Abstract: A virtual machine can be implemented by anyone because the interface and other information necessary for implementation are publicly available. Hence, if virtual machine is implemented maliciously, a program operating thereon can be made to operate maliciously instead of operating legitimately. By comparing secret information held in memory and specific to the virtual machine with verification information which a program holds itself, the program verifies that the virtual machine on which it is running has been legitimately implemented and excludes illegitimate virtual machines.

Abstract: The present invention aims at providing a playback apparatus that performs playback control so as to prevent, in playback of content recorded on a recording medium, a decline of the value of the recording medium and content. In the case of having failed in reading of content data from the recording medium, as well as in the case of determining the necessity of content data replacement, the playback apparatus of the present invention acquires, from the distribution server, pieces of partial content data corresponding to locations at and following the reading failure, as well as pieces of replacement content data corresponding to locations whose data needs to be replaced. The playback apparatus plays back content data recorded on the recording medium and partial content data and replacement content data acquired from the content distribution server.

Abstract: The recorder/reproducer (101), when moving a first content data, writes a second content data, which is obtained by re-coding the first content data recorded in a first recording medium, into a second recording medium instead of the first content data, writes one or more first partial information extracted from the first content data into the second recording medium, and makes the first content data irreproducible, using one or more first invalidated partial information having one-to-one correspondence with the extracted one or more first partial information. When restoring the first content data, it makes the irreproducible first content data reproducible, using the one or more first partial information recorded in the second recording medium.

Abstract: There is a demand for a device handling information with the use of encryption technology to safely and simply update the encryption schemes. The present invention offers an information security device having a plurality of encryption schemes and handling information safely and reliably, characterized by selecting one of the plurality of encryption schemes as an application encryption scheme and installing a different encryption scheme from the plurality of encryption schemes based on the application encryption scheme.

Abstract: A content protection system prevents illegal key acquisition, without checking uniqueness of device keys. The content protection system includes a key data generation apparatus and a user terminal. The key data generation apparatus converts first key data, which is for using content, based on a predetermined conversion rule, thereby generating second key data, encrypts the second key data using a device key held by valid terminals, and outputs the encrypted key data. The user terminal obtains the encrypted key data, decrypts the encrypted key data using a device key held by the user terminal, thereby generating second key data, converts the second key data based on a re-conversion rule corresponding to the conversion rule, thereby generating the first key data, and uses the content with use of the generated first key data.

Abstract: When a PC 20 transmits a content request to a device registration apparatus 10 in which a permitted number of devices have already been registered, an expiration time management unit 105 judges whether any registration information registered in a registration list management unit 102 has an exceeded registration expiration time. If registration information with an exceeded registration expiration time is registered in the registration list management unit 102, the registration list management unit 102 deletes this registration information, and newly registers registration information of the PC 20.

Abstract: A system structured from a management device, a content key distribution device and a plurality of terminals suppresses the data volume of a terminal revocation list (TRL). The management device generates and transmits a TRL formed from data that expresses terminal IDs of all terminals to be invalidated, by only a value and a position of a common bit string in the IDs, to the content key distribution device. Each terminal holds a terminal ID that includes a manufacturer, ID and a serial number, and requests the distribution of a content key by sending the terminal ID to the content key distribution device. The content key distribution device refers to the TRL, judges whether the terminal ID transmitted from the terminal is that of an invalidated terminal, and if negative, encrypts and transmits the content key to the terminal.

Abstract: A recording medium provided with a lead-in area and a data recording area, wherein position information indicating the position of the key information is stored in the lead-in area and key information to be used for managing the copyrights of content is recorded in the data recording area. As a result, a read device can acquire the key information in the data recording area by referring to the position information in the lead-in area, even if the read device lacks a way of handling a file system to be used in the data recording area. Moreover, software for reproduction of the content can acquire the key information in the data recording area using the file system.

Abstract: A data protection system is provided that reduces, to a degree, the amount of encrypted data that is distributed to a plurality of terminals. In the data protection system a terminal whose decryption keys are exposed by a dishonest party is made to be unable to decrypt the data correctly, while other terminals are able to decrypt the data correctly. The data protection system includes a plurality of terminals, and an encryption device that encrypts distribution data distributed to each terminal. Each terminal is corresponded with one node on a lowest level of a 4-ary tree structure or the like having a plurality of hierarchies.

Abstract: A recording device performs recording on a recording medium such as a DVD, and playback compatibility of the recording medium is increased. In circumstances such as when a standard is established after the manufacture of a playback apparatus, there are playback devices that physically cannot read information for decrypting encrypted data from a predetermined area of the recording medium due to the specifications of the playback apparatus, and therefore cannot use the recording medium. In order for the recording medium to be able to be used in such a playback apparatus, the recording device reads data recorded in the predetermined area of the recording medium, and records the read data in another area that is readable by the playback apparatus.

Abstract: A content protection system prevents illegal key acquisition, without checking uniqueness of device keys. The content protection system includes a key data generation apparatus and a user terminal. The key data generation apparatus converts first key data, which is for using content, based on a predetermined conversion rule, thereby generating second key data, encrypts the second key data using a device key held by valid terminals, and outputs the encrypted key data. The user terminal obtains the encrypted key data, decrypts the encrypted key data using a device key held by the user terminal, thereby generating second key data, converts the second key data based on a re-conversion rule corresponding to the conversion rule, thereby generating the first key data, and uses the content with use of the generated first key data.

Abstract: The present invention aims to provide a time authentication device for distinguishing clocks that show a time falling within the predetermined permissible range as compared with a time shown by the time authentication device. In a time authentication device embodied as a distribution device 11, a time-relation information storage unit 104 stores a playback-device-time measured by a clock unit 203 of a playback device 12, and also stores a distribution-device-time measured by a clock unit 103 when the playback-device-time is acquired. The time authentication unit 107 acquires from the playback device 12 a target time measured by the clock unit 203, and also acquires an authentication time measured by the clock unit when the target time is received. The time authentication unit 107 then calculates a first difference (=Authentication Time?Distribution-Device-Time), a second difference (=Target Time?Playback-Device-Time), an authentication difference (=First Difference?Second Difference).

Abstract: A theft prevention system capable of preventing theft of a target object by disabling the authorized key of the target object in the case where the authorized key has been stolen. When the authorized key is lost, a mobile telephone 100 instructs a vehicle control device 300a to set a warning mode. On receipt of this warning mode instruction, the vehicle control device 300a sets warning mode, generates an electronic key, and transmits the generated electronic key to the mobile telephone 100, which receives and stores the electronic key. Once the warning mode is set in the vehicle, locking and unlocking are only possible using the electronic key. If the authorized key is found, the mobile telephone 100 instructs the vehicle control device 300a to set the normal mode. Upon receipt of this normal mode instruction, the vehicle control device 300a sets the normal mode in the vehicle. Once the normal mode is set in the vehicle, locking and unlocking are only possible using the authorized key.

Abstract: An authentication system is provided having a revocation list generation apparatus that constructs and stores a revocation list in a tree structure, the revocation list generation apparatus being used in combination with a revocation judgment apparatus. The authentication system improves upon conventional authentication systems because the memory capacity to store a Certificate Revocation List (CRL) in order to identify revoked certificates is reduced. The tree structure corresponds to public key certificate, which are identified by leaf identifies, and nodes from a leaf that corresponds to a revoked public key certificate.

Abstract: An electronic money usage system is capable of preventing dishonest use of electronic money recorded on a recording medium. A memory card 300 acquires signature-type electronic data from a bank server apparatus 100, and generates a first authenticator using the received first authenticator, and an identification flag, an electronic money ID and an amount included in the electronic money. When a user uses the signature-type electronic money, the memory card 300 generates a second authenticator with use of a second password received from the user, and the identification flag, electronic money ID and amount included in the electronic money. The memory card 300 outputs the electronic money if the first authenticator and the second authenticator match.

Abstract: A copyright protection system includes a recording device and a reproduction device. The recording device writes encrypted content, an encrypted content key for decrypting the encrypted content, and license information on a recording medium on which a unique media number has been recorded in an unrewritable state. The license information is generated using both the media number and the encrypted content key, and therefore reflects both values. The reproduction device reads the media number, the encrypted content key, and the license information from the recording medium, and judges whether the license information reflects both the media number and the encrypted content key. The reproduction device decrypts the encrypted content key, and decrypts the encrypted content using the content key only if the license information reflects both values. Thus, the copyright protection system allows only original recording media to be reproduced, and prohibits reproduction of copy recording media.

Abstract: A virtual machine can be implemented by anyone because the interface and other information necessary for implementation are publicly available. Therefore, it is possible that by implementing the virtual machine illegitimately, programs run thereon on will be made to operate illegitimately instead of legitimately. A program compares secret information held by the virtual machine with verification information held by the program itself. The program thereby verifies whether the virtual machine that runs the program is implemented legitimately, and is able to reject an illegitimate virtual machine.

Abstract: [Object] To realize a content receiving apparatus and the like which can avoid a situation where content cannot be reproduced even when content receiving routes are switched from a broadcast wave to a communication network at an arbitrary timing. [Means to achieve the object] A receiving route switch control unit (112) determinates which receiving route is selected from the broadcast wave (20) and the communication network (30) to obtain content, and switches receiving routes based on this determination. A DRM module (140) manages the copyright of the obtained content based on a digital rights management (DRM) method defined by a provider A when content is received via the broadcast wave (20). Likewise, a DRM module (150) manages the content of copyright based on a DRM method B defined by a provider B, and a DRM module (160) manages content copyrights based on a DRM method C defined by a provider C, respectively.

Abstract: Processing load on an executing device for conducting playback is high during the playback of contents since the executing device performs verification of the contents validity in parallel with the contents playback, and therefore the executing device has to be equipped with a highly efficient processor. The present invention reduces the processing load involved in the verification by using, for the verification, only a predetermined number of encrypted units selected randomly from multiple encrypted units consisting encrypted contents recorded on the DVD. In addition, the present invention is capable of improving the accuracy of detecting unauthorized contents to some extent by randomly selecting a predetermined number of encrypted units every time the verification is performed.

Abstract: Processing load on an executing device for conducting playback is high during the playback of contents since the executing device performs verification of the contents validity in parallel with the contents playback, and therefore the executing device has to be equipped with a highly efficient processor. The present invention reduces the processing load involved in the verification by using, for the verification, only a predetermined number of encrypted units selected randomly from multiple encrypted units consisting encrypted contents recorded on the DVD. In addition, the present invention is capable of improving the accuracy of detecting unauthorized contents to some extent by randomly selecting a predetermined number of encrypted units every time the verification is performed.