IL139364A - Mechanism for matching a receiver with a security module - Google Patents
Mechanism for matching a receiver with a security moduleInfo
- Publication number
- IL139364A IL139364A IL139364A IL13936400A IL139364A IL 139364 A IL139364 A IL 139364A IL 139364 A IL139364 A IL 139364A IL 13936400 A IL13936400 A IL 13936400A IL 139364 A IL139364 A IL 139364A
- Authority
- IL
- Israel
- Prior art keywords
- receiver
- detachable
- security
- module
- pay
- Prior art date
Links
- 230000005540 biological transmission Effects 0.000 claims description 18
- 238000000034 method Methods 0.000 claims description 12
- 238000012795 verification Methods 0.000 claims 6
- 230000005236 sound signal Effects 0.000 claims 1
- 238000013475 authorization Methods 0.000 description 3
- 238000004891 communication Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 238000012546 transfer Methods 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012827 research and development Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 239000013598 vector Substances 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/436—Interfacing a local distribution network, e.g. communicating with another STB or one or more peripheral devices inside the home
- H04N21/4367—Establishing a secure communication between the client and a peripheral device or smart card
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/109—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by using specially-adapted hardware at the client
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/16—Program or content traceability, e.g. by watermarking
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/305—Authentication, i.e. establishing the identity or authorisation of security principals by remotely controlling device operation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/72—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/72—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
- G06F21/725—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits operating on a secure reference time value
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/77—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/85—Protecting input, output or interconnection devices interconnection devices, e.g. bus-connected or in-line devices
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/0806—Details of the card
- G07F7/0813—Specific details related to card security
- G07F7/0826—Embedded security module
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/41—Structure of client; Structure of client peripherals
- H04N21/418—External card to be used in combination with the client device, e.g. for conditional access
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/41—Structure of client; Structure of client peripherals
- H04N21/418—External card to be used in combination with the client device, e.g. for conditional access
- H04N21/4181—External card to be used in combination with the client device, e.g. for conditional access for conditional access
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N7/00—Television systems
- H04N7/16—Analogue secrecy systems; Analogue subscription systems
- H04N7/167—Systems rendering the television signal unintelligible and subsequently intelligible
- H04N7/1675—Providing digital key or authorisation information for generation or regeneration of the scrambling sequence
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2143—Clearing memory, e.g. to prevent the data from being stolen
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Multimedia (AREA)
- Signal Processing (AREA)
- Technology Law (AREA)
- Mathematical Physics (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
- Selective Calling Equipment (AREA)
- Circuits Of Receivers In General (AREA)
- Compression Or Coding Systems Of Tv Signals (AREA)
- Burglar Alarm Systems (AREA)
- Input Circuits Of Receivers And Coupling Of Receivers And Audio Equipment (AREA)
Description
MECHANISM FOR MATCHING A RECEIVER WITH A SECURITY MODULE TECHNICAL FIELD This invention relates to a system for controlling the transfer of information between a receiver and a security module, especially for a pay television system, as well as to a method of controlling the transfer of scrambled information. ' BACKGROUND OF THE INVENTION A pay television descrambling system is composed of a receiver and a security module. This module may be detachable or fixed. The purpose of the receiver is to descramble the signals received. The main purpose of the security module is to control the operation by verifying the descrambling authorization and by providing, as required, the information necessary for operating the descrambling module, for example by providing descrambling vectors, also called control words.
The existing systems use receivers which interrogate their security modules, and the latter reply by providing the information necessary for descrambling. At a given time, for the same transmitted broadcast, all the security modules reply with the same information. Because the information flows between the security module and the receiver at a low rate (of about 20 to 30 bytes/s), defrauders may use this information in order to broadcast it publicly, for example via the Internet.
Such a system is described in the document "DVD Conditional Access" written by David Cutts in the journal called "Electronics & Communication Engineering Journal" of February 1997. It is described a standardized system to unscramble audio and video streams coming from different service providers. The security module, called CA (Conditional Access) is in charge of delivering the control words CW. This module can additionally uses a smart card (SM) for the descrambling function. Once the information are descrambled in the CA module, the control words CW are returned in the decoder for obtaining the uncoded information.
In a prior publication entitled "Conditional Access BroadcastingiDatacare 2, an Over-Air Enabled System for General Purpose Data Channels", published on August 1st 1988 in the journal BBC Research and Development Report No 10, it is described an independent module (Conditional Access Module) in charge of receiving and decrypting the information necessary for the descrambling. This module manages the key dedicated to the system and delivers the control words necessary for the descrambling of the video broadcasts. In this type of module, once the control words are decrypted, they are transmitted uncoded to the unit in charge of the descrambling.
The problem then arises of how to make a receiver and a security module interdependent so that: the given security module can be used only in the receiver for which the said security module was intended; - the information stream exchanged between the security module and the receiver is unique. This uniqueness prevents the public broadcasting of this stream from allowing other receivers to work without the security module provided for this purpose.
SUMMARY OF THE INVENTION The proposed solution to the above mentioned problem uses at least one encryption key specific to the receiver. This (or these) key(s) is(are) called a matching key. At least one of the keys is different for each receiver. This (or these) key(s) is(are) installed in the non-volatile memory of the receiver, either during the manufacture of the said receiver or at a subsequent step. The receiver provides no means of access to this (or these) key(s) to the external world.
One possible means of programming this key into the security module is to use the central information system which manages the group of receivers and which can embed, in the video transmission stream, information for programming this key into the secret non-volatile memory of the security modules. The formatting of this procedure is, of course, kept secret.
When transferring confidential information and/or information necessary for the operation of the system from the security module to the receiver (typically, control words, but other information may be thus transferred), the security module encrypts this information using one or more unique matching keys common to the single receiver/security module pair. Any method of encryption can be used provided the security module knows it, and the receiver knows the corresponding method of decryption. Once this information has been received by the receiver, it is then decrypted by the said receiver using the known method of decryption and the matching key stored in its non-volatile memory. The said information is then uncoded information and can be used by the said receiver.
The invention therefore proposes a system for controlling the transmission of information between a receiver and a security module, especially for a pay television system, in which the transmitted information is encrypted and decrypted by means of at least one unique encryption key stored, on the one hand, in the receiver and, on the other hand, in the security module.
The invention also relates to a system for descrambling scrambled information and to a pay television system comprising a transmission control system.
Moreover, the invention relates to a method of controlling the transmission of information between a receiver and a security module, especially for a pay television system, characterized in that at least one unique matching key is stored, on the one hand, in the receiver and, on the other hand, in the security module and in that the information transmitted between the receiver and the security module is encrypted and decrypted by means of at least one said unique encryption key.
This solution according to the invention solves the problem posed. This is because: - a security module inserted into a receiver other than that for which the said security module has been matched will provide this other receiver with a stream of confidential information and/or of information necessary for the operation of the system which is encrypted with a key that does not correspond to that used for decrypting it. The result is therefore unusable; a stream of confidential information and/or of information necessary for the operation of the system coming from a security module cannot be distributed to several receivers. Only the receiver matched with the card providing this stream of confidential and/or necessary information is able to decrypt the said stream successfully.
The system may comprise a mechanism for verifying the matching procedure. The central information system may write a number, personal to the receiver, in the security module matched with the said receiver, for example a number generated randomly by the latter, or may simply use its serial number. One means open to the receiver is to freely verify this personal number written in the security module and to compare it with that stored in its non-volatile memory.
This mechanism has the advantage of not using improper data. The result of encryption followed by decryption by a different key usually provides a pseudo-random result. If the result is not recognized as being false and if this result is used as it is, this could result in the receiver or the equipment connected to it being damaged.
Certain types of receivers have a detachable descrambling module. This module is responsible for a number of operations, among which is the operation of descrambling the signals received. Confidential information is then transferred between the detachable security module and this detachable descrambling module. The mechanism of encryption of the communication, described above, between a receiver and a security module is then transferred, as it is, between the detachable security module and the detachable descrambling module.
Likewise, the method of matching, described above, between the security module and the receiver is then transferred, as it is, between the detachable security module and the detachable descrambling module.
Descrambled signals are then transferred between the detachable descrambling module and the receiver. The mechanism of encrypting the communication, along with the mechanism of matching, described above, between the security module and the receiver, is then transferred, as it is, between the receiver and the detachable descrambling module.
The functions provided by the detachable descrambling module and the detachable security module may be carried out by a single module, called a detachable descrambling-security module. The matching mechanism described above is then transferred, as it is, between the detachable descrambling-security module and the receiver.
In all the cases described above, the matching key or keys may be used to encrypt a stream of confidential data and/or of data necessary for operating the system in the opposite direction, by reversing, respectively: - the receiver and the detachable security module; the detachable descrambling module and the detachable security module; the receiver and the detachable descrambling module; the receiver and the detachable descrambling-security module.
In all cases where a matching key is specific to one item of equipment (a receiver or a detachable module), the same principles apply to the use of a matching key (or several matching keys) specific to a group of items of equipment.
BRIEF DESCRIPTION OF THE FIGURES Figure 1 illustrates a configuration employing a receiver and a detachable security module.
Figure 2 illustrates a configuration employing a receiver, a detachable descrambling module and a detachable security module.
Figure 3 illustrates a configuration employing a receiver and a detachable descrambling-security module.
DETAILED DESCRIPTION The receiver A in Figure 1 receives a stream of scrambled video information 1 from a source such as a satellite receiver or by cable. This stream, of the order of several megabits per second, is shaped in the receiver A and then transmitted to a control unit B which is responsible for the descrambling and for managing the authorization for access to the scrambled video information. To do this, this control unit B periodically interrogates the detachable security module C (channel 3) which replies to the latter with a stream of confidential data and/or of data necessary for the operation of the control unit B (channel 4). These exchanges take place at low rates and can be easily processed by the microprocessors of smart cards available on the market. According to the invention, the detachable security module C comprises at least one encryption key K in a non-volatije memory which encrypts the confidential data and/or the data necessary for operation of the control unit B (channel 4) towards the receiver A. This key K is unique to the receiverA and written to the detachable security module C, making the information stream 4 unique to this system. The public broadcasting of this information 4 will no longer be of any use to other receivers as, in the case of the latter, since they are not in possession of the same key K, the information stream is completely incomprehensible. By means of the information 4, the control unit B can recover the descrambled video signal 2, this being processed and then transmitted in standard form (PAL, SECAM, NTSC) to the video monitor.
A variant of the invention employs encryption, of the same kind, of the information 3 sent to the detachable security module C either using the same key K or using a different key J, which is unique and specific to the system formed by the receiver A and the detachable security module C. Thus, any attempt to recover the key K from the information stream 4 is made much more difficult.
Figure 2 illustrates a variant using a detachable descrambling module D which incorporates the control unit B. In this case, the scrambled video stream 1 is shaped by the receiver A and sent to the detachable descrambling module D. The mode of operation described in the case of Figure 1 between the receiver A and the detachable security module C is this time applied to the conversation between the detachable descrambling module D and the detachable security module C. The key K is written in a secret part of the detachable descrambling module D instead of the receiver A. Thus, the information provided by the detachable security module C to the detachable descrambling module D is encrypted and therefore of no value to another detachable descrambling module D.
It may thus be seen that the information sent to the receiver A consists of a stream of descrambled video information 6 which can be readily exploited, for example for illicit copies. In one variant of the invention, the stream 6 is encrypted in the detachable descrambling module D before being sent to the receiver A for descrambling by the decrypting unit E'. This operation is carried out using a key K' specific only to the receiver A/detachable descrambling module D system. Consequently, the information stream 6 no longer has any meaning and can be understood only by the receiver A having the same key K'.
The receiver A may add, to the scrambled video stream 1 , control information intended for the detachable descrambling module D. In order to prevent this information from being public and from opening a door to understanding the encryption mechanism, this information is encrypted by the encryption unit E in order to obtain a scrambled video stream 6 containing encrypted control information.
Figure 3 illustrates a variant of the invention in which the detachable security module is incorporated into a detachable descrambling-security module F. The function of this module is to descramble and to manage the authorization of the video signals received by the receiver A. According to the invention, this module includes a unique encryption key specific to the receiver A and written in this detachable descrambling-security module F. Likewise, the descrambled video stream 6 is encrypted by this key and sent in this form to the receiver A. The latter, by means of the decryption unit E' and by using the same unique key, will be able to recover the uncoded video signal.
By analogy with the operation described in relation to Figure 2, the control information contained in the scrambled video stream 1 may be encrypted by means of a unique encryption key by the unit E before it is sent to the detachable descrambling-security module F.
In all the examples described in relation to Figures 1 to 3, the matching may be checked. In the case of Figure 1 , the receiver A writes a personal number, for example its serial number, in the detachable security module C. Thus, the receiver can at any instant verify that the detachable security module C is indeed that which is intended for it. In the context of the example illustrated in Figure 2, the check may be made at two levels, namely a first level between the detachable descrambling module D and the detachable security module C and a second level between the detachable descrambling module D and the receiver A. This second level is particularly important if the unscrambled information 6 sent to the receiver A is encrypted.
In the solution shown in Figure 3, the matching is checked between the receiver A and the detachable descrambling-security module F.
In one embodiment of the invention, the receiver A is an MPEG decoder using control words (information necessary for descrambling the signal) in order to descramble the video signal. These control words are provided by the detachable security module C. This module, for example a smart card, includes a non-volatile memory for storing them.
In one embodiment of the invention, the detachable descrambling module D is a PCMCIA-type card which includes an MPEG decoder (control unit B).
In one embodiment of the invention, the detachable descrambling-security module F is produced in the form of a smart card which incorporates an MPEG decoder and a security module C.
In one embodiment of the invention, the unique encryption key K is common to a group of receivers. This possibility is advantageous, for example in a school having several receivers to which the same detachable security module is applied depending on the requirements. Likewise, several detachable security modules include the same encryption key in order to be able to be placed in any one of the receivers in the group. In this case, the matching check is carried out on a number which is no longer specific to one receiver but to a group of receivers. A combination may be produced with a number composed of two parts, one part defining the group and the other the receiver. The uniqueness of the personal number is respected, the matching conformity test then being carried out on more than just the group part of this number.
Claims (25)
1. A pay-TV reception system comprising a receiver connected to security means, this receiver receiving descrambling information from the security means, characterized in that at least a part of the information is encrypted, before being tiansmitted to the receiver by said security means, with a unique encryption key stored on the one hand in the receiver and, on the other hand, in the security means, said enciyption key forming a matching between the security means and the receiver, the system further comprising a verification mechanism of the conformity of said matching.
2. The pay-TV reception system according to claim 1, characterised in that the unique enciyption key is common to a group of receivers.
3. The pay-TV reception system according to claim 1 or 2, characterised in that at least a part of the information sent from the receiver to the security means is enciypted by a unique encryption key.
4. The pay-TV reception system according to claims 1 or 2, characterised in that the receiver includes a personal number which may be written in the security means, it being possible for the said receiver to verify at any time the conformity of this personal number written in the said security means.
5. The pay-TV reception system according to claim 4, characterised in that the personal number comprises a part specific to a group of receivers and a part specific to one receiver and in that the conformity of the matching is verified on the part specific to the group of receivers.
6. The pay- TV reception system according to claims 1 or 2, characterised in that the receiver includes a control unit and in that the security means consist of a detachable security module in which the confidential information and/or the information necessary for the operation of the control unit is stored. 10 139,364/4
7. The pay-TV reception system according to claims 1 or 2, characterised in that the security means comprise a detachable descrambling-security module comprising a control unit and a security unit, these units being responsible for descrambling and for authorizing the video information.
8. A pay-TV reception system comprising a receiver connected to security means, this receiver receiving descrambling information from the security means, characterised in that these security means comprise a detachable security module and a detachable descrambling module including a control unit and in that at least a part of the confidential information and/or of the information necessary for the operation of the control unit is encrypted before being sent to the detachable descrambling module by the detachable security module by means of a unique encryption key stored on the one hand in the detachable descrambling module and, on the other hand, in the detachable security module, said unique encryption key forming a matching between the detachable security module and the detachable descrambling module, the system further comprising a verification mechanism of the conformity of said matching.
9. The pay-TV reception system according to claim 8, characterised in that at least some of the information sent from the detachable descrambling module to the security module is encrypted by a unique encryption key
10. The pay-TV reception system according to claim 8 or 9, characterised in that the detachable descrambling module includes a personal number which may be written in the detachable security module, it being possible for the said detachable descrambling module to verify at any time the conformity of this personal number written in the said detachable security module.
11. The pay-TV reception system according to claim 10, characterised in that the personal number comprises a part specific to a group of detachable descrambling modules and a part specific to one detachable descrambling module and in that the confonnity of the matching is verified on the part specific to the group of detachable descrambling modules. 11 139,364/3
12. The pay-TV reception system according to claim 9, characterised in that at least some of the information sent from the receiver to the detachable descrambling module is encrypted by a unique encryption key.
13. The pay-TV reception system according to claim 9, characterised in that at least some of the information sent from the detachable descrambling module to the receiver is encrypted by a unique encryption key.
14. The pay-TV reception system according to either of claims 12 and 13, characterised in that the receiver includes a personal number which may be written in the detachable descrambling module, it being possible for the said receiver to verify at any time the conformity of this personal number written in the said detachable descrambling module.
15. A method of controlling the transmission of information in a Pay-TV reception system between a receiver and security means, these security means sending to the receiver descrambling information allowing the decryption of the video and audio signals, characterised in that at least one unique encryption key is stored on the one hand in the receiver and, on the other hand, in the security means and in that the information transmitted between the receiver and the security means is encrypted and decrypted by means of at least one of the said unique encryption keys forming a matching between the security means and the receiver, said method further comprising a verification of the conformity of said matching.
16. The method according to claim 15, characterised in that a number personal to the receiver is written in the security means during an initialization operation and in that the receiver may check at any time the conformity of this personal number written in the said security means.
17. A detachable security module intended to be connected to a receiver as part of a pay-TV reception system according to claim 1, which includes at least one non-volatile memory intended for storing the confidential data and/or the data necessary for operating the descrambling system and means of transmission 12 139,364/3 with the receiver, characterised in that said detachable security module includes means for encrypting the transmission, said memory further includes at least a unique encryption key on the one hand, said unique key being also stored in the corresponding receiver, on the other hand, said unique encryption key acting on the means for encrypting the transmission forming a matching with the receiver, said detachable security module further comprising means for verification of the conformity of the matching with said receiver.
18. A detachable descrambling module being part of a pay-TV reception system according to claim 1, comprising a control unit, first means of transmission with a detachable security module, second means of transmission with a receiver, and a non-volatile memory, comprising first encryption means, at least one unique encryption key on the one hand, said key being also stored in the corresponding detachable security module on the other hand, said encryption key acting on the first encryption means intended for encrypting the transmission of the first transmission means forming thus a matching between the detachable descrambling module and the detachable security module, and further comprising means for verification of the conformity of said matching.
19. The detachable descrambling module according to claim 18, characterised in that it includes second encryption means and in that this memory includes at least one encryption key acting on the second encryption means intended for encrypting the transmission of the second transmission means.
20. A pay television descrambling receiver being part of a pay-TV reception system according to claim 1, comprising means of transmission to security means, as well as a non-volatile memory, including means for encrypting/decrypting the transmission from and to the security means, this memory includes at least one unique encryption key on the one hand, said unique key being also stored in the corresponding security means, on the other hand said encryption key acting on the means of encrypting/decrypting the transmission forming thus a matching between said receiver and the security means, and further comprising means for verification of the conformity of said matching. 13 139,364/2
21. A pay-TV reception system according to claim 1, substantially as hereinbefore described and with reference to the accompanying drawings.
22. A method of controlling the transmission of information in a Pay-TV reception system according to claim 15, substantially as hereinbefore described and with reference to the accompanying drawings.
23. A detachable security module intended to be connected to a receiver as part of a pay-TV reception system according to claim 17, substantially as hereinbefore described and with reference to the accompanying drawings.
24. A detachable descrambling module being part of a pay-TV reception system according to claim 18, substantially as hereinbefore described and with reference to the accompanying drawings.
25. A pay television descrambling receiver being part of a pay-TV reception system according to claim 20, substantially as hereinbefore described and with reference to the accompanying drawings. for the Applicant: WOLFF, BREGMAN AND GOLLER
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| IB9800681 | 1998-05-07 | ||
| PCT/IB1999/000821 WO1999057901A1 (en) | 1998-05-07 | 1999-05-06 | Mechanism for matching a receiver with a security module |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| IL139364A true IL139364A (en) | 2008-11-26 |
Family
ID=11004712
Family Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| IL13936499A IL139364A0 (en) | 1998-05-07 | 1999-05-06 | Mechanism for matching a receiver with a security module |
| IL139364A IL139364A (en) | 1998-05-07 | 2000-10-30 | Mechanism for matching a receiver with a security module |
Family Applications Before (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| IL13936499A IL139364A0 (en) | 1998-05-07 | 1999-05-06 | Mechanism for matching a receiver with a security module |
Country Status (37)
| Country | Link |
|---|---|
| EP (1) | EP1078524B2 (en) |
| JP (1) | JP2002514862A (en) |
| KR (1) | KR100607314B1 (en) |
| CN (1) | CN1181684C (en) |
| AP (1) | AP2000002000A0 (en) |
| AR (1) | AR015072A1 (en) |
| AT (1) | ATE222441T1 (en) |
| AU (1) | AU751436B2 (en) |
| BG (1) | BG64137B1 (en) |
| BR (1) | BRPI9909710B1 (en) |
| CU (1) | CU22758A3 (en) |
| CZ (1) | CZ301694B6 (en) |
| DE (1) | DE69902527T3 (en) |
| DK (1) | DK1078524T4 (en) |
| EA (1) | EA002703B1 (en) |
| EE (1) | EE200000639A (en) |
| ES (1) | ES2181418T5 (en) |
| GE (1) | GEP20032936B (en) |
| HR (1) | HRP20000753A2 (en) |
| HU (1) | HU224950B1 (en) |
| ID (1) | ID26103A (en) |
| IL (2) | IL139364A0 (en) |
| IS (1) | IS5648A (en) |
| MY (1) | MY124673A (en) |
| NO (1) | NO331328B1 (en) |
| NZ (1) | NZ507807A (en) |
| OA (1) | OA12034A (en) |
| PL (1) | PL193427B1 (en) |
| PT (1) | PT1078524E (en) |
| SI (1) | SI1078524T1 (en) |
| SK (1) | SK16492000A3 (en) |
| TR (1) | TR200003258T2 (en) |
| TW (1) | TW412909B (en) |
| UA (1) | UA60366C2 (en) |
| WO (1) | WO1999057901A1 (en) |
| YU (1) | YU49340B (en) |
| ZA (1) | ZA200006172B (en) |
Families Citing this family (34)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6959090B1 (en) * | 2000-11-20 | 2005-10-25 | Nokia Corporation | Content Protection scheme for a digital recording device |
| US7224797B2 (en) * | 2001-08-17 | 2007-05-29 | Koninklijke Philips Electronics N.V. | System and method for hybrid conditional access for receivers of encrypted transmissions |
| WO2003024104A1 (en) | 2001-09-13 | 2003-03-20 | Nds Limited | Hacking prevention system |
| DE60331387D1 (en) * | 2002-06-28 | 2010-04-08 | Nagravision Sa | Security key update method for TV decoder |
| TW200421811A (en) * | 2002-09-24 | 2004-10-16 | Nagracard Sa | Multiple pairing control method |
| US7224310B2 (en) | 2002-11-20 | 2007-05-29 | Nagravision S.A. | Method and device for the recognition of the origin of encrypted data broadcasting |
| TW200509700A (en) | 2003-06-20 | 2005-03-01 | Nagravision Sa | Decoder and system for processing pay-TV data and process for managing at least two decoders |
| FR2866773B1 (en) * | 2004-02-20 | 2006-04-28 | Viaccess Sa | METHOD FOR MATCHING AN NUMBER N OF RECEIVER TERMINALS WITH A NUMBER M OF CONDITIONAL ACCESS CONTROL CARDS |
| FR2866772B1 (en) | 2004-02-20 | 2006-04-28 | Viaccess Sa | METHOD FOR MATCHING A RECEIVER TERMINAL WITH A PLURALITY OF ACCESS CONTROL CARDS |
| US8528106B2 (en) | 2004-02-20 | 2013-09-03 | Viaccess | Process for matching a number N of reception terminals with a number M of conditional access control cards |
| FR2883683B1 (en) * | 2005-03-23 | 2007-07-06 | Viaccess Sa | METHOD FOR MATCHING BETWEEN A TERMINAL AND A SECURITY PROCESSOR, SYSTEM AND COMPUTER PROGRAM FOR IMPLEMENTING THE METHOD |
| EP1742474A1 (en) * | 2005-07-07 | 2007-01-10 | Nagracard S.A. | Method and device to control access to enciphered data |
| US7992175B2 (en) | 2006-05-15 | 2011-08-02 | The Directv Group, Inc. | Methods and apparatus to provide content on demand in content broadcast systems |
| FR2902585B1 (en) * | 2006-06-14 | 2008-09-26 | Viaccess Sa | METHODS OF BROADCASTING AND RECEIVING A MULTI-MEDIA PROGRAM, NETWORK HEAD, TERMINAL, RECEIVER AND SECURITY PROCESSOR THEREFOR |
| FR2905215B1 (en) * | 2006-08-23 | 2009-01-09 | Viaccess Sa | METHOD OF TRANSMITTING COMPLEMENTARY DATA TO A RECEPTION TERMINAL |
| EP1968316A1 (en) | 2007-03-06 | 2008-09-10 | Nagravision S.A. | Method to control the access to conditional access audio/video content |
| FR2921175A1 (en) * | 2007-09-14 | 2009-03-20 | Sagem Securite Sa | Chip card i.e. contact chip card, for use as e.g. bank card, has antenna for exchanging data with external device, RAM including storage zone dedicated for exchanged data, and processing unit for securing zone and storing data in zone |
| ATE484148T1 (en) | 2008-02-11 | 2010-10-15 | Nagravision Sa | METHOD FOR UPDATING AND MANAGING AN APPLICATION FOR PROCESSING AUDIOVISUAL DATA IN A MULTIMEDIA DEVICE THROUGH A CONDITIONAL ACCESS MODULE |
| EP2129116A1 (en) | 2008-05-29 | 2009-12-02 | Nagravision S.A. | Unit and method for securely processing audio/video data with controlled access |
| FR2940691B1 (en) * | 2008-12-31 | 2011-02-25 | Viaccess Sa | METHODS OF TRANSMITTING, RECEIVING AND IDENTIFYING, SECURITY PROCESSOR, AND INFORMATION RECORDING MEDIUM FOR SUCH METHODS. |
| US8782417B2 (en) | 2009-12-17 | 2014-07-15 | Nagravision S.A. | Method and processing unit for secure processing of access controlled audio/video data |
| EP2337347A1 (en) | 2009-12-17 | 2011-06-22 | Nagravision S.A. | Method and processing unit for secure processing of access controlled audio/video data |
| EP2373019A1 (en) | 2010-03-29 | 2011-10-05 | Nagravision S.A. | Secure descrambling of an audio / video data stream |
| WO2012066471A1 (en) | 2010-11-19 | 2012-05-24 | Nagravision S.A. | Method to detect cloned software |
| EP2466505B1 (en) | 2010-12-01 | 2013-06-26 | Nagravision S.A. | Method for authenticating a terminal |
| PL2647213T3 (en) | 2010-12-02 | 2017-12-29 | Nagravision S.A. | System and method to record encrypted content with access conditions |
| CA2839236C (en) | 2011-07-01 | 2019-05-21 | Nagravision S.A. | A method for playing repeatable events on a media player |
| EP2645729A1 (en) | 2012-03-30 | 2013-10-02 | Nagravision S.A. | Security device for Pay-TV receiver/decoder |
| US9197312B2 (en) | 2013-03-11 | 2015-11-24 | Nagravision S.A. | Near field communication system in a local network |
| EP2802152B1 (en) | 2013-05-07 | 2017-07-05 | Nagravision S.A. | Method for secure processing a stream of encrypted digital audio / video data |
| EP2827601A1 (en) | 2013-07-19 | 2015-01-21 | Nagravision S.A. | Method and device for protecting decryption keys of a decoder |
| EP3293979A1 (en) * | 2016-09-09 | 2018-03-14 | Nagravision S.A. | Host rendering device tagging by a portable multimedia processing device |
| CN108833944A (en) * | 2018-07-09 | 2018-11-16 | 中国联合网络通信集团有限公司 | Method of video distribution |
| DE102021101101A1 (en) | 2021-01-20 | 2022-07-21 | zereOS GmbH | Adapters and methods for affecting or diagnosing a device |
Family Cites Families (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4484027A (en) * | 1981-11-19 | 1984-11-20 | Communications Satellite Corporation | Security system for SSTV encryption |
| JPS6016082A (en) * | 1983-07-07 | 1985-01-26 | Sony Corp | Transmission system of scramble television signal |
| US5029207A (en) † | 1990-02-01 | 1991-07-02 | Scientific-Atlanta, Inc. | External security module for a television signal decoder |
| US5204900A (en) * | 1991-03-04 | 1993-04-20 | Pires H George | Coding system for descrambling video |
| JPH07283809A (en) * | 1994-04-08 | 1995-10-27 | Mitsubishi Corp | Ciphering key system |
| HRP970160A2 (en) * | 1996-04-03 | 1998-02-28 | Digco B V | Method for providing a secure communication between two devices and application of this method |
| KR100194790B1 (en) * | 1996-06-10 | 1999-06-15 | 정선종 | Conditional Conditional Access System and Conditional Conditional Access Service Processing Method Using It |
| JP2001519629A (en) † | 1997-10-02 | 2001-10-23 | カナル プラス ソシエテ アノニム | Method and apparatus for transmitting an encrypted data stream |
-
1999
- 1999-05-03 TW TW088107157A patent/TW412909B/en active
- 1999-05-05 MY MYPI99001772A patent/MY124673A/en unknown
- 1999-05-06 PT PT99917016T patent/PT1078524E/en unknown
- 1999-05-06 DK DK99917016T patent/DK1078524T4/en active
- 1999-05-06 KR KR1020007012208A patent/KR100607314B1/en not_active IP Right Cessation
- 1999-05-06 AR ARP990102124A patent/AR015072A1/en active IP Right Grant
- 1999-05-06 GE GEAP19995657A patent/GEP20032936B/en unknown
- 1999-05-06 SK SK1649-2000A patent/SK16492000A3/en unknown
- 1999-05-06 WO PCT/IB1999/000821 patent/WO1999057901A1/en active IP Right Grant
- 1999-05-06 AP APAP/P/2000/002000A patent/AP2000002000A0/en unknown
- 1999-05-06 DE DE69902527T patent/DE69902527T3/en not_active Expired - Lifetime
- 1999-05-06 HU HU0301133A patent/HU224950B1/en not_active IP Right Cessation
- 1999-05-06 IL IL13936499A patent/IL139364A0/en active IP Right Grant
- 1999-05-06 SI SI9930122T patent/SI1078524T1/en unknown
- 1999-05-06 NZ NZ507807A patent/NZ507807A/en unknown
- 1999-05-06 CZ CZ20003968A patent/CZ301694B6/en not_active IP Right Cessation
- 1999-05-06 AT AT99917016T patent/ATE222441T1/en active
- 1999-05-06 YU YU65600A patent/YU49340B/en unknown
- 1999-05-06 ID IDW20002103A patent/ID26103A/en unknown
- 1999-05-06 CN CNB99805934XA patent/CN1181684C/en not_active Expired - Fee Related
- 1999-05-06 EE EEP200000639A patent/EE200000639A/en unknown
- 1999-05-06 EP EP99917016A patent/EP1078524B2/en not_active Expired - Lifetime
- 1999-05-06 OA OA00000307A patent/OA12034A/en unknown
- 1999-05-06 TR TR2000/03258T patent/TR200003258T2/en unknown
- 1999-05-06 PL PL99343941A patent/PL193427B1/en unknown
- 1999-05-06 EA EA200001072A patent/EA002703B1/en not_active IP Right Cessation
- 1999-05-06 ES ES99917016T patent/ES2181418T5/en not_active Expired - Lifetime
- 1999-05-06 BR BRPI9909710A patent/BRPI9909710B1/en not_active IP Right Cessation
- 1999-05-06 JP JP2000547780A patent/JP2002514862A/en active Pending
- 1999-05-06 AU AU35297/99A patent/AU751436B2/en not_active Ceased
- 1999-06-05 UA UA2000126986A patent/UA60366C2/en unknown
-
2000
- 2000-09-29 IS IS5648A patent/IS5648A/en unknown
- 2000-10-11 CU CU20000216A patent/CU22758A3/en unknown
- 2000-10-30 IL IL139364A patent/IL139364A/en not_active IP Right Cessation
- 2000-10-31 ZA ZA200006172A patent/ZA200006172B/en unknown
- 2000-11-02 BG BG104905A patent/BG64137B1/en unknown
- 2000-11-02 NO NO20005533A patent/NO331328B1/en not_active IP Right Cessation
- 2000-11-06 HR HR20000753A patent/HRP20000753A2/en not_active Application Discontinuation
Also Published As
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7577846B2 (en) | Mechanism of matching between a receiver and a security module | |
| AU751436B2 (en) | Mechanism for matching a receiver with a security module | |
| CA2055132C (en) | Apparatus and method for upgrading terminals to maintain a secure communication network | |
| US7171553B2 (en) | Method for providing a secure communication between two devices and application of this method | |
| AU755892B2 (en) | Method and apparatus for secure communication of information between a plurality of digital audiovisual devices | |
| AU748518B2 (en) | Method and apparatus for encrypted data stream transmission | |
| AU754015B2 (en) | Method and apparatus for recording of encrypted digital data | |
| US8666072B2 (en) | Method and a system for receiving a multimedia signal, a cryptograophic entity for said reception method and system, and a method and a black box for producing said cryptographic entity | |
| KR101083200B1 (en) | Portable security module pairing | |
| JP4521392B2 (en) | Pay television systems associated with decoders and smart cards, rights revocation methods in such systems, and messages sent to such decoders | |
| CA2250833C (en) | Method for providing a secure communication between two devices and application of this method | |
| MXPA00010684A (en) | Mechanism for matching a receiver with a security module | |
| TH40488A3 (en) | Mechanisms for matching between receiver and safety module | |
| ZA200100325B (en) | Method and apparatus for secure communication of information between a plurality of digital audiovisual devices. | |
| TH33519C3 (en) | Mechanisms for matching between receiver and safety module |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| KB | Patent renewed | ||
| EXP | Patent expired |