unit selection information 780 by the unit generation unit 204, and the header information generation unit 207 receives the second hash table 865 "HA2TBL". Next, the signature generation unit 209 reads the private key 251 "KSG" by the signature key storage unit 208.

進一步,簽章生成機構209係如第12圖所示,將接受之第二散列表865與接收之單元選出資訊780結合,生成 結合體261,並對生成之結合體261使用讀出之私有金鑰251「KSG」,施行簽章生成演算法S,並生成簽章資訊890。再者,關於簽章生成演算法S係如上述。其次,簽章生成機構209將生成之簽章資訊890作為中間內容資料集242之一部份,往儲存機構202寫入。 Further, the signature generation unit 209 combines the accepted second hash table 865 with the received unit selection information 780 as shown in FIG. 12 to generate The combination 261 combines the generated private key 251 "KSG" with the generated combination 261, executes the signature generation algorithm S, and generates the signature information 890. Furthermore, the signature generation algorithm S is as described above. Next, the signature generation unit 209 writes the generated signature information 890 as part of the intermediate content data set 242 to the storage unit 202.

2.2.9機器間傳送機構203 2.2.9 Inter-machine transfer mechanism 203

機器間傳送機構203藉由控制機構211之控制,由儲存機構202讀出共通標題金鑰241,並將已讀出之共通標題金鑰241經由通信用纜線21而傳送到發送伺服器裝置102a。 The inter-machine transfer mechanism 203 reads the common title key 241 from the storage unit 202 under the control of the control unit 211, and transmits the read common title key 241 to the transmission server device 102a via the communication cable 21. .

又,機器間傳送機構203藉由控制機構211之控制,由儲存機構202讀出由單元選出資訊780、加密化內容820、標頭資訊860及簽章資訊890所構成之中間內容資料集242,並將讀出之中間內容資料集242透過通信用纜線21往發送伺服器裝置102a傳送。 Moreover, the inter-machine transfer mechanism 203 reads the intermediate content data set 242 composed of the cell selection information 780, the encrypted content 820, the header information 860, and the signature information 890 by the storage unit 202 under the control of the control unit 211. The read intermediate content data set 242 is transmitted to the transmission server device 102a via the communication cable 21.

2.2.10控制機構211 2.2.10 Control Mechanism 211

控制機構211用以控制為內容簽章生成伺服器裝置101a之構成要素之機器間傳送機構203、單元生成機構204、共通標題金鑰生成機構205、加密化機構206、標頭資訊生成機構207及簽章生成機構209。 The control unit 211 controls the inter-machine transfer unit 203, the unit generation unit 204, the common title key generation unit 205, the encryption unit 206, the header information generation unit 207, and the components of the content signature generation server device 101a. Signature generation mechanism 209.

2.3發送伺服器裝置102a之構成 2.3 The composition of the transmitting server device 102a

發送伺服器裝置102a係如第13圖所示,由儲存機構301、機器間傳送機構302、機器間接收機構303、媒體識別子取得機構304、個別標題金鑰生成機構305、加密化機 構306、標題金鑰資料庫儲存機構307、運用主體公開金鑰保存機構308、私有金鑰保存機構309、公開金鑰証明書保存機構310、暗號通信路確立機構311及控制機構313所構成。 As shown in FIG. 13, the transmission server device 102a includes a storage unit 301, an inter-machine transfer unit 302, an inter-machine receiving unit 303, a media identifier acquisition unit 304, an individual title key generation unit 305, and an encryption unit. The configuration 306, the title key database storage unit 307, the application body public key storage unit 308, the private key storage unit 309, the public key certificate storage unit 310, the secret communication path establishing unit 311, and the control unit 313 are constituted.

在此,發送伺服器裝置102a,具體而言亦可為包含CPU、記憶體、二次記憶裝置、網際網路介面電路等之PC。此種情況下,儲存機構301、標題金鑰資料庫儲存機構307、運用主體公開金鑰保存機構308、私有金鑰保存機構309及公開金鑰証明書保存機構310分別由二次記憶裝置所構成,媒體識別子取得機構304、個別標題金鑰生成機構305、加密化機構306及暗號通信路確立機構311分別由CPU及在其上動作之程式所構成,機器間傳送機構302及機器間接收機構303分別由網際網路介面電路所構成。不用說,並不受此等所限。發送伺服器裝置102a之構成要素的一部份亦可由專用電路所構成。例如、加密化機構306亦可由專用之硬體電路所構成。 Here, the transmission server device 102a may specifically be a PC including a CPU, a memory, a secondary memory device, an internet interface circuit, or the like. In this case, the storage unit 301, the title key database storage unit 307, the application body public key storage unit 308, the private key storage unit 309, and the public key certificate storage unit 310 are respectively constituted by secondary memory devices. The media identification sub-acquisition means 304, the individual title key generation means 305, the encryption means 306, and the secret communication path establishment means 311 are respectively constituted by a CPU and a program operating thereon, and the inter-machine transfer mechanism 302 and the inter-machine receiving mechanism 303 are provided. They are composed of Internet interface circuits. Needless to say, it is not subject to these restrictions. A part of the components of the transmitting server device 102a may also be constituted by dedicated circuits. For example, the encryption mechanism 306 can also be constructed of a dedicated hardware circuit.

2.3.1儲存機構301 2.3.1 Storage mechanism 301

儲存機構301具有用以記憶中間內容資料集242、共通標題金鑰241、個別標題金鑰381及發送用內容資料集351之區域。 The storage unit 301 has an area for storing the intermediate content material set 242, the common title key 241, the individual title key 381, and the transmission content data set 351.

中間內容資料集242及共通標題金鑰241係由內容簽章生成伺服器裝置101a接收者。中間內容資料集242係如上所述,由單元選出資訊780、加密化內容820、標頭資訊860及簽章資訊890所構成。 The intermediate content material set 242 and the common title key 241 are received by the content signature generation server device 101a. The intermediate content data set 242 is composed of the unit selection information 780, the encrypted content 820, the header information 860, and the signature information 890 as described above.

個別標題金鑰381及發送用內容資料集351係如後述,經由記錄用資訊處理裝置103a往資訊記錄媒體裝置105a發送。發送用內容資料集351係如第16圖所示,由單元選出資訊780、標頭資訊860、簽章資訊890及後述之發送用加密化內容900所構成。 The individual title key 381 and the transmission content data set 351 are transmitted to the information recording medium device 105a via the recording information processing device 103a as will be described later. The transmission content data set 351 is composed of unit selection information 780, header information 860, signature information 890, and transmission encrypted content 900, which will be described later, as shown in FIG.

2.3.2運用主體公開金鑰保存機構308 2.3.2 Using the subject public key deposit mechanism 308

運用主體公開金鑰保存機構308保存有內容發送系統10a之運用主體具有之認證局裝置(未圖示)的公開金鑰361。 The application subject public key storage unit 308 holds a public key 361 of a certification authority device (not shown) included in the application body of the content transmission system 10a.

公開金鑰361係暗號通信路確立機構311在發送伺服器裝置102a與資訊記錄媒體裝置105a之間,確立暗號通信路22時使用。 The public key 361 is used by the secret communication path establishing unit 311 when the secret communication path 22 is established between the transmission server device 102a and the information recording medium device 105a.

在此,係構成為公開金鑰361為預先嵌入到發送伺服器裝置102a者,但不受此限。亦可構成為例如公開金鑰361為由內容發送系統10a之運用主體之認證局傳送,發送伺服器裝置102a接收公開金鑰361,運用主體公開金鑰保存機構308記憶接收之公開金鑰361。 Here, the public key 361 is configured to be embedded in the transmission server device 102a in advance, but is not limited thereto. For example, the public key 361 may be transmitted by the authentication authority of the application body of the content distribution system 10a, the transmission server device 102a receives the public key 361, and the public key storage unit 308 of the application body public key storage unit 308 memorizes the received public key 361.

2.3.3私有金鑰保存機構309 2.3.3 Private Key Depository Agency 309

私有金鑰保存機構309保存有發送伺服器裝置102a之私有金鑰362。私有金鑰362係當暗號通信路確立機構311在發送伺服器裝置102a與資訊記錄媒體裝置105a之間確立暗號通信路22時,以使用之公開金鑰暗號或公開金鑰簽章使用。私有金鑰362係內容發送系統10a之運用主體之認證局裝置與公開金鑰証明書一起發行之發送伺服器裝置 102a的私有金鑰。 The private key storage mechanism 309 holds the private key 362 of the transmitting server device 102a. The private key 362 is used by the secret communication path establishing means 311 when the secret communication path 22 is established between the transmission server device 102a and the information recording medium device 105a, and is used by the public key or public key signature used. The private key 362 is a transmission server device issued by the certification authority device of the application body of the content transmission system 10a and the public key certificate. 102a's private key.

2.3.4公開金鑰証明書保存機構310 2.3.4 Public Key Certificate Holding Organization 310

公開金鑰証明書保存機構310保存有發送伺服器裝置102a之公開金鑰証明書921。公開金鑰証明書921係如第17圖所示,包含有發送伺服器裝置102a之公開金鑰922、其他資訊及簽章923。再者,其他資訊包含証明書之有效期限等,但在此為了簡略化而省略記載。發送伺服器裝置102a之公開金鑰922係內容發送系統10a之運用主體的認證局裝置針對發送伺服器裝置102a發行之公開金鑰。簽章923係內容發送系統10a之運用主體的認證局裝置,使用該認證局裝置保存之自身之私有金鑰而對發送伺服器裝置102a之公開金鑰922及其他之資訊,施行簽章生成演算法S而生成之數位簽章資料。 The public key certificate storage unit 310 stores the public key certificate 921 of the transmission server device 102a. The public key certificate 921 includes a public key 922, other information, and a signature 923 of the transmission server device 102a as shown in FIG. In addition, other information includes the expiration date of the certificate, etc., but the description is omitted here for the sake of brevity. The public key 922 of the transmission server device 102a is a public key issued by the authentication authority device of the application body of the content transmission system 10a to the transmission server device 102a. The signature 923 is a certification authority device of the application body of the content transmission system 10a, and performs a signature generation calculation on the public key 922 and other information of the transmission server device 102a using the private key stored by the certification authority device. The digital signature data generated by the method S.

在此,簽章生成演算法S之一例係具有160位元之金鑰長之EC-DSA(EllipticCurveDigitalSignatureAlgorithm)。可是,不受此限,亦可為其他數位簽章方式或不同之位元寬之金鑰。又,亦可為使用MAC(MessageAuthenticationCode)等其他暗號函數防止竄改之方法。藉由賦與該簽章,發送伺服器裝置102a之公開金鑰922確實可驗證由內容發送系統10a之運用主體之認證局裝置發行。 Here, one example of the signature generation algorithm S is an EC-DSA (EllipticCurve Digital Signature Algorithm) having a 160-bit key length. However, without this limitation, it can also be a digital signature or a different key width. Further, it is also possible to prevent tampering by using other cipher functions such as MAC (Message Authentication Code). By assigning the signature, the public key 922 of the transmission server device 102a can be verified to be issued by the certification authority device of the application body of the content transmission system 10a.

2.3.5標題金鑰資料庫儲存機構307 2.3.5 Title Key Database Storage Organization 307

標題金鑰資料庫儲存機構307具有將後述之媒體識別子371與後述之個別標題金鑰281成對記憶之區域。 The title key database storage unit 307 has an area in which the media identifier 371, which will be described later, is paired with an individual title key 281, which will be described later.

媒體識別子371係由媒體識別子取得機構304接受者,且為唯一識別資訊記錄媒體裝置105a之識別資訊。個別標題金鑰381係由個別標題金鑰生成機構305接受者。 The media identifier 371 is received by the media identifier obtaining unit 304 and is uniquely identifying the identification information of the information recording medium device 105a. The individual title key 381 is accepted by the individual title key generation unit 305.

標題金鑰資料庫儲存機構307係藉將媒體識別子371與個別標題金鑰381成對來記憶,藉此萬一由資訊記錄媒體裝置105a洩漏個別標題金鑰381,即使在WEB伺服器或網際網路掲示板暴露個別標題金鑰381,亦可追蹤洩漏來源之資訊記錄媒體裝置。 The title key database storage unit 307 is memorized by pairing the media identifier 371 with the individual title key 381, whereby the individual title key 381 is leaked by the information recording medium device 105a even on the WEB server or the Internet. The road display panel exposes the individual title key 381 and can also track the information recording media device of the leak source.

在此種情況下,具體而言,由標題金鑰資料庫儲存機構307讀出對應於在WEB伺服器或網際網路掲示板暴露之個別標題金鑰381之媒體識別子371。如此,由讀出之媒體識別子371判明洩漏來源之資訊記錄媒體裝置。若判明洩漏來源之資訊記錄媒體裝置,可藉確認由資訊記錄媒體裝置傳送之媒體識別子,停止發送伺服器裝置102a進行之之後往洩漏來源之資訊記錄媒體裝置的內容發送。 In this case, specifically, the media identifier 371 corresponding to the individual title key 381 exposed on the WEB server or the Internet display panel is read by the title key database storage unit 307. Thus, the read media identifier 371 identifies the information recording medium device of the leak source. If the information recording medium device of the leak source is identified, the media identifier transmitted by the information recording medium device can be confirmed, and the transmission of the content of the information recording medium device to the leak source after the transmission of the server device 102a is stopped.

2.3.6機器間接收機構303 2.3.6 Inter-machine receiving mechanism 303

機器間接收機構303由內容簽章生成伺服器裝置101a接收共通標題金鑰241及中間內容資料集242。接收共通標題金鑰241及中間內容資料集242時,將已接收之共通標題金鑰241及中間內容資料集242寫入儲存機構301。 The inter-machine receiving unit 303 receives the common title key 241 and the intermediate content data set 242 by the content signature generation server device 101a. When the common title key 241 and the intermediate content data set 242 are received, the received common title key 241 and intermediate content data set 242 are written to the storage unit 301.

又,機器間接收機構303由資訊記錄媒體裝置105a透過記錄用資訊處理裝置103a,接收顯示發送用內容資料集351等之發送之要求之發送要求資訊321。當接收發送要求資訊321時,將接收之發送要求資訊321往暗號通信路確 立機構311輸出。 Further, the inter-machine receiving unit 303 receives the transmission request information 321 indicating the transmission request of the transmission content data set 351 or the like through the recording information processing device 103a by the information recording medium device 105a. When receiving the transmission request information 321, the receiving transmission request information 321 is transmitted to the secret communication path. The mechanism 311 outputs.

進一步,在送伺服器裝置102a與資訊記錄媒體裝置105a之間確立暗號通信路22後,機器間接收機構303由資訊記錄媒體裝置105a透過暗號通信路22接收媒體識別子371。當接收媒體識別子371時,將已接收之媒體識別子371往媒體識別子取得機構304輸出。 Further, after the secret communication path 22 is established between the server device 102a and the information recording medium device 105a, the inter-machine receiving unit 303 receives the media identifier 371 via the secret communication path 22 by the information recording medium device 105a. When the media identifier 371 is received, the received media identifier 371 is output to the media identifier obtaining unit 304.

2.3.7媒體識別子取得機構304 2.3.7 Media Identification Sub-Acquisition Agency 304

媒體識別子取得機構304由機器間接收機構303接受媒體識別子371,並將已接受之媒體識別子371往標題金鑰資料庫儲存機構307寫入。 The media identification sub-acquisition mechanism 304 receives the media identifier 371 from the inter-machine receiving mechanism 303, and writes the accepted media identifier 371 to the title key database storage unit 307.

在此,媒體識別子371係128位元寬,但不受此限,亦可為64位元寬、256位元寬等。 Here, the media identifier 371 is 128 bits wide, but is not limited thereto, and may be 64 bits wide, 256 bits wide, or the like.

2.3.8暗號通信路確立機構311 2.3.8 cryptographic communication path establishment mechanism 311

暗號通信路確立機構311使用運用主體公開金鑰保存機構308保存之公開金鑰361、私有金鑰保存機構309保存之私有金鑰362、公開金鑰証明書保存機構310保存之發送伺服器裝置102a之公開金鑰証明書921,經由記錄用資訊處理裝置103a,確立與資訊記錄媒體裝置105a之間的暗號通信路22。 The secret communication path establishing unit 311 uses the public key 361 stored by the application body public key storage unit 308, the private key 362 held by the private key storage unit 309, and the transmission server device 102a held by the public key certificate storage unit 310. The public key certificate 921 establishes the secret communication path 22 with the information recording medium device 105a via the recording information processing device 103a.

具體而言,暗號通信路確立機構311用以驗證通信對象之記錄用資訊處理裝置103a是否為正當的裝置。當判斷為非法當時,則中止暗號通信路22之確立。暗號通信路確立機構311判斷通信相手之記錄用資訊處理裝置103a為正當之裝置時,在與記錄用資訊處理裝置103a之間共有秘密 之對話金鑰。使用共有之對話金鑰在與記錄用資訊處理裝置103a之間進行秘密的暗號通信。 Specifically, the cipher communication path establishing unit 311 is for verifying whether or not the recording information processing device 103a of the communication target is a proper device. When it is judged to be illegal, the establishment of the secret communication path 22 is suspended. When the secret communication path establishing unit 311 determines that the communication information processing device 103a of the communication party is a legitimate device, it shares a secret with the recording information processing device 103a. Dialogue key. Secret secret communication is performed between the information processing device 103a for recording using the shared dialog key.

暗號通信路22之確立方法為何種方式皆可,例如、使用SSL(SecureSocketLayer)、TLS(TransportLayerSecurity)或專利文獻2及非專利文獻2所記載之DTCP(DigitalTransmissionContentProtection)所規定之方式。實施形態2中使用DTCP所規定之方式。 The method of establishing the cipher communication path 22 may be any one of the methods defined by, for example, SSL (Secure Socket Layer), TLS (Transport Layer Security), or DTCP (Digital Transmission Content Protection) described in Patent Document 2 and Non-Patent Document 2. In the second embodiment, the method defined by DTCP is used.

2.3.9個別標題金鑰生成機構305 2.3.9 Individual Title Key Generation Mechanism 305

個別標題金鑰生成機構305生成個別標題金鑰381「ITK」。具體而言,個別標題金鑰生成機構305與共通標題金鑰生成機構205進行之共通標題金鑰241之生成相同,舉例言之,生成128位元寬之擬亂數,將生成之擬亂數作為個別標題金鑰381「ITK」。 The individual title key generation unit 305 generates an individual title key 381 "ITK". Specifically, the individual title key generation unit 305 is identical to the generation of the common title key 241 by the common title key generation unit 205. For example, a pseudo-random number of 128-bit width is generated, and the pseudo-random number to be generated is generated. As the individual title key 381 "ITK".

如此,個別標題金鑰381「ITK」在一個資訊記錄媒體裝置是固有的。 Thus, the individual title key 381 "ITK" is inherent in an information recording media device.

其次,個別標題金鑰生成機構305將生成之個別標題金鑰381往加密化機構306輸出。又,將生成之個別標題金鑰381分別寫入儲存機構301及標題金鑰資料庫儲存機構307。 Next, the individual title key generation unit 305 outputs the generated individual title key 381 to the encryption unit 306. Further, the generated individual title key 381 is written into the storage unit 301 and the title key database storage unit 307, respectively.

再者,個別標題金鑰生成機構305係將個別標題金鑰381往標題金鑰資料庫儲存機構307寫入時,係使已經記憶於標題金鑰資料庫儲存機構307之媒體識別子371與個別標題金鑰381成對。 Further, when the individual title key generation unit 305 writes the individual title key 381 to the title key database storage unit 307, the media identifier 371 and the individual title that have been memorized in the title key database storage unit 307 are stored. The key 381 is paired.

個別標題金鑰381「ITK」係如後述,用以將加密化內 容820中未使用共通標題金鑰241加密化之單元進行加密化。此時使用之加密演算法Enc與使用共通標題金鑰241之加密化中所使用之加密演算法Enc相同。 The individual title key 381 "ITK" is used as will be described later. The unit 820 that is encrypted without using the common title key 241 is encrypted. The encryption algorithm Enc used at this time is the same as the encryption algorithm Enc used in the encryption using the common title key 241.

再者,亦可令使用個別標題金鑰381時之加密演算法與使用共通標題金鑰241時之加密演算法不同。又,個別標題金鑰381之生成方法亦可與共通標題金鑰241之生成方法不同。又,個別標題金鑰381與共通標題金鑰241之位元寬亦可不同。 Furthermore, the encryption algorithm when the individual title key 381 is used may be different from the encryption algorithm when the common title key 241 is used. Further, the method of generating the individual title key 381 may be different from the method of generating the common title key 241. Further, the bit width of the individual title key 381 and the common title key 241 may be different.

2.3.10加密化機構306 2.3.10 Encryption Mechanism 306

加密化機構306由個別標題金鑰生成機構305接受個別標題金鑰381「ITK」。又,加密化機構306讀出記憶於儲存機構301之中間內容資料集242所含之加密化內容820及標頭資訊860。 The encryption unit 306 receives the individual title key 381 "ITK" by the individual title key generation unit 305. Further, the encryption unit 306 reads the encrypted content 820 and the header information 860 included in the intermediate content data set 242 stored in the storage unit 301.

就加密化機構306所執行之加密化處理使用第14圖及第15圖加以說明。 The encryption processing executed by the encryption unit 306 will be described using Figs. 14 and 15.

加密化機構306由讀出之標頭資訊860提取第一散列表861「HA1TBL1」、第一散列表862「HA1TBL2」、第一散列表863「HA1TBL3」、‧‧‧、第一散列表864「HA1TBLc」。又,加密化機構306由讀出之加密化內容820提取加密化檔案821「ECNT1」、加密化檔案822「ECNT2」、加密化檔案823「ECNT3」、‧‧‧、加密化檔案824「ECNTc」。如以下詳細說明,使用提取之各第一散列表,並使用個別標題金鑰381「ITK」,將對應於該第一散列表之加密化檔案所含之加密化單元加密化。各加密化 檔案中之處理相同,因此在此僅就第一散列表861「HA1TBL1」與與其對應之加密化檔案821「ECNT1」之加密化處理作為代表,加以說明。 The encryption unit 306 extracts the first hash table 861 "HA1TBL1", the first hash table 862 "HA1TBL2", the first hash table 863 "HA1TBL3", the ‧‧‧, the first hash table 864 from the read header information 860 HA1TBLc". Further, the encryption unit 306 extracts the encrypted file 821 "ECNT1", the encrypted file 822 "ECNT2", the encrypted file 823 "ECNT3", the ‧‧‧, and the encrypted file 824 "ECNTc" from the read encrypted content 820 . As described in detail below, each of the extracted first hash tables is used, and the encryption unit included in the encrypted file corresponding to the first hash table is encrypted using the individual title key 381 "ITK". Encryption Since the processing in the file is the same, only the encryption processing of the first hash table 861 "HA1TBL1" and the encrypted file 821 "ECNT1" corresponding thereto will be described as a representative.

再者,將加密化機構306所使用之加密演算法進行之加密化稱為第二加密化。又,加密化機構306所生成之加密化單元也稱為第二加密化單元(或、第二加密化區塊)。 Furthermore, the encryption performed by the encryption algorithm used by the encryption mechanism 306 is referred to as second encryption. Further, the encryption unit generated by the encryption unit 306 is also referred to as a second encryption unit (or a second encryption block).

加密化機構306係如第14圖所示,確認第一散列表861所含之單元散列資訊871、872、873、‧‧‧、874分別所含之標題金鑰旗標資訊875、876、877、878、‧‧‧、879之值。其次,在該等標題金鑰旗標資訊中,提取標題金鑰旗標資訊為「0」者。 The encryption unit 306 confirms the title key flag information 875, 876 included in the unit hash information 871, 872, 873, ‧ ‧ and 874 included in the first hash table 861 as shown in FIG. Values of 877, 878, ‧ ‧ and 879 Next, in the title key flag information, the header key flag information is extracted as "0".

其中一例係如第14圖所示,標題金鑰旗標資訊876與標題金鑰旗標資訊878分別為「0」,其他標題金鑰旗標資訊875、877、‧‧‧、879為「1」。 For example, as shown in FIG. 14, the title key flag information 876 and the title key flag information 878 are respectively "0", and the other title key flag information 875, 877, ‧ ‧ and 879 are "1" "."

此時,加密化機構306由加密化檔案821提取對應於為「0」之標題金鑰旗標資訊之加密化單元,並使用個別標題金鑰381將提取之加密化單元進行加密化,生成發送用加密化單元。另一方面,就對應於為「1」之標題金鑰旗標資訊之加密化單元不進行使用個別標題金鑰381之加密化,而是將各自之加密化單元直接作為發送用加密化單元。也就是說此種情況下,所謂加密化單元與發送用加密化單元是相同的。 At this time, the encryption unit 306 extracts the encryption unit corresponding to the title key flag information of “0” from the encrypted file 821, and encrypts the extracted encryption unit using the individual title key 381 to generate and transmit. Use the encryption unit. On the other hand, the encryption unit corresponding to the title key flag information of "1" does not use the encryption of the individual title key 381, but the respective encryption units are directly used as the transmission encryption unit. That is to say, in this case, the encryption unit is the same as the transmission encryption unit.

第14圖及第15圖所示之例的情況中,標題金鑰旗標資訊876與標題金鑰旗標資訊878分別為「0」,因此加密 化機構306由加密化檔案821提取加密化單元814及加密化單元816,並使用個別標題金鑰381將提取加密化單元814及加密化單元816加密化,生成發送用加密化單元914及916。由於其他標題金鑰旗標資訊875、877、‧‧‧、879為「1」,因此就對應於該等標題金鑰旗標資訊之加密化單元813、815、‧‧‧、817不進行使用了個別標題金鑰381之加密化,而是將各自之加密化單元813、815、‧‧‧、817直接當作發送用加密化單元913、915、‧‧‧、917。 In the case of the example shown in Figs. 14 and 15, the title key flag information 876 and the title key flag information 878 are respectively "0", so the encryption is performed. The encryption unit 306 extracts the encryption unit 814 and the encryption unit 816 from the encrypted file 821, and encrypts the extraction encryption unit 814 and the encryption unit 816 using the individual title key 381 to generate transmission encryption units 914 and 916. Since the other title key flag information 875, 877, ‧‧ ‧, 879 is "1", the encryption units 813, 815, ‧ ‧ and 817 corresponding to the title key flag information are not used The encryption of the individual title key 381 is used as the transmission encryption units 913, 915, ‧ ‧ and 917, respectively.

如此,加密化機構306生成發送用加密化單元913「DU1_1_」、發送用加密化單元914「DU1_2」、發送用加密化單元915「DU1_3」、發送用加密化單元916「DU1_4」、‧‧‧、發送用加密化單元917「DU1_m」。 In this way, the encryption unit 306 generates the transmission encryption unit 913 "DU1_1_", the transmission encryption unit 914 "DU1_2", the transmission encryption unit 915 "DU1_3", and the transmission encryption unit 916 "DU1_4", ‧‧‧ The transmission encryption unit 917 "DU1_m".

其次,加密化機構306生成由發送用加密化單元913「DU1_1」、發送用加密化單元914「DU1_2」、發送用加密化單元915「DU1_3」、發送用加密化單元916「DU1_4」、‧‧‧、發送用加密化單元917「DU1_m」所構成之發送用加密化檔案901「DCNT1」。 Next, the encryption unit 306 generates the transmission encryption unit 913 "DU1_1", the transmission encryption unit 914 "DU1_2", the transmission encryption unit 915 "DU1_3", the transmission encryption unit 916 "DU1_4", and ‧ ‧ The transmission encrypted file 901 "DCNT1" constituted by the encryption unit 917 "DU1_m" is transmitted.

加密化機構306也對第一散列表862、863、‧‧‧、864及加密化檔案822、823、‧‧‧、824、也就是第一散列表「HA1TBLj」及加密化檔案「ECNTj」(j為2到c之整數)執行與上述同樣的處理,生成發送用加密化檔案「DCNTj」。 The encryption mechanism 306 also pairs the first hash table 862, 863, ‧‧‧, 864 and the encrypted files 822, 823, ‧‧‧, 824, that is, the first hash table "HA1TBLj" and the encrypted file "ECNTj" ( j is an integer from 2 to c. The same processing as described above is executed, and the encrypted file "DCNTj" for transmission is generated.

其次,加密化機構306係如第16圖所示,生成由生成之發送用加密化檔案901「DCNT1」、發送用加密化檔案 902「DCNT2」、發送用加密化檔案903「DCNT3」、‧‧‧、發送用加密化檔案904「DCNTc」所構成之發送用加密化內容900,並將生成之發送用加密化內容900寫入儲存機構301。 Next, as shown in FIG. 16, the encryption unit 306 generates the generated encrypted file 901 "DCNT1" and the encrypted file for transmission. 902 "DCNT2", the transmission encrypted file 903 "DCNT3", the ‧‧‧, the transmission encrypted file 904 "DCNTc", the transmission encrypted content 900, and the generated transmission encrypted content 900 is written Storage mechanism 301.

此時,加密化機構306生成包含中間內容資料集242所含之單元選出資訊780、標頭資訊860及簽章資訊890以及生成之發送用加密化內容900之發送用內容資料集351,使發送用內容資料集351記憶於儲存機構301中。 At this time, the encryption unit 306 generates the transmission content data set 351 including the unit selection information 780, the header information 860, and the signature information 890 included in the intermediate content data set 242 and the generated transmission encrypted content 900. The content data set 351 is stored in the storage mechanism 301.

如以上說明,加密化機構306在加密化內容820(也稱為中間加密化內容)所含之單元(也稱為區塊)中,對未經前述第一加密化之前述明文單元施行使用了個別標題金鑰381之第二加密化而生成加密化單元(也稱為加密化區塊),並由藉由前述第一加密化所生成之前述加密化單元及藉由前述第二加密化所生成之前述加密化單元構成之發送用加密化內容900。 As described above, the encryption unit 306 uses the above-described plaintext unit that has not been encrypted first in the unit (also referred to as a block) included in the encrypted content 820 (also referred to as intermediate encrypted content). Encryption unit (also referred to as an encryption block) generated by the second encryption of the individual title key 381, and the encryption unit generated by the first encryption and the second encryption station The encrypted content 900 for transmission formed by the encryption unit generated.

2.3.11機器間傳送機構302 2.3.11 inter-machine transfer mechanism 302

機器間傳送機構302係藉由控制機構313之控制,由儲存機構301讀出個別標題金鑰381、共通標題金鑰241及發送用內容資料集351。其次,透過暗號通信路22,將個別標題金鑰381及共通標題金鑰241往資訊記錄媒體裝置105a傳送。進一步,將發送用內容資料集351透過記錄用資訊處理裝置103a,也就是不透過暗號通信路22而往資訊記錄媒體裝置105a傳送。 The inter-machine transfer unit 302 reads the individual title key 381, the common title key 241, and the transmission content data set 351 by the storage unit 301 under the control of the control unit 313. Next, the individual title key 381 and the common title key 241 are transmitted to the information recording medium device 105a via the secret communication path 22. Further, the transmission content data set 351 is transmitted to the information recording medium device 105a through the recording information processing device 103a, that is, without passing through the secret communication path 22.

2.3.12控制機構313 2.3.12 Control mechanism 313

控制機構313係用以控制為發送伺服器裝置102a之構成要素之機器間傳送機構302、機器間接收機構303、媒體識別子取得機構304、個別標題金鑰生成機構305、加密化機構306及暗號通信路確立機構311。 The control unit 313 is configured to control the inter-machine transfer mechanism 302, the inter-machine receiving mechanism 303, the media identification sub-acquisition mechanism 304, the individual title key generation unit 305, the encryption mechanism 306, and the secret communication for transmitting the components of the server device 102a. Road establishment mechanism 311.

2.4記錄用資訊處理裝置103a之構成 2.4 Composition of the information processing device 103a for recording

記錄用資訊處理裝置103a係如第18圖所示,由機器間傳送機構401、機器間接收機構402、媒體間傳送機構403及媒體間接收機構404所構成。 As shown in FIG. 18, the recording information processing device 103a includes an inter-machine transfer unit 401, an inter-machine receiving unit 402, an inter-media transfer unit 403, and an inter-media receiving unit 404.

再者,記錄用資訊處理裝置103a之一例亦可為由CPU、記憶體、內建快閃記憶體、媒體讀寫裝置(SD卡片插槽或光碟機)、網際網路介面電路等構成之家電機器。此種情況下,機器間傳送機構401及機器間接收機構402係由網際網路介面電路所構成,媒體間傳送機構403及媒體間接收機構404係由媒體讀寫裝置所構成。當然,不受此限。 Furthermore, an example of the information processing device 103a for recording may be a home appliance composed of a CPU, a memory, a built-in flash memory, a media read/write device (SD card slot or CD player), an internet interface circuit, and the like. machine. In this case, the inter-machine transfer mechanism 401 and the inter-machine receiving mechanism 402 are constituted by an internet interface circuit, and the inter-media transfer mechanism 403 and the inter-media receiving mechanism 404 are constituted by a media read/write device. Of course, this is not the limit.

2.4.1機器間傳送機構401 2.4.1 Inter-machine transfer mechanism 401

機器間傳送機構401係將藉由使用者之操作所生成之發送要求資訊321往發送伺服器裝置102a傳送。在此,發送要求資訊321係顯示由發送伺服器裝置102a往資訊記錄媒體裝置105a之發送用內容資料集351等之發送的要求。 The inter-machine transfer mechanism 401 transmits the transmission request information 321 generated by the user's operation to the transmission server device 102a. Here, the transmission request information 321 is a request for transmission from the transmission server device 102a to the transmission content data set 351 of the information recording medium device 105a.

又,機器間傳送機構401係在確立發送伺服器裝置102a與資訊記錄媒體裝置105a之間之暗號通信路22時,由資訊記錄媒體裝置105a透過媒體間接收機構404接受暗號通信路22之確立所必要的資料,並將接受之資料往發送伺服器裝置102a傳送。 Further, when the inter-machine transfer unit 401 establishes the secret communication path 22 between the transmission server device 102a and the information recording medium device 105a, the information recording medium device 105a receives the establishment of the secret communication path 22 via the medium-to-media receiving unit 404. The necessary information is transmitted to the transmitting server device 102a.

進一步,機器間傳送機構401負責在發送伺服器裝置102a與資訊記錄媒體裝置105a之間,在確立暗號通信路22後,將受保護之資料往暗號通信路22中之發送伺服器裝置102a側傳送。在此,係由資訊記錄媒體裝置105a透過暗號通信路22,在接受之媒體識別子371受保護的狀態下往發送伺服器裝置102a傳送。 Further, the inter-machine transfer unit 401 is responsible for transmitting the protected data to the transmitting server device 102a side of the secret communication path 22 after the secret communication path 22 is established between the transmitting server device 102a and the information recording medium device 105a. . Here, the information recording medium device 105a transmits the encrypted medium communication path 22 to the transmission server device 102a while the received media identifier 371 is protected.

2.4.2機器間接收機構402 2.4.2 Inter-machine receiving mechanism 402

機器間接收機構402在確立發送伺服器裝置102a與資訊記錄媒體裝置105a之間之暗號通信路22時,接收由發送伺服器裝置102a傳送之暗號通信路22之確立所必要之資料,並透過媒體間傳送機構403將接收之資料往資訊記錄媒體裝置105a傳送。 When establishing the secret communication path 22 between the transmission server device 102a and the information recording medium device 105a, the inter-machine receiving unit 402 receives the data necessary for the establishment of the secret communication path 22 transmitted by the transmission server device 102a, and transmits the data through the medium. The inter-transfer mechanism 403 transmits the received data to the information recording medium device 105a.

又,機器間接收機構402係在發送伺服器裝置102a與資訊記錄媒體裝置105a之間,負責在確立暗號通信路22後,接收來自暗號通信路22中之發送伺服器裝置102a側之受保護的資料。在此,由發送伺服器裝置102a透過暗號通信路22,在受保護之狀態下接收個別標題金鑰381及共通標題金鑰241,並往資訊記錄媒體裝置105a傳送。 Further, the inter-machine receiving unit 402 is between the transmitting server device 102a and the information recording medium device 105a, and is responsible for receiving the protected side of the transmitting server device 102a from the cryptographic communication path 22 after the cryptographic communication path 22 is established. data. Here, the transmission server device 102a transmits the individual title key 381 and the common title key 241 in the protected state through the secret communication path 22, and transmits it to the information recording medium device 105a.

又,機器間接收機構402由發送伺服器裝置102a接收發送用內容資料集351,並透過媒體間傳送機構403,也就是不透過暗號通信路22,往資訊記錄媒體裝置105a傳送。 Further, the inter-machine receiving unit 402 receives the transmission content data set 351 from the transmission server device 102a, and transmits it to the information recording medium device 105a via the inter-media communication unit 403, that is, without passing through the secret communication path 22.

2.4.3媒體間傳送機構403 2.4.3 Media Transfer Agency 403

媒體間傳送機構403在確立發送伺服器裝置102a與資訊記錄媒體裝置105a之間之暗號通信路22時,由發送伺 服器裝置102a,將暗號通信路22之確立所必要之資料透過機器間接收機構402接受,並將已接受之資料往資訊記錄媒體裝置105a傳送。 The inter-media transfer unit 403 is configured to transmit when the secret communication path 22 between the transmission server device 102a and the information recording medium device 105a is established. The server device 102a receives the data necessary for the establishment of the secret communication path 22 through the inter-machine receiving unit 402, and transmits the received data to the information recording medium device 105a.

又,媒體間傳送機構403係在發送伺服器裝置102a與資訊記錄媒體裝置105a之間,負責在確立暗號通信路22後,傳送暗號通信路22中往資訊記錄媒體裝置105a側之受保護的資料。在此,由發送伺服器裝置102a透過暗號通信路22,在接受之個別標題金鑰381及共通標題金鑰241受保護之狀態下往資訊記錄媒體裝置105a傳送。 Further, the inter-media transfer means 403 is located between the transmission server device 102a and the information recording medium device 105a, and is responsible for transmitting the protected data on the side of the information recording medium device 105a in the secret communication path 22 after the secret communication path 22 is established. . Here, the transmission server device 102a transmits the encrypted individual communication key 22 to the information recording medium device 105a while the received individual title key 381 and the common title key 241 are protected.

又,媒體間傳送機構403由發送伺服器裝置102a透過機器間接收機構402,也就是不透過暗號通信路22,接受發送用內容資料集351,並將已接受之發送用內容資料集351往資訊記錄媒體裝置105a傳送。 Further, the inter-media transfer unit 403 passes the inter-machine receiving unit 402 via the inter-machine receiving unit 402, that is, does not transmit the secret content data set 351, and receives the received content data set 351 for transmission. The recording medium device 105a transmits.

2.4.4媒體間接收機構404 2.4.4 Media Intermediary Organization 404

媒體間接收機構404在確立發送伺服器裝置102a與資訊記錄媒體裝置105a之間之暗號通信路22時,由資訊記錄媒體裝置105a接收暗號通信路22之確立所必要之資料,並將接收之資料透過機器間傳送機構401往發送伺服器裝置102a傳送。 When the media-to-media receiving unit 404 establishes the secret communication path 22 between the transmitting server device 102a and the information recording medium device 105a, the information recording medium device 105a receives the data necessary for the establishment of the secret communication path 22, and receives the received data. The transmission is made to the transmission server device 102a via the inter-machine transmission mechanism 401.

又,媒體間接收機構404在發送伺服器裝置102a與資訊記錄媒體裝置105a之間,確立暗號通信路22後,負責接收來自暗號通信路22中之資訊記錄媒體裝置105a側之受保護之資料。在此,由資訊記錄媒體裝置105a透過暗號通信路22,在受保護之狀態下,接受媒體識別子371,並 往發送伺服器裝置102a側傳送。 Further, the medium-to-media receiving unit 404, after establishing the secret communication path 22 between the transmission server device 102a and the information recording medium device 105a, is responsible for receiving the protected material from the side of the information recording medium device 105a in the cipher communication path 22. Here, the information recording medium device 105a passes through the secret communication path 22, and receives the media identifier 371 in a protected state, and It is transmitted to the transmitting server device 102a side.

2.5再生用資訊處理裝置104a之構成 2.5 Composition of the information processing device 104a for reproduction

再生用資訊處理裝置104a係如第19圖所示,由媒體間傳送機構501、媒體間接收機構502、標題金鑰取得機構503、解密化機構504、簽章驗證金鑰保存機構505、替換結合體生成機構506、簽章驗證機構507、再生可否判定機構508、再生機構509及控制機構513構成。 As shown in FIG. 19, the reproduction information processing device 104a includes an inter-media transfer unit 501, an inter-media receiving unit 502, a title key obtaining unit 503, a decryption unit 504, a signature verification key storage unit 505, and a replacement combination. The body generation unit 506, the signature verification unit 507, the reproduction possibility determination unit 508, the reproduction unit 509, and the control unit 513 are configured.

再者,再生用資訊處理裝置104a之一例亦可為由CPU、記憶體、內建快閃記憶體、媒體讀寫裝置(SD卡片插槽或光碟機)等所構成之家電機器。此種情況下,媒體間傳送機構501及媒體間接收機構502分別由媒體讀寫裝置構成,標題金鑰取得機構503、解密化機構504、替換結合體生成機構506、簽章驗證機構507及再生可否判定機構508分別係由在CPU及記憶體上動作之程式所構成,簽章驗證金鑰保存機構505係由內建快閃記憶體而安裝。可是,當然並不受該等所限。 Further, an example of the information processing device for reproduction 104a may be a home electric appliance including a CPU, a memory, a built-in flash memory, a media read/write device (SD card slot or a CD player). In this case, the inter-media transfer unit 501 and the inter-media receiving unit 502 are each constituted by a media read/write device, and the title key acquisition unit 503, the decryption unit 504, the replacement combination generation unit 506, the signature verification unit 507, and the reproduction. The determination unit 508 is composed of a program that operates on the CPU and the memory, and the signature verification key storage unit 505 is installed by the built-in flash memory. However, of course, it is not limited by these.

2.5.1簽章驗證金鑰保存機構505 2.5.1 Signature Verification Key Depository 505

簽章驗證金鑰保存機構505保存有公開金鑰531「KPV」。公開金鑰531為內容簽章生成伺服器裝置101a之公開金鑰,且對應於內容簽章生成伺服器裝置101a之簽章金鑰保存機構208保有之私有金鑰251「KSG」。公開金鑰531使用於簽章驗證機構507。 The signature verification key storage unit 505 stores the public key 531 "KPV". The public key 531 is the public key of the content signature generation server device 101a, and corresponds to the private key 251 "KSG" held by the signature key storage unit 208 of the content signature generation server device 101a. The public key 531 is used for the signature verification mechanism 507.

2.5.2媒體間傳送機構501 2.5.2 Media Transfer Organization 501

媒體間傳送機構501藉由控制機構513的控制,而往 資訊記錄媒體裝置105a傳送個別標題金鑰381、共通標題金鑰241及發送用內容資料集351之傳送指示551。 The inter-media transfer mechanism 501 is controlled by the control mechanism 513. The information recording medium device 105a transmits the individual title key 381, the common title key 241, and the transmission instruction 551 of the transmission content data set 351.

2.5.3媒體間接收機構502 2.5.3 Intermediary Receiving Organization 502

媒體間接收機構502由資訊記錄媒體裝置105a接收個別標題金鑰381、共通標題金鑰241及發送用內容資料集351。發送用內容資料集351係如上所述,由單元選出資訊780、發送用加密化內容900、標頭資訊860及簽章資訊890所構成。 The medium-to-media receiving unit 502 receives the individual title key 381, the common title key 241, and the transmission content data set 351 from the information recording medium device 105a. The transmission content data set 351 is composed of the unit selection information 780, the transmission encrypted content 900, the header information 860, and the signature information 890 as described above.

接收個別標題金鑰381、共通標題金鑰241及發送用內容資料集351時,媒體間接收機構502將個別標題金鑰381、單元選出資訊780、發送用加密化內容900、標頭資訊860及簽章資訊890往再生可否判定機構508輸出。又,媒體間接收機構502將個別標題金鑰381、共通標題金鑰241、發送用加密化內容900及標頭資訊860往再生機構509輸出。 When the individual title key 381, the common title key 241, and the transmission content data set 351 are received, the media-to-media receiving unit 502 sets the individual title key 381, the unit selection information 780, the transmission encrypted content 900, the header information 860, and The signature information 890 is output to the regeneration possibility determination unit 508. Further, the inter-media receiving unit 502 outputs the individual title key 381, the common title key 241, the transmission encrypted content 900, and the header information 860 to the reproduction unit 509.

2.5.4標題金鑰取得機構503 2.5.4 Title Key Acquisition Agency 503

標題金鑰取得機構503係由解密化機構504,接受單元識別子與對應於該單元識別子之單元散列資訊所含之標題金鑰旗標資訊。其次,標題金鑰取得機構503係用以判斷接受之標題金鑰旗標資訊之值為「0」或「1」。當判斷接受之標題金鑰旗標資訊為「0」時,由媒體間接收機構502接受個別標題金鑰381,判斷為「1」時,由媒體間接收機構502接受共通標題金鑰241。其次,標題金鑰取得機構503判斷接受之標題金鑰旗標資訊為「0」時,將接受之個 別標題金鑰381往解密化機構504輸出。又,判斷接受之標題金鑰旗標資訊為「1」時,將接受之共通標題金鑰241往解密化機構504輸出。 The title key obtaining unit 503 is configured by the decryption unit 504 to accept the unit key identifier information and the header key flag information included in the unit hash information corresponding to the unit identifier. Next, the title key obtaining means 503 is for judging whether the value of the received title key flag information is "0" or "1". When it is judged that the received title key flag information is "0", the media-to-media receiving unit 502 accepts the individual title key 381, and when it is judged as "1", the media-to-media receiving means 502 accepts the common title key 241. Next, when the title key obtaining means 503 judges that the accepted title key flag information is "0", it will accept the one. The header key 381 is output to the decryption unit 504. When it is judged that the received title key flag information is "1", the received common title key 241 is output to the decryption means 504.

2.5.5再生可否判定機構508 2.5.5 regeneration possibility determination mechanism 508

再生可否判定機構508由媒體間接收機構502接受個別標題金鑰381、單元選出資訊780、發送用加密化內容900、標頭資訊860及簽章資訊890,並將接受之個別標題金鑰381、單元選出資訊780、發送用加密化內容900、標頭資訊860及簽章資訊890往替換結合體生成機構506輸出。 The reproduction possibility determination unit 508 receives the individual title key 381, the unit selection information 780, the transmission encrypted content 900, the header information 860, and the signature information 890 by the medium-to-media receiving unit 502, and accepts the individual title key 381, The unit selection information 780, the transmission encrypted content 900, the header information 860, and the signature information 890 are output to the replacement combination generation unit 506.

又,再生可否判定機構508由簽章驗證機構507接受使用了簽章資訊890的驗證結果541。驗證結果541顯示驗證成功時,指示開始往再生機構509再生內容。驗證結果541顯示驗證失敗時,對再生機構509指示停止內容的再生處理。 Further, the reproduction possibility determination unit 508 receives the verification result 541 using the signature information 890 by the signature verification unit 507. The verification result 541 indicates that when the verification is successful, the instruction starts to the reproduction unit 509 to reproduce the content. When the verification result 541 indicates that the verification has failed, the reproduction means 509 is instructed to stop the reproduction processing of the content.

再者,為了使使用者認知到停止內容之再生處理的情況,於連接於再生用資訊處理裝置104a之顯示器,顯示通知該錯誤的畫面,並使再生用資訊處理裝置104a具有之指示燈亮燈,通知使用者無法進行內容的再生。 Further, in order to cause the user to recognize that the reproduction processing of the content is stopped, a screen for notifying the error is displayed on the display connected to the information processing device for reproduction 104a, and the indicator light of the information processing device for reproduction 104a is turned on. , notify the user that the content cannot be reproduced.

2.5.6解密化機構504 2.5.6 Decryption Mechanism 504

解密化機構504根據來自再生可否判定機構508的指示,開始接受之發送用加密化內容900之再生或停止再生處理。 The decryption unit 504 starts the reproduction of the encrypted content 900 for transmission or stops the reproduction processing in response to an instruction from the reproduction possibility determination unit 508.

解密化機構504根據來自再生可否判定機構508的指 示,開始再生接受之發送用加密化內容900時,如下進行解密處理。 The decryption mechanism 504 is based on the finger from the regeneration possibility determination mechanism 508. When the encrypted content 900 for transmission is received and reproduced, the decryption process is performed as follows.

解密化機構504由再生機構509接受個別標題金鑰381、共通標題金鑰241、標頭資訊860及發送用加密化內容900。 The decryption unit 504 receives the individual title key 381, the common title key 241, the header information 860, and the encrypted content 900 for transmission by the playback unit 509.

其次,解密化機構504由標題金鑰取得機構503從媒體間接收機構502接受個別標題金鑰381及共通標題金鑰241,並使用接受之個別標題金鑰381及共通標題金鑰241,將接受之發送用加密化內容900解密。 Next, the decryption unit 504 receives the individual title key 381 and the common title key 241 from the media receiving unit 502 by the title key obtaining unit 503, and accepts the received individual title key 381 and the common title key 241. The transmission is decrypted with the encrypted content 900.

以下,具體地說明解密的處理。 Hereinafter, the process of decryption will be specifically described.

首先,解密化機構504由接受之發送用加密化內容900,依序提取發送用加密化檔案901「DCNT1」、發送用加密化檔案902「DCNT2」、發送用加密化檔案903「DCNT3」、‧‧‧、發送用加密化檔案904「DCNTc」。其次,使用由標題金鑰取得機構503接受之個別標題金鑰381及共通標題金鑰241,將接受之發送用加密化檔案901、902、903、‧‧‧、904解密化。 First, the decryption unit 504 extracts the transmission encrypted file 901 "DCNT1", the transmission encrypted file 902 "DCNT2", and the transmission encrypted file 903 "DCNT3", ‧ from the received encrypted content 900 ‧‧, the encrypted file 904 "DCNTc" is transmitted. Next, the received transmission encrypted files 901, 902, 903, ‧‧‧, 904 are decrypted using the individual title key 381 and the common title key 241 accepted by the title key obtaining means 503.

發送用加密化檔案901、902、903、‧‧‧、904之各個解密化的處理都相同,因此以下就發送用加密化檔案901「DCNT1」之解密化處理加以說明。 Since the decryption processing of each of the transmission encrypted files 901, 902, 903, ‧‧, and 904 is the same, the decryption processing of the transmission encrypted file 901 "DCNT1" will be described below.

解密化機構504由發送用加密化檔案901提取發送用加密化單元913「DU1_1」、發送用加密化單元914「DU1_2」、發送用加密化單元915「DU1_3」、‧‧‧、發送用加密化單元917「DU1_m」。 The decryption unit 504 extracts the transmission encryption unit 913 "DU1_1", the transmission encryption unit 914 "DU1_2", the transmission encryption unit 915 "DU1_3", ‧‧‧, and the transmission encryption by the transmission encrypted file 901 Unit 917 "DU1_m".

其次,解密化機構504係就發送用加密化單元913、914、915、‧‧‧、917之各個進行以下處理。以下,以發送用加密化單元913為代表加以說明。 Next, the decryption unit 504 performs the following processing for each of the transmission encryption units 913, 914, 915, ‧‧, and 917. Hereinafter, the transmission encryption unit 913 will be described as a representative.

解密化機構504由接受之標頭資訊860,提取對應於發送用加密化單元913之第一散列表861,並依每第一散列表861內之單元散列資訊,由該單元散列資訊提取單元識別子及對應於該單元識別子之標題金鑰旗標資訊。其次,依每第一散列表861內之單元散列資訊,將提取之單元識別子與標題金鑰旗標資訊往標題金鑰取得機構503輸出。 The decryption unit 504 extracts the first hash table 861 corresponding to the transmission encryption unit 913 from the received header information 860, and hashes the information according to the unit in each first hash table 861, and extracts the hash information from the unit. The unit identifier and the title key flag information corresponding to the unit identifier. Next, the extracted unit identifier and the title key flag information are output to the title key obtaining unit 503 in accordance with the unit hash information in each of the first hash table 861.

其次,解密化機構504依據標題金鑰旗標資訊之值,若標題金鑰旗標資訊為「0」時,則由標題金鑰取得機構503接受個別標題金鑰381。若標題金鑰旗標資訊為「1」時,則由標題金鑰取得機構503接受共通標題金鑰241。解密化機構504使用接受之標題金鑰,將發送用加密化單元913解密化,並將所得之解密單元往再生機構509輸出。對發送用加密化單元914、915、916、‧‧‧、917也執行同樣的處理,並進行解密化,將解密單元往再生機構509輸出。 Next, the decryption unit 504 receives the individual title key 381 by the title key obtaining unit 503 when the title key flag information is "0" based on the value of the title key flag information. If the title key flag information is "1", the title key acquisition means 503 accepts the common title key 241. The decryption unit 504 decrypts the transmission encryption unit 913 using the received title key, and outputs the obtained decryption unit to the reproduction unit 509. The same processing is performed on the transmission encryption units 914, 915, 916, ‧ ‧ and 917, and decryption is performed, and the decryption unit is output to the reproduction unit 509.

解密化機構504除了上述的解密處理之外,也如以下所示,根據來自替換結合體生成機構506的指示進行解密。 In addition to the above-described decryption processing, the decryption unit 504 performs decryption based on an instruction from the replacement combination generation unit 506 as will be described below.

解密化機構504由替換結合體生成機構506接受標頭資訊860與發送用加密化單元,執行接受之發送用加密化單元之解密化。 The decryption unit 504 receives the header information 860 and the transmission encryption unit by the replacement combination generation unit 506, and performs decryption of the received transmission encryption unit.

發送用加密化單元之解密化處理與上述處理相同。具體而言,解密化機構504將對應於發送用加密化單元之單 元識別子輸出到標題金鑰取得機構503,並由標題金鑰取得機構503接受標題金鑰,並使用接受之標題金鑰將發送用加密化單元解密化。解密化機構504係將發送用加密化單元解密化後所得之解密單元往替換結合體生成機構506輸出。 The decryption processing of the transmission encryption unit is the same as the above processing. Specifically, the decryption mechanism 504 will correspond to the single encryption unit for transmission. The meta-recognition is output to the title key obtaining unit 503, and the title key is accepted by the title key obtaining unit 503, and the transmission encryption unit is decrypted using the accepted title key. The decryption unit 504 outputs the decryption unit obtained by decrypting the transmission encryption unit to the replacement combination generation unit 506.

2.5.7替換結合體生成機構506 2.5.7 Replacement Combination Generation Mechanism 506

替換結合體生成機構506由再生可否判定機構508接受個別標題金鑰381、單元選出資訊780、發送用加密化內容900、標頭資訊860及簽章資訊890。 The replacement combination generation unit 506 receives the individual title key 381, the unit selection information 780, the transmission encrypted content 900, the header information 860, and the signature information 890 by the reproduction possibility determination unit 508.

其次,替換結合體生成機構506係如以下所說明,生成替換第一散列表與替換第二散列表。 Next, the replacement combiner generation mechanism 506 generates a replacement first hash table and a replacement second hash table as explained below.

第20圖係顯示替換結合體生成機構506進行之替換第一散列表941及替換第一散列表943以及替換第二散列表931之生成動作的概要。 Fig. 20 is a view showing an outline of a generation operation of replacing the first hash table 941 and replacing the first hash table 943 and replacing the second hash table 931 by the replacement combination generating means 506.

替換結合體生成機構506係如第21圖所示,由單元選出資訊780選擇k個(k為c以下之自然數)檔案資訊,並由選擇之檔案資訊之各個,提取檔案識別子。在此,其中一例係選擇檔案資訊781、783、‧‧‧,並由經選擇出之檔案資訊781、783、‧‧‧提取檔案識別子786「FID1」、檔案識別子787「FID3」、‧‧‧。 The replacement combination generating means 506 is as shown in Fig. 21, and the unit selection information 780 selects k (k is a natural number below c) file information, and extracts the file identifier from each of the selected file information. Here, one of the examples selects the file information 781, 783, ‧ ‧ and extracts the file identifier 786 "FID1", the file identifier 787 "FID3", ‧ ‧ from the selected file information 781, 783, ‧ ‧ .

其次,替換結合體生成機構506以與提取之檔案識別子786「FID1」對應之第一散列表861「HA1TBL1」及發送用加密化檔案901「DCNT1」為基礎,如以下說明,生成替換第一散列表941「RHA1TBL1」。提取之其他檔案識 別子787「FID3」、‧‧‧也同樣生成替換第一散列表943「RHA1TBL3」、‧‧‧。其次,替換結合體生成機構506以生成之替換第一散列表941「RHA1TBL1」、替換第一散列表941「RHA1TBL3」、‧‧‧及第二散列表865「HA2TBL」為基礎,如以下所說明,生成替換第二散列表931「RHA2TBL」。 Next, the replacement combination generation unit 506 generates a replacement first dispersion based on the first hash table 861 "HA1TBL1" and the transmission encrypted file 901 "DCNT1" corresponding to the extracted file identifier 786 "FID1". Listing 941 "RHA1TBL1". Other file knowledge extracted The other child 787 "FID3" and ‧‧‧ also generated the replacement of the first hash table 943 "RHA1TBL3", ‧‧‧ Next, the replacement combination generating means 506 is based on the generation of the replacement first hash table 941 "RHA1TBL1", the replacement first hash table 941 "RHA1TBL3", the ‧‧‧ and the second hash table 865 "HA2TBL", as explained below The replacement second hash table 931 "RHA2TBL" is generated.

其次,就替換第一散列表941、943、‧‧‧之生成流程及替換第二散列表931之生成流程,使用圖式詳細說明。 Next, the generation flow of the first hash table 941, 943, ‧ ‧ and the generation flow of the replacement second hash table 931 are replaced, and the detailed description will be made using the drawings.

(1)替換第一散列表之生成 (1) Replace the generation of the first hash table

關於替換第一散列表941之生成流程使用第21圖及第22圖進行說明。 The generation flow for replacing the first hash table 941 will be described using FIG. 21 and FIG.

替換結合體生成機構506係如第21圖所示,由接受之單元選出資訊780所‧含之c個檔案資訊‧781、782、783、‧‧‧、785,選擇k個(k為c以下之自然數)檔案資訊。 The replacement combined body generating means 506 selects c pieces of file information ‧781, 782, 783, ‧‧‧, 785 included in the information 780 by the receiving unit as shown in Fig. 21, and selects k (k is c or less) Natural number) file information.

選擇檔案資訊之方法係生成k個(r1、r2、‧‧‧、rk)例如1以上、c以下之擬亂數,選擇第r1個、第r2個、‧‧‧、第rk個檔案資訊,並由選擇之檔案資訊提取檔案識別子。 The method of selecting file information is to generate k (r1, r2, ‧ ‧, rk), for example, the number of random numbers below 1 and below c, and select the r1, r2, ‧ ‧ and rk file information The file identifier is extracted from the selected file information.

選擇檔案資訊提取檔案識別子之方法並不受此限,只要是難以預測要選擇哪個檔案識別子,何種方法皆可。 The method of selecting the file information to extract the file identifier is not limited to this, as long as it is difficult to predict which file identifier to select, and which method is acceptable.

例如、前述擬亂數亦可使用氣溫、濕度、電信號之雜訊等。 For example, the aforementioned random number may also use noise such as temperature, humidity, and electrical signals.

本實施形態中,係就設想k=7,選擇7個檔案資訊「FI1」、「FI3」、‧‧‧之情況進行說明。 In the present embodiment, a case where seven file information "FI1", "FI3", and ‧‧" are selected is assumed to be k=7.

其次,替換結合體生成機構506係如第21圖所示,其 中一例係從對應於由選擇之檔案資訊781「FI1」提取之檔案識別子786「FID1」的發送用加密化檔案901「DCNT1」,選擇任一發送用加密化單元。 Next, the replacement combination generating mechanism 506 is as shown in Fig. 21, In the example, one of the transmission encryption units is selected from the transmission encrypted file 901 "DCNT1" corresponding to the file identifier 786 "FID1" extracted from the selected file information 781 "FI1".

具體而言,替換結合體生成機構506讀出選擇之檔案資訊所含之單元數N1,並生成讀出之單元數N1以下之擬亂數t。在此,係生成擬亂數t=3者。其次,如第22圖之一例所示,對應於生成之擬亂數t(=3),由媒體間接收機構502接受發送用加密化檔案901「DCNT1」之第3個發送用加密化單元915「DU1_3」。 Specifically, the replacement combining unit generating means 506 reads out the number of cells N1 included in the selected file information, and generates a pseudo-number t of the number of readings N1 or less. Here, it is generated that the number of random numbers t=3. Next, as shown in an example of Fig. 22, the third transmission encryption unit 915 that receives the encrypted encrypted file 901 "DCNT1" by the medium-to-media receiving unit 502 corresponds to the generated pseudo-disorder number t (= 3). "DU1_3".

其次,替換結合體生成機構506由媒體間接收機構502接受對應於接受之發送用加密化單元915「DU1_3」的標題金鑰旗標資訊「TKFI1_3」。其次,替換結合體生成機構506判定標題金鑰旗標資訊「TKFI1_3」為「0」及「1」之任一者。 Next, the replacement combining unit 506 receives the title key flag information "TKFI1_3" corresponding to the received transmission encrypting unit 915 "DU1_3" by the medium-to-media receiving unit 502. Next, the replacement combining unit 506 determines that the title key flag information "TKFI1_3" is any of "0" and "1".

標題金鑰旗標資訊「TKFI1_3」為「0」時,則將發送用加密化單元915輸出至解密化機構504,並由解密化機構504接受發送用加密化單元解密化所得之解密單元。替換結合體生成機構506將接受之解密單元作為散列對象單元「HU1_3」。 When the title key flag information "TKFI1_3" is "0", the transmission encryption unit 915 outputs the result to the decryption unit 504, and the decryption unit 504 receives the decryption unit decrypted by the transmission encryption unit. The replacement combination generation unit 506 uses the received decryption unit as the hash target unit "HU1_3".

標題金鑰旗標資訊「TKFI1_3」為「1」時,替換結合體生成機構506係將發送用加密化單元本身作為散列對象單元「HU1_3」。 When the title key flag information "TKFI1_3" is "1", the replacement combination generating means 506 sets the transmission encryption unit itself as the hash target unit "HU1_3".

進一步,替換結合體生成機構506將散列對象單元「HU1_3」代入散列函數,生成替換單元散列值「RUH3」。 在此,替換結合體生成機構506使用與內容簽章生成伺服器裝置101a之標頭資訊生成機構207使用之散列函數相同的散列函數。 Further, the replacement combining unit generating means 506 substitutes the hash target unit "HU1_3" into the hash function to generate a replacement unit hash value "RUH3". Here, the replacement combination generation unit 506 uses the same hash function as the hash function used by the header information generation unit 207 of the content signature generation server device 101a.

其次,替換結合體生成機構506由媒體間接收機構502接受標頭資訊860所含之第一散列表861「HA1TBL1」。 Next, the replacement combining unit 506 receives the first hash table 861 "HA1TBL1" included in the header information 860 by the medium-to-media receiving unit 502.

由接受之第一散列表861「HA1TBL1」構成之m個單元散列資訊871、872、873、‧‧‧、874,將對應於與擬亂數t=3一致之單元識別子「UID1_3」之單元散列值「UHA1_3」,替換成算出之替換單元散列值942「RUH3」,並將替換單元散列值942「RUH3」被替換後之散列表作為替換第一散列表941「RHA1TBL1」。 The m unit hash information 871, 872, 873, ‧‧‧, 874 composed of the received first hash table 861 "HA1TBL1" will correspond to the unit of the unit identifier "UID1_3" which coincides with the number of random numbers t=3 The hash value "UHA1_3" is replaced with the calculated replacement unit hash value 942 "RUH3", and the hash table after the replacement unit hash value 942 "RUH3" is replaced is replaced with the first hash table 941 "RHA1TBL1".

替換結合體生成機構506亦就其他選擇之檔案資訊「FI3」、‧‧‧重複同樣的處理,生成替換第一散列表943「RHA1TBL3」、‧‧‧。 The replacement combination generating means 506 repeats the same processing for the other selected file information "FI3" and ‧ ‧ to generate the replacement first hash table 943 "RHA1TBL3" and ‧ ‧

(2)替換第二散列表931之生成 (2) Replacing the generation of the second hash table 931

以下,就替換第二散列表931之生成流程,使用第23圖進行說明。 Hereinafter, the generation flow of the second hash table 931 will be replaced, and the description will be made using FIG.

根據選擇之7個檔案資訊,當7個替換第一散列表941、943、‧‧‧之生成結束時,替換結合體生成機構506將生成之替換第一散列表941「RHA1TBL1」代入散列函數,並生成替換檔案散列值892a「RFH1」。同樣地,以替換第一散列表943「RHA1TBL3」、‧‧‧為基礎,生成替換檔案散列值894a「RFH3」、‧‧‧。 According to the selected seven file information, when the generation of the seven replacement first hash tables 941, 943, and ‧ ‧ is completed, the replacement combination generating unit 506 substitutes the generated replacement first hash table 941 "RHA1TBL1" into the hash function. And generate a replacement file hash value 892a "RFH1". Similarly, the replacement file hash value 894a "RFH3" and ‧‧‧ are generated based on the replacement of the first hash table 943 "RHA1TBL3" and ‧‧‧

其次,替換結合體生成機構506係將由媒體間接收機 構502接受標頭資訊860所含之第二散列表865「HA2TBL」。將接受之第二散列表865「HA2TBL」所含之c個檔案散列資訊885、886、887、‧‧‧、888中,包含選擇之7個檔案資訊所含之檔案識別子「FID1」、「FID3」、‧‧‧之檔案散列資訊的檔案散列值,分別替換成生成之替換檔案散列值892a「RFH1」、替換檔案散列值883a「RFH3」、‧‧‧。令替換後之第二散列表為替換第二散列表931「RHA2TBL」。 Second, the replacement combiner generation mechanism 506 will be an inter-media receiver The structure 502 accepts the second hash table 865 "HA2TBL" included in the header information 860. The c file hash information 885, 886, 887, ‧‧‧, 888 included in the second hash table 865 "HA2TBL" to be accepted includes the file identifier "FID1" and "including" in the selected seven file information. The file hash value of the file hash information of FID3" and ‧‧" is replaced by the generated replacement file hash value 892a "RFH1", the replacement file hash value 883a "RFH3", and ‧‧. The second hash table after the replacement is replaced with the second hash table 931 "RHA2TBL".

其次,替換結合體生成機構506將單元選出資訊780、替換第二散列表931「RHA2TBL」及簽章資訊890往簽章驗證機構507輸出。 Next, the replacement combining unit 506 outputs the unit selection information 780, the replacement second hash table 931 "RHA2TBL", and the signature information 890 to the signature verification unit 507.

2.5.8簽章驗證機構507 2.5.8 Signature Verification Agency 507

簽章驗證機構507由替換結合體生成機構506接受單元選出資訊780、替換第二散列表931「RHA2TBL」及簽章資訊890。 The signature verification unit 507 receives the unit selection information 780, the replacement second hash table 931 "RHA2TBL", and the signature information 890 by the replacement combination generation unit 506.

當接受單元選出資訊780、替換第二散列表931「RHA2TBL」及簽章資訊890時,簽章驗證機構507由簽章驗證金鑰保存機構505讀出公開金鑰531「KPV」。其次,如第24圖所示,接受之替換第二散列表931「RHA2TBL」與單元選出資訊780結合而生成結合體552。接著使用讀出之公開金鑰531,對生成之結合體552使用簽章驗證演算法V,驗證接受之簽章資訊890。 When the unit selection information 780 is received, the second hash table 931 "RHA2TBL" and the signature information 890 are replaced, the signature verification unit 507 reads the public key 531 "KPV" by the signature verification key storage unit 505. Next, as shown in Fig. 24, the accepted replacement second hash table 931 "RHA2TBL" is combined with the unit selection information 780 to generate a combined body 552. Next, using the read public key 531, the signature verification algorithm V is used on the generated combination 552 to verify the accepted signature information 890.

在此,簽章驗證演算法V為在1.2.8所述之簽章方式之演算法,且係對應於在簽章生成機構209使用之簽章生成 演算法S者。 Here, the signature verification algorithm V is an algorithm of the signature method described in 1.2.8, and is generated corresponding to the signature used in the signature generation mechanism 209. Algorithm S.

其次,簽章驗證機構507將驗證結果541往再生可否判定機構508輸出。 Next, the signature verification unit 507 outputs the verification result 541 to the reproduction possibility determination unit 508.

2.5.9再生機構509 2.5.9 Regeneration Mechanism 509

再生機構509由媒體間接收機構502接受個別標題金鑰381、共通標題金鑰241、發送用加密化內容900及標頭資訊860,並將接受之個別標題金鑰381、共通標題金鑰241、發送用加密化內容900及標頭資訊860往解密化機構504輸出。 The reproduction unit 509 receives the individual title key 381, the common title key 241, the transmission encrypted content 900, and the header information 860 by the medium-to-media receiving unit 502, and accepts the individual title key 381 and the common title key 241, The transmission encrypted content 900 and the header information 860 are output to the decryption unit 504.

又,再生機構509由解密化機構504接受發送用加密化內容解密後所得之解密內容,並再生接受之解密內容。 Further, the playback unit 509 receives the decrypted content obtained by decrypting the encrypted content for transmission by the decryption unit 504, and reproduces the received decrypted content.

2.6資訊記錄媒體裝置105a之構成 2.6 Composition of information recording media device 105a

資訊記錄媒體裝置105a係如第25圖所示,由機器間傳送機構601、機器間接收機構602、媒體識別子保存機構603、運用主體公開金鑰保存機構604、私有金鑰保存機構605、公開金鑰証明書保存機構606、暗號通信路確立機構607、標題金鑰儲存機構608、內容儲存機構609及控制機構610所構成。 As shown in Fig. 25, the information recording medium device 105a includes an inter-machine transfer unit 601, an inter-machine receiving unit 602, a media identifier storage unit 603, an operation subject public key storage unit 604, a private key storage unit 605, and a public fund. The key certificate storage unit 606, the secret communication path establishing unit 607, the title key storage unit 608, the content storage unit 609, and the control unit 610 are configured.

再者,資訊記錄媒體裝置105a具體而言亦可為CPU、RAM或ROM等之記憶體、快閃記憶體、用以進行記錄用資訊處理裝置103a或再生用資訊處理裝置104a與資料之存取之介面單元等構成之記憶卡。 Further, the information recording medium device 105a may specifically be a memory such as a CPU, a RAM, or a ROM, a flash memory, or an access to the information processing device 103a for recording or the information processing device 104a for reproduction and data. A memory card composed of an interface unit or the like.

此種情況下,機器間傳送機構601及機器間接收機構602由介面單元所構成,媒體識別子保存機構603、運用主 體公開金鑰保存機構604、私有金鑰保存機構605及公開金鑰証明書保存機構606分別由ROM所構成,標題金鑰儲存機構608及內容儲存機構609分別由快閃記憶體所構成,暗號通信路確立機構607及控制機構610分別由在CPU及記憶體上動作之程式所構成。再者,CPU、記憶體或介面單元亦有由稱為控制器之硬體所構成之情況。當然並不受限於該等者。 In this case, the inter-machine transfer mechanism 601 and the inter-machine receiving mechanism 602 are constituted by interface units, the media identifier storage unit 603, and the application master. The body public key storage unit 604, the private key storage unit 605, and the public key certificate storage unit 606 are each composed of a ROM, and the title key storage unit 608 and the content storage unit 609 are respectively composed of flash memory. The communication path establishing unit 607 and the control unit 610 are each constituted by a program that operates on the CPU and the memory. Furthermore, the CPU, memory or interface unit also has a hardware structure called a controller. Of course, it is not limited to these.

再者,媒體識別子保存機構603、運用主體公開金鑰保存機構604、私有金鑰保存機構605及公開金鑰証明書保存機構606分別係由ROM所構成,但亦可由如EEPROM或者混載快閃記憶體在製造時可暫時寫入之記憶體所構成。 Furthermore, the media identifier storage unit 603, the application body public key storage unit 604, the private key storage unit 605, and the public key certificate storage unit 606 are each constituted by a ROM, but may be, for example, an EEPROM or a mixed flash memory. The body is composed of a memory that can be temporarily written during manufacture.

2.6.1運用主體公開金鑰保存機構604 2.6.1 Using the subject public key depository mechanism 604

運用主體公開金鑰保存機構604保存有內容發送系統10a之運用主體具有之認證局裝置之公開金鑰361。 The application body public key storage means 604 holds the public key 361 of the certification authority device of the application body of the content distribution system 10a.

公開金鑰361與發送伺服器裝置102a之運用主體公開金鑰保存機構308保存之公開金鑰361相同。 The public key 361 is the same as the public key 361 held by the application body public key storage unit 308 of the transmission server device 102a.

該公開金鑰361係暗號通信路確立機構607確立暗號通信路22時使用。 The public key 361 is used when the cipher communication path establishing unit 607 establishes the cipher communication path 22.

公開金鑰361係作成預先嵌入到資訊記錄媒體裝置105a者,但不受此限。亦可做成例如由內容發送系統10a之運用主體之認證局裝置傳送公開金鑰361,資訊記錄媒體裝置105a接收公開金鑰361,並且運用主體公開金鑰保存機構604儲存接收之公開金鑰361。 The public key 361 is created in advance to be embedded in the information recording medium device 105a, but is not limited thereto. Alternatively, the public key 361 may be transmitted by the authentication authority device of the application body of the content distribution system 10a, the information recording medium device 105a receives the public key 361, and the entity public key storage unit 604 stores the received public key 361. .

2.6.2私有金鑰保存機構605 2.6.2 Private Key Depository 605

私有金鑰保存機構605保存有資訊記錄媒體裝置105a之私有金鑰631(也稱為媒體私有金鑰)。私有金鑰631係暗號通信路確立機構607在確立暗號通信路22時使用之公開金鑰暗號或公開金鑰簽章所使用者,且係藉由內容發送系統之運用主體之認證局裝置,與公開金鑰証明書951共同發行之私有金鑰。 The private key holding mechanism 605 holds a private key 631 (also referred to as a media private key) of the information recording medium device 105a. The private key 631 is a user of the public key or public key signature used by the secret communication path establishing unit 607 when establishing the secret communication path 22, and is authenticated by the authentication authority of the application body of the content transmission system, and The public key issued jointly by the public key certificate 951.

2.6.3公開金鑰証明書保存機構606 2.6.3 Public Key Certificate Depository 606

公開金鑰証明書保存機構606保存有資訊記錄媒體裝置105a之公開金鑰証明書951。公開金鑰証明書951係如第26圖所示,由媒體公開金鑰952及其他資訊以及簽章953所構成。媒體公開金鑰952係內容發送系統10a之運用主體之認證局裝置針對資訊記錄媒體裝置105a發行之公開金鑰。相對於媒體公開金鑰952及其他資訊,簽章953係內容發送系統10a之運用主體之認證局裝置使用簽章生成演算法S,並使用該認證局裝置自身保存之自身私有金鑰而生成之數位簽章資料。 The public key certificate storage unit 606 holds the public key certificate 951 of the information recording medium device 105a. The public key certificate 951 is composed of a media disclosure key 952 and other information and a signature 953 as shown in FIG. The media public key 952 is a public key issued by the authentication authority device of the application body of the content transmission system 10a to the information recording medium device 105a. With respect to the media disclosure key 952 and other information, the signature 953 is the authentication authority device of the application body of the content distribution system 10a, and uses the signature generation algorithm S, and generates it using the private key stored by the certification authority itself. Digital signature information.

簽章生成演算法S在本實施形態中之一例係具有160位元之金鑰長之EC-DSA(EllipticCurveDigitalSignatureAlgorithm)。可是,並不受此限。亦可為其他數位簽章方式,亦可為使用不同之位元寬的金鑰。又,亦可為使用MAC(MessageAuthenticationCode)等其他暗號函數防止竄改之方法。藉由附與該簽章,媒體公開金鑰952可確實地驗證由內容發送系統10a之運用主體之認證局裝置所發行 之情況。 The signature generation algorithm S is an EC-DSA (EllipticCurve Digital Signature Algorithm) having a 160-bit key length in this embodiment. However, this is not the limit. It can also be a digital signing method or a key with a different bit width. Further, it is also possible to prevent tampering by using other cipher functions such as MAC (Message Authentication Code). By attaching the signature, the media disclosure key 952 can surely verify that the certification authority device of the application body of the content delivery system 10a is issued. The situation.

2.6.4媒體識別子保存機構603 2.6.4 Media Identification Sub-Save Organization 603

媒體識別子保存機構603保存有可唯一識別資訊記錄媒體裝置105a之媒體識別子371。 The media identifier storage unit 603 stores a media identifier 371 that uniquely identifies the information recording medium device 105a.

2.6.5標題金鑰儲存機構608 2.6.5 Title Key Storage Authority 608

標題金鑰儲存機構608係具有用以記憶個別標題金鑰381及共通標題金鑰241之區域。標題金鑰儲存機構608為可僅藉判斷為正當之發送伺服器裝置102a,可寫入資訊之記憶區域。 The title key storage unit 608 has an area for storing the individual title key 381 and the common title key 241. The title key storage unit 608 is a memory area in which information can be written only by the server server 102a that is determined to be legitimate.

在此,個別標題金鑰381及共通標題金鑰241係使用暗號通信路確立機構607所確立之暗號通信路22接收者。 Here, the individual title key 381 and the common title key 241 are the recipients of the secret communication path 22 established by the secret communication path establishing unit 607.

2.6.6內容儲存機構609 2.6.6 Content Storage Organization 609

內容儲存機構609具有用以記錄發送用內容資料集351之區域。 The content storage unit 609 has an area for recording the content set 351 for transmission.

發送用內容資料集351係由機器間接收機構602接收者。 The transmission content data set 351 is received by the inter-machine receiving unit 602.

2.6.7機器間傳送機構601 2.6.7 Inter-machine transfer mechanism 601

機器間傳送機構601係藉由控制機構610之控制,對再生用資訊處理裝置104a傳送記錄於標題金鑰儲存機構608之個別標題金鑰381與共通標題金鑰241、以及儲存於內容儲存機構609之發送用內容資料集351。 The inter-machine transfer unit 601 transfers the individual title key 381 and the common title key 241 recorded in the title key storage unit 608 to the playback information processing device 104a under the control of the control unit 610, and stores it in the content storage unit 609. The content data set 351 for transmission.

又,機器間傳送機構601係對記錄用資訊處理裝置103a,透過暗號通信路確立機構607所確立之暗號通信路22,傳送媒體識別子保存機構603保存之媒體識別子371。 Further, the inter-machine transfer unit 601 transmits the media identifier 371 stored in the media identifier storage unit 603 to the recording information processing device 103a via the secret communication path 22 established by the secret communication path establishing unit 607.

2.6.8機器間接收機構602 2.6.8 Inter-machine receiving mechanism 602

機器間接收機構602係由記錄用資訊處理裝置103a接收個別標題金鑰381、共通標題金鑰241及發送用內容資料集351。在此,個別標題金鑰381及共通標題金鑰241係透過暗號通信路確立機構607所確立之暗號通信路22來接收。 The inter-machine receiving unit 602 receives the individual title key 381, the common title key 241, and the transmission content data set 351 by the recording information processing device 103a. Here, the individual title key 381 and the common title key 241 are received by the secret communication path 22 established by the secret communication path establishing unit 607.

2.6.9暗號通信路確立機構607 2.6.9 cryptographic communication path establishment mechanism 607

暗號通信路確立機構607使用運用主體公開金鑰保存機構604保存之公開金鑰361、私有金鑰保存機構605保存之資訊記錄媒體裝置105a之私有金鑰631、及公開金鑰証明書保存機構606保存之資訊記錄媒體裝置105a之公開金鑰証明書951,經由記錄用資訊處理裝置103a確立與發送伺服器裝置102a之暗號通信路22。 The secret communication path establishing unit 607 uses the public key 361 held by the application body public key storage means 604, the private key 631 of the information recording medium device 105a held by the private key holding means 605, and the public key certificate holding means 606. The public key certificate 951 of the stored information recording medium device 105a establishes the secret communication path 22 with the transmission server device 102a via the recording information processing device 103a.

具體而言,暗號通信路確立機構607用以驗證通信對象之發送伺服器裝置102a是否為正當裝置。判斷為非法時,則中止暗號通信路22之確立。若暗號通信路確立機構607判斷發送伺服器裝置102a為正當裝置時,則在與發送伺服器裝置102a之間共有秘密之對話金鑰。使用共有之對話金鑰,在與發送伺服器裝置102a之間進行秘密的暗號通信。 Specifically, the secret communication path establishing unit 607 is for verifying whether or not the transmission server device 102a of the communication target is a legitimate device. When it is judged to be illegal, the establishment of the secret communication path 22 is suspended. When the secret communication path establishing unit 607 determines that the transmission server device 102a is a legitimate device, a secret session key is shared with the transmission server device 102a. Secret secret communication is performed with the transmitting server device 102a using the shared dialog key.

當確立暗號通信路22時,暗號通信路確立機構607對判斷為正當之發送伺服器裝置102a許可往標題金鑰(個別標題金鑰381及共通標題金鑰241)之標題金鑰儲存機構608之寫入。對於不被判斷為正當之裝置,不許可往標題金 鑰儲存機構608之資料的寫入。 When the secret communication path 22 is established, the secret communication path establishing unit 607 permits the title key storage means 608 of the title server key (the individual title key 381 and the common title key 241) to be determined by the transmission server device 102a. Write. For devices that are not judged to be legitimate, they are not allowed to go to the title gold The writing of the data of the key storage mechanism 608.

暗號通信路22之確立方法係使用與發送伺服器裝置102a之暗號通信路確立機構311相同之方法。因此,本實施形態中使用DTCP所規定之方式。 The method of establishing the secret communication path 22 is the same as the method of the secret communication path establishing unit 311 of the transmitting server device 102a. Therefore, in the present embodiment, the method defined by DTCP is used.

2.7內容發送系統10a之動作 2.7 Action of Content Delivery System 10a

以下分別就內容發送系統10a之動作中,內容簽章生成伺服器裝置101a生成中間內容資料集242等,並將中間內容資料集242等傳送到發送伺服器裝置102a之「內容簽章生成」之動作、發送伺服器裝置102a生成發送用內容資料集351等,並將發送用內容資料集351等經由記錄用資訊處理裝置103a而儲存於資訊記錄媒體裝置105a之「內容發送」之動作、與再生用資訊處理裝置104a由資訊記錄媒體裝置105a讀出發送用內容資料集351等且再生之「內容再生」之動作加以說明。 In the following, in the operation of the content distribution system 10a, the content signature generation server device 101a generates the intermediate content data set 242 and the like, and transmits the intermediate content data set 242 and the like to the "content signature generation" of the transmission server device 102a. The operation and transmission server device 102a generates the content data set 351 for transmission, and the operation and reproduction of the "content transmission" stored in the information recording medium device 105a via the recording information processing device 103a. The operation of the "content reproduction" reproduced by the information recording medium device 105a and the reproduction of the content data set 351 for transmission by the information processing device 104a will be described.

(1)內容簽章生成之動作 (1) Action of content signature generation

關於內容簽章生成之動作使用第27圖所示之順序圖說明。 The operation of generating the content signature is described using the sequence diagram shown in Fig. 27.

內容簽章生成伺服器裝置101a之單元生成機構204生成分割內容721與單元選出資訊780,並將分割內容721往加密化機構206輸出,將單元選出資訊780往簽章生成機構209輸出,將單元選出資訊780往儲存機構202寫入(步驟S1001)。共通標題金鑰生成機構205生成共通標題金鑰241,將共通標題金鑰241往加密化機構206輸出,將共通標題金鑰241往儲存機構202寫入(步驟S1002)。加密化機 構206生成加密化分割內容840及加密化內容820,將加密化分割內容840往標頭資訊生成機構207輸出,將加密化內容820往儲存機構202寫入(步驟S1003)。標頭資訊生成機構207生成標頭資訊860,將標頭資訊860往儲存機構202寫入,並將標頭資訊860所含之第二散列表865往簽章生成機構209輸出(步驟S1004)。其次,簽章生成機構209生成簽章資訊890,將簽章資訊890往儲存機構202寫入(步驟S1005)。機器間傳送機構203由儲存機構202讀出共通標題金鑰241及中間內容資料集242,並將共通標題金鑰241及中間內容資料集242往發送伺服器裝置102a傳送。發送伺服器裝置102a之機器間接收機構303接收共通標題金鑰241及中間內容資料集242(步驟S1006),並將共通標題金鑰241及中間內容資料集242往儲存機構301寫入(步驟S1007)。 The unit generation unit 204 of the content signature generation server device 101a generates the divided content 721 and the unit selection information 780, and outputs the divided content 721 to the encryption unit 206, and outputs the unit selection information 780 to the signature generation unit 209 to output the unit. The selection information 780 is written to the storage unit 202 (step S1001). The common title key generation unit 205 generates the common title key 241, outputs the common title key 241 to the encryption unit 206, and writes the common title key 241 to the storage unit 202 (step S1002). Encryption machine The configuration 206 generates the encrypted divided content 840 and the encrypted content 820, outputs the encrypted divided content 840 to the header information generating unit 207, and writes the encrypted content 820 to the storage unit 202 (step S1003). The header information generating unit 207 generates the header information 860, writes the header information 860 to the storage unit 202, and outputs the second hash table 865 included in the header information 860 to the signature generating unit 209 (step S1004). Next, the signature generation unit 209 generates the signature information 890, and writes the signature information 890 to the storage unit 202 (step S1005). The inter-machine transfer unit 203 reads the common title key 241 and the intermediate content data set 242 from the storage unit 202, and transmits the common title key 241 and the intermediate content data set 242 to the transmission server device 102a. The inter-machine receiving unit 303 of the transmitting server device 102a receives the common title key 241 and the intermediate content data set 242 (step S1006), and writes the common title key 241 and the intermediate content data set 242 to the storage unit 301 (step S1007). ).

(2)內容發送之動作 (2) Action of content transmission

關於內容發送之動作使用第28圖所示之順序圖說明。 The operation of transmitting the content is explained using the sequence diagram shown in Fig. 28.

記錄用資訊處理裝置103a往發送伺服器裝置102a傳送發送要求資訊321,發送伺服器裝置102a之機器間接收機構303接收發送要求資訊321(步驟S1101)。其次,發送伺服器裝置102a之暗號通信路確立機構311與資訊記錄媒體裝置105a之暗號通信路確立機構607係在發送伺服器裝置102a與資訊記錄媒體裝置105a之間確立暗號通信路22(步驟S1102)。暗號通信路22確立時,資訊記錄媒體裝置105a之機器間傳送機構601透過暗號通信路22經由記 錄用資訊處理裝置103a將媒體識別子371往發送伺服器裝置102a傳送(步驟S1103)。 The recording information processing device 103a transmits the transmission request information 321 to the transmission server device 102a, and the device-to-machine receiving mechanism 303 of the transmission server device 102a receives the transmission request information 321 (step S1101). Next, the cipher communication path establishing unit 311 of the transmission server device 102a and the cipher communication path establishing unit 607 of the information recording medium device 105a establish the cipher communication path 22 between the transmission server device 102a and the information recording medium device 105a (step S1102). ). When the cipher communication path 22 is established, the inter-machine transfer mechanism 601 of the information recording medium device 105a passes through the cipher communication path 22 The hire information processing device 103a transmits the media identifier 371 to the transmission server device 102a (step S1103).

發送伺服器裝置102a之機器間接收機構303透過暗號通信路22接收媒體識別子371(步驟S1103)。個別標題金鑰生成機構305生成個別標題金鑰381(步驟S1104)。加密化機構306生成發送用加密化內容900(步驟S1105)。機器間傳送機構302經由記錄用資訊處理裝置103a而將發送用內容資料集351往資訊記錄媒體裝置105a傳送(步驟S1106)。 The inter-machine receiving unit 303 of the transmission server device 102a receives the media identifier 371 via the secret communication path 22 (step S1103). The individual title key generation unit 305 generates an individual title key 381 (step S1104). The encryption unit 306 generates the encrypted content 900 for transmission (step S1105). The inter-machine transmission unit 302 transmits the transmission content data set 351 to the information recording medium device 105a via the recording information processing device 103a (step S1106).

資訊記錄媒體裝置105a之機器間接收機構602接收發送用內容資料集351(步驟S1106)、將發送用內容資料集351往內容儲存機構609寫入(步驟S1107)。 The inter-machine receiving unit 602 of the information recording medium device 105a receives the transmission content data set 351 (step S1106), and writes the transmission content data set 351 to the content storage unit 609 (step S1107).

發送伺服器裝置102a之機器間傳送機構302使用暗號通信路22,經由記錄用資訊處理裝置103a而將個別標題金鑰381及共通標題金鑰241傳送至資訊記錄媒體裝置105a(步驟S1108)。 The inter-machine transfer unit 302 of the transmission server device 102a transmits the individual title key 381 and the common title key 241 to the information recording medium device 105a via the recording information processing device 103a using the secret communication path 22 (step S1108).

資訊記錄媒體裝置105a之機器間接收機構602使用暗號通信路22接收個別標題金鑰381及共通標題金鑰241(步驟S1108)、並將個別標題金鑰381及共通標題金鑰241往標題金鑰儲存機構608寫入(步驟S1109)。 The inter-machine receiving unit 602 of the information recording medium device 105a receives the individual title key 381 and the common title key 241 using the secret number communication path 22 (step S1108), and transfers the individual title key 381 and the common title key 241 to the title key. The storage unit 608 writes (step S1109).

(3)內容再生之動作 (3) The action of content regeneration

關於內容再生之動作使用第29圖順序圖說明。 The operation of content reproduction is described using a sequence diagram of Fig. 29.

再生用資訊處理裝置104a之媒體間傳送機構501往資訊記錄媒體裝置105a傳送傳送指示551,資訊記錄媒體裝置105a之機器間接收機構602接收傳送指示551(步驟 S1201)。 The inter-media transfer mechanism 501 of the reproduction information processing device 104a transmits a transfer instruction 551 to the information recording medium device 105a, and the inter-machine receiving mechanism 602 of the information recording medium device 105a receives the transfer instruction 551 (step S1201).

其次,資訊記錄媒體裝置105a之機器間傳送機構601往再生用資訊處理裝置104a傳送個別標題金鑰381、共通標題金鑰241及發送用內容資料集351(步驟S1202)。 Then, the inter-machine transfer unit 601 of the information recording medium device 105a transmits the individual title key 381, the common title key 241, and the transmission content data set 351 to the playback information processing device 104a (step S1202).

其次,再生用資訊處理裝置104a之媒體間接收機構502接收個別標題金鑰381、共通標題金鑰241及發送用內容資料集351(步驟S1202)。替換結合體生成機構506生成替換第二散列表931,結合替換第二散列表931與單元選出資訊780而生成替換結合體552(步驟S1203)。簽章驗證機構507使用已生成之替換結合體552及簽章資訊890進行簽章驗證,並且因應於驗證結果541,再生可否判定機構508判定再生可否(步驟S1204)。驗證結果541顯示驗證失敗時(在步驟S1204為「驗證失敗」),則停止內容之再生處理。驗證結果541顯示驗證成功時(在步驟S1204為「驗證成功」)、標題金鑰取得機構503取得標題金鑰(個別標題金鑰381及共通標題金鑰241),解密化機構504使用取得之標題金鑰,將發送用加密化內容900解密化(步驟S1205)。再生機構509將解密所得之解密內容再生(步驟S1206)。 Next, the inter-media receiving unit 502 of the reproduction information processing device 104a receives the individual title key 381, the common title key 241, and the transmission content data set 351 (step S1202). The replacement combination generation mechanism 506 generates a replacement second hash table 931, and replaces the second hash table 931 with the unit selection information 780 to generate a replacement combination 552 (step S1203). The signature verification unit 507 performs signature verification using the generated replacement combination 552 and the signature information 890, and in response to the verification result 541, the reproduction possibility determination unit 508 determines whether or not the reproduction is possible (step S1204). When the verification result 541 indicates that the verification has failed ("verification failure" in step S1204), the content reproduction processing is stopped. When the verification result 541 indicates that the verification is successful ("verification succeeded" in step S1204), the title key obtaining means 503 acquires the title key (the individual title key 381 and the common title key 241), and the decryption means 504 uses the obtained title. The key decrypts the transmission encrypted content 900 (step S1205). The reproduction unit 509 reproduces the decrypted content obtained by the decryption (step S1206).

2.8內容發送系統10a之效果 2.8 Effect of Content Delivery System 10a

(1)內容發送系統10a中,將標題金鑰(個別標題金鑰381及共通標題金鑰241)儲存於資訊記錄媒體裝置105a之標題金鑰儲存機構608。資訊記錄媒體裝置105a之標題金鑰儲存機構608為可僅藉判斷為正當之發送伺服器裝置102a可寫入資訊之記憶區域。 (1) The content transmission system 10a stores the title key (the individual title key 381 and the common title key 241) in the title key storage unit 608 of the information recording medium device 105a. The title key storage unit 608 of the information recording medium device 105a is a memory area in which the information can be written by the server device 102a only by the determination.

具體而言,內容發送系統10a中,係使用驗證公開金鑰証明書而確立之暗號通信路22,將只有驗證判定為正確之發送伺服器裝置102a傳送之標題金鑰寫入資訊記錄媒體裝置105a之標題金鑰儲存機構608。結果,可防止來自驗證判定為非法之非法伺服器裝置之標題金鑰的寫入。 Specifically, in the content distribution system 10a, the secret communication path 22 established by using the verification public key certificate is used, and the title key transmitted only by the transmission server device 102a whose verification is determined to be correct is written in the information recording medium device 105a. Title key storage mechanism 608. As a result, writing of the title key from the illegal server device whose authentication is determined to be illegal can be prevented.

(2)內容發送系統10a中,將對於內容之簽章資訊890儲存於資訊記錄媒體裝置105a,並藉由使用簽章資訊890之驗證,可檢出加密化內容之非法取代,可防止加密化內容之非法取代。 (2) In the content distribution system 10a, the signature information 890 for the content is stored in the information recording medium device 105a, and by using the verification of the signature information 890, the illegal replacement of the encrypted content can be detected, and the encryption can be prevented. Illegal substitution of content.

(3)又,內容發送系統10a中,發送伺服器裝置102a之個別標題金鑰生成機構305係於每資訊記錄媒體裝置生成個別標題金鑰381,且標題金鑰資料庫儲存機構307使個別標題金鑰381與可唯一識別資訊記錄媒體裝置之媒體識別子成對進行保存及管理。藉此,當個別標題金鑰381在WEB伺服器或網際網路網頁非法暴露時,可由發送伺服器裝置102a取得對個別標題金鑰381之資訊記錄媒體裝置之媒體識別子,特定洩漏來源之資訊記錄媒體裝置,並且抑止之後的內容發送到特定之資訊記錄媒體裝置。 (3) Further, in the content distribution system 10a, the individual title key generation means 305 of the transmission server device 102a generates an individual title key 381 for each information recording medium device, and the title key database storage means 307 makes individual titles. The key 381 is stored and managed in pairs with a media identifier that uniquely identifies the information recording medium device. Thereby, when the individual title key 381 is illegally exposed on the WEB server or the Internet webpage, the media identifier of the information recording medium device for the individual title key 381 can be obtained by the sending server device 102a, and the information record of the specific leak source is obtained. The media device, and the content after the suppression is sent to the specific information recording media device.

(3)內容發送系統10a中,對作為共通標題金鑰241之使用對象之單元,附加對於以包含將該單元加密化而得之加密化單元之加密化分割檔案為基礎而生成之第二散列表等之簽章資訊。藉此,萬一,非法伺服器裝置於資訊記錄媒體裝置寫入非法共通標題金鑰,即使將配合該非法共通標題金鑰而生成之加密化內容寫入資訊記錄媒體裝置,亦 可藉由再生用資訊處理裝置所執行之簽章驗證,檢出非法,而停止該非法加密化內容之再生。 (3) The content transmission system 10a adds, to the unit to be used as the common title key 241, the second generation generated based on the encrypted divided file including the encryption unit obtained by encrypting the unit. Signature information such as lists. Therefore, if the illegal server device writes the illegal common title key to the information recording medium device, even if the encrypted content generated by the illegal common title key is written into the information recording medium device, The signature verification performed by the information processing device for reproduction can detect illegality and stop the reproduction of the illegally encrypted content.

(4)進一步,內容發送系統10a中,係對作為個別標題金鑰381之使用對象之單元附加對於以包含非加密化單元而為明文單元之加密化分割檔案為基礎而生成之第二散列表等之簽章資訊。如此,不會在發送伺服器裝置102a中生成對於內容之簽章資訊,而是內容簽章生成伺服器裝置101a預先生成有簽章資訊。 (4) Further, in the content distribution system 10a, a second hash table generated based on the encrypted divided file including the unencrypted unit and the plaintext unit is added to the unit to be used as the individual title key 381. Wait for the signature information. In this way, the signature information for the content is not generated in the transmission server device 102a, but the content signature generation server device 101a generates the signature information in advance.

因此,僅發送伺服器裝置102a連接於網路,不將內容簽章生成伺服器裝置101a連接於網路的話,可防止內容簽章生成伺服器裝置101a透過網路而受到攻撃,並且簽章資訊不會被更改而為確實者。 Therefore, only the transmission server device 102a is connected to the network, and if the content signature generation server device 101a is not connected to the network, the content signature generation server device 101a can be prevented from being attacked through the network, and the signature information is Will not be changed to be true.

(5)又,就作為個別標題金鑰381之使用對象的單元,係如上述,即使非法共通標題金鑰與配合其而生成之加密化單元非法寫入資訊記錄媒體裝置,藉由再生用資訊處理裝置104a執行之簽章驗證,也無法檢出此種非法,無法停止再生。 (5) In addition, as for the unit to be used as the individual title key 381, as described above, even if the illegal common title key and the encryption unit generated in conjunction therewith are illegally written to the information recording medium device, the information for reproduction is used. The signature verification performed by the processing device 104a cannot detect such illegality, and the reproduction cannot be stopped.

可是,一個內容中,因使用個別標題金鑰381而加密化之單元與使用共通標題金鑰241而加密化之單元之處混合,因此即使僅取代使用個別標題金鑰381之部分,亦如上述,再生不停止,而難以再生內容。 However, in one content, the unit encrypted by using the individual title key 381 is mixed with the unit encrypted by the common title key 241, so even if only the part using the individual title key 381 is used instead, Regeneration does not stop, and it is difficult to reproduce content.

具體而言,MPEG2等之壓縮動畫之符號化方法,有成為影像之基礎之I圖像與來自I圖像之差分所構成之B圖像或P圖像。例如、將I圖像以共通標題金鑰241加密化, 將B圖像或P圖像以個別標題金鑰381加密化的話,在僅B圖像或P圖像之取代中,無法表現出成為基礎之影像,因此無法形成如攻撃者所願之視聽。 Specifically, a method of symbolizing a compressed animation such as MPEG2 includes a B image or a P image which is a difference between an I image which is a basis of an image and a difference from an I image. For example, the I picture is encrypted with the common title key 241, When the B picture or the P picture is encrypted by the individual title key 381, the only basic image cannot be represented by the replacement of the B picture or the P picture, and thus it is impossible to form a view as desired by the attacker.

如此,藉由於內容之各單元混有使用個別標題金鑰381之加密化與使用共通標題金鑰241之加密化,即,若使用即個別標題金鑰381與共通標題金鑰241兩方,將內容加密化,即使攻撃者將標題金鑰與一部份之單元非法取代時,亦可無法照攻撃者所願使內容再生。 Thus, the encryption of the individual title key 381 and the encryption using the common title key 241 are mixed by the units of the content, that is, if the individual title key 381 and the common title key 241 are used, Encryption of content, even if the attacker illegally replaces the title key with a part of the unit, it is impossible to reproduce the content as the attacker wishes.

(6)又,由於對根據使用共通標題金鑰241而加密化之單元之單元散列值、與為個別標題金鑰381之使用對象之單元之單元散列值而生成之第二散列表,生成簽章資訊,因此可防止各單元散列值之竄改。 (6) Further, the second hash table generated by the unit hash value of the unit encrypted according to the use of the common title key 241 and the unit hash value of the unit used as the individual title key 381, The signature information is generated, thus preventing tampering of the hash values of the units.

如以上說明,內容發送系統10a中,係藉由使用個別標題金鑰381與共通標題金鑰241之兩方,對共通標題金鑰241於業經加密化之單元,對個別標題金鑰381於明文單元,生成單元散列值,具有防止攻撃者之攻撃,且可預先生成內容之簽章資訊的效果。 As described above, in the content distribution system 10a, by using the individual title key 381 and the common title key 241, the common title key 241 is encrypted, and the individual title key 381 is in plaintext. The unit generates a unit hash value, has the effect of preventing the attacker from attacking, and can generate the signature information of the content in advance.

再者,如上述中所說明,由於係使用個別標題金鑰381與共通標題金鑰241之兩方,對共通標題金鑰241於業經加密化之單元,對個別標題金鑰381於明文單元,生成單元散列值,因此即使標題金鑰被竄改,再生用資訊處理裝置中,亦可防止使用被竄改標題金鑰再生非法內容的攻撃。內容發送系統10a中,係構成為僅發送伺服器裝置可寫入標題金鑰的構成,但為了發揮上述效果,僅發送伺服 器裝置可寫入標題金鑰之構成對於本發明非為必須之構成。 Furthermore, as described above, since both the individual title key 381 and the common title key 241 are used, the common title key 241 is encrypted in the unit, and the individual title key 381 is in the plaintext unit. Since the cell hash value is generated, even if the title key is tampered with, the reproduction information processing apparatus can prevent the attack of reproducing the illegal content using the falsified title key. In the content distribution system 10a, only the configuration in which the server device can write the title key is transmitted, but in order to exhibit the above effects, only the servo is transmitted. The configuration in which the device device can write the title key is not essential to the present invention.

3.實施形態3 3. Embodiment 3

在此,內容發送系統10a之變形例係就作為本發明之實施形態3之內容發送系統10b參照圖式加以說明。 Here, a modification of the content distribution system 10a will be described with reference to the drawings as the content transmission system 10b according to the third embodiment of the present invention.

3.1內容發送系統10b之全體構成 3.1 The whole composition of the content transmission system 10b

內容發送系統10b係如第30圖所示,由內容簽章生成伺服器裝置101a、發送伺服器裝置102b、記錄用資訊處理裝置103a、再生用資訊處理裝置104b及資訊記錄媒體裝置105b構成。在此,內容簽章生成伺服器裝置101a及發送伺服器裝置102b構成內容發送子系統30b(未圖示)。 As shown in FIG. 30, the content distribution system 10b is composed of a content signature generation server device 101a, a transmission server device 102b, a recording information processing device 103a, a reproduction information processing device 104b, and an information recording medium device 105b. Here, the content signature generation server device 101a and the transmission server device 102b constitute a content transmission subsystem 30b (not shown).

內容簽章生成伺服器裝置101a及記錄用資訊處理裝置103a分別具有與內容發送系統100a之內容簽章生成伺服器裝置101a及記錄用資訊處理裝置103a相同的構成。 The content signature generation server device 101a and the recording information processing device 103a have the same configuration as the content signature generation server device 101a and the recording information processing device 103a of the content transmission system 100a.

又,發送伺服器裝置102b、再生用資訊處理裝置104b及資訊記錄媒體裝置105b分別具有與內容發送系統100a之發送伺服器裝置102a、再生用資訊處理裝置104a及資訊記錄媒體裝置105a類似之構成。 Further, the transmission server device 102b, the reproduction information processing device 104b, and the information recording medium device 105b have configurations similar to those of the transmission server device 102a, the reproduction information processing device 104a, and the information recording medium device 105a of the content transmission system 100a.

在此,以與內容發送系統10a之相異點為中心進行說明。 Here, a description will be given focusing on the difference from the content distribution system 10a.

3.2發送伺服器裝置102b之構成 3.2 The composition of the transmitting server device 102b

發送伺服器裝置102b係如第31圖所示,由儲存機構301、機器間傳送機構302、機器間接收機構303、媒體識別子取得機構304、個別標題金鑰生成機構305、加密化機 構306、標題金鑰資料庫儲存機構307、運用主體公開金鑰保存機構308、私有金鑰保存機構309、公開金鑰証明書保存機構310、暗號通信路確立機構311、標題金鑰發送証明書生成機構312及控制機構313所構成。 As shown in FIG. 31, the transmission server device 102b includes a storage unit 301, an inter-machine transfer unit 302, an inter-machine receiving unit 303, a media identifier acquisition unit 304, an individual title key generation unit 305, and an encryption unit. 306, title key database storage unit 307, application body public key storage unit 308, private key storage unit 309, public key certificate storage unit 310, secret communication path establishment unit 311, title key transmission certificate The generating mechanism 312 and the control unit 313 are configured.

在此,儲存機構301、機器間傳送機構302、機器間接收機構303、媒體識別子取得機構304、個別標題金鑰生成機構305、加密化機構306、標題金鑰資料庫儲存機構307、運用主體公開金鑰保存機構308、私有金鑰保存機構309、公開金鑰証明書保存機構310、暗號通信路確立機構311、及控制機構313具有與內容發送系統10a之發送伺服器裝置102a具有之對應之構成要素同樣的構成。另一方面,標題金鑰發送証明書生成機構312不存在於內容發送系統10a之發送伺服器裝置102a。 Here, the storage unit 301, the inter-machine transfer unit 302, the inter-machine receiving unit 303, the media identifier acquisition unit 304, the individual title key generation unit 305, the encryption unit 306, the title key database storage unit 307, and the application body are disclosed. The key storage unit 308, the private key storage unit 309, the public key certificate storage unit 310, the secret communication path establishing unit 311, and the control unit 313 have a configuration corresponding to the transmission server device 102a of the content transmission system 10a. The same composition of elements. On the other hand, the title key transmission certificate generation unit 312 does not exist in the transmission server device 102a of the content transmission system 10a.

再者,發送伺服器裝置102b與發送伺服器裝置102b同樣亦可為包含CPU、記憶體、二次記憶裝置、網際網路介面電路等之PC,此種情況下,標題金鑰發送証明書生成機構312係由CPU及在其上動作之程式所構成。可是,不用說,當然不受此限定。 Furthermore, the transmission server device 102b may be a PC including a CPU, a memory, a secondary memory device, an internet interface circuit, etc., in the same manner as the transmission server device 102b. In this case, the title key transmission certificate is generated. The mechanism 312 is composed of a CPU and a program that operates thereon. However, needless to say, it is of course not limited thereto.

以下,以與內容發送系統10a之發送伺服器裝置102a之相異點為中心作說明。 Hereinafter, description will be given focusing on the difference from the transmission server device 102a of the content transmission system 10a.

3.2.1標題金鑰發送証明書生成機構312 3.2.1 Title Key Transmission Certificate Generation Authority 312

標題金鑰發送証明書生成機構312係如以下所示,生成標題金鑰發送証明書1000。 The title key transmission certificate generation unit 312 generates a title key transmission certificate 1000 as described below.

標題金鑰發送証明書生成機構312係由儲存機構301 讀出個別標題金鑰381及共通標題金鑰241,並由媒體識別子取得機構304接受媒體識別子371。又,由私有金鑰保存機構309讀出私有金鑰362。 The title key transmission certificate generation unit 312 is stored by the storage mechanism 301. The individual title key 381 and the common title key 241 are read, and the media identifier 371 is received by the media identifier obtaining unit 304. Further, the private key 362 is read by the private key holding means 309.

其次,標題金鑰發送証明書生成機構312依該順序結合個別標題金鑰381、共通標題金鑰241及媒體識別子371,生成結合體271,並使用已讀出之私有金鑰362,對已生成之結合體271施行簽章生成演算法S,生成簽章資訊1001。在此,關於簽章生成演算法S係如上述所說明。 Next, the title key transmission certificate generation unit 312 combines the individual title key 381, the common title key 241, and the media identifier 371 in this order to generate a combination 271, and uses the read private key 362 to generate the pair. The combination 271 performs a signature generation algorithm S to generate signature information 1001. Here, the signature generation algorithm S is as described above.

其次,標題金鑰發送証明書生成機構312由公開金鑰証明書保存機構310讀出公開金鑰証明書921,如第32圖所示,生成由簽章資訊1001與公開金鑰証明書921構成之標題金鑰發送証明書1000,將已生成之標題金鑰發送証明書1000往儲存機構301寫入。 Next, the title key transmission certificate generation unit 312 reads out the public key certificate 921 from the public key certificate storage unit 310, and as shown in Fig. 32, the signature information 1001 and the public key certificate 921 are generated. The title key transmission certificate 1000 writes the generated title key transmission certificate 1000 to the storage unit 301.

3.2.2其他構成要素 3.2.2 Other components

媒體識別子取得機構304將接受之媒體識別子371往標題金鑰發送証明書生成機構312輸出。 The media identification sub-acquisition unit 304 outputs the received media identifier 371 to the title key transmission certificate generating unit 312.

機器間傳送機構302係藉控制機構313之控制,由儲存機構301讀出標題金鑰發送証明書1000,並將讀出之標題金鑰發送証明書1000透過記錄用資訊處理裝置103a傳送到資訊記錄媒體裝置105b。 The inter-machine transfer mechanism 302 reads the title key transmission certificate 1000 from the storage unit 301 under the control of the control unit 313, and transmits the read title key transmission certificate 1000 to the information record through the information processing device 103a for recording. Media device 105b.

3.3再生用資訊處理裝置104b之構成 3.3 Composition of the information processing device 104b for regeneration

再生用資訊處理裝置104b係如第33圖所示,由媒體間傳送機構501、媒體間接收機構502、標題金鑰取得機構503、解密化機構504、簽章驗證金鑰保存機構505、替換 結合體生成機構506、簽章驗證機構507、再生可否判定機構508、再生機構509、媒體識別子取得機構510、運用主體公開金鑰保存機構511、標題金鑰發送証明書驗證機構512及控制機構513所構成。 As shown in FIG. 33, the reproduction information processing device 104b includes an inter-media transfer unit 501, an inter-media receiving unit 502, a title key obtaining unit 503, a decryption unit 504, a signature verification key storage unit 505, and a replacement. The combination generation unit 506, the signature verification unit 507, the reproduction possibility determination unit 508, the reproduction unit 509, the media identification sub-acquisition unit 510, the operation main body public key storage unit 511, the title key transmission certificate verification unit 512, and the control unit 513 Composition.

媒體間傳送機構501、媒體間接收機構502、標題金鑰取得機構503、解密化機構504、簽章驗證金鑰保存機構505、替換結合體生成機構506、簽章驗證機構507、再生可否判定機構508、再生機構509及控制機構513具有與內容發送系統10a之再生用資訊處理裝置104a對應之構成要素相同之構成。另一方面,媒體識別子取得機構510、運用主體公開金鑰保存機構511及標題金鑰發送証明書驗證機構512不存在於再生用資訊處理裝置104a。 The inter-media transfer unit 501, the media-to-media reception unit 502, the title key acquisition unit 503, the decryption unit 504, the signature verification key storage unit 505, the replacement combination generation unit 506, the signature verification unit 507, and the reproduction possibility determination mechanism 508. The reproduction unit 509 and the control unit 513 have the same configuration as the components corresponding to the reproduction information processing device 104a of the content transmission system 10a. On the other hand, the media identification sub-acquisition unit 510, the operation main body public key storage unit 511, and the title key transmission certificate verification unit 512 are not present in the reproduction information processing device 104a.

再者,再生用資訊處理裝置104b與再生用資訊處理裝置104a同樣亦可為由CPU、內建快閃記憶體、記憶體、媒體讀寫裝置及網際網路介面電路等構成之家電機器。此種情況下,運用主體公開金鑰保存機構511係由內建快閃記憶體所構成,媒體識別子取得機構510與標題金鑰發送証明書驗證機構512係由CPU及在記憶體上動作之程式所構成。可是,當然不受此限。 Further, the reproduction information processing device 104b may be a home appliance including a CPU, a built-in flash memory, a memory, a media read/write device, and an internet interface circuit, similarly to the playback information processing device 104a. In this case, the application subject public key storage means 511 is constituted by built-in flash memory, and the media identification sub-acquisition means 510 and the title key transmission certificate verification means 512 are programs which are operated by the CPU and the memory. Composition. However, of course, this is not the limit.

以下,以與內容發送系統10a之再生用資訊處理裝置104a之相異點為中心進行說明。 Hereinafter, description will be given focusing on the difference from the reproduction information processing device 104a of the content distribution system 10a.

3.3.1媒體識別子取得機構510 3.3.1 Media Identification Sub-Acquisition Mechanism 510

媒體識別子取得機構510由媒體間接收機構502取得可專門地識別資訊記錄媒體裝置105b之媒體識別子371, 並將已取得之媒體識別子371輸出到標題金鑰發送証明書驗證機構512。 The media identification sub-acquisition mechanism 510 acquires the media identifier 371 that can specifically identify the information recording media device 105b by the inter-media receiving mechanism 502. The obtained media identifier 371 is output to the title key transmission certificate verification unit 512.

3.3.2運用主體公開金鑰保存機構511 3.3.2 Using the subject public key deposit institution 511

運用主體公開金鑰保存機構511係保存內容發送系統10b之運用主體具有之認證局裝置(未圖示)之公開金鑰561。公開金鑰561與內容發送系統10a之運用主體公開金鑰保存機構308保存之公開金鑰361相同。 The use main body public key storage means 511 holds a public key 561 of a certification authority device (not shown) which the operation body of the content distribution system 10b has. The public key 561 is the same as the public key 361 held by the application body public key storage unit 308 of the content distribution system 10a.

公開金鑰561係在標題金鑰發送証明書驗證機構512驗證標題金鑰發送証明書時使用。 The public key 561 is used when the title key transmission certificate verification unit 512 verifies the title key transmission certificate.

運用主體之公開金鑰561係預先被嵌入再生用資訊處理裝置104b者,但不受此限。例如、亦可由內容發送系統10b之運用主體之認證局裝置傳送公開金鑰561,再生用資訊處理裝置104b接收公開金鑰561,並且運用主體公開金鑰保存機構511記憶已接收之公開金鑰561。 The public key 561 of the main body is embedded in the information processing device 104b for reproduction in advance, but is not limited thereto. For example, the public key 561 may be transmitted by the authentication authority device of the application body of the content transmission system 10b, the reproduction information processing device 104b receives the public key 561, and the entity public key storage unit 511 is used to memorize the received public key 561. .

3.3.3標題金鑰發送証明書驗證機構512 3.3.3 Title Key Sending Certificate Verification Authority 512

標題金鑰發送証明書驗證機構512係由媒體間接收機構502取標題金鑰發送証明書1000。 The title key transmission certificate verification unit 512 receives the title key transmission certificate 1000 from the media-to-media receiving unit 502.

其次,係如以下所示,標題金鑰發送証明書驗證機構512驗證已取得之標題金鑰發送証明書1000。 Next, as shown below, the title key transmission certificate verification unit 512 verifies the obtained title key transmission certificate 1000.

標題金鑰發送証明書驗證機構512由運用主體公開金鑰保存機構511讀出運用主體之公開金鑰561。 The title key transmission certificate verification unit 512 reads out the public key 561 of the operation body from the operation subject public key storage unit 511.

其次,標題金鑰發送証明書驗證機構512由標題金鑰發送証明書1000提取發送伺服器裝置102b之公開金鑰証明書921,並使用已讀出之運用主體之公開金鑰561,驗證 已提取之公開金鑰証明書921。 Next, the title key transmission certificate verification unit 512 extracts the public key certificate 921 of the transmission server device 102b from the title key transmission certificate 1000, and verifies using the public key 561 of the read operation subject. The public key certificate 921 that has been extracted.

公開金鑰証明書921之驗證失敗時,標題金鑰發送証明書驗證機構512判定標題金鑰發送証明書1000為非法。此時,將標題金鑰發送証明書1000為非法之主旨的判定結果581往再生可否判定機構508輸出並結束。 When the verification of the public key certificate 921 fails, the title key transmission certificate verification unit 512 determines that the title key transmission certificate 1000 is illegal. At this time, the determination result 581 of the title key transmission certificate 1000 is illegal, and the reproduction possibility determination means 508 outputs and ends.

公開金鑰証明書921之驗證成功時,標題金鑰發送証明書驗證機構512由標題金鑰發送証明書1000提取簽章資訊1001,並由公開金鑰証明書921提取發送伺服器裝置102b之公開金鑰,並由媒體間接收機構502取得個別標題金鑰381及共通標題金鑰241,由媒體識別子取得機構510取得媒體識別子371,且依該順序結合個別標題金鑰381、共通標題金鑰241及媒體識別子371,生成結合體571,使用已提取之發送伺服器裝置102b之公開金鑰,對已生成之結合體571及已提取之簽章資訊1001施行簽章驗證。 When the verification of the public key certificate 921 is successful, the title key transmission certificate verification unit 512 extracts the signature information 1001 from the title key transmission certificate 1000, and extracts the disclosure of the transmission server device 102b from the public key certificate 921. The key is obtained by the media receiving unit 502, and the media title identifier 371 is acquired by the media identifier obtaining unit 510, and the individual title key 381 and the common title key 241 are combined in this order. And the media identifier 371, the combination 571 is generated, and the generated combination 571 and the extracted signature information 1001 are signature-verified using the public key of the extracted transmission server device 102b.

驗證失敗時,標題金鑰發送証明書驗證機構512判定為標題金鑰發送証明書1000非法。驗證成功時,判定為標題金鑰發送証明書1000為正確的。標題金鑰發送証明書驗證機構512將標題金鑰發送証明書1000為非法或正確之主旨之判定結果581往再生可否判定機構508輸出。 When the verification fails, the title key transmission certificate verification unit 512 determines that the title key transmission certificate 1000 is illegal. When the verification is successful, it is determined that the title key transmission certificate 1000 is correct. The title key transmission certificate verification unit 512 outputs the determination result 581 that the title key transmission certificate 1000 is illegal or correct to the reproduction possibility determination unit 508.

3.3.其他之構成要素 3.3. Other components

媒體間接收機構502由資訊記錄媒體裝置105b接受可專門的識別資訊記錄媒體裝置105b之媒體識別子371。又,資訊記錄媒體裝置105b由接受標題金鑰發送証明書1000。 The medium-to-media receiving unit 502 receives the media identifier 371 that can specifically identify the information recording medium device 105b by the information recording medium device 105b. Further, the information recording medium device 105b receives the title key transmission certificate 1000.

再生可否判定機構508由標題金鑰發送証明書驗證機構512接受判定結果581,判定結果581顯示為標題金鑰發送証明書1000非法時,進一步對再生機構509指示停止內容之再生處理。 When the title key transmission certificate verification unit 512 receives the determination result 581 and the determination result 581 is displayed as the title key transmission certificate 1000 is illegal, the reproduction possibility determination unit 508 further instructs the reproduction unit 509 to execute the reproduction processing of the stop content.

3.4資訊記錄媒體裝置105b之構成 3.4 Composition of information recording media device 105b

資訊記錄媒體裝置105b係如第34圖所示,由機器間傳送機構601、機器間接收機構602、媒體識別子保存機構603、運用主體公開金鑰保存機構604、私有金鑰保存機構605、公開金鑰証明書保存機構606、暗號通信路確立機構607、標題金鑰儲存機構608、內容儲存機構609、控制機構610及標題金鑰發送証明書儲存機構611構成。 As shown in FIG. 34, the information recording medium device 105b includes an inter-machine transfer unit 601, an inter-machine receiving unit 602, a media identifier storage unit 603, an operation subject public key storage unit 604, a private key storage unit 605, and a public fund. The key certificate storage unit 606, the secret communication path establishing unit 607, the title key storage unit 608, the content storage unit 609, the control unit 610, and the title key transmission certificate storage unit 611 are configured.

機器間傳送機構601、機器間接收機構602、媒體識別子保存機構603、運用主體公開金鑰保存機構604、私有金鑰保存機構605、公開金鑰証明書保存機構606、暗號通信路確立機構607、標題金鑰儲存機構608、內容儲存機構609及控制機構610具有與內容發送系統10a之資訊記錄媒體裝置105a對應之構成要素相同的構成。另一方面,標題金鑰發送証明書儲存機構611不存在於資訊記錄媒體裝置105a。 The inter-machine transfer unit 601, the inter-machine receiving unit 602, the media identifier storage unit 603, the operation main body public key storage unit 604, the private key storage unit 605, the public key certificate storage unit 606, the secret communication path establishing unit 607, The title key storage unit 608, the content storage unit 609, and the control unit 610 have the same configuration as the components corresponding to the information recording medium device 105a of the content distribution system 10a. On the other hand, the title key transmission certificate storage means 611 does not exist in the information recording medium device 105a.

再者,資訊記錄媒體裝置105b亦可與資訊記錄媒體裝置105a同樣為由CPU、RAM或ROM等之記憶體、快閃記憶體、記錄用資訊處理裝置103a或用以進行與再生用資訊處理裝置104b之資料的存取之介面電路等構成之記憶卡。此種情況下,標題金鑰發送証明書儲存機構611由快 閃記憶體所構成。當然不受此限。 Further, the information recording medium device 105b may be a memory such as a CPU, a RAM, or a ROM, a flash memory, a recording information processing device 103a, or an information processing device for reproduction, similarly to the information recording medium device 105a. A memory card composed of a interface circuit for accessing data of 104b. In this case, the title key transmission certificate storage mechanism 611 is fast Flash memory. Of course, this is not the limit.

在此,係以與資訊記錄媒體裝置105a之相異點為中心作說明。 Here, the description will be centered on the difference from the information recording medium device 105a.

3.4.1標題金鑰發送証明書儲存機構611 3.4.1 Title Key Sending Certificate Storage Organization 611

標題金鑰發送証明書儲存機構611具有用以保存標題金鑰發送証明書1000之區域。標題金鑰發送証明書1000係由發送伺服器裝置102b接收者。 The title key transmission certificate storage unit 611 has an area for holding the title key transmission certificate 1000. The title key transmission certificate 1000 is received by the transmission server device 102b.

3.4.2機器間接收機構602 3.4.2 Inter-machine receiving mechanism 602

機器間接收機構602係在內容發送時,由發送伺服器裝置102b接收標題金鑰發送証明書1000,並將已接收之標題金鑰發送証明書1000往標題金鑰發送証明書儲存機構611寫入。 The inter-machine receiving unit 602 receives the title key transmission certificate 1000 from the transmission server device 102b at the time of content transmission, and writes the received title key transmission certificate 1000 to the title key transmission certificate storage unit 611. .

3.4.3機器間傳送機構601 3.4.3 Machine-to-machine transfer mechanism 601

機器間傳送機構601係藉由控制機構610之控制,在內容再生時,由標題金鑰發送証明書儲存機構611讀出標題金鑰發送証明書1000,並將已讀出之標題金鑰發送証明書1000往再生用資訊處理裝置104b傳送。 The inter-machine transfer mechanism 601 is controlled by the control unit 610, and when the content is reproduced, the title key transmission certificate storage unit 611 reads out the title key transmission certificate 1000, and transmits the read title key. The book 1000 is transferred to the reproduction information processing device 104b.

3.5內容發送系統10b之動作 3.5 action of content delivery system 10b

在此,內容簽章生成伺服器裝置101a生成中間內容資料集242,傳送到發送伺服器裝置102b之「內容簽章生成」之動作、與發送伺服器裝置102b生成發送用內容資料集351,經由記錄用資訊處理裝置103a儲存於資訊記錄媒體裝置105b之「內容發送」之動作、與再生用資訊處理裝置104b由資訊記錄媒體裝置105b接收發送用內容資料集351 而再生之「內容再生」之動作中,關於「內容簽章生成」之動作與內容發送系統10a之動作相同,因此省略說明,以下,就「內容發送」及「內容再生」之各自的動作進行說明。 Here, the content signature generation server device 101a generates the intermediate content data set 242, transmits the "content signature generation" to the transmission server device 102b, and the transmission server device 102b generates the transmission content data set 351 via The operation of the "content transmission" stored in the information recording medium device 105b by the recording information processing device 103a and the transmission information processing device 104b receive the transmission content data set 351 from the information recording medium device 105b. In the operation of the "content registration" of the reproduction, the operation of the "content signature generation" is the same as the operation of the content distribution system 10a. Therefore, the description will be omitted. Hereinafter, the respective operations of "content transmission" and "content reproduction" are performed. Description.

(1)內容發送之動作 (1) Action of content transmission

在此,關於內容發送之動作,使用第35圖所示之順序圖加以說明。 Here, the operation of transmitting the content will be described using the sequence diagram shown in FIG.

記錄用資訊處理裝置103a往發送伺服器裝置102b傳送發送要求資訊321,發送伺服器裝置102b之機器間接收機構303接收發送要求資訊321(步驟S2001)。發送伺服器裝置102b之暗號通信路確立機構311與資訊記錄媒體裝置105b之暗號通信路確立機構607確立暗號通信路22(步驟S2002)。 The recording information processing device 103a transmits the transmission request information 321 to the transmission server device 102b, and the device-to-machine receiving mechanism 303 of the transmission server device 102b receives the transmission request information 321 (step S2001). The cipher communication path establishing unit 311 of the transmission server device 102b and the cipher communication path establishing unit 607 of the information recording medium device 105b establish the cipher communication path 22 (step S2002).

暗號通信路22確立時,資訊記錄媒體裝置105b之機器間傳送機構601使用暗號通信路,經由記錄用資訊處理裝置103a而將媒體識別子371往發送伺服器裝置102b傳送,發送伺服器裝置102b之機器間接收機構303接收媒體識別子371(步驟S2003)。 When the cipher communication path 22 is established, the inter-machine transmission unit 601 of the information recording medium device 105b transmits the media identification 371 to the transmission server device 102b via the recording information processing device 103a using the cipher communication path, and transmits the device of the server device 102b. The inter-receiving unit 303 receives the media identifier 371 (step S2003).

其次,發送伺服器裝置102b之個別標題金鑰生成機構305生成個別標題金鑰381(步驟S2004)。加密化機構306生成發送用加密化內容900(步驟S2005)。標題金鑰發送証明書生成機構312生成標題金鑰發送証明書1000(步驟S2006)。 Next, the individual title key generation unit 305 of the transmission server device 102b generates an individual title key 381 (step S2004). The encryption unit 306 generates the encrypted content 900 for transmission (step S2005). The title key transmission certificate generation unit 312 generates a title key transmission certificate 1000 (step S2006).

其次,發送伺服器裝置102b之機器間傳送機構302將 發送用內容資料集351及標題金鑰發送証明書1000經由記錄用資訊處理裝置103a而往資訊記錄媒體裝置105b傳送(步驟S2007)、資訊記錄媒體裝置105b之機器間接收機構602接收發送用內容資料集351及標題金鑰發送証明書1000(步驟S2007)、並將發送用內容資料集351及標題金鑰發送証明書1000寫入資訊記錄媒體裝置105b之內容儲存機構609(步驟S2008)。 Next, the inter-machine transfer mechanism 302 of the transmit server device 102b will The transmission content data set 351 and the title key transmission certificate 1000 are transmitted to the information recording medium device 105b via the recording information processing device 103a (step S2007), and the machine-to-machine receiving mechanism 602 of the information recording medium device 105b receives the transmission content data. The set 351 and the title key transmission certificate 1000 (step S2007), and the transmission content data set 351 and the title key transmission certificate 1000 are written in the content storage means 609 of the information recording medium device 105b (step S2008).

發送伺服器裝置102b之機器間傳送機構302使用暗號通信路22,經由記錄用資訊處理裝置103a而將個別標題金鑰381及共通標題金鑰241往資訊記錄媒體裝置105b傳送(步驟S2009)、資訊記錄媒體裝置105b之機器間接收機構602使用暗號通信路22接收個別標題金鑰381及共通標題金鑰241(步驟S2009)、並將個別標題金鑰381及共通標題金鑰241寫入資訊記錄媒體裝置105b之標題金鑰儲存機構608(步驟S2010)。 The inter-machine transfer unit 302 of the transmission server device 102b transmits the individual title key 381 and the common title key 241 to the information recording medium device 105b via the recording information processing device 103a using the secret communication path 22 (step S2009), information. The inter-machine receiving unit 602 of the recording medium device 105b receives the individual title key 381 and the common title key 241 using the secret communication path 22 (step S2009), and writes the individual title key 381 and the common title key 241 to the information recording medium. The title key storage unit 608 of the device 105b (step S2010).

(2)內容再生之動作 (2) The action of content regeneration

在此,關於內容再生之動作使用第36圖所示之順序圖加以說明。 Here, the operation of content reproduction will be described using a sequence diagram shown in FIG.

再生用資訊處理裝置104b之媒體間傳送機構501往資訊記錄媒體裝置105b傳送傳送指示551,資訊記錄媒體裝置105b之機器間接收機構602接收傳送指示551(步驟S2101)。 The inter-media transfer unit 501 of the reproduction information processing device 104b transmits a transfer instruction 551 to the information recording medium device 105b, and the inter-machine receiving unit 602 of the information recording medium device 105b receives the transfer instruction 551 (step S2101).

其次,資訊記錄媒體裝置105b之機器間傳送機構601往再生用資訊處理裝置104b傳送個別標題金鑰381、共通 標題金鑰241、發送用內容資料集351、標題金鑰發送証明書1000及媒體識別子371,並且再生用資訊處理裝置104b之媒體間接收機構502接收個別標題金鑰381、共通標題金鑰241、發送用內容資料集351、標題金鑰發送証明書1000及媒體識別子371(步驟S2102)。 Next, the inter-machine transfer unit 601 of the information recording medium device 105b transmits the individual title key 381 to the reproduction information processing device 104b, and shares the common The title key 241, the transmission content data set 351, the title key transmission certificate 1000, and the media identifier 371, and the media-to-media receiving unit 502 of the reproduction information processing device 104b receives the individual title key 381, the common title key 241, The transmission content data set 351, the title key transmission certificate 1000, and the media identifier 371 (step S2102).

其次,再生用資訊處理裝置104b之媒體識別子取得機構510取得媒體識別子371(步驟S2103)。再生用資訊處理裝置104b之標題金鑰發送証明書驗證機構512驗證標題金鑰發送証明書1000(步驟S2104)。驗證之結果,判定為標題金鑰發送証明書非法時(在步驟S2104為「証明書非法」),再生機構509停止內容之再生處理。判定標題金鑰發送証明書為正確時,(在步驟S2104為「証明書正確」),則再生用資訊處理裝置104b之替換結合體生成機構506生成替換結合體(步驟S2105)。再生用資訊處理裝置104b之簽章驗證機構507使用已生成之替換結合體與簽章資訊進行簽章驗證,因應於簽章驗證結果,再生可否判定機構508判定再生可否(步驟S2106)。簽章驗證之結果、若驗證失敗時(在步驟S2106為「驗證失敗」),再生機構509則停止內容之再生處理。驗證成功時,(在步驟S2106為「驗證成功」),再生用資訊處理裝置104b之標題金鑰取得機構503則取得標題金鑰,並且解密化機構504使用已取得之標題金鑰將發送用加密化內容解密化(步驟S2107)。再生用資訊處理裝置104b之再生機構509將業已生成之解密內容再生(步驟S2108)。 Next, the media identifier acquisition unit 510 of the reproduction information processing device 104b acquires the media identifier 371 (step S2103). The title key transmission certificate verification unit 512 of the reproduction information processing device 104b verifies the title key transmission certificate 1000 (step S2104). If it is determined that the title key transmission certificate is illegal (in step S2104, "the certificate is illegal"), the reproduction unit 509 stops the content reproduction processing. When it is determined that the title key transmission certificate is correct ("the certificate is correct" in step S2104), the replacement combination generating means 506 of the reproduction information processing device 104b generates the replacement combination (step S2105). The signature verification unit 507 of the reproduction information processing device 104b performs signature verification using the generated replacement combination and the signature information, and the reproduction possibility determination unit 508 determines whether or not the reproduction is possible in response to the signature verification result (step S2106). If the result of the signature verification is unsuccessful (in the case of "verification failure" in step S2106), the reproduction means 509 stops the reproduction processing of the content. When the verification is successful ("verification succeeded" in step S2106), the title key acquisition means 503 of the reproduction information processing apparatus 104b acquires the title key, and the decryption means 504 encrypts the transmission using the acquired title key. The content is decrypted (step S2107). The reproduction unit 509 of the reproduction information processing device 104b reproduces the decrypted content that has been generated (step S2108).

3.6內容發送系統10b之效果 3.6 effect of content delivery system 10b

內容發送系統10b與內容發送系統10a同樣,使用個別標題金鑰381與共通標題金鑰241之兩方,並且在使用共通標題金鑰241時,則對使用共通標題金鑰241而加密化之單元生成單元散列值,使用個別標題金鑰381時,則對明文單元生成單元散列值,藉此防止攻撃者之攻撃,並且具有可預先生成內容之簽章資訊的效果。 Similarly to the content distribution system 10a, the content transmission system 10b uses both the individual title key 381 and the common title key 241, and when the common title key 241 is used, the unit that is encrypted using the common title key 241 is used. When the cell hash value is generated and the individual title key 381 is used, the cell is generated by hashing the value to the plaintext unit, thereby preventing the attacker from attacking and having the effect of pre-generating the signature information of the content.

又,內容發送系統10b中係將標題金鑰發送証明書儲存於資訊記錄媒體裝置。藉再生用資訊處理裝置對標題金鑰發送証明書進行驗證,可驗證儲存有標題金鑰之資訊記錄媒體裝置之媒體識別子為正確之情況。藉此,僅儲存於內容為正確之資訊記錄媒體裝置時可再生。因此,萬一攻撃者可將標題金鑰或發送用內容資料集直接寫入其他資訊記錄媒體裝置時,亦可藉由再生用資訊處理裝置對標題金鑰發送証明書進行驗證,而可停止記錄於非法資訊記錄媒體裝置之內容再生。 Further, in the content distribution system 10b, the title key transmission certificate is stored in the information recording medium device. By verifying the title key transmission certificate by the reproduction information processing apparatus, it is possible to verify that the media identifier of the information recording medium device storing the title key is correct. Thereby, it can be reproduced only when it is stored in the information recording medium device whose content is correct. Therefore, in the event that the attacker can directly write the title key or the content data set for transmission to another information recording medium device, the title information transmission certificate can be verified by the information processing device for reproduction, and the recording can be stopped. The content of the illegal information recording media device is reproduced.

4.實施形態4 4. Embodiment 4

在此,內容發送系統10a及內容發送系統10b之變形例係就作為本發明之實施形態4內容發送系統10c,參照圖式加以說明。 Here, a modification of the content distribution system 10a and the content transmission system 10b will be described as a content transmission system 10c according to the fourth embodiment of the present invention with reference to the drawings.

4.1內容發送系統10c之全體構成 4.1 The whole composition of the content transmission system 10c

內容發送系統10c係如第37圖所示,由內容簽章生成伺服器裝置101c、發送伺服器裝置102c、記錄用資訊處理裝置103a、資訊記錄媒體裝置105b及再生用資訊處理裝置 104c構成。在此,內容簽章生成伺服器裝置101c及發送伺服器裝置102c構成內容發送子系統30c(未圖示)。 The content transmission system 10c is composed of a content signature generation server device 101c, a transmission server device 102c, a recording information processing device 103a, an information recording medium device 105b, and a reproduction information processing device as shown in Fig. 37. 104c constitutes. Here, the content signature generation server device 101c and the transmission server device 102c constitute a content transmission subsystem 30c (not shown).

記錄用資訊處理裝置103a具有與內容發送系統10a之記錄用資訊處理裝置103a同樣的構成,資訊記錄媒體裝置105b具有與內容發送系統10b之資訊記錄媒體裝置105b同樣的構成。 The recording information processing device 103a has the same configuration as the recording information processing device 103a of the content transmission system 10a, and the information recording medium device 105b has the same configuration as the information recording medium device 105b of the content transmission system 10b.

又,內容簽章生成伺服器裝置101c具有與內容發送系統10a之內容簽章生成伺服器裝置101a類似之構成,發送伺服器裝置102c具有與內容發送系統10b之發送伺服器裝置102b類似之構成,再生用資訊處理裝置104c具有與內容發送系統10b之再生用資訊處理裝置104b類似之構成。 Further, the content signature generation server device 101c has a configuration similar to that of the content signature generation server device 101a of the content distribution system 10a, and the transmission server device 102c has a configuration similar to that of the transmission server device 102b of the content transmission system 10b. The reproduction information processing device 104c has a configuration similar to that of the reproduction information processing device 104b of the content transmission system 10b.

在此,就各個裝置,以相異點為中心加以說明。 Here, each device will be described focusing on the difference point.

4.2內容簽章生成伺服器裝置101c之構成 4.2 Content signature generation server device 101c

內容簽章生成伺服器裝置101c係如第38圖所示,由內容保存機構201、儲存機構202、機器間傳送機構203、單元生成機構204c、共通標題金鑰生成機構205、加密化機構206c、標頭資訊生成機構207c、簽章金鑰保存機構208、簽章生成機構209c、數位浮水印(watermark)嵌入機構210及控制機構211所構成。 As shown in FIG. 38, the content signature generation server device 101c includes a content storage unit 201, a storage unit 202, an inter-machine transfer unit 203, a unit generation unit 204c, a common title key generation unit 205, and an encryption unit 206c. The header information generating unit 207c, the signature key storing unit 208, the signature generating unit 209c, the digital watermark embedding unit 210, and the control unit 211 are configured.

在此,內容保存機構201、儲存機構202、機器間傳送機構203、共通標題金鑰生成機構205、簽章金鑰保存機構208及控制機構211分別具有與內容簽章生成伺服器裝置101a之內容保存機構201、儲存機構202、機器間傳送機構203、共通標題金鑰生成機構205、簽章金鑰保存機構208 及控制機構211同樣的構成。 Here, the content storage unit 201, the storage unit 202, the inter-machine transfer unit 203, the common title key generation unit 205, the signature key storage unit 208, and the control unit 211 respectively have contents associated with the content signature generation server device 101a. The storage mechanism 201, the storage mechanism 202, the inter-machine transfer mechanism 203, the common title key generation unit 205, and the signature key storage mechanism 208 The same configuration as the control unit 211.

又,單元生成機構204c、加密化機構206c、標頭資訊生成機構207c及簽章生成機構209c分別具有與內容簽章生成伺服器裝置101a之單元生成機構204a、加密化機構206a、標頭資訊生成機構207a及簽章生成機構209a類似之構成。 Further, the unit generation unit 204c, the encryption unit 206c, the header information generation unit 207c, and the signature generation unit 209c respectively have a unit generation unit 204a, an encryption unit 206a, and a header information generation with the content signature generation server device 101a. The mechanism 207a and the signature generating unit 209a are similarly constructed.

又,數位浮水印嵌入機構210在內容簽章生成伺服器裝置101a不作為構成要素存在。 Further, the digital watermark embedding mechanism 210 does not exist as a constituent element in the content signature creation server device 101a.

在此,分別就各個構成要素以相異點為中心說明。 Here, each component is described with respect to each component as a center.

在此,內容簽章生成伺服器裝置101c與內容簽章生成伺服器裝置101a同樣亦可為由CPU、記憶體、二次記憶裝置、網際網路介面電路等構成之PC。此種情況下,數位浮水印嵌入機構210係由CPU及在其上動作之程式所構成。當然本實施形態不受限於該等者。 Here, the content signature generation server device 101c may be a PC composed of a CPU, a memory, a secondary memory device, an internet interface circuit, or the like, similarly to the content signature generation server device 101a. In this case, the digital watermark embedding mechanism 210 is composed of a CPU and a program that operates thereon. Of course, this embodiment is not limited to these.

內容簽章生成伺服器裝置101c係如以下所說明,往發送伺服器裝置102c傳送中間內容資料集242c。中間內容資料集242c與內容發送系統10a之中間內容資料集242不同,係如後述般,包含有單元選出資訊780、加密化附有WM內容1201、附有WM標頭資訊1251及簽章資訊1300。 The content signature generation server device 101c transmits the intermediate content data set 242c to the transmission server device 102c as explained below. The intermediate content data set 242c is different from the intermediate content data set 242 of the content distribution system 10a, and includes unit selection information 780, encrypted WM content 1201, WM header information 1251, and signature information 1300, as will be described later. .

4.2.1單元生成機構204c 4.2.1 unit generation mechanism 204c

單元生成機構204c與內容簽章生成伺服器裝置101a之單元生成機構204同樣生成分割內容721及單元選出資訊780。 The unit generation unit 204c generates the divided content 721 and the unit selection information 780 in the same manner as the unit generation unit 204 of the content signature generation server device 101a.

單元生成機構204c將已生成之分割內容721往數位浮 水印嵌入機構210輸出。又,單元生成機構204c將已生成之單元選出資訊780往簽章生成機構209c輸出,並將已生成之單元選出資訊780作為中間內容資料集242c之一部份往儲存機構202寫入。 The unit generating unit 204c floats the generated divided content 721 to the digital position The watermark embedding mechanism 210 outputs. Further, the unit generation unit 204c outputs the generated unit selection information 780 to the signature generation unit 209c, and writes the generated unit selection information 780 as a part of the intermediate content data set 242c to the storage unit 202.

4.2.2數位浮水印嵌入機構210 4.2.2 Digital Watermark Embedding Mechanism 210

數位浮水印嵌入機構210係由單元生成機構204c接受分割內容721,並使用接受之分割內容721,生成第39圖中作為一例顯示之附有WM分割內容1100。以下就附有WM分割內容1100之生成流程加以說明。 The digital watermark embedding unit 210 receives the divided content 721 by the unit generating unit 204c, and uses the received divided content 721 to generate the WM divided content 1100 displayed as an example in FIG. The following is a description of the generation flow of the WM split content 1100.

數位浮水印嵌入機構210之其中一例係由第5圖所示之分割內容721提取分割檔案751「splCNT1」、分割檔案「splCNT2」、‧‧‧、分割檔案「splCNTc」,並由已提取之分割檔案751「splCNT1」、分割檔案「splCNT2」、‧‧‧、分割檔案「splCNTc」,分別生成附有WM分割檔案1131「WsplCNT1」、附有WM分割檔案「WsplCNT2」、‧‧‧、附有WM分割檔案「WsplCNTc」。關於各附有WM分割檔案之生成流程則於後敘述。 One of the digital watermark embedding mechanisms 210 extracts the divided file 751 "splCNT1", the divided file "splCNT2", the ‧ ‧ and the divided file "splCNTc" from the divided content 721 shown in FIG. 5, and is extracted by the extracted File 751 "splCNT1", split file "splCNT2", ‧‧‧, split file "splCNTc", respectively, are generated with WM split file 1131 "WsplCNT1", WM split file "WsplCNT2", ‧‧‧, with WM Split the file "WsplCNTc". The generation flow of each WM split file is described later.

數位浮水印嵌入機構210進一步由分割內容721內之各個分割檔案資訊,提取檔案識別子741「FID1」、檔案識別子「FID2」、‧‧‧、檔案識別子「FIDc」。其次,生成包含已提取之檔案識別子741「FID1」(第39圖顯示為檔案識別子1121)與已生成之附有WM分割檔案1131「WsplCNT1」之附有WM分割檔案資訊1111「WsplFI1」。同樣地,檔案識別子「FID2」、‧‧‧、檔案識別子「FIDc」 之各個生成包含檔案識別子與附有WM分割檔案之附有WM分割檔案資訊。 The digital watermark embedding unit 210 further extracts the file identifier 741 "FID1", the file identifier "FID2", the ‧ ‧ and the file identifier "FIDc" from the divided file information in the divided content 721. Next, the WM split file information 1111 "WsplFI1" including the extracted file identifier 741 "FID1" (shown as file identifier 1121 in Fig. 39) and the generated WM split file 1131 "WsplCNT1" is generated. Similarly, the file identifier "FID2", ‧‧‧, file identifier "FIDc" Each of the generations includes a file identifier and a WM split file information with a WM split file attached.

如此,數位浮水印嵌入機構210係如第39圖所示,生成c個附有WM分割檔案資訊1111、1112、1113、1114、‧‧‧、1115,並生成包含已生成之c個之附有WM分割檔案資訊1111、1112、1113、1114、‧‧‧、1115之附有WM分割內容1100。其次,數位浮水印嵌入機構210將已生成之附有WM分割內容1100往加密化機構206c輸出。 In this manner, the digital watermark embedding mechanism 210 generates c attached file information 1111, 1112, 1113, 1114, ‧ ‧ , 1115, and generates the c-generated ones as shown in FIG. 39 The WM split file information 1111, 1112, 1113, 1114, ‧ ‧ , 1115 is accompanied by WM split content 1100. Next, the digital watermark embedding unit 210 outputs the generated WM divided content 1100 to the encryption unit 206c.

如第39圖之其中一例所示,附有WM分割檔案資訊1111「WsplFI1」包含檔案識別子1121「FID1」及附有WM分割檔案1131「WsplCNT1」,附有WM分割檔案資訊1112「WsplFI2」包含檔案識別子「FID2」及附有WM分割檔案「WsplCNT2」,附有WM分割檔案資訊1113「WsplFI3」包含檔案識別子「FID3」及附有WM分割檔案「WsplCNT3」,附有WM分割檔案資訊1114「WsplFI4」包含檔案識別子「FID4」及附有WM分割檔案「WsplCNT4」,附有WM分割檔案資訊1115「WsplFIc」包含檔案識別子「FIDc」及附有WM分割檔案「WsplCNTc」。 As shown in the example in Figure 39, the WM split file information 1111 "WsplFI1" includes the file identifier 1121 "FID1" and the WM split file 1131 "WsplCNT1", and the WM split file information 1112 "WsplFI2" contains the file. The identifier "FID2" and the WM split file "WsplCNT2" are attached, and the WM split file information 1113 "WsplFI3" includes the file identifier "FID3" and the WM split file "WsplCNT3" with WM split file information 1114 "WsplFI4" Includes file identifier "FID4" and WM split file "WsplCNT4" with WM split file information 1115 "WsplFIc" including file identifier "FIDc" and WM split file "WsplCNTc".

(附有WM分割檔案之生成) (with the generation of WM split files)

其次,以下顯示數位浮水印嵌入機構210進行之附有WM分割檔案之生成流程。再者,由於各個附有WM分割檔案1131「WsplCNT1」、附有WM分割檔案「WsplCNT2」、‧‧‧、附有WM分割檔案「WsplCNTc」之生成流程相同, 因此以下以附有WM分割檔案1131「WsplCNT1」之生成流程為代表進行說明。 Next, the generation process of the WM split file with the digital watermark embedding mechanism 210 is shown below. In addition, since the WM split file 1131 "WsplCNT1", the WM split file "WsplCNT2", ‧‧‧, and the WM split file "WsplCNTc" are generated, the flow is the same. Therefore, the following is a description of the generation flow of the WM split file 1131 "WsplCNT1".

第40圖係顯示數位浮水印嵌入機構210進行之附有WM分割檔案1131「WsplCNT1」之生成流程之概要。 Fig. 40 is a view showing an outline of a flow of generation of the WM split file 1131 "WsplCNT1" by the digital watermark embedding unit 210.

數位浮水印嵌入機構210由分割檔案751提取單元資訊761、762、763、764、‧‧‧、765,並就已提取之單元資訊761、762、763、764、‧‧‧、765之各個生成附有WM單元資訊1141、1142、1143、1144、‧‧‧、1145。其次,生成包含附有WM單元資訊1141、1142、1143、1144、‧‧‧、1145之附有WM分割檔案1131。 The digital watermark embedding mechanism 210 extracts unit information 761, 762, 763, 764, ‧‧‧, 765 from the divided file 751, and generates each of the extracted unit information 761, 762, 763, 764, ‧ ‧, 765 WM unit information 1141, 1142, 1143, 1144, ‧ ‧ and 1145 are attached. Next, a WM split file 1131 including the WM unit information 1141, 1142, 1143, 1144, ‧‧, 1145 is generated.

(附有WM單元資訊之生成) (with the generation of WM unit information)

其次,說明由各單元資訊生成附有WM單元資訊之流程。 Next, a flow of generating information accompanying the WM unit from each unit information will be described.

數位浮水印嵌入機構210由分割檔案751提取一個單元資訊,並由已提取之單元資訊提取標題金鑰旗標資訊。其次,判定已提取之標題金鑰旗標資訊為「0」及「1」之哪一者。 The digital watermark embedding mechanism 210 extracts a unit information from the divided file 751, and extracts the title key flag information from the extracted unit information. Next, it is determined which of the extracted title key flag information is "0" and "1".

判定標題金鑰旗標資訊為「1」時,數位浮水印嵌入機構210由單元資訊提取單元,並於已提取之單元嵌入1種數位浮水印WM,生成嵌入有數位浮水印WM之附有WM單元。再者,關於嵌入數位浮水印WM之方法為眾所皆知,因此省略說明。在上述嵌入之數位浮水印WM只要為可檢出者,可為任一種。其次,由單元資訊提取單元識別子,生成包含已提取之單元識別子、已提取之標題金鑰旗標資 訊、已提取之單元及已生成之附有WM單元之附有WM單元資訊。 When it is determined that the title key flag information is "1", the digital watermark embedding mechanism 210 is configured by the unit information extracting unit, and embeds a digital watermark WM in the extracted unit to generate a WM embedded with the digital watermark WM. unit. Furthermore, the method of embedding the digital watermark WM is well known, and thus the description is omitted. The digital watermark WM embedded in the above may be any one as long as it is detectable. Secondly, the unit information extracting unit recognizes the child, and generates the extracted unit identifier, and the extracted title key flag. The information, the extracted unit and the generated WM unit with attached WM unit information.

若判定標題金鑰旗標資訊為「0」時,數位浮水印嵌入機構210由單元資訊提取單元及單元識別子,生成包含已提取之單元識別子、已提取之標題金鑰旗標資訊及已提取之單元之附有WM單元資訊。 If it is determined that the title key flag information is "0", the digital watermark embedding mechanism 210 generates the extracted unit identifier, the extracted title key flag information, and the extracted information by the unit information extracting unit and the unit identifier. The unit is accompanied by WM unit information.

使用第40圖所示之例,具體說明數位浮水印嵌入機構210進行之附有WM單元資訊之生成。 The generation of the WM unit information by the digital watermark embedding mechanism 210 will be specifically described using the example shown in FIG.

如第40圖所示,單元資訊761所含之標題金鑰旗標資訊772為「1」,因此數位浮水印嵌入機構210將數位浮水印WM嵌入單元資訊761所含之單元773,生成附有WM單元1151,並生成包含單元資訊761所含之單元識別子771、標題金鑰旗標資訊772、單元773及已生成之附有WM單元1151之附有WM單元資訊1141。 As shown in FIG. 40, the title key flag information 772 included in the unit information 761 is "1", so the digital watermark embedding mechanism 210 embeds the digital watermark WM into the unit 773 included in the unit information 761, and generates the attached unit 761. The WM unit 1151 generates the unit identifier 771 included in the unit information 761, the title key flag information 772, the unit 773, and the generated WM unit information 1141 attached to the WM unit 1151.

又,單元資訊762所含之標題金鑰旗標資訊782為「0」,因此數位浮水印嵌入機構210生成包含單元資訊762所含之單元識別子781、標題金鑰旗標資訊782及單元774之附有WM單元資訊1142。 Moreover, the title key flag information 782 included in the unit information 762 is "0", so the digital watermark embedding mechanism 210 generates the unit identifier 781, the title key flag information 782, and the unit 774 included in the unit information 762. WM unit information 1142 is attached.

4.2.3加密化機構206c 4.2.3 Encryption Mechanism 206c

加密化機構206由共通標題金鑰生成機構205接受共通標題金鑰241「CTK」。又,加密化機構206c由數位浮水印嵌入機構210接受附有WM分割內容1100。 The encryption unit 206 receives the common title key 241 "CTK" from the common title key generation unit 205. Further, the encryption unit 206c receives the WM divided content 1100 by the digital watermark embedding unit 210.

加密化機構206c由數位浮水印嵌入機構210接受附有WM分割內容1100時,由附有WM分割內容1100提取附 有WM分割檔案1131、1132、1133、‧‧‧、1135,並使用已提取之附有WM分割檔案1131、1132、1133、‧‧‧、1135之各個,如以下所示般,生成加密化附有WM分割檔案1161、1162、1163、‧‧‧、1164。 When the encryption unit 206c receives the WM divided content 1100 by the digital watermark embedding mechanism 210, it is extracted by the WM-divided content 1100. There are WM split files 1131, 1132, 1133, ‧ ‧ and 1135, and each of the extracted WM split files 1131, 1132, 1133, ‧ ‧ and 1135 is used, and the encryption is generated as shown below There are WM split files 1161, 1162, 1163, ‧ ‧ and 1164

(加密化附有WM分割檔案之生成) (Encryption with WM split file generation)

關於加密化機構206c進行之加密化附有WM分割檔案之生成概要,使用第41圖加以說明。再者,在此,以使用附有WM分割檔案1131生成加密化附有WM分割檔案1161之流程為代表進行說明。加密化附有WM分割檔案1162、1163、‧‧‧、1164之生成流程相同,因此省略說明。 The encryption of the encryption unit 206c is accompanied by a summary of the generation of the WM split file, which will be described using FIG. Here, the flow of generating the encrypted WM-divided file 1161 by using the WM-divided file 1131 will be described as a representative. Since the generation process of the encrypted WM divided files 1162, 1163, ‧‧, and 1164 is the same, the description is omitted.

加密化機構206c由附有WM分割檔案1131提取附有WM單元資訊1141、1142、1143、1144、‧‧‧、1145,並使用已提取之附有WM單元資訊1141、1142、1143、1144、‧‧‧、1145之各個,如以下所示,生成加密化附有WM單元資訊1171、1172、1173、1174、‧‧‧、1175。其次,生成包含已生成之加密化附有WM單元資訊1171、1172、1173、1174、‧‧‧、1175之加密化附有WM分割檔案1161。 The encryption unit 206c extracts the WM unit information 1141, 1142, 1143, 1144, ‧‧‧, 1145 from the attached WM split file 1131, and uses the extracted WM unit information 1141, 1142, 1143, 1144, ‧ Each of ‧ and 1145, as shown below, generates encryption with WM unit information 1171, 1172, 1173, 1174, ‧‧‧, 1175 Next, an encrypted WM-separated file 1161 containing the generated encryption-encoded WM unit information 1171, 1172, 1173, 1174, ‧‧, 1175 is generated.

(加密化附有WM單元資訊之生成) (Encryption is accompanied by the generation of WM unit information)

加密化機構206c由附有WM單元資訊提取標題金鑰旗標資訊,判定已提取之標題金鑰旗標資訊為「0」或為「1」。 The encryption unit 206c extracts the title key flag information from the WM unit information, and determines that the extracted title key flag information is "0" or "1".

判定已提取之標題金鑰旗標資訊為「0」時,此時意味著使用了個別標題金鑰381之加密化,因此在此不進行加密化,加密化機構206c由附有WM單元資訊提取單元識別子及單元,將已提取之單元直接作為加密化單元,生成包 含單元識別子、標題金鑰旗標資訊及加密化單元之加密化附有WM單元資訊。因此,此時,附有WM單元資訊與由該附有WM單元資訊生成之加密化附有WM單元資訊具有相同內容。 When it is determined that the extracted title key flag information is "0", this means that the encryption of the individual title key 381 is used, so that encryption is not performed here, and the encryption mechanism 206c is extracted by the WM unit information. Unit identification sub-unit and unit, the extracted unit is directly used as an encryption unit to generate a package The encryption of the unit identifier, the title key flag information, and the encryption unit is accompanied by WM unit information. Therefore, at this time, the WM unit information is attached to the WM unit information generated by the WM unit information and has the same content.

判定已提取之標題金鑰旗標資訊為「1」時,此時由於意味著使用了共通標題金鑰241之加密化,因此加密化機構206c由附有WM單元資訊提取單元識別子、單元及附有WM單元。其次,使用共通標題金鑰241「CTK」,對已提取之單元施行加密演算法Enc,並生成加密化單元,使用共通標題金鑰241「CTK」對已提取之附有WM單元施行加密演算法Enc,生成加密化附有WM單元。 When it is determined that the extracted title key flag information is "1", at this time, since the encryption of the common title key 241 is used, the encryption means 206c is provided with the WM unit information extraction unit identifier, unit and attached. There are WM units. Next, using the common title key 241 "CTK", the encrypted algorithm Enc is performed on the extracted unit, and an encryption unit is generated, and the extracted WM unit is encrypted using the common title key 241 "CTK". Enc, generated encryption with WM unit.

在此,EU1_1=Enc(CTK,U1_1)、EWU_1=Enc(CTK,WU1_1)。 Here, EU1_1=Enc(CTK, U1_1), EWU_1=Enc(CTK, WU1_1).

再者,加密演算法Enc使用公開金鑰暗號時,在加密化時,係使用共通標題公開金鑰「CTPK」,而非共通標題金鑰241「CTK」。 Furthermore, when the encryption algorithm Enc uses the public key cipher, the common title public key "CTPK" is used instead of the common title key 241 "CTK" at the time of encryption.

其次,加密化機構206c生成包含單元識別子、標題金鑰旗標資訊、加密化單元及加密化附有WM單元之加密化附有WM單元資訊。 Next, the encryption unit 206c generates the encryption-attached WM unit information including the unit identifier, the title key flag information, the encryption unit, and the encryption-attached WM unit.

如第41圖所示,由附有WM分割檔案1131「WsplCNT1」藉由上述流程生成之加密化附有WM分割檔案1161「EWsplCNT1」包含有m個加密化附有WM單元資訊1171「EWUI1_1」、加密化附有WM單元資訊1172「EWUI1_2」、加密化附有WM單元資訊1173「EWUI1_3」、 ‧‧‧、加密化附有WM單元資訊1175「EWUI1_m」。 As shown in Fig. 41, the WM split file 1161 "EWsplCNT1" which is encrypted by the above-described flow with the WM split file 1131 "WsplCNT1" includes m encryptions with WM unit information 1171 "EWUI1_1", Encrypted with WM unit information 1172 "EWUI1_2", encrypted with WM unit information 1173 "EWUI1_3", ‧‧‧ Encrypted with WM unit information 1175 "EWUI1_m".

各加密化附有WM單元資訊「EWUI1_i」(i為1到m的整數)係以構成附有WM分割檔案1131「splCNT1」之各附有WM單元資訊「WUI1_i」為基礎而生成者。標題金鑰旗標資訊「TKFI1_i」為「0」時,各加密化附有WM單元資訊「EWUI1_i」包含單元識別子「UID1_i」、標題金鑰旗標資訊「TKFI1_i」及加密化單元「EU1_i」。標題金鑰旗標資訊「TKFI1_i」為「1」時,各加密化附有WM單元資訊「EWUI1_i」包含單元識別子「UID1_i」、標題金鑰旗標資訊「TKFI1_i」、加密化單元「EU1_i」及加密化附有WM單元「EWU1_i」。 Each of the encryption-encoded WM unit information "EWUI1_i" (i is an integer of 1 to m) is generated based on the WM unit information "WUI1_i" attached to each of the WM-division files 1131 "splCNT1". When the title key flag information "TKFI1_i" is "0", the encryption-attached WM unit information "EWUI1_i" includes the unit identifier "UID1_i", the title key flag information "TKFI1_i", and the encryption unit "EU1_i". When the title key flag information "TKFI1_i" is "1", the encryption-attached WM unit information "EWUI1_i" includes the unit identifier "UID1_i", the title key flag information "TKFI1_i", the encryption unit "EU1_i", and Encryption is accompanied by the WM unit "EWU1_i".

(加密化附有WM內容1201之生成) (Encryption is accompanied by the generation of WM content 1201)

加密化機構206c由已生成之加密化附有WM分割檔案1161、1162、1163、‧‧‧、1164之各個,如以下所示,生成加密化附有WM檔案1211、1212、1213、‧‧‧、1214,並如第42圖所示,生成包含已生成之加密化附有WM檔案1211、1212、1213、‧‧‧、1214之加密化附有WM內容1201。其次,加密化機構206c將已生成之加密化附有WM內容1201作為中間內容資料集242c之一部份寫入儲存機構202。 The encryption unit 206c is provided with each of the WM divided files 1161, 1162, 1163, ‧‧‧, 1164, which are encrypted, and are generated as shown below, with the WM files 1211, 1212, 1213, ‧ ‧ And 1214, and as shown in FIG. 42, generating the encrypted WM content 1201 including the generated encrypted WM files 1211, 1212, 1213, ‧‧, 1214. Next, the encryption mechanism 206c writes the generated encrypted WM content 1201 as part of the intermediate content data set 242c to the storage mechanism 202.

加密化附有WM內容1201係如第42圖所示,包含有c個加密化附有WM檔案1211「EWCNT1」、加密化附有WM檔案1212「EWCNT2」、加密化附有WM檔案1213「EWCNT3」、‧‧‧、加密化附有WM檔案1214「EWCNTc」。 Encrypted with WM content 1201, as shown in Fig. 42, includes c encryption with WM file 1211 "EWCNT1", encryption with WM file 1212 "EWCNT2", and encryption with WM file 1213 "EWCNT3" ‧ ‧ ‧ Encrypted with WM file 1214 "EWCNTc"

(加密化附有WM檔案之生成) (Encryption with the generation of WM files)

加密化機構206c由構成已生成之加密化附有WM分割檔案1161「EWsplCNT1」之各加密化附有WM單元資訊「EWUI1_i」(i為1到m的整數),若標題金鑰旗標資訊「TKFI1_i」為「0」時,則提取加密化單元「EU1_i」,若標題金鑰旗標資訊「TKFI1_i」為「1」,則提取加密化單元「EU1_i」及加密化附有WM單元「EWU1_i」。如此,生成包含已提取之加密化單元及加密化附有WM單元之加密化附有WM檔案1211「EWCNT1」。 The encryption unit 206c is provided with the WM unit information "EWUI1_i" (i is an integer from 1 to m) constituting each of the encrypted encryption-attached WM-divided files 1161 "EWsplCNT1", if the title key flag information " When TKFI1_i" is "0", the encryption unit "EU1_i" is extracted, and if the title key flag information "TKFI1_i" is "1", the encryption unit "EU1_i" is extracted and the WM unit "EWU1_i" is encrypted. . In this way, an encrypted encrypted unit including the extracted WM unit and an encrypted encrypted WM file 1211 "EWCNT1" are generated.

在此,加密化附有WM檔案1211「EWCNT1」係如第41圖所示,包含加密化單元1181、加密化附有WM單元1182、加密化單元1183、加密化單元1184、加密化附有WM單元1185、加密化單元1186、‧‧‧、加密化單元1187及加密化附有WM單元1188。 Here, the encrypted WM file 1211 "EWCNT1" is shown in FIG. 41, and includes an encryption unit 1181, an encryption-attached WM unit 1182, an encryption unit 1183, an encryption unit 1184, and an encryption with WM. Unit 1185, encryption unit 1186, ‧‧‧, encryption unit 1187, and encryption are attached with WM unit 1188.

同樣地,加密化機構206c生成加密化附有WM檔案1212、1213、‧‧‧、1214。 Similarly, the encryption mechanism 206c generates encryption with WM files 1212, 1213, ‧‧‧, 1214.

在此,各加密化附有WM檔案「EWCNTj」(j為1到c的整數)包含複數之加密化單元,進一步包含複數之加密化附有WM單元。 Here, each encryption is accompanied by a WM file "EWCNTj" (j is an integer from 1 to c) including a plurality of encryption units, and further includes a plurality of encryptions attached to the WM unit.

(加密化附有WM分割內容1231之生成) (Encryption is accompanied by generation of WM split content 1231)

加密化機構206c係由附有WM分割內容1100提取檔案識別子1121「FID1」、檔案識別子1122「FID2」、檔案識別子1123「FID3」、‧‧‧、檔案識別子1125「FIDc」,並使用已提取之檔案識別子1121、1122、1123、‧‧‧、1125 之各個、與已生成之加密化附有WM分割檔案1161、1162、1163、‧‧‧、1164之各個,如第43圖所示,將檔案識別子1121與加密化附有WM分割檔案1161成組而生成加密化附有WM分割檔案資訊1156。同樣地,就檔案識別子1122、1123、‧‧‧、1125之各個,將檔案識別子與加密化附有WM分割檔案成組而生成加密化附有WM分割檔案資訊。 The encryption unit 206c extracts the file identifier 1121 "FID1", the file identifier 1122 "FID2", the file identifier 1123 "FID3", ‧‧‧, the file identifier 1125 "FIDc", and the extracted file is extracted from the WM divided content 1100. File identifiers 1121, 1122, 1123, ‧‧‧, 1125 Each of the generated and encrypted encryptions is accompanied by WM split files 1161, 1162, 1163, ‧‧‧, 1164, as shown in Fig. 43, the file identifier 1121 and the encrypted WM split file 1161 are grouped The generated encryption is accompanied by WM split file information 1156. Similarly, for each of the file identifiers 1122, 1123, ‧ ‧ and 1125, the file identifier and the encrypted WM split file are grouped to generate an encrypted WM split file information.

如此,加密化機構206c生成加密化附有WM分割檔案資訊1256、1257、1258、‧‧‧、1259,且如第43圖所示,生成包含已生成之加密化附有WM分割檔案資訊1256、1257、1258、‧‧‧、1259之加密化附有WM分割內容1231,將已生成之加密化附有WM分割內容1231往標頭資訊生成機構207c輸出。 In this manner, the encryption unit 206c generates the encrypted WM split file information 1256, 1257, 1258, ‧‧‧, 1259, and as shown in FIG. 43, generates the encrypted data with the generated WM split file information 1256, The encryption of 1257, 1258, ‧‧, and 1259 is accompanied by WM division content 1231, and the generated encryption-encoded WM division content 1231 is output to the header information generation unit 207c.

如第43圖所示,加密化附有WM分割內容1231包含c個加密化附有WM分割檔案資訊1256、1257、1258、‧‧‧、1259。又,加密化附有WM分割檔案資訊1256包含檔案識別子1121「FID1」及加密化附有WM分割檔案1161「EWsplCNT1」,加密化附有WM分割檔案資訊1257包含檔案識別子1122「FID2」及加密化附有WM分割檔案1162「EWsplCNT2」,加密化附有WM分割檔案資訊1258包含檔案識別子1123「FID3」及加密化附有WM分割檔案1163「EWsplCNT3」,加密化附有WM分割檔案資訊1259包含檔案識別子1125「FIDc」及加密化附有WM分割檔案1164「EWsplCNTc」。 As shown in Fig. 43, the encrypted WM-divided content 1231 includes c-encrypted WM-divided file information 1256, 1257, 1258, ‧‧‧, 1259. Further, the encrypted WM split file information 1256 includes the file identifier 1121 "FID1" and the encrypted WM split file 1161 "EWsplCNT1", and the encrypted WM split file information 1257 includes the file identifier 1122 "FID2" and encryption. WM split file 1162 "EWsplCNT2" is attached, and WM split file information 1258 is encrypted. The file identifier 1123 "FID3" and the encrypted WM split file 1163 "EWsplCNT3" are attached, and the encrypted WM split file information 1259 includes the file. The identifier 1125 "FIDc" and the encryption are attached with the WM split file 1164 "EWsplCNTc".

4.2.4標頭資訊生成機構207c 4.2.4 Header Information Generation Mechanism 207c

標頭資訊生成機構207c由加密化機構206c接受加密化附有WM分割內容1231。接受加密化附有WM分割內容1231時,則如以下所說明,使用已接受之加密化附有WM分割內容1231生成附有WM標頭資訊1251。 The header information generating unit 207c is encrypted by the encryption unit 206c and is provided with WM divided content 1231. When the WM divided content 1231 is attached to the encryption, the WM header information 1251 is generated by using the accepted encryption with the WM divided content 1231 as described below.

加密化附有WM分割內容1231係如第43圖所示,由c個加密化附有WM分割檔案資訊1256「EWsplFI1」、加密化附有WM分割檔案資訊1257「EWsplFI2」、加密化附有WM分割檔案資訊1258「EWsplFI3」、‧‧‧、加密化附有WM分割檔案資訊1259「EWsplFIc」所構成。各加密化附有WM分割檔案資訊「EWsplFIj」(j為1到c的整數)包含檔案識別子「FIDj」與加密化附有WM分割檔案「EWsplCNTj」。 Encryption with WM split content 1231 is as shown in Fig. 43, with c-encrypted WM split file information 1256 "EWsplFI1", encrypted WM split file information 1257 "EWsplFI2", and encryption with WM Split file information 1258 "EWsplFI3", ‧‧‧, encrypted with WM split file information 1259 "EWsplFIc". Each encryption is accompanied by WM split file information "EWsplFIj" (j is an integer from 1 to c) including the file identifier "FIDj" and the encrypted WM split file "EWsplCNTj".

標頭資訊生成機構207c係如第43圖所示,由加密化附有WM分割內容1231內之加密化附有WM分割檔案資訊1256、1257、1258、‧‧‧、1259提取加密化附有WM分割檔案1161、1162、1163、‧‧‧、1164。其次,就已提取之加密化附有WM分割檔案1161、1162、1163、‧‧‧、1164之各個,生成附有WM第一散列表1271「WHA1TBL1」、附有WM第一散列表1272「WHA1TBL2」、附有WM第一散列表1273「WHA1TBL3」、‧‧‧、附有WM第一散列表1274「WHA1TBLc」。進一步,由已生成之c個之附有WM第一散列表1271、1272、1273、‧‧‧、1274,生成附有WM第二散列表1261「WHA2TBL」。附有WM第一散列表1271、1272、1273、‧‧‧、1274之生成之詳細及附有WM 第二散列表1261之生成之詳情則於後述。 As shown in FIG. 43, the header information generating unit 207c extracts and encrypts the WM divided file information 1256, 1257, 1258, ‧‧‧, 1259 by encryption in the WM divided content 1231. Split files 1161, 1162, 1163, ‧‧‧, 1164 Next, the extracted encryption is accompanied by each of the WM split files 1161, 1162, 1163, ‧‧‧, 1164, and the WM first hash table 1271 "WHA1TBL1" is attached, and the WM first hash table 1272 "WHA1TBL2" is attached. The WM first hash table 1273 "WHA1TBL3", ‧‧‧, and the WM first hash table 1274 "WHA1TBLc" are attached. Further, a WM second hash table 1261 "WHA2TBL" is generated from the c generated first W1 first hash tables 1271, 1272, 1273, ‧‧‧, 1274. Attached to the WM first hash table 1271, 1272, 1273, ‧‧‧, 1274, the details of the generation and WM Details of the generation of the second hash table 1261 will be described later.

其次,標頭資訊生成機構207c生成包含c個附有WM第一散列表1271、1272、1273、‧‧‧、1274及附有WM第二散列表1261之附有WM標頭資訊1251。 Next, the header information generating unit 207c generates the attached WM header information 1251 including c first hash tables 1271, 1272, 1273, ‧‧1, 1274, and WM second hash table 1261 attached thereto.

其次,標頭資訊生成機構207c將已生成之附有WM標頭資訊1251作為中間內容資料集242c之一部份,寫入儲存機構202。又,將已生成之附有WM第二散列表1261「WHA2TBL」往簽章生成機構209c輸出。 Next, the header information generating unit 207c writes the generated WM header information 1251 as a part of the intermediate content data set 242c to the storage unit 202. Further, the generated WM second hash table 1261 "WHA2TBL" is output to the signature generating unit 209c.

(1)附有WM第一散列表1271、1272、1273、‧‧‧、1274之生成 (1) The generation of WM first hash tables 1271, 1272, 1273, ‧‧‧, 1274

在此,詳細說明附有WM第一散列表1271之生成。再者,由於附有WM第一散列表1272、1273、‧‧‧、1274之生成與附有WM第一散列表1271之生成相同,因此省略說明。 Here, the generation of the WM first hash table 1271 is attached in detail. Furthermore, since the generation of the WM first hash tables 1272, 1273, ‧‧, and 1274 is the same as the generation of the WM first hash table 1271, the description thereof is omitted.

第44圖係顯示標頭資訊生成機構207c進行之附有WM第一散列表1271「WHA1TBL1」之生成流程的概要。 Fig. 44 is a view showing an outline of a flow of generation of the WM first hash table 1271 "WHA1TBL1" by the header information generating means 207c.

標頭資訊生成機構207c係由加密化附有WM分割檔案1161提取加密化附有WM單元資訊1171、1172、1173、1174、‧‧‧、1175。其次,如第44圖所示,就已提取之加密化附有WM單元資訊1171、1172、1173、1174、‧‧‧、1175之各個,生成附有WM單元散列資訊1281、1282、1283、1284、‧‧‧、1285。進一步,生成包含已生成之附有WM單元散列資訊1281、1282、1283、1284、‧‧‧、1285之附有WM第一散列表1271「WHAT1TBL1」。 The header information generating unit 207c extracts and encrypts the WM unit information 1171, 1172, 1173, 1174, ‧‧, 1175 by encrypting the WM divided file 1161. Next, as shown in FIG. 44, the extracted encryption is accompanied by each of the WM unit information 1171, 1172, 1173, 1174, ‧‧‧, 1175, and the WM unit hash information 1281, 1282, 1283 is generated. 1284, ‧‧‧, 1285 Further, a WM first hash table 1271 "WHAT1TBL1" including the generated WM unit hash information 1281, 1282, 1283, 1284, ‧‧1, 1285 is generated.

(附有WM單元散列資訊之生成) (with the generation of WM unit hash information)

其次,說明由各加密化附有WM單元資訊生成附有WM單元散列資訊之方法。 Next, a method of generating WM unit hash information by adding WM unit information to each encryption will be described.

標頭資訊生成機構207c由加密化附有WM單元資訊提取單元識別子、標題金鑰旗標資訊及加密化單元。在此,標題金鑰旗標資訊為「1」時,由加密化附有WM單元資訊進一步提取加密化附有WM單元。 The header information generating unit 207c is provided with a WM unit information extracting unit identifier, a title key flag information, and an encryption unit by encryption. Here, when the title key flag information is "1", the WM unit is further extracted and encrypted by the encryption with the WM unit information.

其次,標頭資訊生成機構207c將已提取之加密化單元代入散列函數,生成單元散列值。標題金鑰旗標資訊為「1」時,進一步,已提取之加密化附有WM單元代入散列函數而生成附有WM單元散列值。 Next, the header information generating unit 207c substitutes the extracted encryption unit into the hash function to generate a unit hash value. When the title key flag information is "1", further, the extracted encryption is accompanied by the WM unit substituted into the hash function to generate a WM unit hash value.

再者,散列函數與內容發送系統10a及10b同樣係使用使用了SHA-1、SHA-2、SHA-3或區塊暗號之CBC-MAC等。 Further, the hash function uses the CBC-MAC using SHA-1, SHA-2, SHA-3, or a block secret number, similarly to the content transmitting systems 10a and 10b.

在此,標題金鑰旗標資訊為「0」時,由加密化附有WM單元資訊所提取之加密化單元係如上所述,為未經加密化之明文狀態。 Here, when the title key flag information is "0", the encryption unit extracted by encrypting the WM unit information is as described above, and is an unencrypted plaintext state.

其次,標頭資訊生成機構207c生成包含已提取之單元識別子、標題金鑰旗標資訊及已生成之單元散列值之附有WM單元散列資訊。標題金鑰旗標資訊為「1」時,生成包含已提取之單元識別子、標題金鑰旗標資訊、已生成之單元散列值及已生成之附有WM單元散列值之附有WM單元散列資訊。[附有WM單元散列資訊之生成結束] Next, the header information generating unit 207c generates WM unit hash information including the extracted unit identifier, the title key flag information, and the generated unit hash value. When the title key flag information is "1", the WM unit including the extracted unit identifier, the title key flag information, the generated unit hash value, and the generated hash value with the WM unit hash value is generated. Hash information. [With the end of the generation of WM unit hash information]

附有WM第一散列表1271之一例係如第44圖所示, 包含有附有WM單元散列資訊1281、1282、1283、1284、‧‧‧、1285。 An example of WM first hash table 1271 is attached as shown in Figure 44. Contains WM unit hash information 1281, 1282, 1283, 1284, ‧‧‧, 1285.

附有WM單元散列資訊1281包含有單元識別子771、標題金鑰旗標資訊772、單元散列值1291及附有WM單元散列值1292。在此,單元散列值1291及附有WM單元散列值1292分別對加密化附有WM單元資訊1171所含之加密化單元1181及加密化附有WM單元1182施行散列而生成者。又,附有WM單元散列資訊1282包含有單元識別子781、標題金鑰旗標資訊782及單元散列值1293。在此,單元散列值1293係對加密化附有WM單元資訊1172所含之加密化單元1183施行散列而生成者。 The attached WM unit hash information 1281 includes a unit identifier 771, a title key flag information 772, a unit hash value 1291, and a WM unit hash value 1292. Here, the cell hash value 1291 and the WM cell hash value 1292 are respectively generated by hashing the encryption unit 1181 included in the WM unit information 1171 and the encryption-attached WM unit 1182. Further, the WM unit hash information 1282 includes a unit identifier 781, a title key flag information 782, and a unit hash value 1293. Here, the cell hash value 1293 is generated by hashing the encryption unit 1183 included in the WM unit information 1172 with encryption.

(2)附有WM第二散列表1261之生成 (2) With the generation of WM second hash table 1261

在此,詳細說明附有WM第二散列表1261之生成。 Here, the generation of the WM second hash table 1261 is attached in detail.

標頭資訊生成機構207c係如以下所示,由已生成之c個之附有WM第一散列表1271、1272、1273、‧‧‧、1274,生成於第45圖作為一例顯示之附有WM第二散列表1261。 The header information generating unit 207c is provided with the WM first hash tables 1271, 1272, 1273, ‧ ‧ and 1274, which are generated in the following, and are generated in the 45th figure as an example. Second hash table 1261.

標頭資訊生成機構207c結合附有WM第一散列表1271所含之全部附有WM單元散列資訊而生成結合體。此種情況下,附有WM單元散列資訊當該附有WM單元散列資訊所含之標題金鑰旗標資訊為「1」時,則如上所述,包含附有WM單元散列值。其次,標頭資訊生成機構207c將已生成之結合體代入散列函數,生成附有WM檔案散列值1296「WFHA1」。 The header information generating unit 207c combines all of the WM unit hash information included in the WM first hash table 1271 to generate a combined body. In this case, the WM unit hash information is attached. When the title key flag information included in the WM unit hash information is "1", as described above, the WM unit hash value is included. Next, the header information generating unit 207c substitutes the generated combination into the hash function to generate a WM file hash value 1296 "WFHA1".

其次,標頭資訊生成機構207c由加密化附有WM分割 內容1231取得對應於附有WM第一散列表1271之檔案識別子1121「FID1」。 Next, the header information generating unit 207c is segmented by encryption with WM. The content 1231 acquires the file identifier 1121 "FID1" corresponding to the WM first hash table 1271.

其次,生成包含已取得之檔案識別子1121「FID1」與已生成之附有WM檔案散列值1296「WFHA1」之附有WM檔案散列資訊1266「WFHI1」。 Next, the WM file hash information 1266 "WFHI1" including the acquired file identifier 1121 "FID1" and the generated WM file hash value 1296 "WFHA1" is generated.

標頭資訊生成機構207c係就附有WM第一散列表1272、1273、‧‧‧、1274之各個,而與上述同樣生成附有WM檔案散列值1297「WFHA2」、附有WM檔案散列值1298「WFHA3」、‧‧‧、附有WM檔案散列值1299「WFHAc」,取得檔案識別子1122、1123、‧‧‧、1125。其次,就附有WM第一散列表1272、1273、‧‧‧、1274之各個,生成包含檔案識別子與附有WM檔案散列值之附有WM檔案散列資訊1267、1268、‧‧‧、1269。 The header information generating unit 207c is attached with each of the WM first hash tables 1272, 1273, ‧‧‧, and 1274, and generates a WM file hash value 1297 "WFHA2" and a WM file hash as described above. The value 1298 "WFHA3", ‧‧‧, with the WM file hash value of 1299 "WFHAc", obtained the file identifiers 1122, 1123, ‧ ‧ and 1125 Secondly, each of the WM first hash tables 1272, 1273, ‧‧‧, 1274 is attached, and the WM file hash information 1267, 1268, ‧‧, including the file identifier and the hash value of the WM file is generated. 1269.

其次,標頭資訊生成機構207c生成包含附有WM檔案散列資訊1266、1267、1268、‧‧‧、1269之附有WM第二散列表1261。 Next, the header information generating unit 207c generates a WM second hash table 1261 including the WM file hash information 1266, 1267, 1268, ‧‧, and 1269.

在此,附有WM第二散列表1261「WHA2TBL」係如第45圖之一例所示,包含c個附有WM檔案散列資訊1266「WFHI1」、附有WM檔案散列資訊1267「WFHI2」、附有WM檔案散列資訊1268「WFHI3」、‧‧‧、附有WM檔案散列資訊1269「WFHIc」,並且各附有WM檔案散列資訊「WFHIj」(j為1到c的整數)包含檔案識別子「FIDj」與附有WM檔案散列值「WFHAj」。 Here, the WM second hash table 1261 "WHA2TBL" is shown in the example of FIG. 45, and includes c files with WM file hash information 1266 "WFHI1" and WM file hash information 1267 "WFHI2". WM file hash information 1268 "WFHI3", ‧‧‧, WM file hash information 1269 "WFHIc", and WM file hash information "WFHIj" (j is an integer from 1 to c) Contains the file identifier "FIDj" and the WM file hash value "WFHAj".

4.2.5簽章生成機構209c 4.2.5 Signature Generation Mechanism 209c

簽章生成機構209c由標頭資訊生成機構207c接受附有WM第二散列表1261「WHA2TBL」,由單元生成機構204c接受單元選出資訊780。 The signature generation unit 209c receives the WM second hash table 1261 "WHA2TBL" from the header information generation unit 207c, and the unit generation unit 204c receives the unit selection information 780.

當接受附有WM第二散列表1261及單元選出資訊780時,簽章生成機構209c由簽章金鑰保存機構208讀出私有金鑰251「KSG」。 When the WM second hash table 1261 and the unit selection information 780 are attached, the signature generation unit 209c reads the private key 251 "KSG" by the signature key storage unit 208.

其次,簽章生成機構209c依該順序結合附有WM第二散列表1261及單元選出資訊780,生成結合體261c,並使用已讀出之私有金鑰251,對已生成之結合體261c施行簽章生成演算法S,生成簽章資訊1300。 Next, the signature generation unit 209c combines the WM second hash table 1261 and the unit selection information 780 in this order to generate a combination 261c, and uses the read private key 251 to sign the generated combination 261c. The chapter generates an algorithm S to generate signature information 1300.

在此,簽章生成演算法S為與內容發送系統10a同樣之簽章方式之演算法。 Here, the signature generation algorithm S is an algorithm of the same signature method as the content transmission system 10a.

其次,簽章生成機構209c將已生成之簽章資訊1300作為中間內容資料集242c之一部份,往儲存機構202寫入。 Next, the signature generation unit 209c writes the generated signature information 1300 as part of the intermediate content data set 242c to the storage unit 202.

4.3發送伺服器裝置102c之構成 4.3 The composition of the transmission server device 102c

發送伺服器裝置102c係如第47圖所示,由儲存機構301、機器間傳送機構302、機器間接收機構303、媒體識別子取得機構304c、個別標題金鑰生成機構305、加密化機構306c、標題金鑰資料庫儲存機構307、運用主體公開金鑰保存機構308、私有金鑰保存機構309、公開金鑰証明書保存機構310、暗號通信路確立機構311及控制機構313構成。 As shown in Fig. 47, the transmission server device 102c includes a storage unit 301, an inter-machine transfer unit 302, an inter-machine receiving unit 303, a media identifier acquisition unit 304c, an individual title key generation unit 305, an encryption unit 306c, and a title. The key database storage unit 307, the use main body public key storage unit 308, the private key storage unit 309, the public key certificate storage unit 310, the secret communication path establishing unit 311, and the control unit 313 are configured.

儲存機構301、機器間傳送機構302、機器間接收機構303、個別標題金鑰生成機構305、標題金鑰資料庫儲存機 構307、運用主體公開金鑰保存機構308、私有金鑰保存機構309、公開金鑰証明書保存機構310、暗號通信路確立機構311及控制機構313,分別具有與發送伺服器裝置102a對應之構成要素同樣的構成。 Storage mechanism 301, inter-machine transfer mechanism 302, inter-machine receiving mechanism 303, individual title key generation mechanism 305, title key database storage device The main body public key storage unit 308, the private key storage unit 309, the public key certificate storage unit 310, the secret communication path establishing unit 311, and the control unit 313 respectively have a configuration corresponding to the transmission server device 102a. The same composition of elements.

又,媒體識別子取得機構304c及加密化機構306c分別具有與發送伺服器裝置102a對應之構成要素類似的構成。 Further, the media identification sub-acquisition means 304c and the encryption means 306c each have a configuration similar to that of the transmission server device 102a.

在此,以相異點為中心作說明。 Here, the description will be centered on the difference point.

再者,發送伺服器裝置102c與發送伺服器裝置102a同樣,亦可為由CPU、記憶體、二次記憶裝置、網際網路介面電路等構成之PC。此種情況下,加密化機構306c由CPU及在其上動作之程式所構成。當然本實施形態不限定於此。 Further, the transmission server device 102c may be a PC composed of a CPU, a memory, a secondary memory device, an internet interface circuit, or the like, similarly to the transmission server device 102a. In this case, the encryption unit 306c is composed of a CPU and a program that operates thereon. Of course, this embodiment is not limited to this.

又,發送伺服器裝置102c係經由記錄用資訊處理裝置103a而往資訊記錄媒體裝置105b傳送發送用內容資料集351c。發送用內容資料集351c與內容發送系統10a及10b之發送用內容資料集351不同,且如後述,包含有單元選出資訊780、附有WM標頭資訊1251、簽章資訊1300及發送用加密化附有WM內容1361。 Further, the transmission server device 102c transmits the transmission content data set 351c to the information recording medium device 105b via the recording information processing device 103a. The transmission content data set 351c is different from the transmission content data set 351 of the content transmission systems 10a and 10b, and includes unit selection information 780, WM header information 1251, signature information 1300, and transmission encryption, as will be described later. WM content 1361 is attached.

4.3.1媒體識別子取得機構304c 4.3.1 Media Identification Sub-Acquisition Mechanism 304c

媒體識別子取得機構304c由機器間接收機構303取得專門識別資訊記錄媒體裝置105b之媒體識別子371,並將已取得之媒體識別子371往加密化機構306c輸出,並將已取得之媒體識別子371往標題金鑰資料庫儲存機構307寫 入。 The media identification sub-acquisition unit 304c acquires the media identifier 371 of the special identification information recording medium device 105b from the inter-machine receiving unit 303, and outputs the acquired media identifier 371 to the encryption unit 306c, and the obtained media identifier 371 to the title gold. Key database storage mechanism 307 write In.

4.3.2加密化機構306c 4.3.2 Encryption Mechanism 306c

加密化機構306c由個別標題金鑰生成機構305接受個別標題金鑰381「ITK」。又,加密化機構306c由儲存於儲存機構301之中間內容資料集242c讀出加密化附有WM內容1201與附有WM標頭資訊1251。 The encryption unit 306c receives the individual title key 381 "ITK" by the individual title key generation unit 305. Further, the encryption unit 306c reads out the encrypted WM content 1201 and the WM header information 1251 from the intermediate content data set 242c stored in the storage unit 301.

當讀出附有WM標頭資訊1251時,加密化機構306c由已讀出之附有WM標頭資訊1251,提取附有WM第一散列表1271「WHA1TBL1」、1272「WHA1TBL2」、1273「WHA1TBL3」、‧‧‧、1274「WHA1TBLc」。 When the WM header information 1251 is read, the encryption mechanism 306c extracts the WM first hash table 1271 "WHA1TBL1", 1272 "WHA1TBL2", and 1273 "WHA1TBL3" from the read WM header information 1251. , ‧‧‧, 1274 "WHA1TBLc".

又,當讀出加密化附有WM內容1201時,加密化機構306c由已讀出之加密化附有WM內容,提取加密化附有WM檔案1211「EWCNT1」、1212「EWCNT2」、1213「EWCNT3」、‧‧‧、1214「EWCNTc」。 Further, when the read-encrypted WM content 1201 is attached, the encryption means 306c attaches the WM content by the read encryption, and extracts the encrypted WM file 1211 "EWCNT1", 1212 "EWCNT2", 1213 "EWCNT3". , ‧‧‧, 1214 "EWCNTc".

其次,加密化機構306c使用個別標題金鑰381「ITK」將對應於已提取之各附有WM第一散列表之加密化附有WM檔案所含之加密化單元進行加密化。在此,以對於對應於附有WM第一散列表1271「WHA1TBL1」之加密化附有WM檔案1211「EWCNT1」的處理為代表,於以下進行說明。再者,關於其他加密化附有WM檔案也相同,因此省略說明。 Next, the encryption unit 306c encrypts the encrypted unit included in the encrypted WM file corresponding to each of the extracted WM first hash tables, using the individual title key 381 "ITK". Here, the processing corresponding to the encryption of the WM first hash table 1271 "WHA1TBL1" with the WM file 1211 "EWCNT1" is representative, and will be described below. Furthermore, since the WM file is attached to the other encryption, the description is omitted.

加密化機構306c由附有WM第一散列表1271所含之附有WM單元散列資訊1281「WUHI1_1」、1282「WUHI1_2」、1283「WUHI1_3」、‧‧‧、1285「WUHI1_m」, 分別提取標題金鑰旗標資訊「TKFI1_1」、「TKFI1_2」、「TKFI1_3」、‧‧‧、「TKFI1_m」,判定已提取之標題金鑰旗標資訊「TKFI1_1」、「TKFI1_2」、「TKFI1_3」、‧‧‧、「TKFI1_m」之值為「0」或「1」。其次,在該等標題金鑰旗標資訊中提取標題金鑰旗標資訊為「0」者。 The encryption unit 306c is provided with the WM unit hash information 1281 "WUHI1_1", 1282 "WUHI1_2", 1283 "WUHI1_3", ‧‧‧, 1285 "WUHI1_m" included in the WM first hash table 1271. The title key flag information "TKFI1_1", "TKFI1_2", "TKFI1_3", ‧‧‧, "TKFI1_m" are extracted, and the extracted title key flag information "TKFI1_1", "TKFI1_2", "TKFI1_3", ‧‧‧ The value of "TKFI1_m" is "0" or "1". Next, the title key flag information is extracted to "0" in the title key flag information.

其中一例如第48圖所示,標題金鑰旗標資訊1311「TKFI1_2」與1312「TKFI1_4」為「0」,其他標題金鑰旗標資訊「TKFI1_1」、「TKFI1_3」、「TKFI1_5」、‧‧‧、「TKFI1_m」為「1」。 For example, as shown in Fig. 48, the title key flag information 1311 "TKFI1_2" and 1312 "TKFI1_4" are "0", and other title key flag information "TKFI1_1", "TKFI1_3", "TKFI1_5", ‧ ‧ "TKFI1_m" is "1".

此時,被提取之標題金鑰旗標資訊為「TKFI1_2」及「TKFI1_4」。加密化機構306c係分別使用個別標題金鑰381「ITK」,將對應於該等標題金鑰旗標資訊之加密化單元1183「EU1_2」及1186「EU1_4」進行加密化,並生成發送用加密化附有WM單元1342「DWU1_2」及1344「DWU1_4」。 At this time, the extracted title key flag information is "TKFI1_2" and "TKFI1_4". The encryption unit 306c encrypts the encryption units 1183 "EU1_2" and 1186 "EU1_4" corresponding to the title key flag information using the individual title key 381 "ITK", and generates encryption for transmission. WM unit 1342 "DWU1_2" and 1344 "DWU1_4" are attached.

就包含標題金鑰旗標資訊「1」之附有WM單元散列資訊「WUHI1_1」、「WUHI1_3」、「WUHI1_5」、‧‧‧、「WUHI1_m」之各個,加密化機構306c因應於媒體識別子371而選擇加密化單元及加密化附有WM單元之任一者,並直接所選擇者作為發送用加密化附有WM單元。 The WM unit hash information "WUHI1_1", "WUHI1_3", "WUHI1_5", ‧‧‧, "WUHI1_m" are included in the header key flag information "1", and the encryption mechanism 306c is adapted to the media identifier 371. The encryption unit and the encryption are attached to any of the WM units, and the selected one directly attaches the WM unit as the transmission encryption.

在此,選擇之方法若為可由選擇後之發送用加密化附有WM單元特定媒體識別子371之方法,即可為任一者。 Here, the method of selection may be any method in which the WM unit specific media identifier 371 is attached to the selected transmission encryption.

例如、加密化機構306c對附有WM單元散列資訊「WUHI1_1」,若媒體識別子371之下位第1位元為「0」, 則選擇加密化單元「EU1_1」,若下位第1位元為「1」,則選擇加密化附有WM單元「EWU1_1」。如此,將所選擇者作為發送用加密化附有WM單元「DWU1_1」。 For example, the encryption unit 306c has the WM unit hash information "WUHI1_1" attached thereto, and if the first bit of the media identifier 371 is "0", Then, the encryption unit "EU1_1" is selected, and if the lower first bit is "1", the encryption unit is selected to have the WM unit "EWU1_1". In this way, the selected person is attached with the WM unit "DWU1_1" as the transmission encryption.

同樣地,加密化機構306c因應於媒體識別子371之下位第2位元之值,由加密化單元「EU1_3」及加密化附有WM單元「EWU1_3」選擇任一者。媒體識別子371之下位第3位元以下也相同。 Similarly, the encryption unit 306c selects either one of the encryption unit "EU1_3" and the encryption-attached WM unit "EWU1_3" in response to the value of the second bit below the media identifier 371. The third bit below the media identifier 371 is also the same.

如此,加密化機構306c對包含標題金鑰旗標資訊「1」之附有WM單元散列資訊,由媒體識別子之下位位元依序相對應,選擇加密化單元及加密化附有WM單元之任一者。 In this way, the encryption unit 306c associates the hash information with the WM unit including the title key flag information "1", and sequentially corresponds to the lower bits of the media identifier, and selects the encryption unit and encrypts the WM unit. Either.

藉由如此選擇,即使發送用加密化附有WM單元解密後所得之明文單元在網際網路等被暴露,也可藉解析嵌入被暴露之單元內之數位浮水印並提取,判明該單元是否以加密化單元及加密化附有WM單元之任一者為基礎,結果,判明媒體識別子371之特定之1位元。其他單元也藉進行同樣的解析,判明媒體識別子371之全部的位元。如此,可特定為被非法暴露之內容之出處之資訊記錄媒體裝置。 With such a selection, even if the plaintext unit obtained by decrypting the WM unit after encryption is exposed on the Internet or the like, the digital watermark embedded in the exposed unit can be extracted and extracted to determine whether the unit is The cryptographic unit and the encryption are attached to any of the WM units, and as a result, the specific one bit of the media identifier 371 is determined. The other units also determine the bits of the media identifier 371 by performing the same analysis. In this way, the information recording media device can be specified as the source of the illegally exposed content.

加密化機構306c係如第49圖所示,生成包含已生成之發送用加密化附有WM單元1341「DWU1_1」、1342「DWU1_2」、1343「DWU1_3」、1344「DWU1_4」、‧‧‧、1345「DWU1_m」之發送用加密化附有WM檔案1371「DWCNT1」。 As shown in FIG. 49, the encryption unit 306c generates the transmission-encrypted WM unit 1341 "DWU1_1", 1342 "DWU1_2", 1343 "DWU1_3", 1344 "DWU1_4", ‧‧‧, 1345 The transmission of "DWU1_m" is encrypted with the WM file 1371 "DWCNT1".

如第49圖所示,發送用加密化附有WM檔案1371包 含有發送用加密化附有WM單元1341、1342、1343、1344、‧‧‧、1345。 As shown in Figure 49, the transmission encryption is accompanied by a WIM file 1371 package. The WM units 1341, 1342, 1343, 1344, ‧‧‧, 1345 are attached with encryption for transmission.

在此,發送用加密化附有WM單元1341係因應於媒體識別子371之第1位元之值而由加密化單元1181及加密化附有WM單元1182選擇者。又,發送用加密化附有WM單元1343因應於媒體識別子371之第2位元之值而由加密化單元1184及加密化附有WM單元1185選擇者。進一步,發送用加密化附有WM單元1345係因應於媒體識別子371之第n位元之值而由加密化單元1187及加密化附有WM單元1188選擇者。在此,n係表示加密化附有WM檔案中,使用共通標題金鑰而生成之加密化單元之數。 Here, the transmission encryption-attached WM unit 1341 is selected by the encryption unit 1181 and the encryption-attached WM unit 1182 in response to the value of the first bit of the media identifier 371. Further, the transmission encryption-attached WM unit 1343 is selected by the encryption unit 1184 and the encryption-attached WM unit 1185 in response to the value of the second bit of the media identifier 371. Further, the transmission encryption-attached WM unit 1345 is selected by the encryption unit 1187 and the encryption-attached WM unit 1188 in response to the value of the n-th bit of the media identifier 371. Here, n is the number of encryption units generated by encrypting the WM file and using the common title key.

又,發送用加密化附有WM單元1342係使用個別標題金鑰381而將加密化單元1183加密化生成者。又,發送用加密化附有WM單元1344使用個別標題金鑰381將加密化單元1186加密化而生成者。 Further, the transmission encryption unit W1 unit 1342 encrypts the encryption unit 1183 using the individual title key 381. Further, the transmission encryption unit W4 unit 1344 encrypts and encrypts the encryption unit 1186 using the individual title key 381.

加密化機構306c對附有WM第一散列表「WHA1TBLj」與加密化附有WM檔案「EWCNTj」(j為2到c之整數)也執行與上述相同的處理,並生成發送用加密化附有WM檔案「DWCNTj」。 The encryption unit 306c performs the same processing as described above with the WM first hash table "WHA1TBLj" and the encrypted WM file "EWCNTj" (j is an integer from 2 to c), and generates a transmission encryption. WM file "DWCNTj".

其次,加密化機構306c生成由生成之發送用加密化附有WM檔案1371「DWCNT1」、1372「DWCNT2」、1373「DWCNT3」、‧‧‧、1374「DWCNTc」所構成之發送用加密化附有WM內容1361,並將生成之發送用加密化附有WM內容1361作為發送用內容資料集351c之一部份,寫 入至儲存機構301。 Next, the encryption unit 306c generates a transmission encryption including the WM file 1371 "DWCNT1", 1372 "DWCNT2", 1373 "DWCNT3", ‧‧‧, 1374 "DWCNTc", which is encrypted by the transmission for transmission. WM content 1361, and the generated transmission encryption with WM content 1361 as part of the content data set 351c for writing, write The storage mechanism 301 is entered.

此時,加密化機構306c由中間內容資料集242c讀出單元選出資訊780、附有WM標頭資訊1251及簽章資訊1300,並將讀出之單元選出資訊780、附有WM標頭資訊1251及簽章資訊1300作為發送用內容資料集351c之一部份,寫入儲存機構301。 At this time, the encryption unit 306c reads the unit selection information 780, the WM header information 1251, and the signature information 1300 from the intermediate content data set 242c, and selects the read unit to select the information 780, and attaches the WM header information 1251. The signature information 1300 is written to the storage unit 301 as part of the content data set 351c for transmission.

4.4再生用資訊處理裝置104c之構成 4.4 Composition of the information processing device 104c for reproduction

再生用資訊處理裝置104c係如第51圖所示,由媒體間傳送機構501、媒體間接收機構502、標題金鑰取得機構503、解密化機構504、簽章驗證金鑰保存機構505、替換結合體生成機構506c、簽章驗證機構507c、再生可否判定機構508、再生機構509、媒體識別子取得機構510c、運用主體公開金鑰保存機構511、標題金鑰發送証明書驗證機構512及控制機構513所構成。 As shown in FIG. 51, the reproduction information processing device 104c includes an inter-media transfer unit 501, an inter-media receiving unit 502, a title key obtaining unit 503, a decryption unit 504, a signature verification key storage unit 505, and a replacement combination. The volume generation unit 506c, the signature verification unit 507c, the reproduction availability determination unit 508, the reproduction unit 509, the media identification sub-acquisition unit 510c, the operation main body public key storage unit 511, the title key transmission certificate verification unit 512, and the control unit 513 Composition.

媒體間傳送機構501、媒體間接收機構502、標題金鑰取得機構503、解密化機構504、簽章驗證金鑰保存機構505、再生可否判定機構508、再生機構509及控制機構513分別具有與再生用資訊處理裝置104a對應之構成要素相同的構成,運用主體公開金鑰保存機構511及標題金鑰發送証明書驗證機構512分別具有與再生用資訊處理裝置104b對應之構成要素相同的構成。 The inter-media transfer unit 501, the media-to-media reception unit 502, the title key acquisition unit 503, the decryption unit 504, the signature verification key storage unit 505, the reproduction availability determination unit 508, the reproduction unit 509, and the control unit 513 respectively have regeneration In the same configuration as the components corresponding to the information processing device 104a, the application main body public key storage unit 511 and the title key transmission certificate verification unit 512 have the same configuration as the components corresponding to the reproduction information processing device 104b.

又,替換結合體生成機構506c、簽章驗證機構507c及媒體識別子取得機構510c分別具有再生用資訊處理裝置104b對應之構成要素類似的構成。 Further, the replacement combined body generating means 506c, the signature verifying means 507c, and the medium identifying section obtaining means 510c each have a configuration in which the components corresponding to the reproducing information processing means 104b are similar.

在此,以相異點為中心加以說明。 Here, the description will be centered on the different points.

再生用資訊處理裝置104c亦可與再生用資訊處理裝置104b同樣為由CPU、內建快閃記憶體、記憶體、媒體讀寫裝置、網際網路介面電路等構成之家電機器。此種情況下,替換結合體生成機構506c及媒體識別子取得機構510c亦可藉由CPU及在記憶體上動作之程式而構成。當然本實施形態不受此限。 Similarly to the playback information processing device 104b, the reproduction information processing device 104c may be a home electric appliance including a CPU, a built-in flash memory, a memory, a media read/write device, and an internet interface circuit. In this case, the replacement combination generating means 506c and the media identification sub-acquisition means 510c may be configured by a CPU and a program operating on the memory. Of course, this embodiment is not limited to this.

4.4.1媒體識別子取得機構510c 4.4.1 Media Identification Sub-Acquisition Mechanism 510c

媒體識別子取得機構510c由媒體間接收機構502取得專門識別資訊記錄媒體裝置105b之媒體識別子371。媒體識別子取得機構510c將已取得之媒體識別子371輸出至標題金鑰發送証明書驗證機構512及替換結合體生成機構506c。 The media identification sub-acquisition unit 510c acquires the media identifier 371 of the information recording medium device 105b by the media-to-media receiving unit 502. The media identification sub-acquisition unit 510c outputs the acquired media identifier 371 to the title key transmission certificate verification unit 512 and the replacement combination generation unit 506c.

4.4.2替換結合體生成機構506c 4.4.2 Replacement Combination Generation Mechanism 506c

替換結合體生成機構506c由再生可否判定機構508接受個別標題金鑰381、單元選出資訊780、發送用加密化附有WM內容1361、附有WM標頭資訊1251及簽章資訊1300。 The replacement combination generation unit 506c receives the individual title key 381, the unit selection information 780, the transmission encryption-attached WM content 1361, the WM header information 1251, and the signature information 1300 by the reproduction possibility determination unit 508.

其次,替換結合體生成機構506c係如以下所說明,其中一例係生成替換附有WM第一散列表1381及1382,又,生成替換附有WM第二散列表1391。其次,替換結合體生成機構506c將單元選出資訊780、替換附有WM第二散列表1391及簽章資訊1300往簽章驗證機構507c輸出。 Next, the replacement combination generating means 506c is as follows. One of the examples is to generate a replacement with the WM first hash tables 1381 and 1382, and to generate a replacement with the WM second hash table 1391. Next, the replacement combining unit 506c outputs the unit selection information 780, the replacement WM second hash table 1391, and the signature information 1300 to the signature verification unit 507c.

第52圖係顯示替換結合體生成機構506c進行之替換 附有WM第一散列表1381及1382以及替換附有WM第二散列表1391之生成動作的概要。 Figure 52 shows the replacement by the replacement combination generating mechanism 506c. An outline of the WM first hash table 1381 and 1382 and the generation action of the WM second hash table 1391 are attached.

替換結合體生成機構506c由單元選出資訊780選擇k個(k為以下之自然數)之檔案資訊,並由選出之檔案資訊提取檔案識別子。在此,將第52圖所示之檔案識別子951「FID1」及檔案識別子953「FID3」作為已提取者。 The replacement combining unit 506c selects k pieces of information (k is a natural number below) from the unit selection information 780, and extracts the file identifier from the selected file information. Here, the file identifier 951 "FID1" and the file identifier 953 "FID3" shown in Fig. 52 are extracted.

替換結合體生成機構506c係由附有WM標頭資訊1251所含之附有WM第一散列表1271、1272、‧‧‧、1274中,提取分別對應於提取之檔案識別子951及953之附有WM第一散列表1271及1273。 The replacement combination generating unit 506c is extracted from the attached WM first hash table 1271, 1272, ‧‧1, and 1274 included in the WM header information 1251, and is extracted corresponding to the extracted file identifiers 951 and 953, respectively. WM first hash tables 1271 and 1273.

又,替換結合體生成機構506c由發送用加密化附有WM內容1361所含之發送用加密化附有WM檔案1371、1372、1373、‧‧‧、1374中,提取分別對應於提取之檔案識別子951及953之發送用加密化附有WM檔案1371及1373。 Further, the replacement combined body generating means 506c extracts the WM files 1371, 1372, 1373, ‧‧‧, 1374 included in the transmission encryption included in the WM content 1361 for transmission, and extracts the file identifiers corresponding to the extracted files respectively. The transmissions of 951 and 953 are encrypted with WM files 1371 and 1373.

其次,替換結合體生成機構506c係就提取之檔案識別子951,使用附有WM第一散列表1271及發送用加密化附有WM檔案1371,生成替換附有WM第一散列表1381「RWHA1TBL1」。又,就已提取之檔案識別子952使用附有WM第一散列表1273及發送用加密化附有WM檔案1373,生成替換附有WM第一散列表1382「RWHA1TBL3」。 Next, the replacement combination generating means 506c extracts the file identifier 951, and uses the WM first hash table 1271 and the transmission encryption to attach the WM file 1371, and generates and replaces the WM first hash table 1381 "RWHA1TBL1". Further, the extracted file identifier 952 is attached with the WM first hash table 1273 and the transmission encryption with the WM file 1373, and the WM first hash table 1382 "RWHA1TBL3" is generated and replaced.

(1)替換附有WM第一散列表1381及1383之生成 (1) Replacement with the generation of WM first hash tables 1381 and 1383

其次,以下說明替換附有WM第一散列表1381「RWHA1TBL1」之生成的詳情。再者,替換附有WM第 一散列表1383「RWHA1TBL3」之生成的詳情相同,故省略說明。 Next, the following description replaces the details of the generation of the WM first hash table 1381 "RWHA1TBL1". Furthermore, the replacement is accompanied by WM Since the details of the generation of the hash table 1383 "RWHA1TBL3" are the same, the description is omitted.

替換結合體生成機構506c係如第52圖、第53圖所示,由對應於已提取之檔案識別子951「FID1」之發送用加密化附有WM檔案1371「DWCNT1」所含之發送用加密化附有WM單元1341、1342、1343、‧‧‧、1345中,選擇任一個發送用加密化單元。 As shown in FIG. 52 and FIG. 53, the replacement combined body generating means 506c is provided with the encryption for transmission included in the WM file 1371 "DWCNT1" corresponding to the transmission encryption corresponding to the extracted file identifier 951 "FID1". In the WM units 1341, 1342, 1343, ‧‧, and 1345, any one of the transmission encryption units is selected.

具體而言,替換結合體生成機構506c讀出選擇之檔案資訊所含之單元數「N1」,並生成「N1」以下之擬亂數t(在此,t=3)。其次,對應於已生成之擬亂數t(=3),選擇發送用加密化附有WM檔案「DWCNT1」之第3個發送用加密化附有WM單元1343「DWU1_3」。 Specifically, the replacement combining unit 506c reads out the number of cells "N1" included in the selected file information, and generates a pseudo-number t (here, t=3) of "N1" or less. Next, in response to the generated pseudo random number t (=3), the third transmission encryption with the WM file "DWCNT1" encrypted for transmission is selected and WM unit 1343 "DWU1_3" is attached.

其次,替換結合體生成機構506c由對應於已提取之檔案識別子951之附有WM第一散列表1271,提取對應於選擇之發送用加密化附有WM單元1343「DWU1_3」之標題金鑰旗標資訊「TKFI1_3」。其次,替換結合體生成機構506c判定已提取之標題金鑰旗標資訊「TKFI1_3」為「0」及「1」之任一者。 Next, the replacement combining unit 506c extracts the title key flag corresponding to the selected transmission encryption-attached WM unit 1343 "DWU1_3" from the attached WM first hash table 1271 corresponding to the extracted file identifier 951. Information "TKFI1_3". Next, the replacement combination generation unit 506c determines that the extracted title key flag information "TKFI1_3" is any one of "0" and "1".

標題金鑰旗標資訊「TKFI1_3」為「0」時,如第53圖所示,將發送用加密化附有WM單元1343輸出至解密化機構504,並由解密化機構504接受發送用加密化附有WM單元1343解密所得之解密結果。其次,替換結合體生成機構506c將已接受之解密結果作為散列對象單元「HU1_3」。 When the title key flag information "TKFI1_3" is "0", as shown in Fig. 53, the transmission encryption-attached WM unit 1343 is output to the decryption mechanism 504, and the decryption mechanism 504 receives the transmission encryption. The decrypted result obtained by decryption by the WM unit 1343 is attached. Next, the replacement combining unit 506c uses the accepted decrypted result as the hash target unit "HU1_3".

標題金鑰旗標資訊「TKFI1_3」為「1」時,係如第54 圖所示,替換結合體生成機構506c將發送用加密化附有WM單元1343本身作為散列對象單元「HU1_3」。 When the title key flag information "TKFI1_3" is "1", it is the 54th. As shown in the figure, the replacement combined body generating means 506c attaches the WM unit 1343 itself to the transmission encryption unit as the hash target unit "HU1_3".

其次,替換結合體生成機構506c將散列對象單元「HU1_3」代入散列函數,生成替換單元散列值「RUH3」。在此,替換結合體生成機構506c使用與內容簽章生成伺服器裝置101c之標頭資訊生成機構207使用之散列函數相同之散列函數。 Next, the replacement combining unit 506c substitutes the hash target unit "HU1_3" into the hash function to generate a replacement unit hash value "RUH3". Here, the replacement combined body generating means 506c uses the same hash function as the hash function used by the header information generating means 207 of the content signature generating server means 101c.

標題金鑰旗標資訊「TKFI1_3」為「0」時,替換結合體生成機構506c由附有WM第一散列表1271「WHA1TBL1」所含之m個附有WM單元散列資訊1281、1282、1283、‧‧‧、1285,將對應於與t=3一致之單元識別子「UID1_3」之單元散列值「UHA1_3」替換成已算出之替換單元散列值「RUH3」,並將之作為替換附有WM第一散列表1381「RWHA1TBL1」。 When the title key flag information "TKFI1_3" is "0", the replacement combination generating means 506c is provided with m pieces of WM unit hash information 1281, 1282, 1283 included in the WM first hash table 1271 "WHA1TBL1". , ‧ ‧ and 1285, replacing the unit hash value "UHA1_3" corresponding to the unit identifier "UID1_3" corresponding to t=3 with the calculated replacement unit hash value "RUH3", and attaching it as an alternative WM first hash table 1381 "RWHA1TBL1".

標題金鑰旗標資訊「TKFI1_3」為「1」時,替換結合體生成機構506c由媒體識別子取得機構510c隨著已接受之媒體識別子371,選擇單元散列值「UHA1_3」與附有WM單元散列值「WUHA1_3」之任一者。該選擇方法與使用發送伺服器裝置102c之加密化機構306c中之媒體識別子371之選擇方法相同。 When the title key flag information "TKFI1_3" is "1", the replacement combination generating means 506c selects the unit hash value "UHA1_3" and the attached WM unit by the media identification sub-acquisition unit 510c. Any of the column values "WUHA1_3". This selection method is the same as the selection method of the media identifier 371 in the encryption mechanism 306c using the transmission server device 102c.

本實施形態中,因應於對應於附有WM單元散列資訊「WUHI1_3」之媒體識別子內之位置之位元之值,選擇單元散列值及附有WM單元散列值之任一者。 In the present embodiment, any one of the cell hash value and the WM cell hash value is selected in accordance with the value of the bit corresponding to the position in the media identifier to which the WM cell hash information "WUHI1_3" is attached.

第54圖中,由於該位元之值為「1」,因此選擇附有 WM單元散列值「WUHA1_3」,並替換成算出之替換單元散列值「RUH3」。如此,將替換者作為替換附有WM第一散列表1381「RWHA1TBL1」。 In Figure 54, since the value of this bit is "1", the selection is attached. The WM unit hashes the value "WUHA1_3" and replaces it with the calculated replacement unit hash value "RUH3". In this way, the WM first hash table 1381 "RWHA1TBL1" is attached as a replacement.

替換結合體生成機構506c就其他選擇之檔案資訊「FI3」也重複與上述同樣的處理,並生成替換附有WM第一散列表1382「RWHA1TBL3」。 The replacement combined body generating means 506c repeats the same processing as described above for the other selected file information "FI3", and generates and replaces the WM first hash table 1382 "RWHA1TBL3".

(2)替換附有WM第二散列表1391之生成 (2) Replacement with the generation of WM second hash table 1391

在此,就替換附有WM第二散列表1391之生成流程使用第55圖加以說明。 Here, the generation flow for replacing the WM second hash table 1391 is described using FIG. 55.

替換結合體生成機構506c將已生成之替換附有WM第一散列表1381「RWHA1TBL1」代入散列函數,並生成替換檔案散列值1296a「RFH1」。又,將替換附有WM第一散列表1382「RHA1TBL3」代入散列函數,生成替換檔案散列值1297a「RFH3」。 The replacement combining unit 506c substitutes the generated replacement WM first hash table 1381 "RWHA1TBL1" into the hash function, and generates a replacement file hash value 1296a "RFH1". Further, the WM first hash table 1382 "RHA1TBL3" is substituted for the hash function, and the replacement file hash value 1297a "RFH3" is generated.

其次,替換結合體生成機構506c由附有WM標頭資訊1251,提取附有WM第二散列表1261「WHA2TBL」。 Next, the replacement combined body generating means 506c is attached with the WM header information 1251, and the WM second hash table 1261 "WHA2TBL" is extracted.

其次,在已提取之附有WM第二散列表1261「WHA2TBL」所含之c個之附有WM檔案散列資訊1266、1267、1268、‧‧‧、1269中,提取包含已選擇之檔案資訊所含之檔案識別子「FID1」、「FID3」之附有WM檔案散列資訊,並由已提取之附有WM檔案散列資訊,取出附有WM檔案散列值,並將已取出之附有WM檔案散列值分別替換成已生成之替換檔案散列值「RFH1」、「RFH3」。 Secondly, in the extracted WM file hash information 1266, 1267, 1268, ‧‧‧, 1269 included in the WM second hash table 1261 "WHA2TBL", the selected file information is extracted The file identifiers "FID1" and "FID3" are included with the WM file hash information, and the extracted WM file hash information is extracted, and the WM file hash value is taken out and attached. The WM file hash values are replaced with the generated replacement file hash values "RFH1" and "RFH3", respectively.

替換結合體生成機構506c係將替換後之附有WM第二散列 表1261作為替換附有WM第二散列表1391「RWHA2TBL」。 The replacement combined body generating mechanism 506c will be replaced with the WM second hash Table 1261 is accompanied by a WM second hash table 1391 "RWHA2TBL".

4.4.3簽章驗證機構507c 4.4.3 Signature Verification Organization 507c

簽章驗證機構507c由替換結合體生成機構506c接受單元選出資訊780、替換附有WM第二散列表1391及簽章資訊1300。 The signature verification unit 507c accepts the unit selection information 780 by the replacement combination generation unit 506c, and replaces the WM second hash table 1391 and the signature information 1300.

接受單元選出資訊780、替換附有WM第二散列表1391及簽章資訊1300時,簽章驗證機構507c由簽章驗證金鑰保存機構505讀出公開金鑰531「KPV」,並將已接受之替換附有WM第二散列表1391及單元選出資訊780以該順序結合而生成結合體552c,並藉由簽章驗證演算法V,使用已讀出之公開金鑰531,並使用已生成之結合體552c與簽章資訊1300,進行簽章資訊1300之驗證。 Upon receiving the unit selection information 780, replacing the WM second hash table 1391 and the signature information 1300, the signature verification unit 507c reads the public key 531 "KPV" by the signature verification key storage unit 505, and will accept The replacement WM second hash table 1391 and the unit selection information 780 are combined in this order to generate a combination 552c, and by using the signature verification algorithm V, the read public key 531 is used, and the generated one is used. The combination 552c and the signature information 1300 perform verification of the signature information 1300.

在此,關於簽章驗證演算法V係如上述,對應於簽章生成機構209c使用之簽章生成演算法S。 Here, the signature verification algorithm V is as described above, and corresponds to the signature creation algorithm S used by the signature generation unit 209c.

其次,簽章驗證機構507c將驗證結果541往再生可否判定機構508輸出。 Next, the signature verification unit 507c outputs the verification result 541 to the reproduction possibility determination unit 508.

4.5內容發送系統10c之動作 4.5 Action of Content Delivery System 10c

以下,分別就內容發送系統10c之動作中,內容簽章生成伺服器裝置101c生成中間內容資料集242c等,並將中間內容資料集242c等傳送至發送伺服器裝置102c之「內容簽章生成」之動作、與發送伺服器裝置102c生成發送用內容資料集351c等,並將發送用內容資料集351c等經由記錄用資訊處理裝置103a而儲存於資訊記錄媒體裝置105c之「內容發送」之動作、與再生用資訊處理裝置104c 由資訊記錄媒體裝置105c接收發送用內容資料集351c等而進行再生之「內容再生」之動作加以說明。 In the following, in the operation of the content distribution system 10c, the content signature generation server device 101c generates the intermediate content data set 242c and the like, and transmits the intermediate content data set 242c and the like to the "content signature generation" of the transmission server device 102c. The operation and the transmission server device 102c generate the transmission content data set 351c and the like, and the transmission content data set 351c and the like are stored in the "content transmission" of the information recording medium device 105c via the recording information processing device 103a. And regeneration information processing device 104c The operation of "content reproduction" in which the content data set 351c for transmission is received by the information recording medium device 105c and reproduced will be described.

(1)內容簽章生成之動作 (1) Action of content signature generation

關於內容簽章生成之動作,使用第57圖所示之順序圖加以說明。 The operation of generating the content signature is described using the sequence diagram shown in Fig. 57.

內容簽章生成伺服器裝置101c之單元生成機構204c生成分割內容721及單元選出資訊780,將分割內容721往數位浮水印嵌入機構210輸出,將單元選出資訊780往簽章生成機構209c輸出,並將單元選出資訊780往儲存機構202寫入(步驟S3001)。 The unit generation unit 204c of the content signature generation server device 101c generates the divided content 721 and the unit selection information 780, outputs the divided content 721 to the digital watermark embedding unit 210, and outputs the unit selection information 780 to the signature generation unit 209c. The unit selection information 780 is written to the storage unit 202 (step S3001).

數位浮水印嵌入機構210生成附有WM分割內容1100,將附有WM分割內容1100往加密化機構206c輸出(步驟S3002)。 The digital watermark embedding unit 210 generates the WM divided content 1100, and outputs the WM divided content 1100 to the encryption unit 206c (step S3002).

共通標題金鑰生成機構205生成共通標題金鑰241,並將共通標題金鑰241往加密化機構206c輸出,並將共通標題金鑰241往儲存機構202寫入(步驟S3003)。 The common title key generation unit 205 generates the common title key 241, outputs the common title key 241 to the encryption unit 206c, and writes the common title key 241 to the storage unit 202 (step S3003).

加密化機構206c生成加密化附有WM分割內容1231及加密化附有WM內容1201,將加密化附有WM分割內容1231往標頭資訊生成機構207c輸出,並將加密化附有WM內容1201往儲存機構202寫入(步驟S3004)。 The encryption unit 206c generates the encrypted WM divided content 1231 and the encrypted WM content 1201, and the encrypted WM divided content 1231 is output to the header information generating unit 207c, and the encrypted WM content 1201 is attached thereto. The storage unit 202 writes (step S3004).

標頭資訊生成機構207c生成附有WM標頭資訊1251,並將附有WM標頭資訊1251往儲存機構202寫入,並將附有WM標頭資訊1251所含之附有WM第二散列表1261往簽章生成機構209c輸出(步驟S3005)。 The header information generating unit 207c generates the WM header information 1251, and writes the WM header information 1251 to the storage unit 202, and attaches the WM header information 1251 to the WM second hash table. 1261 is output to the signature generation unit 209c (step S3005).

簽章生成機構209c生成簽章資訊1300,並將簽章資訊1300往儲存機構202寫入(步驟S3006)。 The signature generation unit 209c generates the signature information 1300, and writes the signature information 1300 to the storage unit 202 (step S3006).

機器間傳送機構203由儲存機構202讀出共通標題金鑰241及中間內容資料集242c,並將已讀出之共通標題金鑰241及中間內容資料集242c往發送伺服器裝置102c傳送(步驟S3007)。 The inter-machine transfer unit 203 reads the common title key 241 and the intermediate content data set 242c from the storage unit 202, and transmits the read common title key 241 and intermediate content data set 242c to the transmission server device 102c (step S3007). ).

發送伺服器裝置102c之機器間接收機構303由內容簽章生成伺服器裝置101c接收共通標題金鑰241及中間內容資料集242c(步驟S3007),儲存機構301記憶共通標題金鑰241及中間內容資料集242c(步驟S3008)。 The inter-machine receiving unit 303 of the transmitting server device 102c receives the common title key 241 and the intermediate content data set 242c by the content signature generating server device 101c (step S3007), and the storage unit 301 memorizes the common title key 241 and the intermediate content data. Set 242c (step S3008).

(2)內容發送之動作 (2) Action of content transmission

關於內容發送之動作使用第58圖所示之順序圖加以說明。 The operation of transmitting the content will be described using the sequence diagram shown in Fig. 58.

記錄用資訊處理裝置103a往發送伺服器裝置102c傳送發送要求資訊321,發送伺服器裝置102c之機器間接收機構303接收發送要求資訊321(步驟S3101)。 The recording information processing device 103a transmits the transmission request information 321 to the transmission server device 102c, and the inter-machine reception mechanism 303 of the transmission server device 102c receives the transmission request information 321 (step S3101).

其次,發送伺服器裝置102c之暗號通信路確立機構311與資訊記錄媒體裝置105c之暗號通信路確立機構607確立暗號通信路22(步驟S3102)。 Next, the secret communication path establishing unit 311 of the transmission server device 102c and the secret communication path establishing unit 607 of the information recording medium device 105c establish the secret communication path 22 (step S3102).

資訊記錄媒體裝置105b之機器間傳送機構601使用暗號通信路22,經由記錄用資訊處理裝置103a將媒體識別子371往發送伺服器裝置102c傳送,發送伺服器裝置102c之機器間接收機構303接收媒體識別子371(步驟S3103)。 The inter-machine transfer unit 601 of the information recording medium device 105b uses the secret communication path 22 to transmit the media identifier 371 to the transmission server device 102c via the recording information processing device 103a, and the device-to-machine receiving mechanism 303 of the transmission server device 102c receives the media identifier. 371 (step S3103).

發送伺服器裝置102c之個別標題金鑰生成機構305生 成個別標題金鑰381(步驟S3104)。 The individual title key generation mechanism 305 of the sending server device 102c is The individual title key 381 is entered (step S3104).

加密化機構306c使用個別標題金鑰381、加密化附有WM內容1201、附有WM標頭資訊1251及媒體識別子371生成發送用加密化附有WM內容1361(步驟S3105)。 The encryption unit 306c uses the individual title key 381, the encrypted WM content 1201, the attached WM header information 1251, and the media identifier 371 to generate the transmission encryption with the WM content 1361 (step S3105).

標題金鑰發送証明書生成機構312生成標題金鑰發送証明書1000(步驟S3106)。 The title key transmission certificate generation unit 312 generates a title key transmission certificate 1000 (step S3106).

機器間傳送機構302經由記錄用資訊處理裝置103a將發送用內容資料集351c與標題金鑰發送証明書1000往資訊記錄媒體裝置105b傳送,且資訊記錄媒體裝置105b之機器間接收機構602進行接收(步驟S3107),資訊記錄媒體裝置105b之內容儲存機構609記憶發送用內容資料集351c與標題金鑰發送証明書1000(步驟S3108)。 The inter-machine transmission unit 302 transmits the transmission content data set 351c and the title key transmission certificate 1000 to the information recording medium device 105b via the recording information processing device 103a, and the inter-machine reception mechanism 602 of the information recording medium device 105b receives ( In step S3107), the content storage means 609 of the information recording medium device 105b memorizes the transmission content data set 351c and the title key transmission certificate 1000 (step S3108).

發送伺服器裝置102c之機器間傳送機構302使用暗號通信路22,經由記錄用資訊處理裝置103a將個別標題金鑰381及共通標題金鑰241往資訊記錄媒體裝置105b傳送,且資訊記錄媒體裝置105b之機器間接收機構602進行接收(步驟S3109),資訊記錄媒體裝置105b之標題金鑰儲存機構608記憶個別標題金鑰381及共通標題金鑰241(步驟S3110)。 The inter-machine transfer unit 302 of the transmission server device 102c transmits the individual title key 381 and the common title key 241 to the information recording medium device 105b via the recording information processing device 103a using the secret communication path 22, and the information recording medium device 105b The inter-machine receiving unit 602 receives (step S3109), and the title key storage unit 608 of the information recording medium device 105b stores the individual title key 381 and the common title key 241 (step S3110).

(3)內容再生之動作 (3) The action of content regeneration

關於內容再生之動作使用第59圖所示之順序圖加以說明。 The operation of content reproduction will be described using the sequence diagram shown in Fig. 59.

再生用資訊處理裝置104c之媒體間傳送機構501往資訊記錄媒體裝置105b傳送傳送指示551,資訊記錄媒體裝 置105b之機器間接收機構602接收傳送指示551(步驟S3201)。 The inter-media transfer unit 501 of the reproduction information processing device 104c transmits a transfer instruction 551 to the information recording medium device 105b, and the information recording medium is loaded. The inter-machine receiving mechanism 602 of the setting 105b receives the transfer instruction 551 (step S3201).

資訊記錄媒體裝置105b之機器間傳送機構601往再生用資訊處理裝置104c傳送個別標題金鑰381、共通標題金鑰241、發送用內容資料集351c、標題金鑰發送証明書1000及媒體識別子371,再生用資訊處理裝置104c之媒體間接收機構502接收個別標題金鑰381、共通標題金鑰241、發送用內容資料集351c、標題金鑰發送証明書1000及媒體識別子371(步驟S3202)。 The inter-machine transfer unit 601 of the information recording medium device 105b transmits the individual title key 381, the common title key 241, the transmission content data set 351c, the title key transmission certificate 1000, and the media identifier 371 to the playback information processing device 104c. The medium-to-media receiving unit 502 of the reproduction information processing device 104c receives the individual title key 381, the common title key 241, the transmission content data set 351c, the title key transmission certificate 1000, and the media identifier 371 (step S3202).

再生用資訊處理裝置104c之媒體識別子取得機構510c取得媒體識別子371(步驟S3203)。 The media identifier acquisition unit 510c of the reproduction information processing device 104c acquires the media identifier 371 (step S3203).

標題金鑰發送証明書驗證機構512對標題金鑰發送証明書1000進行驗證(步驟S3204)。驗證之結果,若判定標題金鑰發送証明書為非法時(步驟S3204為「証明書非法」),則停止再生處理。 The title key transmission certificate verification unit 512 verifies the title key transmission certificate 1000 (step S3204). As a result of the verification, if it is determined that the title key transmission certificate is illegal (step S3204 is "Illegal certificate"), the reproduction processing is stopped.

若判定標題金鑰發送証明書為正確時(在步驟S3204「証明書為正確」),替換結合體生成機構506c生成替換附有WM第二散列表1391(步驟S3205),簽章驗證機構507c使用已生成之替換附有WM第二散列表1391、單元選出資訊980及簽章資訊1300進行簽章驗證,並因應於驗證結果,再生可否判定機構508判定再生可否(步驟S3206)。簽章驗證之結果,若判定為驗證失敗時(在步驟S3206為「驗證失敗」),則停止再生處理。若判定為驗證成功時(在步驟S3206為「驗證成功」),標題金鑰取得機構503取得標題 金鑰,解密化機構504使用已取得之標題金鑰,將發送用加密化附有WM內容解密(步驟S3207)。再生用資訊處理裝置104c之再生機構509將解密所得之解密內容再生(步驟S3208)。 If it is determined that the title key transmission certificate is correct ("the certificate is correct" in step S3204), the replacement combination generating means 506c generates a replacement attached WM second hash table 1391 (step S3205), and the signature verification means 507c uses The generated replacement is accompanied by the WM second hash table 1391, the unit selection information 980, and the signature information 1300 for signature verification, and in response to the verification result, the reproduction possibility determination unit 508 determines whether or not the reproduction is possible (step S3206). As a result of the signature verification, if it is determined that the verification has failed ("verification failure" in step S3206), the regeneration processing is stopped. If it is determined that the verification is successful ("verification succeeded" in step S3206), the title key obtaining means 503 obtains the title. The key decryption unit 504 decrypts the transmission encrypted content with the WM content using the acquired title key (step S3207). The reproduction unit 509 of the reproduction information processing device 104c reproduces the decrypted content obtained by the decryption (step S3208).

4.6其他變形例 4.6 Other variants

再生用資訊處理裝置104c亦可包含選擇機構、數位浮水印判斷機構及媒體識別子生成機構。 The reproduction information processing device 104c may include a selection mechanism, a digital watermark determination unit, and a media identification generation unit.

選擇機構係在加密化內容內中,選擇特定位置之第一加密化單元。 The selection mechanism is within the encrypted content and selects the first encryption unit at a particular location.

解密化機構504將業經選擇之前述第一加密化單元解密後生成明文單元。 The decryption unit 504 decrypts the selected first encryption unit to generate a plaintext unit.

數位浮水印判斷機構判斷業已生成之前述明文單元是否嵌入有1種數位浮水印,並輸出判斷結果。判斷結果為數位浮水印是否已嵌入,因此可為「0」或「1」。 The digital watermark judging unit judges whether or not the aforementioned plaintext unit has been embedded with one type of digital watermark, and outputs the judgment result. The result of the judgment is whether the digital watermark is embedded or not, so it can be "0" or "1".

媒體識別子生成機構在對應於前述特定位置之前述媒體識別子內之位元位置中,將根據前述判斷結果之內容、也就是將「0」或「1」作為構成該媒體識別子之前述位元資訊而生成。 The media identifier generating unit, in the bit position in the media identifier corresponding to the specific location, uses the content of the determination result, that is, "0" or "1" as the bit information constituting the media identifier. generate.

如此,可生成媒體識別子內之位元資訊,可限制媒體識別子。如此,當內容已經被暴露時,可將位元資訊做成特定洩漏來源之資訊記錄媒體裝置之線索。 In this way, the bit information in the media identifier can be generated, and the media identifier can be restricted. Thus, when the content has been exposed, the bit information can be made a clue to the information recording media device of the particular leak source.

關於構成媒體識別子之全部的位元資訊,若如上述所構成,則可將媒體識別子之全體復元。 When the bit information constituting all of the media identifiers is configured as described above, the entire media identifier can be restored.

4.7內容發送系統10c之效果 4.7 Effect of Content Delivery System 10c

(1)內容發送系統10c中,與內容發送系統10a及10b同樣使用了個別標題金鑰381及共通標題金鑰241之兩方。就成為使用了共通標題金鑰241之加密化之對象的單元,係對加密化單元生成單元散列值。另一方面,就成為使用了個別標題金鑰381之加密化的單元,係對明文單元生成單元散列值。如此,在一個內容內,混合有使用個別標題金鑰381加密化之單元、與使用共通標題金鑰241加密化之單元之處,藉此即使僅將使用個別標題金鑰381之部分取代,也可如上述,雖然不停止再生,但難以再生內容。 (1) The content transmission system 10c uses both the individual title key 381 and the common title key 241 in the same manner as the content distribution systems 10a and 10b. It is a unit that uses the encrypted object of the common title key 241, and generates a unit hash value for the encryption unit. On the other hand, it becomes a unit that uses the encryption of the individual title key 381, and hashes the value to the plaintext unit generation unit. Thus, in one content, a unit encrypted with the individual title key 381 and a unit encrypted by using the common title key 241 are mixed, whereby even if only the portion using the individual title key 381 is replaced, As described above, although the reproduction is not stopped, it is difficult to reproduce the content.

(2)又,內容發送系統10c與內容發送系統10b同樣,即使萬一因為攻撃者而可直接將標題金鑰或發送用內容資料集直接寫入其他資訊記錄媒體時,可藉再生用資訊處理裝置對標題金鑰發送証明書進行驗證,而具有可停止記錄於非法資訊記錄媒體之內容的再生之效果。 (2) Further, the content distribution system 10c can directly process the title key or the content data set for transmission into another information recording medium in the same manner as the content transmission system 10b. The device verifies the title key transmission certificate and has the effect of resuming the content recorded on the illegal information recording medium.

(3)進一步,內容發送系統10c中,係對使用共通標題金鑰241而加密化之單元,依存於媒體識別子,嵌入數位浮水印。藉此,當明文內容被攻撃者暴露時,可由被暴露之內容取得識別洩漏來源之資訊記錄媒體裝置之媒體識別子。如此,可藉使用已取得之媒體識別子,發送伺服器裝置確認資訊記錄媒體裝置之媒體識別子,藉此可停止將內容往以下的洩漏來源之資訊記錄媒體發送,可防止災害更為擴大。 (3) Further, in the content distribution system 10c, a unit that encrypts using the common title key 241 is embedded in the digital watermark depending on the media identifier. Thereby, when the plaintext content is exposed by the attacker, the media identifier of the information recording media device that identifies the source of the leak can be obtained from the exposed content. In this way, by using the obtained media identifier, the transmission server device can confirm the media identifier of the information recording medium device, thereby stopping the transmission of the content to the information recording medium of the following leakage source, thereby preventing the disaster from being further enlarged.

5.其他變形例 5. Other variants

再者,係根據上述各實施形態說明本發明,但本發明當然不受限於上述各實施形態。如下之型態也包含於本發明。 Furthermore, the present invention has been described based on the above embodiments, but the present invention is of course not limited to the above embodiments. The following forms are also included in the present invention.

(1)內容發送系統10a、10b及10c中,各發送伺服器裝置不使用暗號通信路22,而是透過記錄用資訊處理裝置,將發送用內容資料集往資訊記錄媒體裝置傳送(步驟S1106、步驟S2007、步驟S3107)。可是,不受此限。 (1) In the content transmission systems 10a, 10b, and 10c, each of the transmission server devices transmits the content data for transmission to the information recording medium device via the recording information processing device without using the secret communication channel 22 (step S1106, Step S2007, step S3107). However, it is not subject to this limitation.

各內容發送系統之各發送伺服器裝置亦可使用暗號通信路22,將發送用內容資料集往各資訊記錄媒體裝置傳送。 Each of the transmission server devices of each content transmission system can also transmit the content data for transmission to each information recording medium device using the secret communication path 22.

此種情況下,各記錄用資訊處理裝置在未將發送用內容資料集解密化而被加密化之狀態下,傳送到各資訊記錄媒體裝置,各資訊記錄媒體裝置使用暗號通信路22進行接收。 In this case, each of the information processing apparatuses for recording is transmitted to each information recording medium device in a state where the content data set for transmission is not decrypted and encrypted, and each information recording medium device receives the data using the secret communication path 22.

又,步驟S2007及步驟S3107中,標題金鑰發送証明書也同樣可使用暗號通信路22進行傳送。 Further, in step S2007 and step S3107, the title key transmission certificate can also be transmitted using the secret communication path 22.

(2)內容發送系統10a、10b及10c中,再生內容時,可不使用暗號通信路,由各資訊記錄媒體裝置往各再生用資訊處理裝置傳送發送用內容資料集、個別標題金鑰381及共通標題金鑰241等之資料。可是,不受此限。 (2) In the content distribution systems 10a, 10b, and 10c, when the content is reproduced, the information recording medium device transmits the transmission content data set, the individual title key 381, and the common information to each of the reproduction information processing apparatuses without using the secret communication path. Title key 241 and other information. However, it is not subject to this limitation.

各資訊記錄媒體裝置與各再生用資訊處理裝置之間,亦可確立暗號通信路,並在確立暗號通信路後,使用已確立之暗號通信路,傳送發送用內容資料集、個別標題金鑰381及共通標題金鑰241等之資料。 The information recording medium device and each of the reproduction information processing devices may establish a secret communication path, and after establishing the secret communication path, use the established secret communication path to transmit the transmission content data set and the individual title key 381. And the information of the common title key 241 and the like.

此時,亦可使用暗號通信路傳送例如個別標題金鑰381 及共通標題金鑰241。又,亦可使用暗號通信路傳送全部的資料(個別標題金鑰381、共通標題金鑰241、發送用內容資料集)。 At this time, it is also possible to transmit, for example, an individual title key 381 using a secret communication path. And a common title key 241. Further, all the data (the individual title key 381, the common title key 241, and the content data set for transmission) can be transmitted using the secret communication path.

此時,再生用資訊處理裝置也具有運用主體公開金鑰保存機構、公開金鑰証明書保存機構及暗號通信路確立機構。又,再生用資訊處理裝置之公開金鑰証明書保存機構保存由系統之運用主體具有之認證局裝置所發行之針對再生用資訊處理裝置之公開金鑰証明書。 At this time, the information processing apparatus for reproduction also has a main body public key storage means, a public key certificate storage means, and a secret communication path establishing means. Further, the public key certificate storage unit of the information processing device for reproduction stores a public key certificate for the information processing device for reproduction issued by the certification authority device of the operating body of the system.

(3)內容發送系統10a、10b及10c中,各內容簽章生成伺服器裝置生成了內容之簽章資訊,但不受此限。 (3) In the content distribution systems 10a, 10b, and 10c, each content signature generation server device generates signature information of the content, but is not limited thereto.

各發送伺服器裝置亦可生成簽章資訊。此時,各發送伺服器裝置亦可在內容之發送前預先生成簽章資訊。 Each sending server device can also generate signature information. At this time, each transmission server device may also generate signature information in advance before the content is transmitted.

內容發送系統10b及10c中,當各發送伺服器裝置生成簽章資訊時,不僅第二散列表(內容發送系統10c中為附有WM第二散列表)與單元選出資訊,並將第二散列表(內容發送系統10c中附有WM第二散列表)、單元選出資訊、個別標題金鑰381、共通標題金鑰241及媒體識別子結合而生成結合體,並對已生成之結合體,施行簽章生成演算法S,生成簽章資訊。此種情況下,不需要標題金鑰發送証明書,若驗證簽章資訊,則可驗證個別標題金鑰381及共通標題金鑰241確實朝對應於結合體所含之媒體識別子之資訊記錄媒體裝置發送。 In the content transmission systems 10b and 10c, when each of the transmission server devices generates the signature information, not only the second hash table (the WM second hash table is attached to the content transmission system 10c) but also the unit selects the information, and the second is scattered. The list (the WM second hash table is attached to the content transmission system 10c), the unit selection information, the individual title key 381, the common title key 241, and the media identifier are combined to generate a combination, and the combined combination is executed. The chapter generates an algorithm S to generate signature information. In this case, the title key transmission certificate is not required, and if the signature information is verified, it is possible to verify that the individual title key 381 and the common title key 241 are indeed directed to the information recording medium device corresponding to the media identifier included in the combination. send.

(4)內容發送系統10a、10b及10c中,個別標題金鑰381係隨意生成,且使媒體識別子371及個別標題金鑰381 成對,儲存於各發送伺服器裝置之標題金鑰資料庫儲存機構。藉此,萬一個別標題金鑰381洩漏時,藉由標題金鑰資料庫儲存機構,讀出對應於已洩漏之個別標題金鑰381之媒體識別子371,可特定由已讀出之媒體識別子371所識別之資訊記錄媒體裝置。如此,成為業經特定之資訊記錄媒體裝置洩漏之個別標題金鑰之出處。但不受此限。 (4) In the content delivery systems 10a, 10b, and 10c, the individual title key 381 is randomly generated, and the media identification sub-371 and the individual title key 381 are made. Paired, stored in the header key database storage mechanism of each sending server device. Thereby, when the one-title key 381 is leaked, the media identifier 371 corresponding to the leaked individual title key 381 is read by the title key database storage means, and the media identifier 371 that has been read can be specified. The identified information recording media device. In this way, it becomes the source of the individual title key leaked by the specific information recording media device. But not limited to this.

亦可於個別標題金鑰嵌入媒體識別子371,於後可復元地取代往標題金鑰資料庫儲存機構之媒體識別子371及個別標題金鑰381之記憶。藉此,各發送伺服器裝置中,可不要標題金鑰資料庫儲存機構。 The media identifier 371 can also be embedded in the individual title key, and the memory of the media identifier 371 and the individual title key 381 of the title key database storage mechanism can be replaced later. Thereby, in each of the transmission server devices, the title key database storage means is not required.

在此,說明往個別標題金鑰嵌入媒體識別子。 Here, it is explained that the media identifier is embedded in the individual title key.

內容發送系統10a、10b及10c之各發送伺服器裝置生成用以生成個別標題金鑰之金鑰TGK(稱為標題金鑰生成金鑰),並保存標題金鑰生成金鑰TGK。 Each of the transmission server devices of the content transmission systems 10a, 10b, and 10c generates a key TGK (referred to as a title key generation key) for generating an individual title key, and stores the title key generation key TGK.

在此,令媒體識別子(371)CID為64位元寬,並令亂數R為64位元寬。 Here, the media identifier (371) CID is 64 bits wide, and the random number R is 64 bits wide.

各發送伺服器裝置之個別標題金鑰生成機構生成亂數R,並依該順序結合媒體識別子(371)CID與亂數R,生成結合體。 The individual title key generation means of each transmission server device generates a random number R, and combines the media identifier (371) CID and the random number R in this order to generate a combination.

結合體=CID||R Combination = CID||R

在此,A||B表示以該順序將資料A與資料B進行位元連結而得之結合體。 Here, A||B indicates a combination in which the data A and the data B are bit-connected in this order.

其次,各發送伺服器裝置之個別標題金鑰生成機構使用標題金鑰生成金鑰TKG,對結合體施行加密演算法 Enc,令已生成之加密化結合體為個別標題金鑰。 Second, the individual title key generation mechanism of each transmitting server device uses the title key to generate the key TKG, and performs an encryption algorithm on the combined body. Enc, so that the generated encryption combination is an individual title key.

個別標題金鑰=Enc(TKG,CID||R) Individual title key = Enc (TKG, CID||R)

在此,加密演算法Enc為秘密金鑰暗號方式之加密演算法。其中一例係加密演算法Enc為AES。 Here, the encryption algorithm Enc is an encryption algorithm of the secret key secret mode. One of them is the encryption algorithm Enc for AES.

萬一,如此生成之個別標題金鑰暴露時,可使用標題金鑰生成金鑰TKG,將個別標題金鑰解密,藉此生成CID||R,得到可專門識別洩漏來源之資訊記錄媒體裝置之媒體識別子CID。 In case, if the generated individual title key is exposed, the title key generation key TKG can be used to decrypt the individual title key, thereby generating CID||R, and obtaining an information recording medium device capable of specifically identifying the source of the leak. Media identification sub CID.

再者,若媒體識別子371比64位元寬還長時,亦可將媒體識別子371之一部份與亂數R之結合體使用標題金鑰生成金鑰TKG進行加密化,生成個別標題金鑰。 Furthermore, if the media identifier 371 is longer than the 64-bit width, the combination of one of the media identifiers 371 and the random number R may be encrypted using the title key generation key TKG to generate an individual title key. .

此種情況可僅判明媒體識別子之一部份,但根據已判明之媒體識別子之一部份的資訊,可限制洩漏來源之資訊記錄媒體裝置。 In this case, only one part of the media identifier can be identified, but based on the information of one of the identified media identifiers, the information recording media device of the source of the leak can be restricted.

又,上述中,令媒體識別子371為64位元寬,令亂數為64位元寬,結合體為128位元寬。但不受此限。亦可如媒體識別子371之位元寬與亂數之位元寬合計為128,來設定媒體識別子371之位元寬與亂數之位元寬。 Further, in the above, the media identifier 371 is 64-bit wide, the random number is 64-bit wide, and the combined body is 128-bit wide. But not limited to this. Alternatively, the bit width of the media identifier 371 and the bit width of the random number may be 128, and the bit width of the media identifier 371 and the bit width of the random number may be set.

又,使用之加密演算法Enc之金鑰長為128位元以外時,只要設定成媒體識別子之位元寬與亂數之位元寬合計在該金鑰長以下即可。 Further, when the key length of the encryption algorithm Enc used is 128 bits or more, the bit width of the media identifier and the bit width of the random number may be set to be equal to or less than the length of the key.

又,亦可令個別標題金鑰=CID||R。 Also, individual title keys = CID||R.

又,亦可為個別標題金鑰=Hash(CID||R)。在此,Hash(A)係對資料A施行散列而得之散列值。 Also, it can be an individual title key = Hash (CID||R). Here, Hash (A) is a hash value obtained by hashing the data A.

(5)內容發送系統10a、10b及10c中,生成替換結合體(替換第二散列表及替換附有WM第二散列表),並使用已生成之替換結合體進行簽章資訊之驗證。可是不受此限。 (5) In the content transmitting systems 10a, 10b, and 10c, a replacement combination (replacement of the second hash table and replacement of the WM second hash table) is generated, and the signature combination information is verified using the generated replacement combination. However, this is not the limit.

各再生用資訊處理裝置之簽章驗證機構亦可生成未被替換之第二散列表「HA2TBL」(內容發送系統10c中,為附有WM第二散列表「WHA2TBL」)與單元選出資訊結合之結合體,並將已生成之結合體為對象資料,對簽章資訊進行驗證。 The signature verification unit of each of the reproduction information processing apparatuses may generate a second hash table "HA2TBL" that is not replaced (the WM second hash table "WHA2TBL" in the content transmission system 10c) is combined with the unit selection information. Combine the body and use the generated combination as the object data to verify the signature information.

簽章驗證之結果若簽章資訊之驗證失敗,再生可否判定機構可停止再生處理,並指示再生機構,再生機構會停止再生處理。 As a result of the signature verification, if the verification of the signature information fails, the regeneration possibility determination means can stop the regeneration process, and instruct the regeneration mechanism that the regeneration mechanism stops the regeneration process.

若簽章資訊之驗證成功,則對選擇之k個發送用加密化單元(內容發送系統10c中為發送用加密化附有WM單元),將替換單元散列值與單元散列值(內容發送系統10c中為單元散列值或附有WM單元散列值)作比較。比較之結果,若對於k個發送用加密化單元之替換單元散列值與單元散列值之任一者不一致時,再生可否判定機構可停止再生處理,並指示再生機構,再生機構則停止再生處理。若對於k個發送用加密化單元之替換單元散列值與單元散列值全部一致時,再生可否判定機構可進行再生處理,並指示再生機構,再生機構進行再生處理。 If the verification of the signature information is successful, the k-transmission encryption unit is selected (the WM unit is attached to the transmission encryption system 10c for transmission), and the replacement unit hash value and the unit hash value are transmitted (content transmission) The system 10c is a unit hash value or a WM unit hash value for comparison. As a result of the comparison, if the replacement unit hash value and the cell hash value of the k transmission encryption units do not match, the reproduction possibility determination means can stop the reproduction processing, instruct the reproduction mechanism, and the reproduction mechanism stops the reproduction. deal with. When the replacement unit hash value and the cell hash value of all the k transmission encryption units match, the reproduction possibility determination means can perform the reproduction processing, and instruct the reproduction means to perform the reproduction processing.

(6)內容發送系統10a、10b及10c中,在確立暗號通信路22時,僅一台發送伺服器裝置可於資訊記錄媒體裝置寫入標題金鑰,資訊記錄媒體裝置對發送伺服器裝置進行認 證。可是不受此限。 (6) In the content transmission systems 10a, 10b, and 10c, when the secret communication path 22 is established, only one transmission server device can write the title key to the information recording medium device, and the information recording medium device performs the transmission server device. recognize certificate. However, this is not the limit.

亦可系統之運用主體具有之認證局裝置預先將公開金鑰証明書分配於可寫入之複數發送伺服器裝置,使複數發送伺服器裝置可於資訊記錄媒體裝置寫入標題金鑰。亦可使用該公開金鑰証明書,對發送伺服器裝置進行認證。 Alternatively, the certificate authority device of the system may assign the public key certificate to the writable complex transmission server device in advance, so that the plurality of transmission server devices can write the title key to the information recording medium device. The public key certificate can also be used to authenticate the transmitting server device.

又,資訊記錄媒體裝置中,亦可依複數之發送伺服器裝置先設置各發送伺服器裝置專用之記憶體區域,系統之運用主體具有之認證局裝置分配公開金鑰証明書,而可對各個記憶體區域寫入對應之發送伺服器裝置。此種情況下,於公開金鑰証明書附加可專門識別寫入之記憶體區域之記憶體區域識別子,公開金鑰証明書內之簽章之對象資料中亦先含有該記憶體區域識別子。資訊記錄媒體裝置也包含專門識別記憶體區域之記憶體區域識別子,對公開金鑰証明書進行驗證,藉此判定是否許可對寫入對象之記憶體區域寫入。 Further, in the information recording medium device, the memory device area dedicated to each of the transmission server devices may be set in advance by the plurality of transmission server devices, and the certification authority device of the system application body may allocate the public key certificate, and may The memory area is written to the corresponding transmit server device. In this case, the memory area identifier that uniquely identifies the written memory area is attached to the public key certificate, and the memory area identifier is also included in the object data of the signature in the public key certificate. The information recording medium device also includes a memory area identifier that specifically identifies the memory area, and verifies the public key certificate, thereby determining whether or not writing to the memory area of the write target is permitted.

(7)內容發送系統10a、10b及10c中,不將各單元資訊之標題金鑰旗標資訊依存於發送對象之各資訊記錄媒體裝置,而是決定了各內容簽章生成伺服器裝置。但不受此限。 (7) The content transmission systems 10a, 10b, and 10c determine the respective content signature generation server devices without depending on the title key flag information of each unit information in each of the information recording medium devices to be transmitted. But not limited to this.

亦可在對各資訊記錄媒體裝置發送內容時,各發送伺服器裝置對應於專門識別各資訊記錄媒體裝置之媒體識別子,決定標題金鑰旗標資訊。 Alternatively, when transmitting content to each information recording medium device, each of the transmission server devices determines the title key flag information corresponding to the media identifier that specifically identifies each information recording medium device.

此時之各內容簽章生成伺服器裝置係預先就全部的單元,生成於該單元嵌入有數位浮水印之單元,並由嵌入有數位浮水印之單元生成單元散列值。又,內容簽章生成伺 服器裝置不生成標題金鑰旗標資訊。因此,藉內容簽章生成伺服器裝置使標題金鑰旗標資訊不包含於簽章之對象資料。發送伺服器裝置生成簽章。 At this time, each content signature signature generation server device is a unit in which a digital watermark is embedded in the unit, and a cell hash value is generated by the unit in which the digital watermark is embedded. Also, content signature generation The server device does not generate the title key flag information. Therefore, the content signature generation server device causes the title key flag information not to be included in the object data of the signature. The sending server device generates a signature.

(8)內容發送系統10c中,係對使用共通標題金鑰241之加密化之對象的單元,使用媒體識別子選擇業經加密化之單元(該單元為嵌入有數位浮水印)、與業經加密化之附有WM單元之任一者。藉此,當明文內容暴露時,使用嵌入於各單元之數位浮水印,提取媒體識別子,可特定洩漏來源之資訊記錄媒體裝置。但不受此限。 (8) In the content transmission system 10c, a unit that encrypts the common title key 241 is used, and a unit that encrypts is selected using a media identifier (the unit is embedded with a digital watermark), and the encryption is performed. Attached to any of the WM units. Thereby, when the plaintext content is exposed, the digital recording watermark embedded in each unit is used to extract the media identifier, and the information recording medium device of the leak source can be specified. But not limited to this.

亦可先準備複數種各單元嵌入作為數位浮水印之資料(WM)。例如、先準備15種之WM。若是在各個單元嵌入15種WM的話,也可配合未嵌入WM之單元,生成16種之單元。如此,可使16種之單元,對應媒體識別子中之4位元之部分資訊。 It is also possible to prepare a plurality of units to be embedded as digital watermark data (WM). For example, prepare 15 kinds of WM first. If 15 WMs are embedded in each unit, 16 units can be generated in conjunction with units that are not embedded in WM. In this way, 16 units can be made to correspond to part of the 4 bits of the media identifier.

內容簽章生成伺服器裝置101c之數位浮水印嵌入機構210係如上述,就1個單元生成16個之單元。16個單元中,1個單元為未嵌入有WM之單元。剩餘的15個單元則為分別嵌入有15種WM之附有WM單元。 The digital watermark embedding mechanism 210 of the content signature generation server device 101c generates 16 units in one unit as described above. Of the 16 units, one unit is a unit in which WM is not embedded. The remaining 15 units are WM units with 15 WMs embedded in them.

如此,數位浮水印嵌入機構210生成包含1個單元及15個附有WM單元之附有WM單元資訊。又,生成包含複數之附有WM單元資訊之附有WM分割檔案,並生成包含複數之附有WM分割檔案之附有WM分割內容。 Thus, the digital watermark embedding mechanism 210 generates WM unit information including one unit and 15 WM units. Further, a WM split file including a plurality of WM unit information is generated, and a WM split content including a plurality of WM split files is generated.

加密化機構206c係將附有WM單元資訊所含之16個單元加密化,生成16個加密化單元。將該16個加密化單 元稱為組單元。又,加密化機構206c生成包含複數之組單元之加密化附有WM檔案,並生成包含複數之加密化附有WM檔案之加密化附有WM內容。 The encryption unit 206c encrypts 16 units included in the WM unit information to generate 16 encryption units. The 16 encryption sheets The element is called a group unit. Further, the encryption unit 206c generates an encryption-attached WM file including a plurality of group units, and generates an encrypted-enclosed WM content including a plurality of encrypted WM files.

換言之,加密化機構206c生成如以下說明之加密化附有WM內容。加密化附有WM內容包含複數之加密化附有WM檔案。各加密化附有WM檔案包含複數之組單元。各組單元包含16個之加密化單元。在此,16個之加密化單元中,1個加密化單元為未嵌入有WM之單元業經加密化者。剩餘之15個加密化單元係分別為嵌入有15種WM之附有WM單元業經加密化者。 In other words, the encryption unit 206c generates the encrypted WM content as explained below. Encryption with WM content containing multiple encryptions with WM files. Each encryption is accompanied by a WM file containing a plurality of group elements. Each group of cells contains 16 encryption units. Here, among the 16 encryption units, one encryption unit is a unit that is not embedded with a WM. The remaining 15 encryption units are respectively encrypted with the WM unit embedded with 15 WMs.

發送伺服器裝置102c之加密化機構306c因應於在已取得之媒體識別子中之由4位元之部分資訊所示之值,由組單元所含之16個加密化單元選擇1個加密化單元。具體而言,若由4位元之部分資訊所示之值為「1」,則選擇16個加密化單元中,配置於第1個之加密化單元。若該值為「2」,則選擇配置於第2個之加密化單元。若該值為「3」,則選擇配置於第3個之加密化單元。 The encryption unit 306c of the transmission server device 102c selects one encryption unit from the 16 encryption units included in the group unit in response to the value indicated by the 4-bit partial information in the acquired media identifier. Specifically, when the value indicated by the partial information of the 4-bit is "1", the 16 encryption units are selected and placed in the first encryption unit. If the value is "2", the second encryption unit is selected. If the value is "3", the encryption unit that is placed in the third is selected.

加密化機構306c將如此選擇出之加密化單元包含於發送用加密化附有WM檔案。 The encryption unit 306c includes the encryption unit thus selected in the encryption for transmission with the WM file.

如此,藉對應於媒體識別子之4位元之部分資訊,選擇嵌入有16種之WM(包含15種之WM、與未嵌入WM者)之單元,藉此在內容之明文資料暴露時,由明文單元提取WM,並且判定已提取之WM為16種之哪一種,藉由判定結果,得到4位元之資訊。如此,可藉由所得到之4位元 之資訊,限制洩漏來源之資訊記錄媒體裝置而特定。 In this way, by means of a part of the information corresponding to the 4-bit media identifier, 16 units of WM (including 15 WMs and unembedded WMs) are selected, thereby clearing the plaintext of the content when the plaintext is exposed. The unit extracts the WM, and determines which of the 16 types of WM has been extracted, and obtains information of 4 bits by the result of the determination. So, by the 4 bits obtained The information is specific to the information recording media device that limits the source of the leak.

上述中,係使16種WM對應於媒體識別子之4位元之部分資訊,但亦可使64種之WM對應於媒體識別子之6位元之部分資訊。 In the above, 16 kinds of WMs are corresponding to part of the 4-bit information of the media identifier, but 64 types of WMs may be corresponding to part of the 6-bit information of the media identifier.

又,只要是對應於數位浮水印之種類而將媒體識別子分配之方法,亦可使用任何方法。 Further, any method may be used as long as it is a method of allocating media identifiers corresponding to the type of digital watermark.

又,上述中,係包含未嵌入數位浮水印之單元而準備16種之WM,但亦可準備16種之WM,且於全部之單元嵌入WM。 Further, in the above description, 16 types of WMs are prepared by including units in which digital watermarks are not embedded, but 16 types of WMs may be prepared, and WMs may be embedded in all of the units.

又,上述例中,如16或64,準備了2的乘冪之種類之WM,但WM之種類之數亦可為2的乘冪以外。 Further, in the above example, as for 16 or 64, WM of the type of power of 2 is prepared, but the number of types of WM may be other than the power of 2.

上述之情況中,亦可藉內容簽章生成伺服器裝置,於前述第一加密化之對象之各明文單元嵌入1種或複數種之數位浮水印,藉此重新生成嵌入有前述數位浮水印之1個或複數個嵌入單元之組,進一步,對所生成之1個或複數個嵌入單元之組施行前述第一加密化,生成1個或複數個第一加密化嵌入單元之組,並進而生成包含所生成之1個或複數個前述第一加密化嵌入單元之組之中間加密化內容。 In the above case, the server device may be generated by the content signature, and one or a plurality of digital watermarks are embedded in each plaintext unit of the first encrypted object, thereby regenerating the digital watermark embedded in the digital watermark. a group of one or a plurality of embedded units, and further performing the first encryption on the generated one or a plurality of embedded units, generating one or a plurality of first encrypted embedded units, and further generating Intermediate encrypted content including a set of one or more of the aforementioned first encrypted embedded units.

構成媒體識別子之部分資訊之該媒體識別子內的位置、與前述中間加密化內容所含之前述第一加密化單元及1個或複數個之前述第一加密化嵌入單元之組之前述中間加密化內容內之位置係相對應。 The intermediate encryption of the location in the media identifier that constitutes part of the information of the media identifier, the first encryption unit included in the intermediate encrypted content, and one or a plurality of the first encryption embedding units The location within the content corresponds.

藉由內容簽章生成伺服器裝置,選擇對應於前述部分 資訊之該媒體識別子內之位置之前述中間加密化內容內之位置之前述第一加密化單元及1個或複數個前述第一加密化嵌入單元之組,並使用前述部分資訊之內容,由第一加密化單元及1個或複數個之前述第一加密化嵌入單元之組選擇任一單元,生成包含已選擇之單元作為前述第一加密化單元之加密化內容。 The server device is generated by the content signature, and the selection corresponds to the aforementioned part. a group of the first encryption unit and one or a plurality of the first encryption embedding units at positions in the intermediate encrypted content at the location in the media identifier, and using the content of the partial information, An encryption unit and one or a plurality of the first encryption embedding unit groups are selected to select any one of the units, and the encrypted content including the selected unit as the first encryption unit is generated.

再生用資訊處理裝置包含在前述加密化內容內中選擇特定位置之前述第一加密化單元之選擇機構。 The information processing device for reproduction includes a selection mechanism of the first encryption unit that selects a specific position among the encrypted contents.

再生用資訊處理裝置之解密化機構進一步將業經選擇之前述第一加密化單元解密後生成明文單元。 The decryption mechanism of the information processing device for reproduction further decrypts the selected first encryption unit to generate a plaintext unit.

再生用資訊處理裝置進一步包含數位浮水印判斷機構與媒體識別子生成機構,數位浮水印判斷機構係判斷是否於所生成之前述明文單元嵌入有1種或複數種之前述數位浮水印之任一者,並將判斷結果輸出者,媒體識別子生成機構係將對應於前述特定位置之前述媒體識別子內之位置中,根據前述判斷結果之內容作為構成該媒體識別子之前述部分資訊而生成。 The information processing device for reproduction further includes a digital watermark determining unit and a media identifier generating unit, and the digital watermark determining unit determines whether one of the plurality of types of digital watermarks is embedded in the generated plaintext unit. And the judgment result outputter, the media identifier generation means generates the position in the media identifier corresponding to the specific position, and the content of the determination result is generated as the partial information constituting the media identifier.

在此,若是包含未嵌入數位浮水印之情況,合計嵌入16種之數位浮水印,則上述之判斷結果則如16。以2進數表現時,判斷結果為「0000」、「0001」、「0010」、「0011」、‧‧‧、「1111」之任一者。 Here, if a digital watermark of 16 types is embedded in a case where the digital watermark is not embedded, the above-described determination result is 16 as described above. When the performance is 2 digits, the judgment result is any of "0000", "0001", "0010", "0011", ‧‧", and "1111".

因此,媒體識別子生成機構生成構成媒體識別子之4位元之部分資訊。 Therefore, the media identification sub-generating means generates part of the information constituting the 4-bit of the media identifier.

如此,可生成構成媒體識別子之部分資訊,並可限制 媒體識別子。藉此,在內容暴露時,可將部分資訊作為特定洩漏來源之資訊記錄媒體裝置之線索。 In this way, part of the information constituting the media identifier can be generated and can be limited Media identifier. Thereby, when the content is exposed, part of the information can be used as a clue of the information recording media device of the specific leak source.

(9)內容發送系統10c中,作為數位浮水印之嵌入對象之單元係設定當對應於該單元之標題金鑰旗標資訊為「1」的情況,即,為使用了共通標題金鑰241之加密化之對象的情況,但不受此限。 (9) In the content transmission system 10c, the unit to be embedded as the digital watermark is set such that the title key flag information corresponding to the unit is "1", that is, the common title key 241 is used. The case of an encrypted object, but not limited to this.

亦可對對應於標題金鑰旗標資訊「0」之單元追加嵌入了數位浮水印之附有WM單元,並使用個別標題金鑰381將該單元及附有WM單元加密化。 The WM unit may be additionally added to the unit corresponding to the title key flag information "0", and the unit and the attached WM unit may be encrypted using the individual title key 381.

就對於作為使用了個別標題金鑰381之加密化之對象的單元也可追加嵌入有數位浮水印之附有WM單元之情況的處理概要,以與內容發送系統10c不同之部分為中心,使用第60圖~第64圖加以說明。 In the unit to which the encryption target of the individual title key 381 is used, a processing summary in which a digital watermark is embedded with a WM unit may be added, and a portion different from the content transmission system 10c is used as a center. 60 to 64 are illustrated.

(a)內容簽章生成伺服器裝置101c之數位浮水印嵌入機構210亦可如第60圖所示,不依存於標題金鑰旗標資訊,而是對全部之單元追加嵌入有數位浮水印之附有WM單元。 (a) The digital signature embedding mechanism 210 of the content signature generation server device 101c may also be embedded with a digital watermark for all units, as shown in FIG. 60, without depending on the title key flag information. WM unit is attached.

如第60圖所示,分割檔案751包含有單元資訊761、762、763、‧‧‧、764。又,單元資訊761、762、763、‧‧‧、764分別含有單元773、774、775、‧‧‧、777。 As shown in Fig. 60, the divided file 751 contains unit information 761, 762, 763, ‧‧‧, 764. Further, the unit information 761, 762, 763, ‧ ‧ and 764 respectively include units 773, 774, 775, ‧ ‧ and 777

數位浮水印嵌入機構210係不論單元資訊所含之標題金鑰旗標資訊為「1」或為「0」時,皆可對全部之單元資訊所含之單元嵌入數位浮水印,生成附有WM單元。 The digital watermark embedding mechanism 210 can embed a digital watermark for the unit included in all the unit information regardless of whether the title key flag information included in the unit information is "1" or "0", and generate a WM with a WM. unit.

具體而言,數位浮水印嵌入機構210對單元資訊761 生成包含附有WM單元1421之附有WM單元資訊1411。又,對單元資訊762也生成包含附有WM單元1422之附有WM單元資訊1412。在此,同樣地生成附有WM單元資訊1413、1414、‧‧‧、1415,並生成包含附有WM單元資訊1411、1412、1413、1414、‧‧‧、1415之附有WM分割檔案1401。 Specifically, the digital watermark embedding mechanism 210 pairs the unit information 761 The WM unit information 1411 including the attached WM unit 1421 is generated. Further, the unit information 762 is also generated with WM unit information 1412 including the WM unit 1422. Here, the WM unit information 1413, 1414, ‧‧‧, 1415 is generated in the same manner, and the WM split file 1401 including the WM unit information 1411, 1412, 1413, 1414, ‧ ‧ and 1415 is generated.

(b)其次,內容簽章生成伺服器裝置101c之加密化機構206c係如第61圖所示,針對對應於標題金鑰旗標資訊「1」之單元及附有WM單元,使用共通標題金鑰241,並對該單元及該附有WM單元施行加密演算法Enc,生成加密化單元及加密化附有WM單元。 (b) Next, the encryption mechanism 206c of the content signature generation server device 101c uses the common title gold for the unit corresponding to the title key flag information "1" and the attached WM unit as shown in Fig. 61. The key 241 is configured to perform an encryption algorithm Enc on the unit and the attached WM unit to generate an encryption unit and to encrypt the WM unit.

另一方面,對於對應於標題金鑰旗標資訊「0」之單元及附有WM單元不進行加密化,而是直接使用該單元及該附有WM單元。此時,將該單元及該附有WM單元直接作為加密化單元及加密化附有WM單元。 On the other hand, the unit corresponding to the title key flag information "0" and the attached WM unit are not encrypted, but the unit is directly used and the WM unit is attached. At this time, the unit and the attached WM unit are directly attached to the WM unit as an encryption unit and encrypted.

如此,加密化機構206c係如第61圖所示,生成加密化附有WM分割檔案1431。加密化附有WM分割檔案1431包含加密化附有WM單元資訊1441、1442、1443、1444、‧‧‧、1445。又,各加密化附有WM單元資訊包含單元識別子、標題金鑰旗標資訊、加密化單元及加密化附有WM單元。 As described above, the encryption unit 206c generates the encrypted WM divided file 1431 as shown in FIG. Encryption with WM split file 1431 includes encryption with WM unit information 1441, 1442, 1443, 1444, ‧‧‧, 1445. Further, each encryption is accompanied by a WM unit information including a unit identifier, a title key flag information, an encryption unit, and an encryption with a WM unit.

其次,加密化機構206c係如第61圖所示,生成由加密化附有WM分割檔案1431所含之全部的加密化單元及加密化附有WM單元所構成之加密化附有WM檔案1471 「EWCNT1」。 Next, as shown in FIG. 61, the encryption unit 206c generates an encryption unit including all of the encryption units included in the WM-divided file 1431 and the encryption-attached WM unit. "EWCNT1".

(c)其次,內容簽章生成伺服器裝置101c之標頭資訊生成機構207c係如第62圖所示,就加密化附有WM分割檔案1431內之全部的加密化附有WM單元資訊,對該加密化附有WM單元資訊所含之加密化單元及加密化附有WM單元之各個算出散列值,生成單元散列值與附有WM單元散列值。 (c) Next, the header information generating unit 207c of the content signature generating server device 101c, as shown in Fig. 62, encrypts all the encryptions in the WM divided file 1431 with WM unit information, The encryption is accompanied by an encryption unit included in the WM unit information and each calculated hash value of the encrypted WM unit, and a unit hash value is generated and a WM unit hash value is attached.

如第62圖所示,標頭資訊生成機構207c生成附有WM第一散列表1451。在此,附有WM第一散列表1451包含有附有WM單元散列資訊1461、1462、1463、1464、‧‧‧、1465。各附有WM單元散列資訊包含單元識別子、標題金鑰旗標資訊、單元散列值及附有WM單元散列值。 As shown in Fig. 62, the header information generating unit 207c generates a WM first hash table 1451. Here, the WM first hash table 1451 is attached with WM unit hash information 1461, 1462, 1463, 1464, ‧‧, 1465. Each of the WM unit hash information includes a unit identifier, a title key flag information, a unit hash value, and a WM unit hash value.

(d)其次,發送伺服器裝置102c之加密化機構306c係如第63圖所示,對於對應於標題金鑰旗標資訊「1」之單元,因應於媒體識別子選擇加密化單元與加密化附有WM單元之任一者,並將選出者作為發送用加密化附有WM單元而生成。對於對應於標題金鑰旗標資訊「0」之單元,係因應於媒體識別子選擇加密化單元與加密化附有WM單元之任一者,並使用個別標題金鑰381將選出者加密化,生成發送用加密化附有WM單元。 (d) Next, the encryption unit 306c of the transmission server device 102c, as shown in Fig. 63, selects the encryption unit and the encryption for the unit corresponding to the title key flag information "1" in response to the media identifier. There is any one of the WM units, and the selected one is generated as a transmission encryption with a WM unit. For the unit corresponding to the title key flag information “0”, any one of the WM units is selected in accordance with the media identifier selection encryption unit and the encryption, and the selected item is encrypted using the individual title key 381 to generate The transmission is encrypted with a WM unit.

在此,因應於媒體識別子之選擇方法係如內容發送系統10c中所說明。 Here, the selection method in response to the media identifier is as described in the content distribution system 10c.

如此,加密化機構306c係以加密化附有WM檔案1471為基礎,生成發送用加密化附有WM檔案1501。 In this way, the encryption unit 306c generates the transmission encryption and the WM file 1501 based on the encrypted WM file 1471.

加密化附有WM檔案1471之一例係如第63圖所示,包含有單元組1481、1482、1483、1484、‧‧‧、1485。各單元組包含加密化單元及加密化附有WM單元。單元組1481所含之加密化單元及加密化附有WM單元係分別使用共通標題金鑰241,單元及附有WM單元經加密化而生成者。另一方面,單元組1482所包含之加密化單元及加密化附有WM單元分別未經加密化,而是單元及附有WM單元本身。 Encrypted with an example of a WM file 1471, as shown in Fig. 63, includes cell groups 1481, 1482, 1483, 1484, ‧‧‧, 1485. Each unit group includes an encryption unit and an encryption attached WM unit. The encryption unit and the encryption-attached WM unit included in the unit group 1481 each use a common title key 241, and the unit and the WM unit are encrypted and generated. On the other hand, the encryption unit and the encryption-attached WM unit included in the unit group 1482 are not encrypted, but the unit and the WM unit itself are attached.

發送用加密化附有WM檔案1501之一例係如第63圖所示,包含發送用加密化附有WM單元1511、1512、1513、1514、‧‧‧、1515。 An example of the WM file 1501 attached to the transmission encryption is as shown in Fig. 63, and the WM units 1511, 1512, 1513, 1514, ‧ ‧ and 1515 are included in the encryption for transmission.

發送用加密化附有WM單元1511係單元組1481所含之加密化單元及加密化附有WM單元中,因應於媒體識別子而選擇任一者。發送用加密化附有WM單元1513、1515也相同。 The transmission encryption unit is provided with an encryption unit included in the WM unit 1511 system unit group 1481 and an encryption-attached WM unit, and any one of them is selected in accordance with the media identifier. The same applies to the WM units 1513 and 1515 to which the transmission encryption is attached.

又,發送用加密化附有WM單元1512係在單元組1482所含之加密化單元及加密化附有WM單元中,因應於媒體識別子,選擇任一者,使用個別標題金鑰381將選出者加密化而生成。發送用加密化附有WM單元1514也相同。 Further, the transmission encryption-attached WM unit 1512 is included in the encryption unit included in the unit group 1482 and the encryption-attached WM unit, and any one of them is selected in accordance with the media identifier, and the individual title key 381 is used to select the player. Generated by encryption. The same applies to the transmission encryption with the WM unit 1514 attached.

(e)再生用資訊處理裝置104c之替換結合體生成機構506c對對應於標題金鑰旗標資訊「1」之單元,係與內容發送系統10c相同,如第54圖所示,將發送用加密化附有WM單元直接作為散列對象單元使用,並算出對於該發送用加密化附有WM單元之散列值,且決定因應於媒體識別子而置換之散列值來置換。 (e) The replacement combining unit 506c of the reproduction information processing device 104c is the same as the content transmission system 10c for the unit corresponding to the title key flag information "1", and as shown in Fig. 54, the transmission encryption is performed. The WM unit is directly used as a hash target unit, and a hash value in which the WM unit is attached to the transmission encryption is calculated, and a hash value that is replaced by the media identifier is determined and replaced.

對於對應於標題金鑰旗標資訊「0」之單元,係如第64圖所示,將發送用加密化附有WM單元解密化後生成散列對象單元,並算出對於生成之散列對象單元之散列值,決定因應於媒體識別子置換之散列值而置換。 For the unit corresponding to the title key flag information "0", as shown in Fig. 64, the transmission encryption unit is decrypted and the WM unit is decrypted to generate a hash target unit, and the generated hash target unit is calculated. The hash value is determined to be replaced by the hash value of the media identifier replacement.

又,上述中,係對使用個別標題金鑰381進行加密化之單元、與使用共通標題金鑰241加密化之單元之兩者嵌入數位浮水印。但不受此限。亦可僅對使用個別標題金鑰381加密化之單元嵌入數位浮水印。 Further, in the above, a digital watermark is embedded in both the unit that encrypts using the individual title key 381 and the unit that is encrypted using the common title key 241. But not limited to this. It is also possible to embed a digital watermark only for a unit encrypted with an individual title key 381.

(f)亦可如下所示而構成。 (f) can also be constructed as shown below.

亦可為藉內容簽章生成伺服器裝置,對不會成為第一加密化之對象之各明文單元,嵌入1種或複數種之數位浮水印,藉此重新生成嵌入有前述數位浮水印之1個或複數個之嵌入單元之組,並生成進而包含已生成之1個或複數個之前述嵌入單元之組之中間加密化內容。 The server device may be generated by the content signature, and one or a plurality of digital watermarks may be embedded in each plaintext unit that is not the object of the first encryption, thereby regenerating the embedded digital watermark. Or a plurality of embedded units, and generating intermediate encrypted content further comprising a set of one or more of the aforementioned embedded units.

構成媒體識別子之部分資訊之該媒體識別子內的位置、與前述中間加密化內容所含之前述明文單元及1個或複數個之前述嵌入單元之組之前述中間加密化內容內的位置係相對應。 a position in the media identifier that constitutes part of the information of the media identifier, corresponding to a position in the intermediate encrypted content of the group of the plaintext unit and one or more of the embedded units included in the intermediate encrypted content .

藉發送伺服器裝置,選擇對應於前述部分資訊之該媒體識別子內之位置之前述中間加密化內容內之位置之前述明文單元及1個或複數個之前述嵌入單元之組,並使用前述部分資訊之內容,由前述明文單元及1個或複數個之前述嵌入單元之組,選擇任一單元,並對已選擇之單元施行前述第二加密化,生成前述第二加密化單元,並生成包含 已生成之前述第二加密化單元之加密化內容。 And transmitting, by the sending server device, the plaintext unit and one or more of the embedded units in the position in the intermediate encrypted content corresponding to the location in the media identifier of the partial information, and using the foregoing partial information And selecting, by the group of the plaintext unit and the plurality of the plurality of embedded units, performing the second encryption on the selected unit, generating the second encryption unit, and generating the inclusion The encrypted content of the aforementioned second encryption unit has been generated.

再生用資訊處理裝置亦可為包含選擇機構、數位浮水印判斷機構及媒體識別子生成機構。 The information processing device for reproduction may include a selection mechanism, a digital watermark determination mechanism, and a media recognition sub-generation mechanism.

選擇機構在前述加密化內容內中,選擇特定位置之前述第二加密化單元。 The selection mechanism selects the aforementioned second encryption unit at a specific location among the encrypted contents.

再生用資訊處理裝置之解密化機構將業經選擇之前述第二加密化單元解密,生成明文單元。 The decryption unit of the information processing device for reproduction decrypts the selected second encryption unit to generate a plaintext unit.

數位浮水印判斷機構進一步判斷是否於前述第二加密化單元解密而生成之前述明文單元嵌入有1種或複數種之前述數位浮水印之任一者,並且輸出判斷結果。 The digital watermark judging means further judges whether or not one of the plurality of types of the digital watermarks is embedded in the plaintext unit generated by the decryption by the second encryption unit, and outputs the judgment result.

媒體識別子生成機構進一步將對應於前述第二加密化單元之前述特定位置之前述媒體識別子內之位置中,根據前述判斷結果之內容作為構成該媒體識別子之前述部分資訊而生成。 The media identification sub-generating means further generates, based on the content of the determination result, the content in the media identifier corresponding to the specific position of the second encryption unit as the partial information constituting the media identifier.

在此,若是也包含未嵌入有數位浮水印之情況,則合計嵌入16種之數位浮水印,上述之判斷結果為16組。以2進數來表現時,判斷結果會成為「0000」、「0001」、「0010」、「0011」、‧‧‧、「1111」之任一者。 Here, if the digital watermark is not embedded, 16 types of digital watermarks are embedded in total, and the above-described determination result is 16 sets. When the performance is expressed by 2 digits, the judgment result will be any of "0000", "0001", "0010", "0011", ‧‧", and "1111".

因此,媒體識別子生成機構會生成構成媒體識別子之4位元之部分資訊。 Therefore, the media identifier generation unit generates part of the information constituting the 4-bit of the media identifier.

又,亦可如以下所示而構成。 Further, it may be configured as shown below.

亦可為藉簽章生成伺服器裝置,對不會成為加密化對象之各明文單元,嵌入1種數位浮水印,藉此重新生成嵌入有前述數位浮水印之1個嵌入單元,並生成進而包含已 生成之1個之前述嵌入單元的中間加密化內容。 The server device may be generated by borrowing a signature, and one type of digital watermark is embedded in each plaintext unit that is not to be encrypted, thereby regenerating an embedded unit in which the digital watermark is embedded, and generating and including Has The intermediate encrypted content of the aforementioned embedded unit is generated.

構成媒體識別子之部分資訊係構成前述媒體識別子之1位元之位元資訊。 Part of the information constituting the media identifier constitutes one bit of the information of the media identifier.

前述位元資訊之該媒體識別子內之位元位置與前述中間加密化內容所含之前述明文單元及1個之前述嵌入單元之前述中間加密化內容內中之位置係相對應。 The bit position in the media identifier of the bit information corresponds to a position in the intermediate encrypted content of the plaintext unit and one of the embedded units included in the intermediate encrypted content.

藉發送伺服器裝置,選擇前述位元資訊之該媒體識別子內,對應於位元位置之前述中間加密化內容內之位置之前述明文單元及1個前述嵌入單元,並使用前述位元資訊之值,由前述明文單元及1個前述嵌入單元選擇任一單元,對選擇出之單元施行前述第二加密化,生成前述第二加密化單元,並生成包含已生成之前述第二加密化單元之前述加密化內容。 Transmitting, by the sending server device, the media identifier of the bit information, the plaintext unit and the one of the embedded units corresponding to the position in the intermediate encrypted content of the bit position, and using the value of the bit information Selecting any one of the plaintext unit and the one of the embedded units, performing the second encryption on the selected unit, generating the second encryption unit, and generating the aforementioned second encryption unit including the generated second encryption unit Encrypted content.

再生用資訊處理裝置亦可為包含選擇機構、數位浮水印判斷機構及媒體識別子生成機構。 The information processing device for reproduction may include a selection mechanism, a digital watermark determination mechanism, and a media recognition sub-generation mechanism.

選擇機構係用以在前述加密化內容內中,選擇特定位置之前述第二加密化單元。 The selection mechanism is configured to select the aforementioned second encryption unit at a specific location within the encrypted content.

再生用資訊處理裝置之解密化機構將選出之前述第二加密化單元解密,生成明文單元。 The decryption unit of the information processing device for reproduction decrypts the selected second encryption unit to generate a plaintext unit.

數位浮水印判斷機構判斷前述第二加密化單元解密而生成之前述明文單元是否嵌入有1種之前述數位浮水印,並輸出判斷結果。 The digital watermark judging unit judges whether or not the aforementioned plaintext unit generated by the decryption of the second encryption unit is embedded with one of the digital watermarks, and outputs the determination result.

媒體識別子生成機構在對應於前述第二加密化單元之前述特定位置之前述媒體識別子內之位置,將根據前述判 斷結果之內容作為構成該媒體識別子之前述位元資訊而生成。 The position of the media identification sub-generating means in the aforementioned media identifier corresponding to the specific position of the second encryption unit will be determined according to the foregoing The content of the broken result is generated as the bit information constituting the media identifier.

上述之判斷結果為2。以2進數來表現,判斷結果為「0」及「1」之任一者。 The above judgment result is 2. It is expressed in 2 digits, and the judgment result is either "0" or "1".

因此,媒體識別子生成機構成為生成構成媒體識別子之1位元之位元資訊。 Therefore, the media identifier generation unit generates bit information that constitutes one bit of the media identifier.

如以上所述,可生成構成媒體識別子之部分資訊或位元資訊,並可限制媒體識別子。藉此若內容暴露時,可將部分資訊或位元資訊作為特定洩漏來源之資訊記錄媒體裝置之線索。 As described above, part of the information or bit information constituting the media identifier can be generated, and the media identifier can be restricted. In this way, if the content is exposed, some information or bit information can be used as a clue for the information recording media device of the specific leak source.

(10)內容發送系統10a、10b及10c中,標頭資訊生成機構207及207c分別生成複數之第一散列表,並生成1個第二散列表,簽章生成機構209及209c係對第二散列表及單元選出資訊之結合體施行簽章生成演算法S,生成簽章資訊。但不受此限。 (10) In the content distribution systems 10a, 10b, and 10c, the header information generating units 207 and 207c respectively generate a plurality of first hash tables, and generate one second hash table, and the signature generating units 209 and 209c are paired with the second The combination of the hash table and the unit selection information implements the signature generation algorithm S to generate the signature information. But not limited to this.

亦可為內容發送系統10a、10b及10c中,標頭資訊生成機構207及207c分別生成複數之第一散列表,簽章生成機構209及209c於複數之第一散列表及單元選出資訊之結合體施行簽章生成演算法S,生成簽章資訊。 In the content delivery systems 10a, 10b, and 10c, the header information generating units 207 and 207c respectively generate a plurality of first hash tables, and the signature generating units 209 and 209c combine the first hash table and the unit selection information. The body implements the signature generation algorithm S to generate the signature information.

(11)亦可為內容發送系統10a、10b及10c中,原內容包含複數之原檔案,各原檔案包含複數之明文單元。但不受此限。 (11) In the content delivery systems 10a, 10b, and 10c, the original content includes a plurality of original files, and each original file includes a plurality of plaintext units. But not limited to this.

原內容亦可包含複數之明文單元。在此,如上所述,單元之一例係VOBU之單位。又,亦可將單元改稱為區塊。 The original content may also contain a plurality of plaintext units. Here, as described above, one of the units is a unit of the VOBU. Also, the unit may be referred to as a block.

(12)亦可如以下所示而構成。 (12) It can also be constructed as shown below.

本發明之一態樣係由第一伺服器裝置、第二伺服器裝置及再生裝置所構成之內容發送系統。 One aspect of the present invention is a content transmission system composed of a first server device, a second server device, and a reproduction device.

前述第一伺服器裝置具有:第一加密化電路,係僅對構成明文內容之複數明文區塊中一部份之前述明文區塊,施行第一加密化而生成第一加密化區塊,並生成由未經前述第一加密化之前述明文區塊及業已生成之前述第一加密化區塊所構成之中間加密化內容;及第一彙總電路,係將構成前述中間加密化內容之複數區塊之各個進行彙總而生成複數之第一彙總值。 The first server device has: a first encryption circuit, which performs a first encryption on the plaintext block of a part of the plurality of plaintext blocks constituting the plaintext content to generate a first encrypted block, and Generating intermediate encrypted content composed of the aforementioned plaintext block without the first encryption and the first encrypted block that has been generated; and a first summary circuit that constitutes a complex region of the intermediate encrypted content Each of the blocks is aggregated to generate a first summary value of the plural.

前述第二伺服器裝置具有第二加密化電路,該第加密化電路係對前述中間加密化內容所含之前述區塊中未經前述第一加密化之前述明文區塊,施行第二加密化而生成第二加密化區塊,並生成由前述第一加密化區塊及前述第二加密化區塊所構成之加密化內容。 The second server device has a second encryption circuit, and the second encryption circuit performs second encryption on the plaintext block without the first encryption in the block included in the intermediate encrypted content. And generating a second encrypted block, and generating encrypted content composed of the first encrypted block and the second encrypted block.

前述再生裝置具有:選擇電路,係選擇在構成前述加密化內容之複數前述加密化區塊中一個前述第二加密化區塊;解密電路,係於經選擇之前述第二加密化區塊,施行對應於前述第二加密化之解密,生成明文區塊;第二彙總電路,係將生成之前述明文區塊進行彙總而生成第二彙總值;驗證電路,係使用複數之前述第一彙總值及生成之前述第二彙總值進行前述加密化內容之驗證;及再生電路,係當前述驗證失敗時,停止前述加密化內容之解密,並在驗證成功時,將前述加密化內容解密後再生。 The playback device has a selection circuit for selecting one of the plurality of encrypted blocks in the plurality of encrypted blocks constituting the encrypted content, and a decryption circuit for performing the selected second encrypted block. Corresponding to the decryption of the second encryption, generating a plaintext block; the second summary circuit sums the generated plaintext blocks to generate a second summary value; and the verification circuit uses the first summary value of the plurality and The generated second summary value performs verification of the encrypted content; and the reproduction circuit stops decryption of the encrypted content when the verification fails, and decrypts and encrypts the encrypted content when the verification is successful.

又,本發明之其他態樣為由第一伺服器裝置、第二伺服器裝置及再生裝置所構成之內容發送系統。 Furthermore, another aspect of the present invention is a content transmission system including a first server device, a second server device, and a playback device.

前述第一伺服器裝置具有:記憶體部,係記憶有複數之電腦指令組合構成之電腦程式;及處理器,係由記憶於前述記憶體部之前述電腦程式一個一個讀出、解讀電腦指令,並因應於該解讀結果進行動作。前述電腦程式係於為電腦之前述第一伺服器裝置執行:第一加密化步驟,係僅對構成明文內容之複數明文區塊中一部份之前述明文區塊,施行第一加密化而生成第一加密化區塊,並生成由未經前述第一加密化之前述明文區塊及業已生成之前述第一加密化區塊所構成之中間加密化內容;及第一彙總步驟,係將構成前述中間加密化內容之複數區塊之各個進行彙總而生成複數第一彙總值。 The first server device has a memory unit, which is a computer program in which a plurality of computer command combinations are stored, and a processor that reads and interprets computer commands one by one by the computer program stored in the memory unit. And in response to the interpretation of the results of the action. The computer program is executed by the first server device of the computer: the first encryption step is performed by performing only the first encryption on a part of the plaintext block of the plurality of plaintext blocks constituting the plaintext content. First encrypting the block, and generating intermediate encrypted content composed of the aforementioned plaintext block without the first encryption and the first encrypted block that has been generated; and the first summary step, which will constitute Each of the plurality of blocks of the intermediate encrypted content is aggregated to generate a plurality of first summary values.

前述第二伺服器裝置具有:記憶體部,係記憶有複數之電腦指令組合構成之電腦程式;及處理器,係由記憶於前述記憶體部之前述電腦程式一個一個讀出、解讀電腦指令,並因應於該解讀結果進行動作。前述電腦程式係在為電腦之第二伺服器裝置執行第二加密化步驟,對前述中間加密化內容所含之前述區塊中未經前述第一加密化之前述明文區塊,施行第二加密化而生成第二加密化區塊,並生成由前述第一加密化區塊及前述第二加密化區塊所構成之加密化內容。 The second server device has a memory unit, which is a computer program in which a plurality of computer command combinations are stored, and a processor that reads and interprets computer commands one by one by the computer program stored in the memory unit. And in response to the interpretation of the results of the action. The computer program performs a second encryption step for the second server device of the computer, and performs second encryption on the plaintext block without the first encryption in the block included in the intermediate encrypted content. And generating a second encrypted block, and generating encrypted content composed of the first encrypted block and the second encrypted block.

前述再生裝置具有:記憶體部,係記憶有複數之電腦指令組合構成之電腦程式;及處理器,係由記憶於前述記 憶體部之前述電腦程式一個一個讀出、解讀電腦指令,並因應於該解讀結果進行動作。前述電腦程式係於為電腦之前述再生裝置執行下述步驟:選擇步驟,係選擇構成前述加密化內容之複數前述加密化區塊中一個前述第二加密化區塊;解密步驟,係於經選擇之前述第二加密化區塊施行對應於前述第二加密化之解密,生成明文區塊;第二彙總步驟,係將生成之前述明文區塊進行彙總而生成第二彙總值;驗證步驟,係使用複數之前述第一彙總值及生成之前述第二彙總值,進行前述加密化內容之驗證;及再生步驟,係在前述驗證失敗時,停止前述加密化內容之解密,並於驗證成功時,將前述加密化內容解密後再生。 The reproducing device has a memory portion, a computer program in which a plurality of computer command combinations are stored, and a processor, which is memorized in the foregoing The computer program of the body part reads and interprets the computer instructions one by one, and acts according to the interpretation result. The computer program is configured to perform the following steps for the foregoing reproducing device of the computer: selecting a second encrypted block in the plurality of encrypted blocks constituting the encrypted content; and the decrypting step is selected The second ciphering block performs decryption corresponding to the second ciphering to generate a plaintext block; and the second merging step is to summarize the generated plaintext block to generate a second summary value; the verification step is Performing verification of the encrypted content using the first summary value of the plurality and the generated second summary value; and the reproducing step, when the verification fails, stopping decryption of the encrypted content, and when the verification is successful, The encrypted content is decrypted and reproduced.

(13)亦可如下而構成。 (13) It can also be configured as follows.

本發明之一態樣之資訊處理裝置係由資訊記錄媒體,將前述數位著作物之加密化資料讀出並解密化後再生者,前述資訊記錄媒體係記錄有:數位著作物之加密化資料;由構成前述數位著作物之複數資料區塊所生成之複數記錄彙總值;及藉對由複數之記錄彙總值構成之第1結合體施行使用了第1簽章金鑰之簽章生成演算法而生成之第1記錄簽章資料,且資訊處理裝置包含有:第1驗證金鑰保存機構,係保存對應於前述第1簽章金鑰之第1驗證金鑰;利用機構,係將記錄於前述資訊記錄媒體之前述數位著作物之加密化資料解密化後再生;資料區塊選擇機構,係由前述資料區塊隨機選擇預定數個之選擇資料區塊;金鑰判定機構,係判定用以將前述選擇資料區塊之加密化資料解 密化之解密化金鑰為對應於前述資訊記錄媒體之金鑰、與與全部之資訊記錄媒體共通之金鑰之哪一者;資料變換機構,係前述金鑰判定機構判定前述解密化金鑰為對應於前述資訊記錄媒體時,則將前述加密化資料解密化,並將解密化結果作為變換資料區塊,若前述金鑰判定機構判定前述解密化金鑰為與全部之資訊記錄媒體共通之金鑰時,則以前述加密化資料本身作為變換資料區塊而生成;演算機構,係由對應於各選擇資料區塊之前述變換資料區塊算出演算彙總值;讀出機構,係由記錄於前述資訊記錄媒體之記錄彙總值群,讀出至少對應於前述選擇資料區塊除外之其他資料區塊的殘存彙總值;生成機構,係由前述演算彙總值及前述殘存彙總值,生成將前述第1結合體對應於前述選擇資料區塊之記錄彙總值置換成前述演算彙總值之置換資料之第2結合體;第1簽章驗證機構,係藉於業已生成之前述第2結合體與前述第1記錄簽章資料,施行使用了前述第1驗證金鑰之簽章驗證演算法,進行簽章驗證;及利用控制機構,係當前述第1簽章驗證機構進行之簽章驗證失敗時,停止前述數位著作物之再生。 An information processing device according to an aspect of the present invention is an information recording medium that reads and decrypts encrypted data of the digital work, and the information recording medium records: encrypted data of a digital work; a summary record of the plurality of records generated by the plurality of data blocks constituting the digital work; and the first combination of the plurality of record summary values is used to execute the signature creation algorithm using the first signature key The first record signature data is generated, and the information processing device includes: a first verification key storage unit that stores a first verification key corresponding to the first signature key; and a utilization mechanism is recorded in the foregoing The encrypted data of the aforementioned digital works of the information recording medium is decrypted and reproduced; the data block selection mechanism randomly selects a predetermined number of selected data blocks from the foregoing data block; the key determining mechanism is determined to be used Encrypted data solution of the selected data block The decrypted key of the densification is which one of the key corresponding to the information recording medium and the key shared with all the information recording media; and the data conversion mechanism determines that the decrypted key is the key decryption mechanism In order to correspond to the information recording medium, the encrypted data is decrypted, and the decrypted result is used as a transformed data block, and if the key determining unit determines that the decrypted key is common to all information recording media. In the case of the key, the encrypted data itself is generated as a transformed data block; the calculating unit calculates the calculated summary value from the transformed data block corresponding to each selected data block; the reading mechanism is recorded in And storing, by the record summary value group of the information recording medium, a residual summary value corresponding to at least another data block except the selected data block; and generating means, generating the foregoing by using the calculated summary value and the remaining summary value The second combination of the replacement data corresponding to the record summary value of the selected data block is replaced by the replacement data of the calculation summary value The first signature verification unit performs the signature verification algorithm using the first verification key by using the second combination and the first record signature data that have been generated, and performs signature verification; The control unit stops the reproduction of the digital work when the signature verification by the first signature verification unit fails.

藉此,即使記錄於資訊記錄媒體之解密化金鑰被竄改,亦可防止在資訊處理裝置使用該被竄改之解密化金鑰,而可再生內容(數位著作物)之攻撃。 Thereby, even if the decryption key recorded on the information recording medium is tampered with, it is possible to prevent the use of the falsified decryption key in the information processing apparatus, and to reproduce the content (digital work).

在此,在前述資訊處理裝置中,前述資訊記錄媒體進一步記錄第2記錄簽章資料,該第2記錄簽章資料係對解密化金鑰與前述資訊記錄媒體之識別子之結合體,施行使 用了第2簽章金鑰之簽章生成演算法而生成者,且前述資訊處理裝置進一步包含:媒體識別子取得部,係取得前述資訊記錄媒體之識別子;第2驗證金鑰保存機構,係保存對應於前述第2簽章金鑰之第2驗證金鑰;第2簽章驗證機構,係於結合前述解密化金鑰、前述媒體識別子取得機構所取得之前述識別子之結合體與前述第2記錄簽章資料,施行使用了前述第2驗證金鑰之簽章驗證演算法,進行簽章驗證,前述利用控制機構亦可當前述第1簽章驗證機構進行之簽章驗證或者前述第2簽章驗證機構進行之簽章驗證失敗時,停止前述數位著作物之再生。 Here, in the information processing device, the information recording medium further records the second record signature data, and the second record signature data is a combination of the decrypted key and the identifier of the information recording medium. A generator is generated by the signature generation algorithm of the second signature key, and the information processing apparatus further includes: a media identification sub-acquisition unit that acquires an identifier of the information recording medium; and a second verification key storage unit that saves a second verification key corresponding to the second signature key; the second signature verification unit is a combination of the decryption key and the identifier obtained by the media identifier acquisition unit, and the second record The signature information is executed by the signature verification algorithm using the second verification key, and the signature verification is performed. The use control mechanism may also perform the signature verification by the first signature verification institution or the second signature. When the verification of the signature by the verification agency fails, the reproduction of the aforementioned digital works is stopped.

藉此,可驗證記錄有解密化金鑰之資訊記錄媒體之媒體識別子為正確的,且僅於記錄於內容為正確之資訊記錄媒體時可再生。 Thereby, it is possible to verify that the media identifier of the information recording medium on which the decrypted key is recorded is correct, and can be reproduced only when recorded on the information recording medium whose content is correct.

本發明之其他態樣之內容簽章生成伺服器裝置係對數位著作物生成:前述數位著作物之加密化資料、由構成前述數位著作物之複數資料區塊所生成之複數記錄彙總值、為與全部之資訊記錄媒體共通之金鑰之共通金鑰、顯示對前述資料區塊使用之金鑰之資訊之金鑰旗標資訊、及對由複數之記錄彙總值構成之第1結合體施行使用了第1簽章金鑰之簽章生成演算法而生成之第1記錄簽章資料,且前述內容簽章生成伺服器裝置包含有:第1簽章金鑰保存機構,係用以保存前述第1簽章金鑰;資料區塊生成機構,係用以將前述數位著作物分割成複數之資料區塊而生成;共通金鑰生成機構,係用以生成前述共通金鑰;金鑰旗標 資訊生成機構,係選擇要使用對應於前述資訊記錄媒體之金鑰之個別金鑰與前述共通金鑰之哪一個,並生成顯示選擇結果之前述金鑰旗標資訊;加密化機構,係當顯示對應於前述資料區塊之各個之前述金鑰旗標資訊作為將前述共通金鑰加密化之金鑰使用之情況時,以以前述共通金鑰將前述資料區塊加密化,生成加密化資料區塊,且在顯示前述金鑰旗標資訊作為將前述個別金鑰加密化之金鑰使用之情況時,將前述資料區塊本身作為加密化資料區塊而生成;加密化資料生成機構,係將複數之前述加密化資料區塊結合而生成前述加密化資料;記錄彙總值算出機構,係對前述資料區塊之各個,由前述加密化資料區塊算出前述記錄彙總值;第1結合體生成機構,係將複數之前述記錄彙總值結合而生成前述第1結合體;及第1簽章生成機構,係於前述第1結合體施行使用了前述第1簽章金鑰之簽章生成演算法,藉此生成第1記錄簽章資料。 The content signature generation server device of the other aspect of the present invention generates a digital work: the encrypted data of the digital work, and the summary value of the plurality of records generated by the plurality of data blocks constituting the digital work, The common key of the key common to all the information recording media, the key flag information showing the information of the key used for the aforementioned data block, and the use of the first combination composed of the plurality of record summary values. The first signature signature data generated by the first signature key signature generation algorithm, and the content signature generation server device includes: a first signature key storage mechanism for storing the foregoing 1 signature key; the data block generation mechanism is used to divide the digital work into a plurality of data blocks; the common key generation mechanism is used to generate the aforementioned common key; the golden key flag The information generating mechanism selects which one of the above-mentioned common key to use the key corresponding to the information recording medium and the aforementioned common key, and generates the aforementioned key flag information for displaying the selection result; the encryption mechanism is displayed When the aforementioned key flag information corresponding to each of the foregoing data blocks is used as a key for encrypting the common key, the data block is encrypted by the common key to generate an encrypted data area. Block, and when displaying the aforementioned key flag information as a key for encrypting the individual key, the data block itself is generated as an encrypted data block; the encrypted data generating mechanism is The plurality of encrypted data blocks are combined to generate the encrypted data; and the record summary value calculating means calculates the record summary value from the encrypted data block for each of the data blocks; the first combined body generating mechanism Combining the plurality of record summary values to generate the first combination; and the first signature generation mechanism is performed by the first combination The first record signature data is generated by using the signature generation algorithm of the first signature key.

藉此,即使記錄於資訊記錄媒體之解密化金鑰遭竄改,亦可防止讀入資訊記錄媒體而再生內容之資訊處理裝置使用該被竄改之解密化金鑰而再生內容之攻撃。又,藉使用請求項第3項記載之態樣之內容簽章生成伺服器裝置,可在內容簽章生成伺服器裝置預先生成內容之簽章資訊,並發送已生成之資料,而不在之後生成內容之簽章資訊。 Thereby, even if the decryption key recorded on the information recording medium is tampered with, it is possible to prevent the information processing apparatus that reads the information recording medium and reproduces the content using the falsified decryption key to reproduce the content. Further, by using the content signature signature generation server device described in the third item of the request item, the content signature signature generation server device can generate the signature information of the content in advance, and transmit the generated data without generating it later. Signature of the content.

在此,前述內容簽章生成伺服器裝置亦可進一步包含數位浮水印嵌入機構,係對前述資料區塊之各個,顯示對 應於前述資料區塊之前述金鑰旗標資訊作為將前述共通金鑰加密化之金鑰使用時,對前述資料區塊生成嵌入有數位浮水印之附WM資料區塊,且前述加密化機構進一步以前述共通金鑰將前述附WM資料區塊加密化,生成加密化附WM資料區塊,前述加密化資料生成機構將複數之前述加密化資料區塊與前述加密化附WM資料區塊結合而生成前述加密化資料,前述記錄彙總值算出機構進一步由前述加密化附WM資料區塊,算出前述記錄彙總值。 Here, the content signature generation server device may further include a digital watermark embedding mechanism, and each of the data blocks is displayed. When the aforementioned key flag information of the foregoing data block is used as a key for encrypting the common key, a WM data block embedded with a digital watermark is generated for the data block, and the foregoing encryption mechanism Further encrypting the foregoing WM data block with the foregoing common key to generate an encrypted WM data block, and the encrypted data generating unit combines the plurality of encrypted data blocks with the encrypted WM data block. To generate the encrypted data, the record summary value calculation means further calculates the record summary value from the encrypted WM data block.

藉此,因使用嵌入有發送伺服器裝置之數位浮水印,因應於資訊記錄媒體而發送內容,而當明文內容被攻撃者暴露時,可由被暴露之內容提取洩漏來源之資訊記錄媒體之識別子。藉使用提取之識別子,發送伺服器裝置確認資訊記錄媒體之識別子,可停止之後的內容往洩漏來源之資訊記錄媒體發送,可防止之後的損害擴大。 Thereby, the content is transmitted in response to the information recording medium by using the digital watermark embedded with the transmitting server device, and when the plaintext content is exposed by the attacker, the identifier of the information recording medium of the leak source can be extracted from the exposed content. By using the extracted identifier, the transmitting server device confirms the identifier of the information recording medium, and can stop the subsequent content from being transmitted to the information recording medium of the leak source, thereby preventing the subsequent damage from expanding.

在此,前述內容簽章生成伺服器裝置亦可為,前述內容簽章生成伺服器裝置進一步包含數位浮水印嵌入機構,數位浮水印嵌入機構係當對前述資料區塊之各個顯示對應於前述資料區塊之前述金鑰旗標資訊作為將前述個別金鑰加密化之金鑰使用時,對前述資料區塊生成嵌入有數位浮水印之附WM資料區塊,前述加密化機構進一步將前述附WM資料區塊本身作為加密化附WM資料區塊而生成,前述加密化資料生成機構將複數之前述加密化資料區塊與前述加密化附WM資料區塊結合而生成前述加密化資料,前述記錄彙總值算出機構進一步由前述加密化附WM資料區 塊算出前述記錄彙總值。 Here, the content signature generation server device may further include: the content signature generation server device further includes a digital watermark embedding mechanism, and the digital watermark embedding mechanism is configured to correspond to the foregoing data for each of the data blocks. When the aforementioned key flag information of the block is used as a key for encrypting the individual key, the WM data block in which the digital watermark is embedded is generated for the data block, and the encryption mechanism further includes the aforementioned WM. The data block itself is generated as an encrypted WM data block, and the encrypted data generating unit combines the plurality of encrypted data blocks with the encrypted WM data block to generate the encrypted data, and the foregoing record summary The value calculation mechanism is further encrypted by the aforementioned WM data area The block calculates the aforementioned summary value of the record.

在此,前述內容簽章生成伺服器裝置亦可進一步包含數位浮水印嵌入機構,該數位浮水印嵌入機構係對前述資料區塊之各個,顯示對應於前述資料區塊之前述金鑰旗標資訊作為將前述個別金鑰加密化之金鑰使用時,對前述資料區塊生成嵌入有數位浮水印之附WM資料區塊,並在顯示對應於前述資料區塊之前述金鑰旗標資訊作為將前個別金鑰加密化之金鑰使用時,對前述資料區塊生成嵌入有數位浮水印之附WM資料區塊,前述加密化機構在對前述資料區塊之各個顯示對應於前述資料區塊之前述金鑰旗標資訊作為將前述共通金鑰加密化之金鑰使用時,以前述共通金鑰將前述附WM資料區塊加密化後生成加密化附WM資料區塊,並且當顯示對應於前述資料區塊之前述金鑰旗標資訊作為將前個別金鑰加密化之金鑰使用時,將前述附WM資料區塊本身作為加密化附WM資料區塊而生成,且前述加密化資料生成機構將複數之前述加密化資料區塊與前述加密化附WM資料區塊結合而生成前述加密化資料,並且前述記錄彙總值算出機構進一步由前述加密化附WM資料區塊算出前述記錄彙總值。 Here, the content signature generation server device may further include a digital watermark embedding mechanism, and the digital watermark embedding mechanism displays the aforementioned golden key flag information corresponding to the data block for each of the data blocks. When the key used to encrypt the foregoing individual key is used, a WM data block in which a digital watermark is embedded is generated for the data block, and the aforementioned key flag information corresponding to the data block is displayed as When the key of the previous individual key encryption is used, a WM data block embedded with a digital watermark is generated for the foregoing data block, and the encryption mechanism displays the corresponding data block for each of the data blocks. When the aforementioned key flag information is used as a key for encrypting the common key, the WM data block is encrypted by the common key to generate an encrypted WM data block, and when the display corresponds to the foregoing When the aforementioned key flag information of the data block is used as the key for encrypting the previous individual key, the aforementioned WM data block itself is used as the encrypted WM data area. And generating, and the encrypted data generating unit combines the plurality of encrypted data blocks with the encrypted attached WM data block to generate the encrypted data, and the recording summary value calculating unit is further encrypted by the aforementioned WM The data block calculates the aforementioned summary value of the record.

本發明之其他態樣之伺服器係發送伺服器裝置,用以接收:數位著作物之加密化資料;由構成前述數位著作物之複數資料區塊生成之複數記錄彙總值;為與全部之資訊記錄媒體共通之金鑰之共通金鑰;對前述資料區塊顯示使用之金鑰之資訊之金鑰旗標資訊;對由複數之記錄彙總值 構成之第1結合體,施行使用了第1簽章金鑰之簽章生成演算法而生成之第1記錄簽章資料,並生成:前述數位著作物之發送用加密化資料、與為對應於資訊記錄媒體之金鑰之個別金鑰,伺服器包含:個別金鑰生成機構,係生成前述個別金鑰;加密化機構,係當顯示對應於構成前述加密化資料之複數加密化資料區塊之各個之前述金鑰旗標資訊作為將前述共通金鑰加密化之金鑰使用時,將前述加密化資料區塊本身作為發送用加密化資料區塊而生成,並當顯示前述金鑰旗標資訊作為將前述個別金鑰加密化之金鑰使用時,將前述加密化資料區塊以前述個別金鑰加密化而生成發送用加密化資料區塊;及發送用加密化資料生成機構,係結合複數之前述發送用加密化資料區塊而生成前述發送用加密化資料。 The server of the other aspect of the present invention is a server device for receiving: encrypted data of a digital work; a summary value of a plurality of records generated by a plurality of data blocks constituting the digital work; and all information Recording the common key of the common key of the media; displaying the key flag information of the information of the used key for the foregoing data block; summarizing the value of the record by the plural In the first combination, the first record signature data generated by using the signature creation algorithm of the first signature key is generated, and the encrypted data to be transmitted for the digital work is generated. The individual key of the key of the information recording medium, the server includes: an individual key generation mechanism that generates the foregoing individual key; and an encryption mechanism that displays a plurality of encrypted data blocks corresponding to the encrypted data. When each of the aforementioned key flag information is used as a key for encrypting the common key, the encrypted data block itself is generated as a transmission encrypted data block, and the aforementioned key flag information is displayed. When the key used to encrypt the individual key is used, the encrypted data block is encrypted by the individual key to generate a transmission encrypted data block; and the encrypted data generation unit for transmission is combined with a plural number. The transmission encrypted data block is generated to generate the encrypted data for transmission.

藉此,即使攻撃者暴露個別金鑰,亦可由被暴露之個別金鑰追蹤發送對象之資訊記錄媒體。 Thereby, even if the attacker exposes the individual key, the information recording medium to be transmitted can be tracked by the exposed individual key.

在此,前述發送伺服器裝置進一步亦可包含:媒體識別子取得機構,係取得前述資訊記錄媒體之識別子;第2簽章金鑰保存機構,係保存第2簽章金鑰;及第2簽章生成機構,係對由前述個別金鑰、前述共通金鑰與前述識別子構成之結合體,施行使用了前述第2簽章金鑰之簽章生成演算法而生成第2記錄簽章資料。 Here, the transmission server device may further include: a media identification sub-acquisition means for acquiring an identifier of the information recording medium; and a second signature key storage means for storing the second signature key; and the second signature The generating means generates a second record signature data by performing a signature generation algorithm using the second signature key by a combination of the individual key, the common key, and the identifier.

藉此,可驗證記錄有解密化金鑰之資訊記錄媒體之媒體識別子為正確的,並僅在記錄於內容正確之資訊記錄媒體時可再生。 Thereby, it is possible to verify that the media identifier of the information recording medium on which the decrypted key is recorded is correct, and can be reproduced only when recorded on the information recording medium having the correct content.

在此,前述發送伺服器裝置亦可進一步包含用以取得前述資訊記錄媒體之識別子之媒體識別子取得機構,且前述加密化資料係將複數之前述加密化資料區塊、與對前述資料區塊嵌入有數位浮水印之加密化附WM資料區塊結合者,前述加密化資料生成機構係對應於前述識別子,選擇前述加密化資料要含有前述加密化資料區塊與前述加密化附有WM資料區塊之哪一者,而生成前述加密化資料。 Here, the transmission server device may further include a media identification sub-acquisition mechanism for acquiring an identifier of the information recording medium, and the encrypted data system embeds the plurality of encrypted data blocks and embeds the data block. The digital watermark encryption is combined with the WM data block, and the encrypted data generating mechanism corresponds to the identifier, and the encrypted data is selected to include the encrypted data block and the encrypted WM data block. Which one of them generates the encrypted data.

藉此,當明文之內容被攻撃者暴露時,可由暴露之內容提取洩漏來源之資訊記錄媒體之識別子。藉使用提取識別子,發送伺服器裝置確認資訊記錄媒體之識別子,可防止之後的內容往洩漏來源之資訊記錄媒體發送,並可防止之後的損害擴大。 Thereby, when the content of the plaintext is exposed by the attacker, the identifier of the information recording medium of the leak source can be extracted from the exposed content. By using the extraction identifier, the transmission server device confirms the identifier of the information recording medium, thereby preventing the subsequent content from being transmitted to the information recording medium of the leak source, and preventing the subsequent damage from expanding.

在此,發送伺服器裝置亦可顯示對應於前述加密化附WM資料區塊之前述金鑰旗標資訊係作為將前述共通金鑰加密化之金鑰使用。 Here, the transmitting server device may also display the aforementioned key flag information system corresponding to the encrypted attached WM data block as a key for encrypting the common key.

在此,前述發送伺服器裝置係顯示對應於前述加密化附WM資料區塊之前述金鑰旗標資訊作為將前述個別金鑰加密化之金鑰使用。 Here, the foregoing sending server device displays the aforementioned key flag information corresponding to the encrypted attached WM data block as a key for encrypting the individual key.

本發明之其他態樣之資訊處理方法係由資訊記錄媒體,將前述數位著作物之加密化資料讀出解密化後再生者,前述資訊記錄媒體記錄有:數位著作物之加密化資料、由構成前述數位著作物之複數資料區塊所生成之複數記錄彙總值、對由複數之記錄彙總值構成之第1結合體施行使用了第1簽章金鑰之簽章生成演算法而生成之第1記錄簽 章資料,且前述資訊處理方法包含有下述步驟:第1驗證金鑰之第1驗證金鑰取得步驟,係取得對應於前述第1簽章金鑰;利用步驟,將記錄於前述資訊記錄媒體之前述數位著作物之加密化資料解密化後再生;資料區塊選擇步驟,係由前述資料區塊隨機選擇預定數個之選擇資料區塊;金鑰判定步驟,係判定用以將前述選擇資料區塊之加密化資料解密化之解密化金鑰為對應於前述資訊記錄媒體之金鑰與與全部之資訊記錄媒體共通之金鑰的哪一者;資料變換步驟,係當在前述金鑰判定步驟判定前述解密化金鑰為對應於前述資訊記錄媒體之金鑰時,則將前述加密化資料解密化,並將解密化結果作為變換資料區塊,並且當在前述金鑰判定步驟判定前述解密化金鑰為與全部之資訊記錄媒體共通之金鑰時,將前述加密化資料本身做為變換資料區塊而生成;演算步驟,係由對應於各選擇資料區塊之前述變換資料區塊算出演算彙總值;讀出步驟,係由記錄於前述資訊記錄媒體之記錄彙總值群,讀出至少對應於前述選擇資料區塊除外之其他資料區塊之殘存彙總值;生成步驟,係由前述演算彙總值及前述殘存彙總值,生成為將前述第1結合體中對應於前述選擇資料區塊之記錄彙總值置換成前述演算彙總值之資料之第2結合體;第1簽章驗證步驟,係於生成之前述第2結合體與前述第1記錄簽章資料,施行使用了前述第1驗證金鑰之簽章驗證演算法,藉此進行簽章驗證;及利用控制步驟,係當前述第1簽章驗證機構進行之簽章驗證失敗時,停止前述數位著作物之 再生。 The information processing method according to another aspect of the present invention is characterized in that the information recording medium reads and decrypts the encrypted data of the digital work, and the information recording medium records: the encrypted data of the digital work, and the composition The first record of the complex record data generated by the complex data block of the digital work, and the first combination of the plurality of record summary values, the first signature generated using the signature signature generation algorithm of the first signature key Record sign The information processing method includes the steps of: obtaining, by the first verification key, a first verification key acquisition step corresponding to the first signature key; and using the step, recording the information on the information recording medium The encrypted data of the digital work is decrypted and reproduced; the data block selecting step randomly selects a predetermined number of selected data blocks from the data block; the key determining step is determined to use the selected data. The decryption key of the encrypted data of the block is the key corresponding to the key of the information recording medium and the key common to all the information recording media; the data conversion step is determined by the aforementioned key When the step determines that the decrypted key is a key corresponding to the information recording medium, decrypting the encrypted data, and using the decrypted result as a transformed data block, and determining the decryption in the key determining step. When the key is a key common to all the information recording media, the encrypted data itself is generated as a transformed data block; the calculation step Calculating a summary value of the calculation by the converted data block corresponding to each selected data block; the reading step is performed by recording the summary value group recorded on the information recording medium, and reading at least corresponding to the selected data block a summary value of the remaining data blocks; and a generating step of generating, by the calculated summary value and the remaining summary value, the record summary value corresponding to the selected data block in the first combination to be replaced by the calculated summary value The second combination of the data; the first signature verification step is performed by using the generated second combination and the first record signature data, and performing a signature verification algorithm using the first verification key, The signature verification is performed; and the control step is used to stop the digital work when the signature verification by the first signature verification institution fails. regeneration.

以往之洩漏來源終端之追蹤技術中,當複數之攻撃者結群將各個明文化之內容之部分與部分聯合洩漏時,難以特定洩漏來源。如此洩漏之內容再度儲存於合法之記錄媒體,可以合法之再生機器再生之狀況時,會成為連一般使用者進行非法內容之利用的狀況,損失很大。 In the tracking technology of the leak source terminal in the past, it is difficult to specify the source of the leak when the multiple attackers combined the part and the part of the content of each culture. When such a leaked content is once again stored in a legitimate recording medium, and the legitimate reproduction of the device can be reproduced, it will become a situation in which the general user uses the illegal content, and the loss is large.

本發明之資訊記錄媒體具有僅發送伺服器裝置可寫入之區域,藉將內容加密化之金鑰儲存於該區域,可防止金鑰之洩漏、竄改。對於內容取代之攻撃,生成依每內容之區塊之散列值,附上相對之簽章作為對策。萬一金鑰洩漏,可依內容之發送對象之卡片,導入與個別之金鑰共通之金鑰。進一步,為了減輕發送伺服器裝置之負荷,預先對內容附加簽章,因此對於使用卡片個別之金鑰的內容區塊,對明文資料生成散列值,並對使用卡片共通之金鑰之內容區塊,對暗號明文資料生成散列值。 The information recording medium of the present invention has an area in which only the server device can write, and the key encrypted by the content is stored in the area, thereby preventing leakage and tampering of the key. For the content replacement attack, generate a hash value for each content block, and attach a relative signature as a countermeasure. In case the key is leaked, the key common to the individual key can be imported according to the card of the content to be sent. Further, in order to reduce the load on the server device, a signature is attached to the content in advance, so that a hash value is generated for the plaintext data for the content block using the individual key of the card, and the content area of the key common to the card is used. Block, which generates a hash value for the plain text data.

(14)上述之各裝置具體而言為由微處理器、ROM、RAM、硬碟單元、顯示器單元、鍵盤、滑鼠等所構成之電腦系統。前述RAM或硬碟單元記憶有電腦程式。前述微處理器依照前述電腦程式而動作,藉此各裝置達成該機能。在此,電腦程式係顯示對電腦之指令指令碼組合複數個而構成,以達成預定之機能者。 (14) Each of the above devices is specifically a computer system composed of a microprocessor, a ROM, a RAM, a hard disk unit, a display unit, a keyboard, a mouse, and the like. The aforementioned RAM or hard disk unit has a computer program. The microprocessor operates in accordance with the aforementioned computer program, whereby each device achieves the function. Here, the computer program is configured by combining a plurality of instruction code codes of the computer to achieve a predetermined function.

(15)構成上述之各裝置之構成要素之一部份或全部亦可由1個系統LSI(Large Scale Integration:大規模積體電路)所構成。系統LSI係將複數之構成部集積於1個晶片上而 製出之超多機能LSI,具體而言,係包含有微處理器、ROM、RAM等而構成之電腦系統。前述RAM記憶有電腦程式。前述微處理器隨著前述電腦程式動作,藉此系統LSI達成該機能。 (15) Part or all of the components constituting each of the above-described devices may be constituted by one system LSI (Large Scale Integration). System LSI is a combination of a plurality of components on one wafer. The ultra-multi-function LSI produced is specifically a computer system including a microprocessor, a ROM, a RAM, and the like. The aforementioned RAM memory has a computer program. The aforementioned microprocessor operates in accordance with the aforementioned computer program, whereby the system LSI achieves this function.

又,構成上述之各裝置之構成要素之各部亦可個別為1晶片,亦可1晶片化成包含一部份或全部。 Further, each of the components constituting each of the above-described devices may be individually formed into one wafer, or may be formed into a part or all of the wafer.

又,積體電路化之手法不限於LSI,亦可以專用電路或通用處理器實現。LSI製造後,亦可利用可再構成可跑程式之FPGA(FieldProgrammableGateArray)或、LSI內部之電路電池之電池連接或設定之重新組配處理器。 Further, the method of integrating the circuit is not limited to the LSI, and may be implemented by a dedicated circuit or a general-purpose processor. After the LSI is manufactured, it is also possible to use a reconfigurable processor that can reconfigure an FPGA (Field Programmable Gate Array) or a battery connection or setting of a circuit battery inside the LSI.

進而,若是因半導體技術之進步或衍生之其他技術置換成LSI之積體電路化之技術出現,當然亦可使用該技術進行機能區塊之集積化。 Furthermore, if the technology of semiconductor technology is replaced by the advancement of semiconductor technology or the replacement of other technologies into LSI, it is naturally also possible to use this technique for the accumulation of functional blocks.

(16)構成上述之各裝置之構成要素之一部份或全部亦可由可於各裝置裝卸之IC卡片或單體之模組所構成。前述IC卡片或前述模組為由微處理器、ROM、RAM等構成之電腦系統。前述IC卡片或前述模組亦可包含上述之超多機能LSI。微處理器可隨電腦程式動作,藉此前述IC卡片或前述模組達成該機能。該IC卡片或該模組亦可為具有耐竄改性。 (16) Some or all of the constituent elements constituting each of the above-described devices may be constituted by an IC card or a single module that can be attached to and detached from each device. The IC card or the aforementioned module is a computer system composed of a microprocessor, a ROM, a RAM, and the like. The IC card or the aforementioned module may also include the above-described super multi-function LSI. The microprocessor can be operated with a computer program, whereby the aforementioned IC card or the aforementioned module achieves the function. The IC card or the module may also be resistant to tampering.

(17)本發明亦可為上述之各裝置所使用之控制方法。又,亦可為藉電腦實現該等方法之電腦程式,亦可為由前述電腦程式構成之數位信號。 (17) The present invention can also be used as a control method for each of the above devices. It can also be a computer program that implements such methods by means of a computer, or a digital signal composed of the aforementioned computer program.

又,本發明亦可為電腦可讀取前述電腦程式或者前述 數位信號之記錄媒體,可為記錄於例如軟碟、硬碟、CD-ROM、MO、DVD、DVD-ROM、DVD-RAM、BD(Blu-rayDisc)、半導體記憶體等者。又,亦可作為記錄於該等記錄媒體之前述數位信號。 Moreover, the present invention can also be used for a computer to read the aforementioned computer program or the foregoing The recording medium of the digital signal can be recorded on, for example, a floppy disk, a hard disk, a CD-ROM, an MO, a DVD, a DVD-ROM, a DVD-RAM, a BD (Blu-ray Disc), a semiconductor memory or the like. Moreover, it can also be used as the digital signal recorded on the recording medium.

又,本發明亦可為將前述電腦程式或者前述數位信號經由電通信電路、無線或者有線通信電路回線、以網際網路為代表之網路,經由資料放送等而傳送。 Furthermore, the present invention may be configured to transmit the computer program or the digital signal via a telecommunication network, a wireless or wired communication circuit, and a network represented by the Internet via data transmission.

又,本發明為具有微處理器與記憶體之電腦系統,前述記憶體係記憶上述電腦程式,前述微處理器亦可隨前述電腦程式而動作。 Moreover, the present invention is a computer system having a microprocessor and a memory, wherein the memory system memorizes the computer program, and the microprocessor can also operate in accordance with the computer program.

又,藉將前述程式或者前述數位信號記錄於前述記錄媒體而移送,或者將前述程式或者前述數位信號經由前述網路等而移送,藉此可藉獨立之其他電腦系統而實施。 Further, the program or the digital signal is recorded on the recording medium and transferred, or the program or the digital signal is transferred via the network or the like, thereby being implemented by another independent computer system.

(18)亦可將各實施形態及各變形例分別組合。 (18) Each of the embodiments and the modifications may be combined.

10、10a、10b、10c‧‧‧內容發送系統 10, 10a, 10b, 10c‧‧‧ content delivery system

21‧‧‧通信用纜線 21‧‧‧Communication cable

22‧‧‧暗號通信路 22‧‧‧Communication Road

30a‧‧‧內容發送子系統 30a‧‧‧Content Delivery Subsystem

101‧‧‧第一伺服器裝置 101‧‧‧First server device

101a、101c‧‧‧內容簽章生成伺服器裝置 101a, 101c‧‧‧ content signature generation server device

102‧‧‧第二伺服器裝置 102‧‧‧Second server device

102a、102b、102c‧‧‧發送伺服器裝置 102a, 102b, 102c‧‧‧ transmit server device

103a‧‧‧記錄用資訊處理裝置 103a‧‧‧Information processing device for recording

104‧‧‧再生裝置 104‧‧‧Regeneration device

104a、104b、104c‧‧‧再生用資訊處理裝置 104a, 104b, 104c‧‧‧Renewable information processing device

105‧‧‧記錄媒體裝置 105‧‧‧Recording media installation

105a、105b‧‧‧資訊記錄媒體裝置 105a, 105b‧‧‧Information recording media installation

201‧‧‧內容保存機構 201‧‧‧Content preservation agency

202‧‧‧儲存機構 202‧‧‧Storage agency

203‧‧‧機器間傳送機構 203‧‧‧Inter-machine transfer mechanism

204、204c‧‧‧單元生成機構 204, 204c‧‧‧unit generation agency

205‧‧‧共通標題金鑰生成機構 205‧‧‧Common Title Key Generation Agency

206、206c‧‧‧加密化機構 206, 206c‧‧‧Encryption institutions

207、207c‧‧‧標頭資訊生成機構 207, 207c‧‧‧ Header Information Generation Agency

208‧‧‧簽章金鑰保存機構 208‧‧‧Signature Key Depository

209、209c‧‧‧簽章生成機構 209, 209c‧‧ ‧ signature generation agency

210‧‧‧數位浮水印嵌入機構 210‧‧‧Digital Watermark Embedding Mechanism

211‧‧‧控制機構 211‧‧‧Control agency

221‧‧‧第一加密化部 221‧‧‧First Encryption Department

222‧‧‧第一彙總部 222‧‧‧First Summary Department

223‧‧‧簽章部 223‧‧‧Signature Department

224‧‧‧共通標題金鑰生成部 224‧‧‧Common Title Key Generation Department

225‧‧‧數位浮水印嵌入部 225‧‧‧Digital Watermark Embedding Department

241‧‧‧共通標題金鑰 241‧‧‧Common title key

242,242c‧‧‧中間內容資料集 242,242c‧‧‧ intermediate content data set

251‧‧‧私有金鑰 251‧‧‧Private Key

301‧‧‧儲存機構 301‧‧‧Storage agency

302‧‧‧機器間傳送機構 302‧‧‧Inter-machine transfer mechanism

303‧‧‧機器間接收機構 303‧‧‧Inter-machine receiving mechanism

304、304c‧‧‧媒體識別子取得機構 304, 304c‧‧‧Media Identification Subsidiary

305‧‧‧個別標題金鑰生成機構 305‧‧‧Individual title key generation agency

306、306c‧‧‧加密化機構 306, 306c‧‧‧Encryption institutions

307‧‧‧標題金鑰資料庫儲存機構 307‧‧‧ Title Key Database Storage Organization

308‧‧‧運用主體公開金鑰保存機構 308‧‧‧Using the subject public key depository

309‧‧‧私有金鑰保存機構 309‧‧‧Private Key Depository

310‧‧‧公開金鑰証明書保存機構 310‧‧‧ Public Key Certificate Depository

311‧‧‧暗號通信路確立機構 311‧‧‧Communication Road Establishment Agency

312‧‧‧標題金鑰發送証明書生成機構 312‧‧‧ Title Key Sending Certificate Generation Agency

313‧‧‧控制機構 313‧‧‧Control agency

321‧‧‧第二加密化部 321‧‧‧Second Encryption Department

322‧‧‧個別標題金鑰生成部 322‧‧‧Single Title Key Generation Department

323‧‧‧媒體識別子取得部 323‧‧‧Media Identification Submission Department

324‧‧‧証明書生成部 324‧‧‧Certificate Generation Department

351,351c‧‧‧發送用內容資料集 351, 351c‧‧‧Send content data set

361‧‧‧公開金鑰 361‧‧ ‧ public key

362‧‧‧私有金鑰 362‧‧‧Private Key

371‧‧‧媒體識別子 371‧‧‧Media identifier

381‧‧‧個別標題金鑰 381‧‧‧ individual title keys

401‧‧‧機器間傳送機構 401‧‧‧Inter-machine transfer mechanism

402‧‧‧機器間接收機構 402‧‧‧Inter-machine receiving mechanism

403‧‧‧媒體間傳送機構 403‧‧Intermediate media transfer agency

404‧‧‧媒體間接收機構 404‧‧ ‧ media reception agency

501‧‧‧媒體間傳送機構 501‧‧Intermediate media transfer agency

502‧‧‧媒體間接收機構 502‧‧ ‧ media reception agencies

503‧‧‧標題金鑰取得機構 503‧‧‧ Title Key Acquisition Agency

504‧‧‧解密化機構 504‧‧‧Decryption Agency

505‧‧‧簽章驗證金鑰保存機構 505‧‧‧Signature Verification Key Depository

506、506c‧‧‧替換結合體生成機構 506, 506c‧‧‧Replacement combined generation mechanism

507、507c‧‧‧簽章驗證機構 507, 507c‧‧‧Signature Verification Agency

508‧‧‧再生可否判定機構 508‧‧‧Renewable judgment agency

509‧‧‧再生機構 509‧‧‧Recycling agency

510、510c‧‧‧媒體識別子取得機構 510, 510c‧‧‧Media Identification Subsidiary

511‧‧‧運用主體公開金鑰保存機構 511‧‧‧Using the subject public key depository

512‧‧‧標題金鑰發送証明書驗證機構 512‧‧‧ Title Key Sending Certificate Verification Agency

513‧‧‧控制機構 513‧‧‧Control agency

521‧‧‧選擇部 521‧‧‧Selection Department

522‧‧‧解密部 522‧‧‧Decryption Department

523‧‧‧第二彙總部 523‧‧‧Second Summary Department

524‧‧‧驗證部 524‧‧‧Verification Department

525‧‧‧再生部 525‧‧‧Reproductive Department

526‧‧‧替換結合體生成部 526‧‧‧Replacement of the combination

527‧‧‧取得部 527‧‧‧Acquisition Department

528‧‧‧標題金鑰發送証明書驗證部 528‧‧‧ Title Key Sending Certificate Verification Department

529‧‧‧數位浮水印判斷部 529‧‧‧Digital Watermark Judgment Department

530‧‧‧媒體識別子生成部 530‧‧‧Media Identification Sub-Generation Department

531‧‧‧公開金鑰 531‧‧ ‧ public key

541‧‧‧驗證結果 541‧‧‧Verification results

551‧‧‧傳送指示 551‧‧‧Transfer instructions

552‧‧‧替換結合體 552‧‧‧Replacement combination

601‧‧‧機器間傳送機構 601‧‧‧Inter-machine transfer mechanism

602‧‧‧機器間接收機構 602‧‧‧Inter-machine receiving mechanism

603‧‧‧媒體識別子保存機構 603‧‧‧Media Identification Subsector

604‧‧‧運用主體公開金鑰保存機構 604‧‧‧Using the subject public key depository

605‧‧‧私有金鑰保存機構 605‧‧‧Private Key Depository

606‧‧‧公開金鑰証明書保存機構 606‧‧‧ Public Key Certificate Depository

607‧‧‧暗號通信路確立機構 607‧‧‧Communication Road Establishment Agency

608‧‧‧標題金鑰儲存機構 608‧‧‧ Title Key Storage Organization

609‧‧‧內容儲存機構 609‧‧‧Content storage agency

610‧‧‧控制機構 610‧‧‧Control agency

611‧‧‧標題金鑰發送証明書儲存機構 611‧‧‧ Title Key Sending Certificate Storage Organization

701‧‧‧原內容 701‧‧‧ original content

711~714‧‧‧原檔案 711~714‧‧‧ original file

721‧‧‧分割內容 721‧‧‧Divided content

731~734‧‧‧分割檔案資訊 731~734‧‧‧ Split file information

741‧‧‧檔案識別子 741‧‧‧ file identifier

751‧‧‧分割檔案 751‧‧‧ split file

761~765‧‧‧單元資訊 761~765‧‧‧Unit information

771‧‧‧單元識別子 771‧‧‧ unit identifier

772‧‧‧標題金鑰旗標資訊 772‧‧‧ Title Key Flag Information

773~777‧‧‧單元 Unit 773~777‧‧‧

780‧‧‧單元選出資訊 780‧‧‧ Unit selection information

781~785‧‧‧檔案資訊 781~785‧‧‧Archive Information

786~787‧‧‧檔案識別子 786~787‧‧‧ file identifier

800‧‧‧加密化分割檔案 800‧‧‧Encrypted split file

801~804‧‧‧加密化單元資訊 801~804‧‧‧Encryption unit information

811‧‧‧單元識別子 811‧‧‧unit identifier

812‧‧‧標題金鑰旗標資訊 812‧‧‧ Title Key Flag Information

813~817‧‧‧加密化單元 813~817‧‧‧Encryption unit

820‧‧‧加密化內容 820‧‧‧Encrypted content

821~824‧‧‧加密化檔案 821~824‧‧‧Encrypted files

840‧‧‧加密化分割內容 840‧‧‧Encrypted split content

841~844‧‧‧加密化分割檔案資訊 841~844‧‧‧Encrypted split file information

851‧‧‧檔案識別子 851‧‧‧ file identifier

852‧‧‧加密化分割檔案 852‧‧‧Encrypted split file

860‧‧‧標頭資訊 860‧‧‧Header Information

861~864‧‧‧第一散列表 861~864‧‧‧First hash list

865‧‧‧第二散列表 865‧‧‧Separate hash table

871~874‧‧‧單元散列資訊 871~874‧‧‧Unit hash information

875~879‧‧‧標題金鑰旗標資訊 875~879‧‧‧ Title Key Flag Information

881‧‧‧單元識別子 881‧‧‧unit identifier

882‧‧‧標題金鑰旗標資訊 882‧‧‧ Title Key Flag Information

883‧‧‧單元散列值 883‧‧‧ unit hash value

885~888‧‧‧檔案散列資訊 885~888‧‧‧File Hash Information

890‧‧‧簽章資訊 890‧‧‧Signature Information

891‧‧‧檔案識別子 891‧‧‧ file identifier

892‧‧‧檔案散列值 892‧‧‧File hash value

892a‧‧‧替換檔案散列值 892a‧‧‧Replace file hash value

894a‧‧‧替換檔案散列值 894a‧‧‧Replace file hash value

900‧‧‧加密化內容 900‧‧‧Encrypted content

901~904‧‧‧發送用加密化檔案 901~904‧‧‧Send encrypted file

913~917‧‧‧發送用加密化單元 913~917‧‧‧Send encryption unit

921‧‧‧公開金鑰証明書 921‧‧‧ Public Key Certificate

922‧‧‧公開金鑰 922‧‧‧public key

923‧‧‧簽章 923‧‧‧ signature

931‧‧‧替換第二散列表 931‧‧‧Replace the second hash table

941‧‧‧替換第一散列表 941‧‧‧Replace the first hash table

943‧‧‧替換第一散列表 943‧‧‧Replace the first hash table

951‧‧‧公開金鑰証明 951‧‧ ‧ public key certificate

952‧‧‧媒體公開金鑰 952‧‧‧Media public key

953‧‧‧簽章 953‧‧‧Signature

1000‧‧‧標題金鑰發送証明書 1000‧‧‧ Title Key Sending Certificate

1001‧‧‧簽章資訊 1001‧‧‧Signature Information

1111~1115‧‧‧WM分割檔案資訊 1111~1115‧‧‧WM split file information

1121~1125‧‧‧檔案識別子 1121~1125‧‧‧ file identifier

1131~1135‧‧‧WM分割檔案 1131~1135‧‧‧WM split file

1141~1145‧‧‧附有WM單元資訊 1141~1145‧‧‧ with WM unit information

1156‧‧‧加密化附有WM分割檔案資訊 1156‧‧‧Encryption with WM split file information

1161~1164‧‧‧加密化附有WM分割檔案 1161~1164‧‧‧Encryption with WM split file

1171~1175‧‧‧加密化附有WM單元資訊 1171~1175‧‧‧Encryption with WM unit information

1181‧‧‧加密化單元 1181‧‧‧Encryption unit

1182‧‧‧加密化附有WM單元 1182‧‧‧Encryption with WM unit

1183‧‧‧加密化單元 1183‧‧‧Encryption unit

1184‧‧‧加密化單元 1184‧‧‧Encryption unit

1185‧‧‧加密化附有WM單元 1185‧‧‧Encryption with WM unit

1186‧‧‧加密化單元 1186‧‧‧Encryption unit

1187‧‧‧加密化單元 1187‧‧‧Encryption unit

1188‧‧‧加密化附有WM單元 1188‧‧‧Encryption with WM unit

1201‧‧‧加密化附有WM內容 1201‧‧‧Encryption with WM content

1211~1214‧‧‧加密化附有WM檔案 1211~1214‧‧‧Encrypted with WM file

1231‧‧‧加密化附有WM分割內容 1231‧‧‧Encryption with WM split content

1251‧‧‧附有WM標頭資訊 1251‧‧‧ with WM header information

1256~1259‧‧‧加密化附有WM分割檔案資訊 1256~1259‧‧‧Encryption with WM split file information

1261‧‧‧附有WM第二散列表 1261‧‧‧ with WM second hash table

1266‧‧‧附有WM檔案散列資訊 1266‧‧‧ with WM file hash information

1267~1269‧‧‧附有WM檔案散列資訊 1267~1269‧‧‧ with WM file hash information

1271~1274‧‧‧附有WM第一散列表 1271~1274‧‧‧ with WM first hash table

1281~1285‧‧‧附有WM單元散列資訊 1281~1285‧‧‧ with WM unit hash information

1291‧‧‧單元散列值 1291‧‧‧unit hash value

1292‧‧‧附有WM單元散列值 1292‧‧‧ with WM unit hash value

1293‧‧‧單元散列值 1293‧‧‧unit hash value

1296‧‧‧附有WM檔案散列值 1296‧‧‧ with WM file hash value

1297~1299‧‧‧附有WM檔案散列值 1297~1299‧‧‧ with WM file hash value

1297a‧‧‧替換檔案散列值 1297a‧‧‧Replace file hash value

1300‧‧‧簽章資訊 1300‧‧‧Signature Information

1341~1345‧‧‧發送用加密化附有WM單元 1341~1345‧‧‧Send encryption with WM unit

1361‧‧‧發送用加密化附有WM內容 1361‧‧‧Send encryption with WM content

1371~1374‧‧‧發送用加密化附有WM檔案 1371~1374‧‧‧Send encryption with WM file

1381,1382‧‧‧替換附有WM第一散列表 1381, 1382‧‧‧Replacement with WM first hash table

1391‧‧‧替換附有WM第二散列表 1391‧‧‧Replacement with WM second hash table

1401‧‧‧附有WM分割檔案 1401‧‧‧ with WM split file

1411‧‧‧附有WM單元資訊 1411‧‧‧With WM unit information

1413~1415‧‧‧附有WM單元資訊 1413~1415‧‧‧ with WM unit information

1421‧‧‧附有WM單元 1421‧‧‧ with WM unit

1431‧‧‧加密化附有WM分割檔案 1431‧‧‧Encryption with WM split file

1451‧‧‧附有WM第一散列表 1451‧‧‧ with WM first hash table

1461~1465‧‧‧附有WM單元散列資訊 1461~1465‧‧‧ with WM unit hash information

1471‧‧‧加密化附有WM檔案 1471‧‧‧Encryption with WM files

1511~1515‧‧‧發送用加密化附有WM單元 1511~1515‧‧‧Send encryption with WM unit

S‧‧‧簽章生成演算法 S‧‧‧ signature generation algorithm

V‧‧‧簽章驗證演算法 V‧‧‧ Signature Verification Algorithm

WM‧‧‧數位浮水印 WM‧‧‧ digital watermark

第1圖係顯示作為本發明之實施形態1之內容發送系統10的全體構成圖。 Fig. 1 is a view showing the overall configuration of a content transmission system 10 as a first embodiment of the present invention.

第2圖係顯示作為本發明之實施形態2之內容發送系統10a的全體構成圖。 Fig. 2 is a view showing the overall configuration of a content transmission system 10a according to the second embodiment of the present invention.

第3圖係顯示內容簽章生成伺服器裝置101a之構成的區塊圖。 Fig. 3 is a block diagram showing the configuration of the content signature creation server device 101a.

第4圖係顯示內容保存機構201保存之原內容701之資料構造的一例。 The fourth figure shows an example of the data structure of the original content 701 stored in the content storage unit 201.

第5圖係顯示單元生成機構204進行之分割內容721 之生成概要的概念圖。 Fig. 5 is a divided content 721 performed by the display unit generating unit 204 A conceptual diagram of the generated summary.

第6圖係顯示藉由單元生成機構204生成之單元選出資訊780之資料構造之一例。 Fig. 6 shows an example of a data structure of the unit selection information 780 generated by the unit generation unit 204.

第7圖係顯示加密化機構206進行之加密化處理之一部份。且為顯示加密化分割檔案800之生成概要的概念圖。 Figure 7 shows a portion of the encryption process performed by the encryption mechanism 206. It is also a conceptual diagram showing the generation summary of the encrypted split file 800.

第8圖係顯示藉由加密化機構206生成之加密化內容820之資料構造之一例。 FIG. 8 shows an example of a data structure of the encrypted content 820 generated by the encryption unit 206.

第9圖係顯示標頭資訊生成機構207進行之標頭資訊860之生成之概要的概念圖。 Fig. 9 is a conceptual diagram showing an outline of the generation of the header information 860 by the header information generating unit 207.

第10圖係顯示標頭資訊生成機構207進行之第一散列表861之生成之概要的概念圖。 Fig. 10 is a conceptual diagram showing an outline of generation of the first hash table 861 by the header information generating unit 207.

第11圖係顯示藉由標頭資訊生成機構207生成之第二散列表865之資料構造之一例。 Fig. 11 is a view showing an example of the data structure of the second hash table 865 generated by the header information generating unit 207.

第12圖係顯示簽章生成機構209進行之簽章資訊890之生成之概要的概念圖。 Fig. 12 is a conceptual diagram showing an outline of the generation of the signature information 890 by the signature generation unit 209.

第13圖係顯示發送伺服器裝置102a之構成的區塊圖。 Fig. 13 is a block diagram showing the configuration of the transmission server device 102a.

第14圖係顯示加密化機構306進行之使用了標題金鑰旗標資訊之加密化單元之選擇概要的概念圖。 Fig. 14 is a conceptual diagram showing a selection outline of an encryption unit using the title key flag information by the encryption unit 306.

第15圖係顯示加密化機構306進行之發送用加密化檔案901之生成之概要的概念圖。 Fig. 15 is a conceptual diagram showing an outline of generation of the encrypted file 901 for transmission by the encryption unit 306.

第16圖係顯示藉由加密化機構306生成之發送用加密化內容900之資料構造之一例。 Fig. 16 shows an example of a data structure of the encrypted content 900 for transmission generated by the encryption unit 306.

第17圖係顯示發送伺服器裝置102a之公開金鑰証明書921之概略之資料構造之一例。 Fig. 17 is a diagram showing an example of a data structure of the public key certificate 921 of the transmission server device 102a.

第18圖係顯示記錄用資訊處理裝置103a之構成的區塊圖。 Fig. 18 is a block diagram showing the configuration of the information processing device 103a for recording.

第19圖係顯示再生用資訊處理裝置104a之構成的區塊圖。 Fig. 19 is a block diagram showing the configuration of the information processing device for reproduction 104a.

第20圖係顯示替換結合體生成機構506進行之替換第二散列表931之生成之概要的概念圖。 Fig. 20 is a conceptual diagram showing an outline of the replacement of the second hash table 931 by the replacement combination generating means 506.

第21圖係顯示替換結合體生成機構506進行之來自單元選出資訊780之檔案資訊之選擇之概要的概念圖。 Fig. 21 is a conceptual diagram showing an outline of selection of file information from the unit selection information 780 by the replacement combination generating means 506.

第22圖係顯示替換結合體生成機構506進行之替換第一散列表941之生成之概要的概念圖。 Fig. 22 is a conceptual diagram showing an outline of the replacement of the first hash table 941 by the replacement combination generating means 506.

第23圖係顯示替換結合體生成機構506進行之替換第二散列表931之生成之概要的概念圖。 Fig. 23 is a conceptual diagram showing an outline of replacement of the second hash table 931 by the replacement combining unit generating means 506.

第24圖係顯示簽章驗證機構507進行之簽章資訊890之驗證之概要的概念圖。 Fig. 24 is a conceptual diagram showing an outline of verification of the signature information 890 by the signature verification unit 507.

第25圖係顯示資訊記錄媒體裝置105a之構成的區塊圖。 Fig. 25 is a block diagram showing the configuration of the information recording medium device 105a.

第26圖係顯示資訊記錄媒體裝置105a之公開金鑰証明書951之概略之資料構造之一例。 Fig. 26 is a view showing an example of a schematic data structure of the public key certificate 951 of the information recording medium device 105a.

第27圖係顯示內容發送系統10a中之內容簽章生成之動作的順序圖。 Fig. 27 is a sequence diagram showing an action of generating a content signature in the content distribution system 10a.

第28圖係顯示內容發送系統10a中之內容發送之動作的順序圖。 Fig. 28 is a sequence diagram showing the action of content transmission in the content distribution system 10a.

第29圖係顯示內容發送系統10a中之內容之再生之動作的順序圖。 Fig. 29 is a sequence diagram showing an operation of reproducing the content in the content distribution system 10a.

第30圖係顯示作為本發明之實施形態3之內容發送系統10b的全體構成圖。 Fig. 30 is a view showing the overall configuration of a content transmission system 10b as a third embodiment of the present invention.

第31圖係顯示發送伺服器裝置102b之構成的區塊圖。 Fig. 31 is a block diagram showing the configuration of the transmission server device 102b.

第32圖係顯示標題金鑰發送証明書1000之概略之資料構造之一例。 Fig. 32 is a view showing an example of the structure of the outline of the title key transmission certificate 1000.

第33圖係顯示再生用資訊處理裝置104b之構成的區塊圖。 Fig. 33 is a block diagram showing the configuration of the information processing device for reproduction 104b.

第34圖係顯示資訊記錄媒體裝置105b之構成的區塊圖。 Figure 34 is a block diagram showing the construction of the information recording medium device 105b.

第35圖係顯示內容發送系統10b中之內容發送之動作的順序圖。 Fig. 35 is a sequence diagram showing the action of content transmission in the content distribution system 10b.

第36圖係顯示內容發送系統10b中之內容再生之動作的順序圖。 Fig. 36 is a sequence diagram showing the operation of content reproduction in the content distribution system 10b.

第37圖係顯示作為本發明之實施形態3之內容發送系統10c的全體構成圖。 Fig. 37 is a view showing the overall configuration of a content transmission system 10c as a third embodiment of the present invention.

第38圖係顯示內容簽章生成伺服器裝置101c之構成的區塊圖。 Fig. 38 is a block diagram showing the configuration of the content signature creation server device 101c.

第39圖係顯示附有WM分割內容1100之資料構造之一例。 Fig. 39 shows an example of a data structure with WM divided content 1100.

第40圖係顯示數位浮水印嵌入機構210進行之附有WM分割檔案1131之生成的概要。 Fig. 40 is a view showing an outline of the generation of the WM split file 1131 by the digital watermark embedding mechanism 210.

第41圖係顯示加密化機構206c進行加密化附有WM分割檔案1161之生成的概要。 Fig. 41 is a view showing an outline in which the encryption unit 206c encrypts and generates the WM divided file 1161.

第42圖係顯示藉由加密化機構206c生成之加密化附 有WM內容1201之資料構造之一例。 Figure 42 shows the encryption attached by the encryption mechanism 206c. There is an example of a data structure of WM content 1201.

第43圖係顯示標頭資訊生成機構207c進行之附有WM標頭資訊1251之生成的概要。 Fig. 43 is a view showing an outline of the generation of the WM header information 1251 by the header information generating unit 207c.

第44圖係顯示標頭資訊生成機構207c進行之附有WM第一散列表1271之生成流程。 Fig. 44 shows a flow of generation of the WM first hash table 1271 by the header information generating unit 207c.

第45圖係顯示藉由標頭資訊生成機構207c生成之附有WM第二散列表1261之資料構造之一例。 Fig. 45 shows an example of a data structure with the WM second hash table 1261 generated by the header information generating unit 207c.

第46圖係顯示簽章生成機構209c進行之簽章資訊1300之生成處理。 Fig. 46 shows the generation processing of the signature information 1300 by the signature generation unit 209c.

第47圖係顯示發送伺服器裝置102c之構成的區塊圖。 Fig. 47 is a block diagram showing the configuration of the transmission server device 102c.

第48圖係顯示加密化機構306c進行之標題金鑰旗標資訊之選擇之處理。 Fig. 48 shows the processing of selecting the title key flag information by the encryption unit 306c.

第49圖係顯示加密化機構306c進行之發送用加密化附有WM檔案1371之生成處理。 Fig. 49 shows the generation processing of the WM file 1371 with the encryption for transmission by the encryption unit 306c.

第50圖係顯示藉由加密化機構306c生成之發送用加密化附有WM內容1361之資料構造之一例。 Fig. 50 shows an example of a data structure in which the WM content 1361 is encrypted for transmission by the encryption unit 306c.

第51圖係顯示再生用資訊處理裝置104c之構成的區塊圖。 Fig. 51 is a block diagram showing the configuration of the information processing device for reproduction 104c.

第52圖係顯示替換結合體生成機構506c進行之替換附有WM第二散列表1391之生成處理的概要。 Fig. 52 is a view showing an outline of the process of generating the replacement WM second hash table 1391 by the replacement combination generating means 506c.

第53圖係顯示標題金鑰旗標資訊為「0」時,替換結合體生成機構506c進行之替換附有WM第一散列表1381之生成流程。 Fig. 53 is a flow chart showing the generation of the replacement of the WM first hash table 1381 by the replacement combining unit 506c when the title key flag information is "0".

第54圖係顯示標題金鑰旗標資訊為「1」時,替換結 合體生成機構506c進行之替換附有WM第一散列表1381之生成流程。 Figure 54 shows the replacement knot when the title key flag information is "1". The merge generation mechanism 506c replaces the generation flow of the WM first hash table 1381.

第55圖係顯示替換結合體生成機構506c進行之替換附有WM第二散列表1391之生成流程。 Fig. 55 shows a flow of generation in which the replacement combining body generating means 506c is replaced with the WM second hash table 1391.

第56圖係顯示簽章驗證機構507c進行之簽章資訊1300之驗證處理。 Fig. 56 shows the verification processing of the signature information 1300 by the signature verification unit 507c.

第57圖係顯示內容發送系統10c之內容簽章生成之動作的順序圖。 Fig. 57 is a sequence diagram showing the action of generating the content signature of the content distribution system 10c.

第58圖係顯示內容發送系統10c之內容發送之動作的順序圖。 Fig. 58 is a sequence diagram showing the action of the content transmission by the content distribution system 10c.

第59圖係顯示內容發送系統10c之內容再生之動作的順序圖。 Fig. 59 is a sequence diagram showing the operation of content reproduction by the content distribution system 10c.

第60圖係顯示變形例(9)中,數位浮水印嵌入機構210進行之附有WM分割檔案1401之生成之概要。 Fig. 60 is a view showing the outline of the generation of the WM split file 1401 by the digital watermark embedding unit 210 in the modification (9).

第61圖係顯示變形例(9)中,加密化機構206c進行之加密化附有WM分割檔案1431之生成之概要。 Fig. 61 is a view showing the outline of the generation of the WM split file 1431 by the encryption by the encryption unit 206c in the modification (9).

第62圖係顯示變形例(9)中,標頭資訊生成機構207c進行之附有WM第一散列表1451之生成之概要。 Fig. 62 is a view showing the outline of the generation of the WM first hash table 1451 by the header information generating unit 207c in the modification (9).

第63圖係顯示變形例(9)中,加密化機構306c進行之發送用加密化附有WM檔案1501之生成之概要。 Fig. 63 is a view showing the outline of the generation of the WM file 1501 by the encryption unit 306c in the modification (9).

第64圖係顯示變形例(9)中,替換結合體生成機構506c進行之替換附有WM第一散列表1521之生成之概要。該圖中,標題金鑰旗標資訊為「0」。 Fig. 64 is a view showing an outline of the generation of the WM first hash table 1521 in place of the replacement combined body generating means 506c in the modification (9). In the figure, the title key flag information is "0".

10‧‧‧內容發送系統 10‧‧‧Content delivery system

101‧‧‧第一伺服器裝置 101‧‧‧First server device

102‧‧‧第二伺服器裝置 102‧‧‧Second server device

104‧‧‧再生裝置 104‧‧‧Regeneration device

221‧‧‧第1加密部 221‧‧‧1st encryption department

222‧‧‧第1彙總部 222‧‧‧1st summary department

321‧‧‧第二家密部 321‧‧‧ Second Secret Department

521‧‧‧選擇部 521‧‧‧Selection Department

522‧‧‧解密部 522‧‧‧Decryption Department

523‧‧‧第二彙總部 523‧‧‧Second Summary Department

524‧‧‧驗證部 524‧‧‧Verification Department

525‧‧‧再生部 525‧‧‧Reproductive Department

Claims (32)

一種內容發送系統,係由第一伺服器裝置、第二伺服器裝置及再生裝置所構成者,其特徵在於:前述第一伺服器裝置具有:第一加密化機構,係僅對構成明文內容之複數明文區塊中,一部份之前述明文區塊施行第一加密化而生成第一加密化區塊,並生成由未經前述第一加密化之前述明文區塊及業已生成之前述第一加密化區塊所構成之中間加密化內容;及第一彙總機構,係將構成前述中間加密化內容之複數區塊之各個進行彙總而生成複數之第一彙總值,前述第二伺服器裝置具有第二加密化機構,該第二加密化機構係在前述中間加密化內容所含之前述區塊中,對未經前述第一加密化之前述明文區塊施行第二加密化,生成第二加密化區塊,並生成由前述第一加密化區塊及前述第二加密化區塊所構成之加密化內容,前述再生裝置具有:選擇機構,係在構成前述加密化內容之複數前述加密化區塊中,選擇一個前述第二加密化區塊;解密機構,係於經選擇之前述第二加密化區塊,施行對應於前述第二加密化之解密,生成明文區塊;第二彙總機構,係將生成之前述明文區塊進行 彙總而生成第二彙總值;驗證機構,係使用複數之前述第一彙總值及生成之前述第二彙總值進行前述加密化內容之驗證;及再生機構,係當前述驗證失敗時,停止前述加密化內容之解密,並在驗證成功時,將前述加密化內容解密後再生。 A content transmission system is composed of a first server device, a second server device, and a reproduction device, wherein the first server device has a first encryption mechanism, which is only for the plaintext content. In the plurality of plaintext blocks, a part of the plaintext block performs the first encryption to generate the first encrypted block, and generates the foregoing plaintext block without the first encryption and the first generated And the first aggregation unit aggregates the plurality of blocks constituting the intermediate encrypted content to generate a first summary value of the plurality, wherein the second server device has a second encryption unit, wherein the second encryption unit performs second encryption on the plaintext block that is not encrypted by the first encryption in the block included in the intermediate encrypted content to generate a second encryption And generating an encrypted content composed of the first encrypted block and the second encrypted block, wherein the reproducing device has a selection mechanism and is configured Deciphering the encrypted content, selecting one of the foregoing second encrypted blocks; and the decrypting mechanism is performing the decryption corresponding to the second encryption according to the selected second encrypted block. Generating a plaintext block; the second summary mechanism is to generate the aforementioned plaintext block Generating a second summary value; the verification means performs verification of the encrypted content by using the first summary value of the plurality and the generated second summary value; and the regeneration mechanism stops the encryption when the verification fails The content is decrypted, and when the verification is successful, the encrypted content is decrypted and reproduced. 如申請專利範圍第1項之內容發送系統,其中前述第一伺服器裝置進一步包含簽章機構,該簽章機構係對至少結合業已生成之複數前述第一彙總值而得之結合體施行簽章,生成簽章資料,前述再生裝置進一步包含替換結合體生成機構,該替換結合體生成機構係將前述結合體中對應於前述第二彙總值之前述第一彙總值替換成該第二彙總值,生成替換結合體,前述驗證機構係使用前述替換結合體來驗證前述簽章資料。 The content transmission system of claim 1, wherein the first server device further comprises a signature mechanism, and the signature mechanism performs a signature on at least a combination of the plurality of the first summary values that have been generated. And generating signature data, wherein the regeneration device further includes a replacement combination generation mechanism, wherein the replacement combination generation mechanism replaces the first summary value corresponding to the second summary value in the combination with the second summary value, The replacement binding body is generated, and the aforementioned verification mechanism uses the aforementioned replacement combination to verify the aforementioned signature data. 如申請專利範圍第1項之內容發送系統,其中前述第二伺服器裝置係透過一個記錄媒體裝置而將前述加密化內容往前述再生裝置輸出,前述第一伺服器裝置之前述第一加密化機構係使用與複數之記錄媒體裝置共通之共通標題金鑰,對前述明文區塊施行前述第一加密化,前述第二伺服器裝置之前述第二加密化機構係使 用前述一個記錄媒體裝置固有之個別標題金鑰,對未經前述第一加密化之前述明文區塊施行前述第二加密化,前述再生裝置之前述解密機構係使用前述個別標題金鑰,於經選擇之前述第二加密化區塊施行對應於前述第二加密化之解密。 The content transmission system of claim 1, wherein the second server device outputs the encrypted content to the reproducing device via a recording medium device, and the first encryption device of the first server device Performing the first encryption on the plaintext block using a common title key common to a plurality of recording medium devices, and the second encryption mechanism of the second server device And performing the second encryption on the plaintext block that is not encrypted by the first encryption by using an individual title key unique to the recording medium device, and the decryption mechanism of the playback device uses the individual title key in the The aforementioned second encrypted block is selected to perform decryption corresponding to the aforementioned second encryption. 一種內容發送子系統,係由第一伺服器裝置及第二伺服器裝置構成者,其特徵在於:前述第一伺服器裝置具有:第一加密化機構,該第一加密化機構係僅對構成明文內容之複數明文區塊中,一部份之前述明文區塊施行第一加密化而生成第一加密化區塊,並生成由未經前述第一加密化之前述明文區塊及生成之前述第一加密化區塊所構成之中間加密化內容;及第一彙總機構,係將構成前述中間加密化內容之複數區塊之各個進行彙總而生成複數第一彙總值,前述第二伺服器裝置具有第二加密化機構,該第二加密化機構係對前述中間加密化內容所含之前述區塊中,未經前述第一加密化之前述明文區塊施行第二加密化,生成第二加密化區塊,並生成由前述第一加密化區塊及前述第二加密化區塊所構成之加密化內容。 A content transmission subsystem is composed of a first server device and a second server device, wherein the first server device has a first encryption mechanism, and the first encryption mechanism is only configured. In the plurality of plaintext blocks of the plaintext content, a part of the plaintext block performs the first encryption to generate the first encrypted block, and generates the aforementioned plaintext block without the first encryption and generates the foregoing The intermediate encryption unit formed by the first encryption block; and the first aggregation unit aggregates each of the plurality of blocks constituting the intermediate encrypted content to generate a plurality of first summary values, and the second server device The second encryption unit is configured to perform second encryption on the plaintext block without the first encryption in the block included in the intermediate encrypted content to generate a second encryption. The block is generated, and the encrypted content composed of the first encrypted block and the second encrypted block is generated. 如申請專利範圍第4項之內容發送子系統,其中前述第一伺服器裝置進一步包含簽章機構,該簽章機構係對至 少結合所生成之複數前述第一彙總值而得之結合體施行簽章,生成簽章資料。 The content delivery subsystem of claim 4, wherein the first server device further includes a signature mechanism, and the signature mechanism is The combination is signed in combination with the plurality of generated first summary values generated to generate the signature data. 如申請專利範圍第4項之內容發送子系統,其中前述第二伺服器裝置係透過一個記錄媒體裝置,將前述加密化內容往再生裝置輸出,並且前述第一伺服器裝置之前述第一加密化機構使用複數記錄媒體裝置共通之共通標題金鑰,對前述明文區塊施行前述第一加密化,前述第二伺服器裝置之前述第二加密化機構使用前述一個記錄媒體裝置固有之個別標題金鑰,對未經前述第一加密化之前述明文區塊施行前述第二加密化。 The content transmission subsystem of claim 4, wherein the second server device transmits the encrypted content to the reproducing device through a recording medium device, and the first encryption of the first server device The mechanism performs the first encryption on the plaintext block using a common title key common to the plurality of recording media devices, and the second encryption mechanism of the second server device uses an individual title key inherent to the one recording medium device And performing the foregoing second encryption on the foregoing plaintext block without the foregoing first encryption. 如申請專利範圍第6項之內容發送子系統,其中前述第一伺服器裝置進一步包含共通標題金鑰生成機構,該共通標題金鑰生成機構係用以生成複數記錄媒體裝置共通之前述共通標題金鑰,且前述第一加密化機構使用所生成之前述共通標題金鑰。 The content delivery subsystem of claim 6, wherein the first server device further comprises a common title key generation mechanism, and the common title key generation mechanism is configured to generate the aforementioned common title gold common to the plurality of recording medium devices. The key, and the aforementioned first encryption mechanism uses the aforementioned common title key generated. 如申請專利範圍第6項之內容發送子系統,其中前述第二伺服器裝置進一步包含個別標題金鑰生成機構,該個別標題金鑰生成機構係生成前述一個記錄媒體裝置固有之前述個別標題金鑰,且前述第二加密化機構係使用所生成之前述個別標題金鑰。 The content transmission subsystem of claim 6, wherein the second server device further includes an individual title key generation unit that generates the foregoing individual title key inherent to the one recording medium device. And the second encryption mechanism uses the generated individual title key. 如申請專利範圍第8項之內容發送子系統,其中前述第二伺服器裝置進一步包含媒體識別子取得機構,該媒體 識別子取得機構係用以取得識別前述一個記錄媒體裝置之媒體識別子,且前述個別標題金鑰生成機構生成包含取得之前述媒體識別子之前述個別標題金鑰。 The content delivery subsystem of claim 8, wherein the second server device further comprises a media identifier acquisition mechanism, the media The identifier obtaining means is configured to obtain a media identifier for identifying the one recording medium device, and the individual title key generating means generates the individual title key including the acquired media identifier. 如申請專利範圍第9項之內容發送子系統,其中前述個別標題金鑰生成機構係生成亂數,將前述媒體識別子與前述亂數結合而生成結合體,並將生成之結合體加密化,生成前述個別標題金鑰。 The content delivery subsystem of claim 9, wherein the individual title key generation means generates a random number, combines the media identifier with the random number to generate a combination, and encrypts the generated combination to generate The aforementioned individual title key. 如申請專利範圍第9項之內容發送子系統,其中前述第二伺服器裝置進一步包含證明書生成機構,該證明書生成機構係對結合前述共通標題金鑰、前述個別標題金鑰及前述媒體識別子而得之結合體施行簽章,生成標題金鑰發送證明書。 The content transmission subsystem of claim 9, wherein the second server device further includes a certificate generating unit that combines the common title key, the individual title key, and the media identifier. And the combination of the implementation of the signature, generate a title key to send a certificate. 如申請專利範圍第9項之內容發送子系統,其中前述第一伺服器裝置進一步包含數位浮水印嵌入機構,該數位浮水印嵌入機構係對前述第一加密化機構中,成為前述第一加密化之對象之各明文區塊嵌入1種或複數種之數位浮水印,藉此重新生成嵌入有前述數位浮水印之1個或複數個之嵌入區塊之組,前述第一加密化機構進一步對業已生成之1個或複數個之嵌入區塊之組,施行前述第一加密化,並生成1個或複數個之第一加密化嵌入區塊之組,且生成進一步包含業已生成之1個或複數個之前述第一加密化嵌入區塊之組的前述中間加密化內容, 構成前述媒體識別子之部分資訊在該媒體識別子內的位置、與前述中間加密化內容所含之前述第一加密化區塊及1個或複數個之前述第一加密化嵌入區塊之組在前述中間加密化內容內的位置係相對應,前述第二加密化機構選擇與前述部分資訊在該媒體識別子內之位置對應之前述中間加密化內容內之位置之前述第一加密化區塊及1個或複數個前述第一加密化嵌入區塊之組,使用前述部分資訊之內容,由第一加密化區塊及1個或複數個前述第一加密化嵌入區塊之組選擇任一區塊,並生成包含選擇之區塊作為前述第一加密化區塊之前述加密化內容。 The content transmission subsystem of claim 9, wherein the first server device further comprises a digital watermark embedding mechanism, wherein the digital watermark embedding mechanism is the first encryption in the first encryption mechanism. Each of the plaintext blocks of the object is embedded with one or more kinds of digital watermarks, thereby regenerating a group of one or a plurality of embedded blocks embedded with the aforementioned digital watermark, and the first encryption mechanism further Generating one or a plurality of embedded blocks, performing the foregoing first encryption, and generating one or a plurality of first encrypted embedded blocks, and generating further one or plural generated. The aforementioned intermediate encrypted content of the group of the first encrypted embedded embedding blocks, a group of the information identifying the media identifier in the media identifier, the first encrypted block included in the intermediate encrypted content, and one or a plurality of the first encrypted embedded blocks. Corresponding to the location in the intermediate encrypted content, the second encryption means selects the first encrypted block and one of the locations in the intermediate encrypted content corresponding to the location of the partial information in the media identifier. Or a plurality of the foregoing groups of the first encrypted embedding blocks, using the content of the foregoing partial information, selecting any block from the first encrypted block and one or a plurality of the first encrypted embedding block groups, And generating the encrypted content including the selected block as the first encrypted block. 如申請專利範圍第12項之內容發送子系統,其中前述數位浮水印嵌入機構係對各明文區塊嵌入1種數位浮水印,藉此重新生成嵌入有前述數位浮水印之1個嵌入區塊,前述第一加密化機構係對業已生成之1個前述嵌入區塊施行前述第一加密化,並生成1個第一加密化嵌入區塊,且生成進一步包含業已生成之1個前述第一加密化嵌入區塊之前述中間加密化內容,前述部分資訊為構成前述媒體識別子之1位元的位元資訊,前述位元資訊在該媒體識別子內的位元位置、與前述中間加密化內容所含之前述第一加密化區塊及1個前述第一加密化嵌入區塊在前述中間加密化內容內的 位置係相對應,前述第二加密化機構係選擇與前述位元資訊在該媒體識別子內之位元位置對應之前述中間加密化內容內之位置之前述第一加密化區塊及1個前述第一加密化嵌入區塊,使用前述位元資訊之值,由第一加密化區塊及1個之前述第一加密化嵌入區塊選擇任一區塊。 For example, the content transmitting subsystem of claim 12, wherein the digital watermark embedding mechanism embeds a digital watermark for each plaintext block, thereby regenerating an embedded block embedded with the digital watermark. The first encryption unit performs the first encryption on one of the embedded blocks that have been generated, and generates one first encrypted embedded block, and the generating further includes one of the foregoing first encryptions that have been generated. Embedding the intermediate encrypted content of the block, the partial information is bit information constituting one bit of the media identifier, the bit position of the bit information in the media identifier, and the intermediate encrypted content The first encrypted block and one of the first encrypted embedded blocks are in the intermediate encrypted content. Corresponding to the location, the second encryption unit selects the first encrypted block and the first part of the location in the intermediate encrypted content corresponding to the bit position of the bit information in the media identifier. An encryption embedding block, using the value of the bit information, selects any block from the first encrypted block and one of the first encrypted embedding blocks. 如申請專利範圍第12項之內容發送子系統,其中前述第一伺服器裝置之前述數位浮水印嵌入機構係對前述第一加密化機構中未成為前述第一加密化之對象之各明文區塊,嵌入1種或複數種之數位浮水印,藉此重新生成嵌入有前述數位浮水印之1個或複數個之嵌入區塊之組,前述第一加密化機構生成進一步包含業已生成之1個或複數個前述嵌入區塊之組之前述中間加密化內容,且構成前述媒體識別子之部分資訊在該媒體識別子內之位置、與前述中間加密化內容所含之前述明文區塊及1個或複數個前述嵌入區塊之組在前述中間加密化內容內的位置係相對應,前述第二加密化機構係選擇與前述部分資訊在該媒體識別子內的位置對應之前述中間加密化內容內之位置之前述明文區塊及1個或複數個前述嵌入區塊之組,並使用前述部分資訊之內容,由前述明文區塊及1個或複數個前述嵌入區塊之組選擇任一區塊,並於選擇之區塊施行前述第二加密化,生成前述第二加密化區 塊,且生成包含業已生成之前述第二加密化區塊的前述加密化內容。 The content transmission subsystem of claim 12, wherein the digital watermark embedding mechanism of the first server device is a plaintext block that is not the target of the first encryption in the first encryption mechanism. Inserting one or more kinds of digital watermarks, thereby regenerating a group of one or a plurality of embedded blocks embedded with the aforementioned digital watermark, the first encryption mechanism generating further including one that has been generated or The intermediate encrypted content of the plurality of the embedded blocks, and the location of the partial information of the media identifier in the media identifier, and the plaintext block and one or more of the intermediate encrypted content The group of the embedded blocks corresponds to a position within the intermediate encrypted content, and the second encryption unit selects the position in the intermediate encrypted content corresponding to the position of the partial information in the media identifier. a plaintext block and a group of one or more of the aforementioned embedded blocks, and using the contents of the aforementioned partial information, from the aforementioned plaintext block and 1 Or a plurality of the embedded blocks of the group to select any block, and block the selection of the implementation of the second encryption, an encryption region for generating the second Blocking, and generating the aforementioned encrypted content including the aforementioned second encrypted block that has been generated. 如申請專利範圍第14項之內容發送子系統,其中前述數位浮水印嵌入機構係對未成為前述第一加密化之對象之各明文區塊嵌入1種數位浮水印,藉此重新生成嵌入有前述數位浮水印之1個嵌入區塊,前述第一加密化機構生成進一步包含業已生成之1個前述嵌入區塊的前述中間加密化內容,前述部分資訊為構成前述媒體識別子之1位元之位元資訊,前述位元資訊在該媒體識別子內之位元位置、與前述中間加密化內容所含之前述明文區塊及1個前述嵌入區塊在前述中間加密化內容內的位置係相對應,前述第二加密化機構係選擇與前述位元資訊在該媒體識別子內之位元位置對應之前述中間加密化內容內之位置之前述明文區塊及1個前述嵌入區塊,並使用前述位元資訊之值,由前述明文區塊及1個前述嵌入區塊,選擇任一區塊。 The content transmission subsystem of claim 14, wherein the digital watermark embedding mechanism embeds one type of digital watermark for each plaintext block that is not the object of the first encryption, thereby re-generating the embedded An embedded block of the digital watermark, wherein the first encryption unit generates the intermediate encrypted content further comprising one embedded block that has been generated, and the partial information is a bit of a 1-bit constituting the media identifier. Information that the bit position of the bit information in the media identifier corresponds to a position of the plaintext block included in the intermediate encrypted content and one of the embedded blocks in the intermediate encrypted content, and the foregoing The second encryption unit selects the plaintext block and the one embedded block at a position within the intermediate encrypted content corresponding to the bit position of the bit information in the media identifier, and uses the bit information. The value is selected by the plaintext block and one of the aforementioned embedded blocks. 一種再生裝置,係藉由第一伺服器裝置,僅對構成明文內容之複數明文區塊中一部份之前述明文區塊,施行第一加密化而生成第一加密化區塊,並生成由未經前述第一加密化之前述明文區塊及業已生成之前述第一加密化區塊所構成之中間加密化內容,並將構成前述中間加密化內容之複數區塊之各個進行彙總而生成複數第一 彙總值,並藉由第二伺服器裝置,對前述中間加密化內容所含之前述區塊中未經前述第一加密化之前述明文區塊施行第二加密化,生成第二加密化區塊,並生成由前述第一加密化區塊及前述第二加密化區塊所構成之加密化內容,前述再生裝置具有:選擇機構,係在構成前述加密化內容之複數前述加密化區塊中,選擇一個前述第二加密化區塊;解密機構,係於經選擇之前述第二加密化區塊,施行對應於前述第二加密化之解密,生成明文區塊;第二彙總機構,係將生成之前述明文區塊進行彙總而生成第二彙總值;驗證機構,係使用複數之前述第一彙總值及生成之前述第二彙總值,進行前述加密化內容之驗證;及再生機構,係當前述驗證失敗時,停止前述加密化內容之解密,並在驗證成功時,將前述加密化內容解密後再生。 A reproducing apparatus is configured to generate a first encrypted block by using a first server device to generate a first encrypted block only for a portion of the plaintext block of a plurality of plaintext blocks constituting the plaintext content, and generate a first encrypted block The intermediate encrypted content composed of the first plaintext block and the first encrypted block that has been generated without the first encryption, and the plurality of complex blocks constituting the intermediate encrypted content are aggregated to generate a complex number the first And summarizing the value, and performing, by the second server device, performing second encryption on the plaintext block without the first encryption in the block included in the intermediate encrypted content to generate a second encrypted block And generating encrypted content composed of the first encrypted block and the second encrypted block, wherein the playback device includes: a selection unit in the plurality of encrypted blocks constituting the encrypted content, Selecting a second encrypted block; the decryption mechanism is configured to perform the decryption corresponding to the second encryption to generate a plaintext block, and the second summary mechanism is generated by the selected second encrypted block. The plaintext block is aggregated to generate a second summary value; the verification means performs verification of the encrypted content by using the first summary value of the plurality and the generated second summary value; and the regeneration mechanism is as described above When the verification fails, the decryption of the encrypted content is stopped, and when the verification is successful, the encrypted content is decrypted and reproduced. 如申請專利範圍第16項之再生裝置,其係藉前述第一伺服器裝置,進一步對至少結合業已生成之複數前述第一彙總值而得之結合體施行簽章,生成簽章資料,前述再生裝置進一步包含替換結合體生成機構,該 替換結合體生成機構係將前述結合體中對應於前述第二彙總值之前述第一彙總值,替換成該第二彙總值而生成替換結合體,前述驗證機構係使用前述替換結合體來驗證前述簽章資料。 For example, in the regenerative device of claim 16, the first server device further performs a signature on at least a combination of the plurality of the first summary values that have been generated to generate the signature data, and the regeneration is performed. The device further includes a replacement combination generating mechanism, the The replacement combination generating mechanism generates the replacement combination by replacing the first summary value corresponding to the second summary value in the combination with the second summary value, and the verification mechanism uses the replacement combination to verify the foregoing Signature information. 如申請專利範圍第16項之再生裝置,其中前述再生裝置係由前述第二伺服器裝置,透過一個記錄媒體裝置接受前述加密化內容,並藉由前述第一伺服器裝置,使用與複數之記錄媒體裝置共通之共通標題金鑰,對前述明文區塊施行前述第一加密化,藉由前述第二伺服器裝置,使用前述一個記錄媒體裝置固有之個別標題金鑰,對未經前述第一加密化之前述明文區塊施行前述第二加密化,前述解密機構係使用前述個別標題金鑰,於經選擇之前述第二加密化區塊施行對應於前述第二加密化之解密。 The reproduction device of claim 16, wherein the reproduction device receives the encrypted content through a recording medium device by the second server device, and uses the plurality of records by the first server device. a common title key shared by the media device, performing the first encryption on the plaintext block, and using the second server device to use the individual title key inherent to the one recording medium device, without the first encryption The foregoing plaintext block performs the second encryption, and the decryption mechanism performs decryption corresponding to the second encryption on the selected second encrypted block by using the individual title key. 如申請專利範圍第18項之再生裝置,其係藉由前述第二伺服器裝置,對結合前述共通標題金鑰、前述個別標題金鑰及用以識別前述一個紀錄媒體裝置之媒體識別子而得之結合體,施行簽章,生成標題金鑰發送證明書,且前述共通標題金鑰、前述個別標題金鑰及前述標題金鑰發送證明書寫入至前述記錄媒體裝置,前述再生裝置進一步包含: 取得機構,係由前述記錄媒體裝置,取得前述媒體識別子、前述共通標題金鑰、前述個別標題金鑰及前述標題金鑰發送證明書;及標題金鑰發送證明書驗證機構,係結合前述共通標題金鑰、前述個別標題金鑰及前述媒體識別子而生成結合體,並使用生成之結合體,對取得之前述標題金鑰發送證明書進行驗證。 The reproducing apparatus of claim 18, wherein the second server device combines the common title key, the individual title key, and a media identifier for identifying the one recording medium device. The binding body executes the signature to generate a title key transmission certificate, and the common title key, the individual title key, and the title key transmission certificate are written to the recording medium device, and the reproduction device further includes: The acquisition unit acquires the media identifier, the common title key, the individual title key, and the title key transmission certificate by the recording medium device; and the title key transmission certificate verification unit, which combines the common title The key, the individual title key, and the media identifier are used to generate a combination, and the generated combination of the title key is verified using the generated combination. 如申請專利範圍第18項之再生裝置,其係藉前述第一伺服器裝置,進一步對成為前述第一加密化之對象之各明文區塊嵌入1種或複數種之數位浮水印,藉此重新生成嵌入有前述數位浮水印之1個或複數個嵌入區塊之組,並且進一步對業已生成之1個或複數個嵌入區塊之組施行前述第一加密化,生成1個或複數個第一加密化嵌入區塊之組,並且生成進一步包含業已生成之1個或複數個前述第一加密化嵌入區塊之組的前述中間加密化內容,構成前述媒體識別子之部分資訊在該媒體識別子內的位置、與前述中間加密化內容所含之前述第一加密化區塊及1個或複數個之前述第一加密化嵌入區塊之組在前述中間加密化內容內的位置係相對應,藉由前述第一伺服器裝置,選擇與前述部分資訊在該媒體識別子內之位置對應之前述中間加密化內容內之位置之前述第一加密化區塊及1個或複數個前述第一加密化嵌入區塊之組,並使用前述部分資訊之內容, 由第一加密化區塊及1個或複數個前述第一加密化嵌入區塊之組選擇任一區塊,生成包含選擇之區塊作為前述第一加密化區塊之前述加密化內容,前述再生裝置進一步包含選擇機構,該選擇機構係在前述加密化內容內,選擇特定位置之前述第一加密化區塊,前述解密機構進一步將選擇之前述第一加密化區塊進行解密,生成明文區塊,前述再生裝置進一步包含:數位浮水印判斷機構,係判斷業已生成之前述明文區塊是否嵌入有1種或複數種之前述數位浮水印之任一者,並將判斷結果輸出;及媒體識別子生成機構,係在對應於前述特定位置之前述媒體識別子內之位置,將根據前述判斷結果之內容作為構成該媒體識別子之前述部分資訊而生成。 The regenerative device of claim 18, wherein the first server device further embeds one or more digital watermarks in each of the plaintext blocks to be the first encryption target, thereby Generating a group of one or a plurality of embedded blocks embedded with the aforementioned digital watermark, and further performing the foregoing first encryption on the group of one or a plurality of embedded blocks that have been generated, to generate one or a plurality of first Encrypting the group of embedded blocks, and generating the intermediate encrypted content further comprising a group of one or a plurality of the first encrypted embedded blocks that have been generated, and forming part of the information of the media identifier in the media identifier a location, corresponding to a location of the first encrypted block and one or a plurality of the first encrypted embedded blocks included in the intermediate encrypted content in the intermediate encrypted content, by The first server device selects the first encryption of the location in the intermediate encrypted content corresponding to the location of the partial information in the media identifier And a block or a plurality of embedding said encrypted first block of the group, and using the content of the information section, Selecting any block from the first encrypted block and one or a plurality of the first encrypted embedded blocks, and generating the encrypted content including the selected block as the first encrypted block, the foregoing The playback device further includes a selection mechanism that selects the first encrypted block at a specific location within the encrypted content, and the decryption mechanism further decrypts the selected first encrypted block to generate a plaintext region The foregoing playback device further includes: a digital watermark judging means for judging whether the plaintext block that has been generated is embedded with one or more of the plurality of digital watermarks, and outputting the judgment result; and the media identifier The generating means generates the content based on the determination result as the partial information constituting the media identifier in a position corresponding to the media identifier in the specific position. 如申請專利範圍第20項之再生裝置,其係藉由前述第一伺服器裝置,進一步對成為前述第一加密化之對象之各明文區塊嵌入1種數位浮水印,藉此重新生成嵌入有前述數位浮水印之1個嵌入區塊,再對業已生成之1個嵌入區塊施行前述第一加密化,生成1個第一加密化嵌入區塊,並生成進而包含業已生成之1個前述第一加密化嵌入區塊之前述中間加密化內容,前述部分資訊為構成前述媒體識別子之1位元之 位元資訊,前述位元資訊在該媒體識別子內之位元位置、與前述中間加密化內容所含之前述第一加密化區塊及1個前述第一加密化嵌入區塊在前述中間加密化內容內之位置係相對應,藉由前述第一伺服器裝置,選擇與前述位元資訊在該媒體識別子內之位元位置對應之前述中間加密化內容內之位置之前述第一加密化區塊及1個前述第一加密化嵌入區塊,並使用前述位元資訊之值,由第一加密化區塊及1個前述第一加密化嵌入區塊選擇任一區塊,生成包含選擇之區塊作為前述第一加密化區塊之前述加密化內容,前述數位浮水印判斷機構係判斷業已生成之前述明文區塊是否嵌入有1種前述數位浮水印,且前述媒體識別子生成機構在對應於前述特定位置之前述媒體識別子內之位元位置中,生成根據前述判斷結果之值,作為構成該媒體識別子之前述位元資訊。 The reproducing apparatus of claim 20, wherein the first server device further embeds one type of digital watermark in each of the plaintext blocks to be the object of the first encryption, thereby regenerating the embedded The first embedded block of the digital watermark is performed, and the first encryption is performed on one embedded block that has been generated, and a first encrypted embedded block is generated, and the generated one of the foregoing Encrypting the intermediate encrypted content of the embedded block, wherein the part of the information is one bit constituting the media identifier Bit information, the bit position of the bit information in the media identifier, and the first encrypted block and one of the first encrypted embedded blocks included in the intermediate encrypted content are encrypted in the middle Corresponding to the location in the content, the first encrypted device block selects the first encrypted block at a position within the intermediate encrypted content corresponding to the bit position of the bit information in the media identifier by the first server device. And one of the foregoing first encrypted embedding blocks, and using the value of the bit information, selecting any block from the first encrypted block and one of the first encrypted embedding blocks to generate a selected area And the block is used as the encrypted content of the first encrypted block, and the digital watermark determining mechanism determines whether the aforementioned plaintext block is embedded with one type of the digital watermark, and the media identifier generating mechanism corresponds to the foregoing In the bit position in the media identifier of the specific location, a value according to the foregoing determination result is generated as the bit information constituting the media identifier. 如申請專利範圍第20項之再生裝置,其係藉前述第一伺服器裝置,對未成為前述第一加密化之對象之各明文區塊嵌入1種或複數種之數位浮水印,藉此重新生成嵌入有前述數位浮水印之1個或複數個嵌入區塊之組,並生成進而包含業已生成之1個或複數個前述嵌入區塊之組之前述中間加密化內容, 且構成前述媒體識別子之部分資訊在該媒體識別子內之位置、與前述中間加密化內容所含之前述明文區塊及1個或複數個前述嵌入區塊之組在前述中間加密化內容內之位置係相對應,藉前述第二伺服器裝置,選擇與前述部分資訊在該媒體識別子內之位置對應之前述中間加密化內容內之位置之前述明文區塊及1個或複數個前述嵌入區塊之組,並使用前述部分資訊之內容,由前述明文區塊及1個或複數個前述嵌入區塊之組選擇任一區塊,並於選擇之區塊施行前述第二加密化,生成前述第二加密化區塊,且生成包含生成之前述第二加密化區塊之前述加密化內容,前述選擇機構進一步在前述加密化內容內選擇特定位置之前述第二加密化區塊,且前述解密機構進一步將經選擇之前述第二加密化區塊解密,生成明文區塊,前述數位浮水印判斷機構進一步判斷於前述第二加密化區塊解密而生成之前述明文區塊是否嵌入有1種或複數種之前述數位浮水印任一者,並輸出判斷結果,前述媒體識別子生成機構進一步在與前述第二加密化區塊之前述特定位置對應之前述媒體識別子內之位置中,生成根據前述判斷結果之內容,作為構成該媒體識別子之前述部分資訊。 The regenerative device of claim 20, wherein the first server device embeds one or more digital watermarks for each plaintext block that is not the target of the first encryption, thereby re-establishing Generating a group of one or a plurality of embedded blocks embedded with the aforementioned digital watermark, and generating the intermediate encrypted content further comprising a group of one or a plurality of the embedded blocks that have been generated, And constituting a position of the partial information of the media identifier in the media identifier, a position of the plaintext block and one or a plurality of the embedded blocks included in the intermediate encrypted content in the intermediate encrypted content Corresponding to, by the second server device, selecting the plaintext block and one or more of the embedded blocks at positions in the intermediate encrypted content corresponding to the position of the partial information in the media identifier Grouping, and using the content of the foregoing partial information, selecting any block from the aforementioned plaintext block and one or a plurality of the foregoing embedded block groups, and performing the second encryption on the selected block to generate the second Encrypting the block and generating the encrypted content including the generated second encrypted block, the selecting mechanism further selecting the second encrypted block at a specific location in the encrypted content, and the decrypting mechanism further Deciphering the selected second encrypted block to generate a plaintext block, and the digital watermark determining mechanism further determines the foregoing Whether the aforementioned plaintext block generated by the decryption of the two encrypted blocks is embedded with one or more of the foregoing digital watermarks, and outputs a determination result, and the media identifier generation mechanism further performs the second encrypted block In the position in the media identifier corresponding to the specific position, the content of the determination result is generated as the partial information constituting the media identifier. 如申請專利範圍第22項之再生裝置,其係藉前述第一伺服器裝置,對未成為前述第一加密化之對象之各明文區塊嵌入1種數位浮水印,藉此重新生成嵌入有前述數位浮水印之1個嵌入區塊,並生成進而包含業已生成之1個前述嵌入區塊之前述中間加密化內容,前述部分資訊為構成前述媒體識別子之1位元之位元資訊,前述位元資訊在該媒體識別子內之位元位置、與前述中間加密化內容所含之前述明文區塊及1個前述嵌入區塊在前述中間加密化內容內之位置係相對應,藉前述第二伺服器裝置,選擇與前述位元資訊在該媒體識別子內之位元位置對應之前述中間加密化內容內之位置之前述明文區塊及1個前述嵌入區塊,並使用前述位元資訊之值,由前述明文區塊及1個前述嵌入區塊選擇任一區塊,並於選擇之區塊施行前述第二加密化,生成前述第二加密化區塊,並生成包含生成之前述第二加密化區塊之前述加密化內容,前述選擇機構在前述加密化內容內,選擇特定位置之前述第二加密化區塊,前述解密機構將經選擇之前述第二加密化區塊解密,生成明文區塊,前述數位浮水印判斷機構判斷於前述第二加密化區塊解密而生成之前述明文區塊是否嵌入有1種前述數位浮水印,並輸出判斷結果, 且前述媒體識別子生成機構在與前述第二加密化區塊之前述特定位置對應之前述媒體識別子內之位置,生成根據前述判斷結果之內容,作為構成該媒體識別子之前述位元資訊。 The reproducing apparatus of claim 22, wherein the first server device embeds one type of digital watermark for each plaintext block that is not the target of the first encryption, thereby re-generating the embedded One embedded block of the digital watermark, and generating the intermediate encrypted content including one of the embedded blocks that have been generated, wherein the partial information is bit information constituting one bit of the media identifier, the bit The position of the bit in the media identifier corresponding to the position of the plaintext block and the one embedded block included in the intermediate encrypted content in the intermediate encrypted content, by the second server And selecting, by the device, the plaintext block and the one embedded block at a position in the intermediate encrypted content corresponding to the bit position of the bit information in the media identifier, and using the value of the bit information, Selecting any block in the foregoing plaintext block and one of the embedded blocks, and performing the second encryption on the selected block to generate the second encrypted block, and Forming the encrypted content including the generated second encrypted block, wherein the selecting means selects the second encrypted block of the specific location in the encrypted content, and the decrypting mechanism selects the second encrypted selected The block is decrypted to generate a plaintext block, and the digital watermark determining unit determines whether the aforementioned plaintext block is embedded in the plaintext block, and the first digital floating watermark is embedded, and the judgment result is output. The media identifier generation unit generates a content based on the determination result as the bit information constituting the media identifier at a position in the media identifier corresponding to the specific position of the second encrypted block. 一種控制方法,係在由第一伺服器裝置、第二伺服器裝置及再生裝置所構成之內容發送系統中使用,其特徵在於包含有以下步驟:第一加密化步驟,係藉前述第一伺服器裝置,僅對構成明文內容之複數明文區塊中對一部份之前述明文區塊,施行第一加密化而生成第一加密化區塊,並生成由未經前述第一加密化之前述明文區塊及業已生成之前述第一加密化區塊所構成之中間加密化內容;第一彙總步驟,係藉前述第一伺服器裝置,將構成前述中間加密化內容之複數區塊之各個進行彙總而生成複數第一彙總值;第二加密化步驟,係藉前述第二伺服器裝置,在前述中間加密化內容所含之前述區塊中,對未經前述第一加密化之前述明文區塊施行第二加密化而生成第二加密化區塊,並生成由前述第一加密化區塊及前述第二加密化區塊所構成之加密化內容;選擇步驟,係藉前述再生裝置,在構成前述加密化內容之複數前述加密化區塊中,選擇一個前述第二加密化區塊;解密步驟,係藉前述再生裝置,於業經選擇之前述 第二加密化區塊施行對應於前述第二加密化之解密,生成明文區塊;第二彙總步驟,係藉前述再生裝置,將生成之前述明文區塊進行彙總而生成第二彙總值;驗證步驟,係藉前述再生裝置,使用複數之前述第一彙總值及生成之前述第二彙總值,進行前述加密化內容之驗證;及再生步驟,係藉前述再生裝置,在前述驗證失敗時,停止前述加密化內容之解密,並於驗證成功時,將前述加密化內容解密後再生。 A control method is used in a content transmission system including a first server device, a second server device, and a playback device, and is characterized in that the method includes the following steps: the first encryption step is performed by the first servo And the device performs a first encryption on the part of the plaintext block in the plurality of plaintext blocks constituting the plaintext content to generate the first encrypted block, and generates the foregoing by the first encryption. The plaintext block and the intermediate encrypted content formed by the first encrypted block that has been generated; the first summary step is performed by using the first server device to perform each of the plurality of blocks constituting the intermediate encrypted content Generating a plurality of first summary values by summing; the second encryption step is, by using the second server device, the aforementioned plaintext area without the first encryption in the block included in the intermediate encrypted content The block performs second encryption to generate a second encrypted block, and generates encrypted content composed of the first encrypted block and the second encrypted block; Step, by the Department of the reproducing apparatus in the plurality of blocks constituting the encryption of said encrypted content, select an encryption of the second block; decryption step, the reproduction system by means already in the selection of The second ciphering block performs decryption corresponding to the second ciphering to generate a plaintext block; and the second merging step is to collect the generated plaintext block by the regenerating device to generate a second summary value; a step of performing verification of the encrypted content by using the plurality of first summary values and the generated second summary value by using the plurality of reproduction devices; and the reproducing step, by using the regeneration device, stopping when the verification fails The decrypted content is decrypted, and when the verification is successful, the encrypted content is decrypted and reproduced. 一種控制程式,係在由第一伺服器裝置、第二伺服器裝置及再生裝置所構成之內容發送系統中使用,其特徵在於:於為電腦之前述第一伺服器裝置執行下述步驟:第一加密化步驟,僅對構成明文內容之複數明文區塊中一部份之前述明文區塊,施行第一加密化而生成第一加密化區塊,並生成由未經前述第一加密化之前述明文區塊及業已生成之前述第一加密化區塊所構成之中間加密化內容;及第一彙總步驟,藉前述第一伺服器裝置,將構成前述中間加密化內容之複數區塊之各個進行彙總而生成複數第一彙總值,並在為電腦之前述第二伺服器裝置執行第二加密化步驟,該第二加密化步驟係在前述中間加密化內容所 含之前述區塊中,對未經前述第一加密化之前述明文區塊施行第二加密化而生成第二加密化區塊,並生成由前述第一加密化區塊及前述第二加密化區塊所構成之加密化內容;於為電腦之前述再生裝置執行下述步驟:選擇步驟,係在構成前述加密化內容之複數前述加密化區塊中,選擇一個前述第二加密化區塊;解密步驟,係於經選擇之前述第二加密化區塊施行對應於前述第二加密化之解密,生成明文區塊;第二彙總步驟,係將生成之前述明文區塊進行彙總而生成第二彙總值;驗證步驟,係使用複數之前述第一彙總值及生成之前述第二彙總值,進行前述加密化內容之驗證;及再生步驟,係在前述驗證失敗時,停止前述加密化內容之解密,並於驗證成功時,將前述加密化內容解密後再生。 A control program is used in a content transmission system including a first server device, a second server device, and a playback device, wherein the first server device for the computer performs the following steps: An encryption step of performing a first encryption on the plaintext block of a portion of the plurality of plaintext blocks constituting the plaintext content to generate a first encrypted block, and generating the first encrypted layer without the foregoing first encryption The plaintext block and the intermediate encrypted content formed by the first encrypted block that has been generated; and the first summarizing step, by the first server device, each of the plurality of blocks constituting the intermediate encrypted content Generating a plurality of first summary values, and performing a second encryption step on the second server device of the computer, the second encryption step being performed in the intermediate encrypted content In the foregoing block, the second encrypted block is generated by performing the second encryption on the plaintext block without the first encryption, and the first encrypted block and the second encrypted layer are generated. Encrypted content formed by the block; performing the following steps for the foregoing reproducing device of the computer: the selecting step is: selecting one of the second encrypted blocks in the plurality of encrypted blocks constituting the encrypted content; The decrypting step is to perform decryption corresponding to the second encryption by using the selected second encryption block to generate a plaintext block; and the second aggregation step is to summarize the generated plaintext block to generate a second a summary value; a verification step of performing verification of the encrypted content using the first summary value of the plurality and the generated second summary value; and a regeneration step of stopping decryption of the encrypted content when the verification fails And when the verification is successful, the encrypted content is decrypted and then reproduced. 一種電腦可讀取之記錄媒體,係記錄有在由第一伺服器裝置、第二伺服器裝置及再生裝置所構成之內容發送系統中使用之控制程式,其特徵在於所記錄之控制程式可執行:於為電腦之前述第一伺服器裝置執行下述步驟:第一加密化步驟,係僅對構成明文內容之複數 明文區塊中一部份之前述明文區塊施行第一加密化,生成第一加密化區塊,並生成由未經前述第一加密化之前述明文區塊及業已生成之前述第一加密化區塊所構成之中間加密化內容;及第一彙總步驟,係藉前述第一伺服器裝置對構成前述中間加密化內容之複數區塊之各個進行彙總而生成複數第一彙總值,且於為電腦之前述第二伺服器裝置執行第二加密化步驟,該第二加密化步驟係對前述中間加密化內容所含之前述區塊中未經前述第一加密化之前述明文區塊施行第二加密化,生成第二加密化區塊,並生成由前述第一加密化區塊及前述第二加密化區塊所構成之加密化內容,且於為電腦之前述再生裝置執行下述步驟:選擇步驟,係在構成前述加密化內容之複數前述加密化區塊中,選擇一個前述第二加密化區塊;解密步驟,係於經選擇之前述第二加密化區塊施行對應於前述第二加密化之解密,生成明文區塊;第二彙總步驟,係將生成之前述明文區塊進行彙總而生成第二彙總值;驗證步驟,係使用複數之前述第一彙總值及生成之前述第二彙總值,進行前述加密化內容之驗證;及 再生步驟,係在前述驗證失敗時,停止前述加密化內容之解密,並於驗證成功時,將前述加密化內容解密後再生。 A computer readable recording medium recorded with a control program used in a content transmission system composed of a first server device, a second server device, and a reproduction device, wherein the recorded control program is executable The following steps are performed for the first server device of the computer: the first encryption step is only for the plural of the plaintext content. The first plaintext block of a part of the plaintext block performs the first encryption, generates the first encrypted block, and generates the aforementioned plaintext block without the first encryption and the first encryption generated. The intermediate merging content formed by the block; and the first merging step, by the first server device, summing each of the plurality of blocks constituting the intermediate encrypted content to generate a plurality of first summary values, and The second server device of the computer performs a second encryption step, and the second encryption step performs a second execution on the plaintext block without the first encryption in the block included in the intermediate encrypted content. Encrypting, generating a second encrypted block, and generating encrypted content composed of the first encrypted block and the second encrypted block, and performing the following steps on the foregoing reproducing device for the computer: selecting a step of selecting a second encrypted block in the plurality of encrypted blocks constituting the encrypted content; and the decrypting step is performed on the selected second encrypted region Performing a decryption corresponding to the foregoing second encryption to generate a plaintext block; a second summary step of summarizing the generated plaintext blocks to generate a second summary value; and the verifying step is to use the first summary value of the plurality And generating the foregoing second summary value to perform verification of the encrypted content; and In the reproduction step, when the verification fails, the decryption of the encrypted content is stopped, and when the verification is successful, the encrypted content is decrypted and reproduced. 一種積體電路,係構成第一伺服器裝置者,其特徵在於具有:第一加密化機構,係僅對構成明文內容之複數明文區塊中一部份之前述明文區塊施行第一加密化,生成第一加密化區塊,並生成由未經前述第一加密化之前述明文區塊及業已生成之前述第一加密化區塊所構成之中間加密化內容;及第一彙總機構,係對構成前述中間加密化內容之複數區塊之各個進行彙總而生成複數第一彙總值。 An integrated circuit, which is a first server device, is characterized in that: a first encryption mechanism is configured to perform first encryption on only a part of the plaintext block in a plurality of plaintext blocks constituting the plaintext content. Generating a first encrypted block, and generating intermediate encrypted content composed of the aforementioned plaintext block without the first encryption and the first encrypted block that has been generated; and a first summary mechanism The plurality of complex blocks constituting the intermediate encrypted content are aggregated to generate a plurality of first summary values. 一種積體電路,係構成第二伺服器裝置者,其特徵在於具有第二加密化機構,該第二加密化機構係藉第一伺服器裝置,僅對構成明文內容之複數明文區塊中一部份之前述明文區塊施行第一加密化,生成第一加密化區塊,且生成由未經前述第一加密化之前述明文區塊及業已生成之前述第一加密化區塊所構成之中間加密化內容,並且將構成前述中間加密化內容之複數區塊之各個進行彙總而生成複數之第一彙總值,並且對前述中間加密化內容所含之前述區塊中未經前述第一加密化之前述明文區塊施行第二加密化,生成第二加密化區塊,並生成由前述第一加密化區塊及前述第二加密化區塊所構成之加密化內容。 An integrated circuit, which is a second server device, is characterized in that it has a second encryption mechanism, and the second encryption device borrows from the first server device, only one of the plurality of plaintext blocks constituting the plaintext content. And the part of the plaintext block performs the first encryption to generate the first encrypted block, and generates the plaintext block without the first encryption and the first encrypted block that has been generated. Intermediately encrypting the content, and summing each of the plurality of blocks constituting the intermediate encrypted content to generate a first summary value of the plurality, and not having the first encryption in the block included in the intermediate encrypted content The foregoing plaintext block performs second encryption to generate a second encrypted block, and generates encrypted content composed of the first encrypted block and the second encrypted block. 一種再生方法,係再生裝置所使用者,其特徵在於:前述再生方法係藉第一伺服器裝置,僅對構成明文內容之複數明文區塊中一部份之前述明文區塊施行第一加密化,生成第一加密化區塊,並生成由未經前述第一加密化之前述明文區塊及業已生成之前述第一加密化區塊所構成之中間加密化內容,且對構成前述中間加密化內容之複數區塊之各個進行彙總而生成複數第一彙總值,並藉第二伺服器裝置,對前述中間加密化內容所含之前述區塊中未經前述第一加密化之前述明文區塊,施行第二加密化,生成第二加密化區塊,並生成由前述第一加密化區塊及前述第二加密化區塊所構成之加密化內容,前述再生方法包含:選擇步驟,係在構成前述加密化內容之複數前述加密化區塊中,選擇一個前述第二加密化區塊;解密步驟,係於經選擇之前述第二加密化區塊施行對應於前述第二加密化之解密,生成明文區塊;第二彙總步驟,係將生成之前述明文區塊進行彙總而生成第二彙總值;驗證步驟,係使用複數之前述第一彙總值及生成之前述第二彙總值,進行前述加密化內容之驗證;及再生步驟,係在前述驗證失敗時,停止前述加 密化內容之解密,並於驗證成功時,將前述加密化內容解密後再生。 A method for reproducing a user of a reproducing device, wherein the reproducing method is performed by the first server device, and performing only the first encryption on the plaintext block of a part of the plurality of plaintext blocks constituting the plaintext content. Generating a first encrypted block, and generating intermediate encrypted content composed of the aforementioned plaintext block without the first encryption and the first encrypted block that has been generated, and constituting the intermediate encryption Each of the plurality of blocks of content is aggregated to generate a plurality of first summary values, and by the second server device, the aforementioned plaintext block without the first encryption is included in the block included in the intermediate encrypted content And performing second encryption to generate a second encrypted block, and generating encrypted content composed of the first encrypted block and the second encrypted block, where the foregoing regeneration method includes: a selecting step, Selecting one of the foregoing second encrypted blocks in the plurality of encrypted blocks constituting the encrypted content; and the decrypting step is performed on the selected second encrypted block The row corresponds to the decryption of the second encryption, and generates a plaintext block; the second summary step is to summarize the generated plaintext block to generate a second summary value; and the verification step uses the first summary value of the plurality And generating the second summary value to perform verification of the encrypted content; and the regeneration step, stopping the adding when the verification fails The decrypted content is decrypted, and when the verification is successful, the encrypted content is decrypted and reproduced. 一種再生程式,係再生裝置所使用者,其特徵在於:前述再生程式係藉第一伺服器裝置,僅對構成明文內容之複數明文區塊中一部份之前述明文區塊施行第一加密化,生成第一加密化區塊,並生成由未經前述第一加密化之前述明文區塊及業已生成之前述第一加密化區塊所構成之中間加密化內容,並將構成前述中間加密化內容之複數區塊之各個進行彙總而生成複數之第一彙總值,並藉第二伺服器裝置,對前述中間加密化內容所含之前述區塊中未經前述第一加密化之前述明文區塊施行第二加密化,生成第二加密化區塊,並生成由前述第一加密化區塊及前述第二加密化區塊所構成之加密化內容,前述再生程式係用以在為電腦之前述再生裝置執行下述步驟:選擇步驟,係在構成前述加密化內容之複數前述加密化區塊中,選擇一個前述第二加密化區塊;解密步驟,係於經選擇之前述第二加密化區塊施行對應於前述第二加密化之解密,生成明文區塊;第二彙總步驟,係將生成之前述明文區塊進行彙總而生成第二彙總值; 驗證步驟,係使用複數之前述第一彙總值及已生成之前述第二彙總值,進行前述加密化內容之驗證;及再生步驟,係在前述驗證失敗時,停止前述加密化內容之解密,並於驗證成功時,將前述加密化內容解密後再生。 A reproduction program is a user of a reproduction device, wherein the reproduction program is configured to perform first encryption on the plaintext block of a part of a plurality of plaintext blocks constituting the plaintext content by the first server device. Generating a first encrypted block, and generating intermediate encrypted content composed of the aforementioned plaintext block without the first encryption and the first encrypted block that has been generated, and constituting the intermediate encryption Each of the plurality of blocks of content is aggregated to generate a first summary value of the plurality, and the second server device is used to add the aforementioned plaintext area without the first encryption to the block included in the intermediate encrypted content. Performing a second encryption on the block to generate a second encrypted block, and generating encrypted content composed of the first encrypted block and the second encrypted block, where the regenerative program is used for a computer The foregoing reproducing apparatus performs the following steps: a selecting step of selecting one of the second encrypted blocks in the plurality of encrypted blocks constituting the encrypted content; decrypting And generating, by the selected second encrypted block, the decryption corresponding to the second encryption, to generate a plaintext block; and the second summarizing step, the generated plaintext block is aggregated to generate a second summary. value; The verifying step is to perform verification of the encrypted content by using the first summary value of the plurality and the generated second summary value; and the regenerating step, stopping the decryption of the encrypted content when the verification fails, and When the verification is successful, the encrypted content is decrypted and then reproduced. 一種電腦可讀取之記錄媒體,係記錄有再生裝置所使用之再生程式者,其特徵在於:藉第一伺服器裝置,僅對構成明文內容之複數明文區塊中一部份之前述明文區塊施行第一加密化,生成第一加密化區塊,並生成由未經前述第一加密化之前述明文區塊及業已生成之前述第一加密化區塊所構成之中間加密化內容,並將構成前述中間加密化內容之複數區塊之各個進行彙總而生成複數之第一彙總值,並藉第二伺服器裝置,對前述中間加密化內容所含之前述區塊中未經前述第一加密化之前述明文區塊施行第二加密化,生成第二加密化區塊,並生成由前述第一加密化區塊及前述第二加密化區塊所構成之加密化內容,前述再生程式係用以在為電腦之前述再生裝置執行下述步驟:選擇步驟,係在構成前述加密化內容之複數前述加密化區塊中,選擇一個前述第二加密化區塊;解密步驟,係於經選擇之前述第二加密化區塊施行對應於前述第二加密化之解密,生成明文區 塊;第二彙總步驟,係將生成之前述明文區塊進行彙總而生成第二彙總值;驗證步驟,係使用複數之前述第一彙總值及生成之前述第二彙總值,進行前述加密化內容之驗證;及再生步驟,係在前述驗證失敗時,停止前述加密化內容之解密,並於驗證成功時,將前述加密化內容解密後再生。 A computer readable recording medium recorded by a reproducing program used by a reproducing device, characterized in that: by the first server device, only a part of the plaintext area of a plurality of plaintext blocks constituting the plaintext content is used. Performing a first encryption on the block, generating a first encrypted block, and generating intermediate encrypted content formed by the plaintext block not having the first encryption and the first encrypted block that has been generated, and And summing each of the plurality of blocks constituting the intermediate encrypted content to generate a first summary value of the plurality, and using the second server device, the first block included in the intermediate encrypted content is not in the foregoing first block Encrypting the plaintext block to perform second encryption, generating a second encrypted block, and generating encrypted content composed of the first encrypted block and the second encrypted block, and the reproduced program is The following steps are performed in the foregoing reproducing device for the computer: the selecting step is to select one of the foregoing second plus among the plurality of encrypted blocks constituting the encrypted content. Of the block; decryption step, based on the implementation of the selected second block corresponding to the encryption of the decryption of the second encryption, to generate a plaintext area a second summary step of summarizing the generated plaintext blocks to generate a second summary value; the verifying step is to perform the encrypted content by using the first summary value of the plurality of complexes and the generated second summary value The verification and the regeneration step stop the decryption of the encrypted content when the verification fails, and decrypt the encrypted content and reproduce the verification when the verification is successful. 一種積體電路,係構成再生裝置者,其特徵在於:藉第一伺服器裝置,僅對構成明文內容之複數明文區塊中一部份之前述明文區塊施行第一加密化並生成第一加密化區塊,並生成由未經前述第一加密化之前述明文區塊及業已生成之前述第一加密化區塊所構成之中間加密化內容且對構成前述中間加密化內容之複數區塊之各個進行彙總而生成複數第一彙總值,且藉第二伺服器裝置,對前述中間加密化內容所含之前述區塊中未經前述第一加密化之前述明文區塊施行第二加密化,生成第二加密化區塊,並生成由前述第一加密化區塊及前述第二加密化區塊構成之加密化內容,前述積體電路具有:選擇機構,係在構成前述加密化內容之複數前述加密化區塊中,選擇一個前述第二加密化區塊; 解密機構,係於選擇之前述第二加密化區塊,施行對應於前述第二加密化之解密,生成明文區塊;第二彙總機構,係將生成之前述明文區塊進行彙總而生成第二彙總值;驗證機構,係使用複數之前述第一彙總值及生成之前述第二彙總值進行前述加密化內容之驗證;及再生機構,係當前述驗證失敗時,停止前述加密化內容之解密,並在驗證成功時,將前述加密化內容解密後再生。 An integrated circuit is a device for constructing a regenerative device, characterized in that: by the first server device, only the aforementioned plaintext block of a part of the plurality of plaintext blocks constituting the plaintext content is first encrypted and generated first. Encrypting the block, and generating intermediate encrypted content composed of the aforementioned plaintext block without the first encryption and the first encrypted block that has been generated, and forming a plurality of blocks of the intermediate encrypted content And each of the plurality of first summary values is generated, and the second server device performs second encryption on the plaintext block without the first encryption in the block included in the intermediate encrypted content. Generating a second encrypted block and generating encrypted content composed of the first encrypted block and the second encrypted block, wherein the integrated circuit has a selection mechanism configured to constitute the encrypted content Selecting one of the foregoing second encrypted blocks from the plurality of encrypted blocks; The decryption mechanism is configured to perform the decryption corresponding to the second encryption to generate a plaintext block in the selected second encrypted block, and the second summary mechanism aggregates the generated plaintext block to generate a second a summary value; the verification means performs verification of the encrypted content using the first summary value of the plurality and the generated second summary value; and the regeneration mechanism stops the decryption of the encrypted content when the verification fails And when the verification is successful, the encrypted content is decrypted and then reproduced.
TW101106516A 2011-03-10 2012-02-29 Content delivery system, content delivery subsystem and reproduc TW201303814A (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP2011053069 2011-03-10

Publications (1)

Publication Number Publication Date
TW201303814A true TW201303814A (en) 2013-01-16

Family

ID=46797794

Family Applications (1)

Application Number Title Priority Date Filing Date
TW101106516A TW201303814A (en) 2011-03-10 2012-02-29 Content delivery system, content delivery subsystem and reproduc

Country Status (2)

Country Link
TW (1) TW201303814A (en)
WO (1) WO2012120818A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI721602B (en) * 2019-06-17 2021-03-11 旺宏電子股份有限公司 Memory device and secure read method thereof
TWI826638B (en) * 2019-01-30 2023-12-21 日商索尼股份有限公司 Sensor device, encryption method

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2016527494A (en) 2013-07-05 2016-09-08 ユニバーシティ オブ ワシントン スルー イッツ センター フォー コマーシャライゼーション Methods, compositions and systems for microfluidic assays

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4084827B2 (en) * 2004-04-02 2008-04-30 松下電器産業株式会社 Unauthorized content detection system
JP5002205B2 (en) * 2006-07-10 2012-08-15 任天堂株式会社 Data authentication method and data authentication system
JP2010068145A (en) * 2008-09-09 2010-03-25 Oki Electric Ind Co Ltd Data transmitting device, data transmitting method, and data transmitting program, and data receiving device, data receiving method, and data receiving program, and data communication system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI826638B (en) * 2019-01-30 2023-12-21 日商索尼股份有限公司 Sensor device, encryption method
TWI721602B (en) * 2019-06-17 2021-03-11 旺宏電子股份有限公司 Memory device and secure read method thereof

Also Published As

Publication number Publication date
WO2012120818A1 (en) 2012-09-13

Similar Documents

Publication Publication Date Title
CN101874248B (en) Recording/reproducing system, recording medium device, and recording/reproducing device
KR101109995B1 (en) Content protection system
CN103348623B (en) Termination, checking device, key distribution device, content reproducing method and cryptographic key distribution method
US8601590B2 (en) Content distribution system
JP5154830B2 (en) Content distribution system
US20110222691A1 (en) Recording system, playback system, key distribution server, recording device, recording medium device, playback device, recording method, and playback method
KR100777906B1 (en) Information processing system and method
US7702109B2 (en) Content recording/reproducing system, distribution device, reproducing device, and recording device
CN103380589B (en) Terminal device, server device, content recording control system, and recording method
CN102640161B (en) Tamper monitoring system, protection control module and detection module
JP2004320719A (en) Copyright protection system, key data generation device and terminal device
CN100585713C (en) Information processing device and information processing method
JP2012249035A (en) Information processor, information processing method and program
WO2005121980A1 (en) Information acquisition device, information acquisition method, and information acquisition program
TW201303814A (en) Content delivery system, content delivery subsystem and reproduc
JP2014524060A (en) Duplicate determination device and duplicate management system
EP2824604A1 (en) Information processing device, information storage device, information processing system, information processing method, and program
US9230090B2 (en) Storage device, and authentication method and authentication device of storage device
JP4638160B2 (en) Copyright protection system, recording device, playback device, and recording medium
JP2013150179A (en) Information processing apparatus, information storage device, information processing system, information processing method, and program
JP2005080145A (en) Reproducing apparatus management method, content data reproducing apparatus, content data distribution apparatus, and recording medium
KR20080001887A (en) Method and apparatus for providing / playing DRM contents