公开(公告)号：US20150143131A1

公开(公告)日：2015-05-21

申请号：US14370852

申请日：2012-12-26

Applicant: SONY CORPORATION

Inventor： Hiroshi Kuno ,  Takamichi Hayashi ,  Yoshiyuki Kobayashi ,  Katsumi Muramatsu ,  Koji Yoshimura

IPC: G06F12/14 ,  G06F21/60

Abstract: According to a first aspect of the present disclosure, there is provided an information storage device including a storage unit that stores encrypted content, usage control information of the encrypted content, and a revocation list in which revocation information of a content reproduction device is recorded, and a data processing unit that determines whether content reproduction of an information processing device which performs decoding of the encrypted content is permitted. The data processing unit acquires an entry identifier which is designation information for a registration entry of the revocation list recorded in the usage control information, executes an identifier registration determination process for determining whether an identifier of the information processing device which performs decoding of the encrypted content is registered in the entry of the revocation list identified according to the acquired entry identifier, and determines whether a subkey which is a generation key for a title key applied to the decoding of the encrypted content is to be provided to the information processing device based on a result of the identifier registration determination process.

Abstract translation: 根据本公开的第一方面，提供了一种信息存储装置，其包括存储加密内容的存储单元，加密内容的使用控制信息和其中记录内容再现装置的撤销信息的撤销列表， 以及数据处理单元，其确定是否允许执行加密内容的解码的信息处理设备的内容再现。 数据处理单元获取作为使用控制信息中记录的撤销列表的注册条目的指定信息的条目标识符，执行用于确定执行加密内容的解码的信息处理装置的标识符的标识符登记确定处理 被登记在根据获取的条目标识符识别的撤销列表的条目中，并且确定作为用于加密内容的解码的标题密钥的生成密钥的子密钥是否将被提供给信息处理装置 标识符登记确定处理的结果。

公开(公告)号：US10515021B2

公开(公告)日：2019-12-24

申请号：US14370852

申请日：2012-12-26

Applicant: SONY CORPORATION

Inventor： Hiroshi Kuno ,  Takamichi Hayashi ,  Yoshiyuki Kobayashi ,  Katsumi Muramatsu ,  Koji Yoshimura

IPC: G06F12/14 ,  G06F21/60 ,  G06F21/62 ,  H04L9/08 ,  H04L9/32 ,  G06F21/10

Abstract: According to a first aspect of the present disclosure, there is provided an information storage device including a storage unit that stores encrypted content, usage control information of the encrypted content, and a revocation list in which revocation information of a content reproduction device is recorded, and a data processing unit that determines whether content reproduction of an information processing device which performs decoding of the encrypted content is permitted. The data processing unit acquires an entry identifier which is designation information for a registration entry of the revocation list recorded in the usage control information, executes an identifier registration determination process for determining whether an identifier of the information processing device which performs decoding of the encrypted content is registered in the entry of the revocation list identified according to the acquired entry identifier, and determines whether a subkey which is a generation key for a title key applied to the decoding of the encrypted content is to be provided to the information processing device based on a result of the identifier registration determination process.

公开(公告)号：US09805173B2

公开(公告)日：2017-10-31

申请号：US14351627

申请日：2013-06-26

Applicant: Sony Corporation

Inventor： Hiroshi Kuno ,  Yoshiyuki Kobayashi ,  Takamichi Hayashi ,  Katsumi Muramatsu

IPC: H04N21/44 ,  G06F21/10 ,  H04L9/08 ,  H04N21/418 ,  H04N21/4627 ,  H04N21/475 ,  H04N21/8355 ,  H04N21/4405 ,  G11B20/00

CPC classification number: G06F21/10 ,  G11B20/00086 ,  G11B20/0021 ,  G11B20/00855 ,  H04L9/0866 ,  H04L2209/60 ,  H04N21/4181 ,  H04N21/4184 ,  H04N21/4405 ,  H04N21/4627 ,  H04N21/4753 ,  H04N21/8355

Abstract: An information storage device including one or more processors configured to store an encrypted content and to control access of an external device to the information storage device is provided. The one or more processors are further configured to store a converted title key obtained by converting a title key which is an encryption key to be applied to decryption of the encrypted content, and a user token obtained by converting binding secret information to be applied to calculate the title key from the converted title key. The one or more processors are further configured to allow the external device having a confirmed access right to the information storage device to read out the user token.

公开(公告)号：US09767298B2

公开(公告)日：2017-09-19

申请号：US14363135

申请日：2012-11-29

Applicant: SONY CORPORATION

Inventor： Takamichi Hayashi ,  Hiroshi Kuno ,  Koji Yoshimura

IPC: G06F21/62 ,  H04N5/913 ,  H04N21/4405 ,  H04N21/4627 ,  H04N21/8355 ,  H04N5/903 ,  H04L9/32 ,  H04L9/08 ,  H04L29/06 ,  G06F21/10

CPC classification number: G06F21/62 ,  G06F21/10 ,  G06F21/105 ,  G06F2221/07 ,  H04L9/088 ,  H04L9/3268 ,  H04L9/3273 ,  H04L63/06 ,  H04L63/062 ,  H04L63/0869 ,  H04L63/10 ,  H04L63/12 ,  H04N5/903 ,  H04N5/913 ,  H04N21/4405 ,  H04N21/4627 ,  H04N21/8355 ,  H04N2005/91364

Abstract: There is provided a device and a method for preventing using of illegitimate content or manufacturing of the illegitimate media that uses illegitimate media. In a system that has an information storage device, a license management apparatus that generates a media key set (MKS) that is stored in the information storage device, and a content provision apparatus, at the time of manufacturing of the information storage device, the license management apparatus compares an MKS version that is set in the MKS that is stored in the information storage device, and an allowance minimum MKS version that is recorded in a controller of the information storage device, and thus records key information stored in the MKS, in a storage unit under the condition that it is confirmed that the MKS version is equal to or greater in value than the allowance minimum MKS version.

公开(公告)号：US09390030B2

公开(公告)日：2016-07-12

申请号：US14345543

申请日：2012-10-19

Applicant: SONY CORPORATION

Inventor： Yoshiyuki Kobayashi ,  Hiroshi Kuno ,  Takamichi Hayashi

IPC: G06F12/14 ,  H04L9/32 ,  G06F21/10

CPC classification number: G06F12/1408 ,  G06F12/14 ,  G06F21/10 ,  H04L9/3236 ,  H04L9/3247 ,  H04L9/3263

Abstract: Provided is an information storage device including a storage unit configured to store encrypted content and an encryption key to be applied to decryption of the encrypted content, wherein the storage unit stores a converted encryption key generated through an arithmetic operation of the encryption key and an electronic signature that is constituent data of an encrypted content signature file set corresponding to the encrypted content, wherein the electronic signature is an electronic signature for data that includes constituent data of the encrypted content and the encryption key, and wherein a reproduction device configured to read the encrypted content from the storage unit and execute a decryption process is able to be caused to perform acquisition of the encryption key through an arithmetic operation of applying the electronic signature to the converted encryption key.

Abstract translation: 提供了一种信息存储装置，包括：存储单元，被配置为存储加密内容和加密密钥，用于加密内容的解密，其中存储单元存储通过加密密钥的算术运算产生的转换的加密密钥和电子 签名，其是与加密内容相对应的加密内容签名文件集的组成数据，其中，电子签名是包括加密内容和加密密钥的组成数据的数据的电子签名，并且其中，被配置为读取 通过将电子签名应用于转换后的加密密钥的算术运算，能够使来自存储单元的加密内容并执行解密处理来执行加密密钥的获取。

公开(公告)号：US20140380063A1

公开(公告)日：2014-12-25

申请号：US14345543

申请日：2012-10-19

Applicant: SONY CORPORATION

Inventor： Yoshiyuki Kobayashi ,  Hiroshi Kuno ,  Takamichi Hayashi

IPC: G06F12/14

CPC classification number: G06F12/1408 ,  G06F12/14 ,  G06F21/10 ,  H04L9/3236 ,  H04L9/3247 ,  H04L9/3263

Abstract: Provided is an information storage device including a storage unit configured to store encrypted content and an encryption key to be applied to decryption of the encrypted content, wherein the storage unit stores a converted encryption key generated through an arithmetic operation of the encryption key and an electronic signature that is constituent data of an encrypted content signature file set corresponding to the encrypted content, wherein the electronic signature is an electronic signature for data that includes constituent data of the encrypted content and the encryption key, and wherein a reproduction device configured to read the encrypted content from the storage unit and execute a decryption process is able to be caused to perform acquisition of the encryption key through an arithmetic operation of applying the electronic signature to the converted encryption key.

Abstract translation: 提供了一种信息存储装置，包括：存储单元，被配置为存储加密内容和加密密钥，用于加密内容的解密，其中存储单元存储通过加密密钥的算术运算产生的转换的加密密钥和电子 签名，其是与加密内容相对应的加密内容签名文件集的组成数据，其中电子签名是包括加密内容和加密密钥的组成数据的数据的电子签名，并且其中，被配置为读取 通过将电子签名应用于转换后的加密密钥的算术运算，能够使来自存储单元的加密内容并执行解密处理来执行加密密钥的获取。

公开(公告)号：US20140237235A1

公开(公告)日：2014-08-21

申请号：US14351627

申请日：2013-06-26

Applicant: Sony Corporation

Inventor： Hiroshi Kuno ,  Yoshiyuki Kobayashi ,  Takamichi Hayashi ,  Katsumi Muramatsu

IPC: G06F21/10

CPC classification number: G06F21/10 ,  G11B20/00086 ,  G11B20/0021 ,  G11B20/00855 ,  H04L9/0866 ,  H04L2209/60 ,  H04N21/4181 ,  H04N21/4184 ,  H04N21/4405 ,  H04N21/4627 ,  H04N21/4753 ,  H04N21/8355

Abstract: Content usage control is realized on condition of the establishment of user authentication without having to communicate with a server or the like. An information storage device such as a memory card stores an encrypted content, a converted title key obtained by converting a title key which is an encryption key, and a user token obtained by converting binding secret information to be applied to calculate the title key from the converted title key. A reproducing device that decrypts and reproduces the encrypted content acquires the converted title key and the user token, and generates an authentication key on the basis of user identification information such as a user ID. Furthermore, the binding secret information is calculated by computation processing between the user token and the authentication key, the title key is calculated from the converted title key by applying the calculated binding secret information, and decryption processing of the encrypted content is executed by applying the calculated title key.

Abstract translation: 内容使用控制是在建立用户认证的条件下实现的，而不必与服务器等进行通信。 诸如存储卡的信息存储装置存储加密的内容，通过转换作为加密密钥的标题密钥获得的转换的标题密钥和通过转换要应用的绑定秘密信息而获得的用户令牌，以从 转换标题密钥。 解密并再现加密内容的再现装置获取转换的标题密钥和用户令牌，并且基于诸如用户ID的用户标识信息生成认证密钥。 此外，通过用户令牌和认证密钥之间的计算处理来计算绑定秘密信息，通过应用计算的绑定秘密信息，从转换的标题密钥计算出标题密钥，并且通过应用加密内容来执行加密内容的解密处理 计算标题键。

公开(公告)号：US09811670B2

公开(公告)日：2017-11-07

申请号：US14522912

申请日：2014-10-24

Applicant: Sony Corporation

Inventor： Hiroshi Kuno ,  Kenjiro Ueda ,  Munetake Ebihara ,  Takamichi Hayashi ,  Koji Yoshimura

IPC: H04L29/06 ,  G06F21/60 ,  G11B20/00 ,  H04L9/08 ,  H04L9/32

CPC classification number: G06F21/602 ,  G11B20/00086 ,  G11B20/0021 ,  G11B20/00224 ,  G11B20/00253 ,  G11B20/00347 ,  G11B20/00478 ,  G11B20/00507 ,  G11B20/00521 ,  G11B20/00695 ,  G11B20/00847 ,  G11B20/00855 ,  G11B20/00869 ,  G11B2220/17 ,  G11B2220/61 ,  H04L9/0822 ,  H04L9/083 ,  H04L9/0869 ,  H04L9/3263 ,  H04L2209/60

Abstract: An information processing device including: a data processing unit that generates an encryption key of content; and a communication unit that transmits an encryption key generated by the data processing unit, wherein the data processing unit generates, as the encryption key, individual keys that are different for each new content recording processing on a recording medium in a content recording device, and transmits the individual keys through the communication unit.

公开(公告)号：US20140351585A1

公开(公告)日：2014-11-27

申请号：US14363135

申请日：2012-11-29

Applicant: SONY CORPORATION

Inventor： Takamichi Hayashi ,  Hiroshi Kuno ,  Koji Yoshimura

IPC: G06F21/10

CPC classification number: G06F21/62 ,  G06F21/10 ,  G06F21/105 ,  G06F2221/07 ,  H04L9/088 ,  H04L9/3268 ,  H04L9/3273 ,  H04L63/06 ,  H04L63/062 ,  H04L63/0869 ,  H04L63/10 ,  H04L63/12 ,  H04N5/903 ,  H04N5/913 ,  H04N21/4405 ,  H04N21/4627 ,  H04N21/8355 ,  H04N2005/91364

Abstract: There is provided a device and a method for preventing using of illegitimate content or manufacturing of the illegitimate media that uses illegitimate media. In a system that has an information storage device, a license management apparatus that generates a media key set (MKS) that is stored in the information storage device, and a content provision apparatus, at the time of manufacturing of the information storage device, the license management apparatus compares an MKS version that is set in the MKS that is stored in the information storage device, and an allowance minimum MKS version that is recorded in a controller of the information storage device, and thus records key information stored in the MKS, in a storage unit under the condition that it is confirmed that the MKS version is equal to or greater in value than the allowance minimum MKS version.

Abstract translation: 提供了防止使用非法内容或制造使用非法媒体的非法媒体的装置和方法。 在具有信息存储装置的系统中，生成存储在信息存储装置中的媒体密钥集（MKS）的许可证管理装置和内容提供装置在信息存储装置的制造时， 许可证管理装置将存储在信息存储装置中的MKS中设置的MKS版本和记录在信息存储装置的控制器中的容许最小MKS版本进行比较，从而记录存储在MKS中的密钥信息， 在确认MKS版本等于或大于允许最小MKS版本的条件下，在存储单元中。

公开(公告)号：US09100525B2

公开(公告)日：2015-08-04

申请号：US13673042

申请日：2012-11-09

Applicant: SONY CORPORATION

Inventor： Yoshiyuki Kobayashi ,  Hiroshi Kuno ,  Takamichi Hayashi

IPC: H04L29/00 ,  H04N1/00 ,  G06F21/10

CPC classification number: H04N1/00838 ,  G06F21/10

Abstract: An information storage apparatus includes a storage unit configured to store an encrypted content and an encryption key to be applied to decryption of the encrypted content, the storage unit including a protected area in which a converted encryption key is stored and to which access restrictions are set, the converted encryption key being a data item acquired through conversion of the encryption key, and a general purpose area storing the encrypted content and an encrypted content signature file set correspondingly to the encrypted content, the encrypted content signature file containing, as a recorded data item, a block identifier indicating in which of areas in the protected area storage of the converted encryption key is permitted, to permit a reproducing apparatus to execute content reproduction possibility judgment applying the block identifier, the reproducing apparatus being configured to read the encrypted content from the storage unit and execute a reproducing process.

Abstract translation: 一种信息存储装置，包括：存储单元，被配置为存储加密内容和加密密钥，用于加密内容的解密，所述存储单元包括存储转换的加密密钥的保护区域，并且设置了哪个访问限制 转换的加密密钥是通过加密密钥的转换获得的数据项，以及存储加密内容的通用区域和对应于加密内容设置的加密内容签名文件，加密的内容签名文件包含作为记录数据 项目，表示在转换的加密密钥的保护区域存储区域中的哪个区域被允许的块标识符，允许再现设备执行应用块标识符的内容再现可能性判断，该再现设备被配置为从 存储单元并执行再现处理。