FR2906097A1 - Secured data e.g. video, exchanging method for e.g. source device such as network access point, involves authenticating connection to exchange information in frame when another connection is active and after event detection - Google Patents

Abstract

The method involves authenticating a connection between source and receptor devices in a frame of initialization. An event e.g. request for exchanging private content between the devices, for exchanging an complementary information such as system renewability message (SRM) revocation lists associated with a content protection protocol such as digital transfer content protection internet protocol (DTCP-IP), is detected. Another connection for exchanging complementary information in the frame is authenticated with one device when the former connection is active and after detection of the event. Independent claims are also included for the following: (1) a computer program product comprising instructions for performing a secured data exchanging method (2) a storage unit readable by a computer for storing instruction set executable by the computer for implementing a secured data exchanging method.

Description

1 Secure data exchange processes, computer program product,

  storage medium and corresponding devices. FIELD OF THE DISCLOSURE The field of the invention is that of data communication networks. More particularly, the invention relates to the copy protection of data transmitted between several terminal devices in such a network. The invention applies in particular, but not exclusively, in the case of a multimedia network, where the data stream carries audio-video type data (AV). 2. Solutions of the Prior Art Modern equipment which a family can equip itself often has the task of transmitting data of different nature such as video, sound, photos, text files and others. The transmission of these data is subject to varying requirements depending on the type of data considered. This data must be conveyed by means of cables or appropriate links. Thus, for each data format, there is a suitable means of transport and a type of connector for connecting equipment to each other. For example, digital data processing equipment may operate according to the IEEE-1394 standard.

  The invention applies in particular, but not exclusively, in the case of an audio-video network, for example a home network, comprising a backbone network itself comprising nodes interconnected by digital links.  At nodes are connected devices through links that can be analog or digital.  The digital links that interconnect the nodes to one another or the equipment to the nodes may be compliant by way of non-limiting example to the IEEE 1394 standard described in the IEEE Std documents.  1394-1995, Standard for High Performance Serial Bus, IEEE Standard 1394a-2000, Standard for High Performance Serial Bus (Supplement) and IEEE P1394. 1 Draft 0. 15, Standard for High Performance 2906097 2 Serial Bus Bridges, Ethernet standard, or IEEE 802 radio communication standard. 11.  FIG. 1 illustrates an example of such a home audio-video network 1000.  This home network 1000 is for example a LAN and comprises a backbone network 1001 itself comprising nodes 000, 001, 002, 003 interconnected via digital links 016 to 020 Ethernet cables type that can also be designated by IP links.  The nodes 000 to 003 can also be called network access point (or Network Access Point designated in the following by NAP).  The node 000 is connected to the node 001 via the Ethernet link 017, to the node 002 via the Ethernet link 016 and to the node 003 via the Ethernet link 019.  The node 002 is connected to the node 001 via the Ethernet link 018 and to the node 003 via the Ethernet link 020.  In a variant, the nodes 000 to 003 are also interconnected via a central switching unit comprising a plurality of switching devices which are inserted into the partitions of a dwelling or are independent of the partitions and can thus be moved.  The node 000 is also connected to a server-type terminal 010 (which is for example a set-top-box in English) via a digital link 004, which may also be referred to as an audio-video link.  The node 001 is also connected to a terminal 011 of the client type (which is here for example a first audio-video hard disk which constitutes a first storage unit) via a digital link 005 and to a terminal 0012 of the server type (which is here for example a digital video recorder) via a digital link 25 006.  The node 002 is also connected to a terminal 013 of the client / server type (which is for example a DVD player / recorder) via a digital link 007.  The node 003 is also connected to a terminal 014 of the server type (which is here for example a second audio-video hard disk which constitutes a second storage unit 2906097) via a digital link 008 and to a client type terminal 0015 ( which is here for example a digital television) via a 009 digital link.  The links 004 to 009 are, for example, compliant with the Ethernet protocol.  Thus the network 1000 comprises two types of devices or devices that are the terminals and the nodes.  The term: device of client type, a device which is capable of receiving data contents; A server-type device, a device that is capable of transmitting data contents; - Client / server type device, a device that is both capable of receiving and transmitting data contents.  As defined in the Registration Document: Digital Transmission Content 15 Protection Specification, Volume 1 and 2, Draft 1. 29: a client device can be seen as a receiver device; a server device can be viewed as a source device; a client / server device can be viewed as both a receiver device and a source device.  One known technique to ensure copy protection of isochronous streams such as audio-video content in a data communication network is the implementation of the Digital Transfer Content Protection (DTCP) protocol. digital transmission in French) in cascade.  The characteristics and recommendations of this protocol are detailed in the following reference document: Digital Transmission Content Protection Specification, Volume 1 and 2, Draft 1. 29.  FIG. 2 illustrates the implementation of the DTCP protocol when transmitting content between a source device, referenced A, and a receiver device, referenced B.  The conventional DTCP protocol comprises a phase of mutual authentication and key exchange 200 between the receiver device B and the source device A, followed by an encryption / decryption phase 220 implemented between these two devices A and B.  The authentication and key exchange phase 200 comprises the following steps: in a step 201, the receiving device B sends an authentication request, comprising authentication information of the receiving device B, which it sends the source device A; In a step 202, the source device A checks the authentication information of the receiver device B, then identifies the version number of the SRM (for System Renewability Message) revocation list of the receiving device and calculates a first phase value EC-DH; In a step 203, the source device A sends to the receiver device B a response message to the aforementioned authentication request, comprising authentication information of the source device A; in a step 204, the receiver device B checks the authentication information of the source device A, then identifies the version number of the SRM revocation list of the source device and calculates a first EC-DIl phase value; in a step 205, the source device A sends to the receiver device B a first signed message comprising information specific to the DTCP protocol; In a step 206, the receiving device B checks the first signed message of the source device A and calculates a first authentication key; in a step 207, the receiver device B in turn sends, to the source device A, a second signed message comprising information specific to the DTCP protocol; In a step 208, the source device A checks the second signed message of the receiver device B and calculates a second authentication key; in a step 217, the source device A generates an exchange key Kx; 5 - in a step 218, the exchange key Kx is encrypted by means of the second authentication key and is then sent by the source device A to the receiver device B; in a step 219, the receiver device B calculates the exchange key Kx; then, the source device A generates random information, for example a random number Nc, and calculates an encryption key Kc which is a function notably of this random number Nc and which satisfies Kc = J [Kx, EMI, Nc] , where J is a determined function, EMI and Kx are the classical parameters of the DTCP protocol; then, the random number Nc is sent by the source device A to the receiver device B; - Next, the receiver device B calculates the encryption key Kc by means of the random number Nc; in an SRM revocation list exchange step 212 between the source A and receiver B devices, the source device A updates (if its list is after B) the SRM list of the receiving device ( step 211) or the receiver device B updates (if its list is later than that of A) the SRM list of the source device A (step 213).  The encryption / decryption phase 220 comprises the following steps: in a step 214, the source device A encrypts, by applying a determined function fKc, the content by means of the encryption key Kc so as to obtain an encrypted content; in a step 215, the source device A sends the encrypted content to the receiver device B; In a step 216, the receiving device B decrypts the encrypted content by means of the encryption key Kc, by applying a function f-'Kc (which is the reciprocal function of the function fKc).  Thus, the DTCP protocol, aimed at protecting contents transmitted over digital buses, includes a communication mechanism (step 204) and update mechanism (step 212) of SRM revocation lists (including a list of the devices being revoked and being characterized by a version number) during the authentication phase 200 (and only during this phase).  For example, in the case where the node 000 has an SRM revocation list whose version is not up to date and the node 001 has a list SRM whose version is up to date.  Due to the specificities of the DTCP protocol, this SRM revocation list communication mechanism is provided for point-to-point connections and is therefore not well suited for network use.  Indeed, as long as the node 000 has not established a connection with the node 001, it keeps, in all its connections with other devices with out-of-date SRM lists, its updated list SRM and therefore risks to authorize, incorrectly, a device revoked after the date of establishment of its SRM list to have access to a content or to establish a connection.  Furthermore, if the node 001 has just updated its revocation list (for example by means of an authentication with the node 002), then it has already authenticated with the node 000 (during the exchange of a content for example), then it is no longer possible (in accordance with the DTCP protocol) at the node 000 to have access to the updated revocation list of the node 001.  Indeed, one of the specificities of the DTCP protocol is that, when authentication has been established and is still valid, it is not possible to implement another authentication phase.  We now place ourselves within the framework of a communication network whose diagram is presented in figure 3.  It is assumed that the network implements a content protection protocol which is the DTCP protocol.  In this network, client nodes 401, 402 and 403 are connected to an adapter node 400 through digital links 404, 405 and 406.  A server node 407 is connected to the adapter node 400 through a digital link 408.  For example, the digital links 404, 405, 406, and 408 are Ethernet links or IEEE-1394 links (of course, they may conform to any other digital communication protocol).  When they wish to access digital content previously stored on the server node 407, the client nodes 401, 402 and 403 must implement a DTCP compliant authentication and key exchange phase with the adapter node 400. .  This phase leads to the sharing between the client nodes 401, 402 and 403 of the same encryption key noted KcO.  This allows the adapter node 400 to transmit the encrypted content by means of the key Kc0 to each of the client nodes 401, 402 and 403.  However, the DTCP protocol implemented in the communication network of FIG. 3 does not, on its own, make it possible for a given client node of the network implementing the DTCP protocol, for example the client node 403. can access content c, via the adapter node 400, on the server node 407 in a private manner; that is, by prohibiting other client nodes 401 and 402 from accessing the same content c in a clear manner.  3.  Objectives of the invention The object of the invention is to overcome these drawbacks of the prior art.  More specifically, it is an object of the invention, in at least one of its embodiments, to provide a technique for efficiently updating the SRM revocation lists of the nodes and terminals of a communication network implementing a point-to-point content protection protocol including an authentication and key exchange phase.  Another object of the invention, in at least one of its embodiments, is to implement such a technique that allows, in a communication network 2906097 8 implementing a content protection protocol type point to point, to restrict, to a first device among several devices connected to a second device, access to a content available on a third device connected to the second device.  Another object of the invention, in at least one of its embodiments, is to implement such a technique that is transparent to the terminals, and this by limiting the load of the network.  The invention also aims, in at least one of its embodiments, to provide such a technique that is safe, simple to implement and inexpensive.  4.  Key Features of the Invention These and other objects which will appear later are achieved by a secure data exchange method between a first device and a second device in a communication network comprising a plurality of devices, said first and second devices using a content protection protocol including a first authentication in connection with the initialization of a first connection between at least the first and second devices.  According to the invention, such a method further comprises the following steps implemented by the first device: detection of an event for exchanging at least one complementary piece of information; second authentication with the second device in the context of initializing a second connection to exchange said complementary information, the first connection being active, said second authentication being implemented after the detection of said event.  The general principle of the invention is based on the adaptation of a point-to-point content protection protocol so that it implements at least one second authentication in the context of the initialization of a second one. connection while a first connection initiated by a first authentication is pending in order, for example, to allow effective updating of the revocation lists of the nodes and terminals of the communication network.  For example, an event is the implementation of a revocation list update method as hereinafter described.  Advantageously, the first and second connections are respectively associated with first and second addresses of the first device, said first address being distinct from said second address.  According to a first advantageous characteristic of the invention, the first and second addresses are associated with first and second output ports of the first device.  According to a second advantageous characteristic of the invention, the first and second addresses are obtained from an address server included in the communication network.  Advantageously, the content protection protocol is the DTCP-IP protocol.  According to a first embodiment of the invention, said first and second devices comprising a revocation list associated with the content protection protocol, the detected event being a difference between the revocation lists of said first and second devices and the complementary information being the most recent revocation list.  Advantageously, the secure exchange method comprises the following steps implemented by the first device for at least the second device: determining whether the revocation list of the second device is earlier than the revocation list of the first device; if the revocation list of the second device is earlier than the revocation list of the first device, updating the revocation list of the second device by means of the revocation list of the first device.  Thus, according to a first embodiment, the updating of the devices of the network is carried out step by step and can therefore be carried out rapidly.  However, each of the devices that updates at least one other device must include means for updating the revocation list (s), including two addresses.  According to a second embodiment, the updating of the devices of the network is carried out by the management device only.  Thus, only the management device must include updating means revocation list (s) (including two addresses) which makes the network more simple to implement and inexpensive.  Advantageously, the secure exchange method comprises in advance the following steps: receiving a revocation list of a third device of the communication network; 15 - updating the revocation list of the first device with the received revocation list.  Of course, any other technique for updating the revocation list of the management device may be considered, including an update by providing, by a network user, to the management device, a new revocation list.  According to a second embodiment, the detected event is a request for exchange of private content between the first and second devices and in that the complementary information comprises encryption key parameters corresponding to the second connection. .  Thus, the transmission method according to the invention makes it possible, in the communication network implementing a point-to-point content protection protocol, to restrict to one device access to content available on another device. device.  For example, in order to prevent a first device from accessing content stored on a second device and intended for a third device, the first device may be prevented from participating in a first authentication to establish a first connection between the second and third devices for transmitting this content, so that the first device can still communicate with the second device, give the first node, the possibility of making a second connection with the first device by means of a second authentication.  The invention also relates to a secure data exchange method between a first device and a second device in a communication network comprising a plurality of devices, said first and second devices using a content protection protocol comprising a first authentication in the frame of the initialization of a first connection between at least the first and second devices.  According to the invention, the method comprises the following steps implemented by the first device: second authentication with the second device as part of the initialization of a second connection to transmit at least one complementary piece of information, the first connection being active, said second authentication being implemented after the detection of said event.  Advantageously, the content protection protocol is the DTCP-IP protocol.  The invention also relates to a computer program product, comprising program code instructions for executing the steps of the exchange methods as described above.  The invention also relates to a computer readable storage means, storing a set of instructions executable by said computer for implementing the exchange methods as described above.  The invention also relates to a first device comprising secure data exchange means with a second device, said first and second devices belonging to a communication network comprising a plurality of devices, said exchange means comprising first means of communication. initialization, for initializing a first connection between the first device and at least the second device according to a content protection protocol, said first initialization means comprising first authentication means of the first device with the second device according to the content protection protocol.  According to the invention, the transmission means comprise: means for detecting an event for exchanging at least one complementary piece of information; second initialization means, for initializing a second connection between the first device and the second device according to the content protection protocol for exchanging said complementary information, said second initialization means comprising second authentication means of the second device; first device with the second device according to the content protection protocol; Means for activating the second initialization means which activates the second initialization means if the first connection is active and the event is detected.  The advantages of the first device are substantially the same as those of secure exchange methods, they are not detailed further.  Advantageously, the first and second connections are respectively associated with first and second addresses of the first device, said first address being distinct from said second address.  Preferably, the first and second addresses are associated with first and second output ports of the first device.  Advantageously, the first device comprises means for obtaining the first and second addresses from an address server included in the communication network.  Preferably, the content protection protocol is the DTCP-IP protocol.  Advantageously, the first and second devices comprise a revocation list associated with the content protection protocol, the detected event is a difference between the revocation lists of said first and second devices and the complementary information is the most important revocation list. recent.  Advantageously, the first device comprises: means for determining whether the revocation list of the second device is earlier than the revocation list of the first device; means for updating the revocation list of the second device by means of the revocation list of the first device, said updating means being activated if the revocation list of the second device is earlier than the revocation list of the second device; first device.  Advantageously, the first device comprises: means for receiving a revocation list of a third device of the communication network 20 - means for updating the revocation list of the first device with the received revocation list.  According to an advantageous characteristic of the invention, the detected event is a request for exchange of private content between the first and second devices and the complementary information comprises encryption key parameters corresponding to the second connection.  The invention also relates to a first device comprising secure data exchange means with a second device, said first and second devices belonging to a communication network comprising a plurality of devices, said reception means comprising first means of communication. initialization for initializing a first connection between the first device and at least the second device according to a content protection protocol, said first initialization means comprising first authentication means of the first device with the second device in accordance with the content protection protocol.  According to the invention, the exchange means comprise: second initialization means making it possible to initialize a second connection between the first device and the second device in accordance with the content protection protocol for exchanging at least one complementary piece of information; second initialization means 10 comprising second means for authenticating the first device with the second device according to the content protection protocol; activation means of the second initialization means which activates the second initialization means if the first connection is active.  Advantageously, the content protection protocol is the DTCP-IP protocol.  5.  List of Figures Other features and advantages of the invention will emerge more clearly on reading the following description of several preferred embodiments, given by way of simple illustrative and nonlimiting examples, and the appended drawings, among which: FIG. 1 shows the diagram of a heterogeneous home audio-video network in which the method of the invention can be implemented; FIG. 2 illustrates the implementation of the conventional DTCP protocol during the transmission of a content cO between a source device and a receiver device; Figure 3 shows a diagram of a communication network; Figure 4 shows the schematic of an implementation of a node of the heterogeneous home network of Figure 1 according to a particular embodiment of the invention; Fig. 5 illustrates the main steps of updating SRM revocation lists of home network devices of Fig. 1 according to first and second preferred embodiments of the invention; FIG. 6 shows the steps of an algorithm for establishing an HTTP connection, in accordance with the secure exchange method according to the invention, between the manager node SRM (behaving like an HTTP client) and an http server device; FIG. 7 shows the steps of an algorithm for establishing an HTTP connection, in accordance with the secure exchange method according to the invention, between the manager node SRM (behaving like an HTTP server) and a client device http; FIG. 8 shows the main steps of the method for secure exchange of the restricted access content c of the server node 407 to the client node 403 in the network of FIG. 3 according to a third embodiment of the invention.  6.  DESCRIPTION OF SEVERAL EMBODIMENTS OF THE INVENTION In the following, reference is made to the heterogeneous home network 1000 of FIG. 1 (which is for example a LAN) implementing the Ethernet communication protocol.  Thus, the digital links 004 to 009 and 016 to 020 are Ethernet links.  Of course, the network 1000 could also implement the IEEE-1394 communication protocol, the USB protocol, the MOST protocol or even any other communication protocol compatible with a content protection method.  On the other hand, the network 1000 could implement several different communication protocols simultaneously.  It is clear, moreover, that the invention can be implemented in any communication network comprising at least one source device connected to at least one receiving device.  Next, the invention also applies in the case of a network with any number of source devices and receiving devices (the devices may be nodes or terminals).  Furthermore, it is considered in the following that a secure data exchange method according to a preferred embodiment of the invention is implemented in the home network 1000.  As illustrated below, in connection with FIG. 5, the secure data exchange method of the invention is based on the aforementioned DTCP protocol.  However, it is obvious that these methods according to the invention could also be based on any content protection protocol comprising a prior authentication phase (and not only the DTCP protocol).  The secure data exchange method according to the invention is implemented in the form of software and / or a plurality of sub-software (including a plurality of algorithms described below) which is (are) executed in one or more machines of the network 1000.  A revocation list updating method according to the invention (hereinafter described in connection with FIG. 5) is implemented in the form of software and / or pluralities of sub-software (comprising a plurality of algorithms described below) which is (are) executed in one or more machines of the network 1000, for example in the node 002 (the nodes 000, 001 and 003 being identical to the node 003) described hereinafter in relation with Figure 4.  FIG. 4 shows the diagram of an implementation of the node 002 compatible with the secure data exchange method of the invention, of the home network 1000 according to a particular embodiment of the invention.  For reasons of simplicity, only this generic node 002 which includes encryption / decryption means as well as authentication means is described.  It is understood that it can represent for example one of the nodes 000, 001 or 003 of the home network 1000 of FIG.  The node 002 is connected both to the backbone 1001 via the Ethernet links 016, 018 and 020 and to the terminal device 013 (for example an STB set top box 2906097, a DTV digital television set or a digital HDD hard disk player). client / server type via digital link 007 (IEEE 1394 link).  The node 002 comprises a first interface module 101 with the digital link bus IEEE 1394 007 connecting it with the terminal device 013 and a second digital interface module 113 with, for example, the Ethernet link 016 connecting it to the node 000 of the backbone network 1001.  It also comprises a FIFO module (first in first out in English or first in first out in French) for transmission / reception 102 connected to the first interface module 101, a transmission / reception FIFO module 112 connected to the second module interface 113, and a send / receive FIFO module 105 for transferring data between the modules to the first 104 and second 111 encryption / decryption modules.  The node 100 comprises: a first encryption / decryption module 104 implementing encryption and decryption algorithms in accordance with the DTCP protocol, and placed between the transmission / reception FIFO module 102 and the transmission / reception FIFO module 105 ; a second encryption / decryption module 111 implementing encryption and decryption algorithms in accordance with the DTCP protocol, and placed between the sending / receiving FIFO module 112 and the sending / receiving FIFO module 105.  It also comprises a FIFO management module 103 making it possible to control the accesses (read and write) to the transmission / reception FIFO 25, transmission / reception 102 and transmission / reception 112 modules, in accordance with the requests a bridge manager module 106.  It also comprises a DTCP control module 107 implementing the DTCP protocol and connected to the first 104 and second 111 encryption / decryption modules.  It also comprises: a microprocessor 109 (or CPU, for Central Processing Unit in English); a memory block 110 (or EPROM, for Erasable Programmable Read Only Memory in English), connected to the microprocessor 109; A third interface module 108 with the microprocessor 109, connected to the DTCP control module 107 and to the bridge manager module 106.  Advantageously, any node or terminal of the home network 1000 may not include the aforementioned encryption / decryption modules (related to encryption and decryption DTCP) if it does not participate respectively in encryption and / or decryption.  In relation to FIG. 5, the main steps of SRM revocation list updating methods of the home network devices 1000 based on secure data exchange methods according to first and second embodiments of FIG. the invention.  In a step 300, the home network 1000 is initialized and, during this initialization, a node is elected as the management node SRM for the network 1000, in the following, for example, consider that the node 002 is elected as the management node SRM .  This election can be performed, for example: by means of a manual configuration by a user of the network; 20 - by mutual consent between the different nodes of the network 1000 by means of the selection of the node having the highest IP address.  According to a variant of this embodiment, several management nodes are elected in the network 1000.  During the IP allocation phase, in a step 301, the management node SRM obtains at least two IP addresses, for example a first IP address and a second IP address.  To do this, it can for example ask a server compliant with the DHCP protocol (for Dynamic Host Configuration Protocol) included in the network 1000 (not shown in Figure 1), these two IP addresses.  But it can also (according to another example) declare having a number of output ports equal to the number of addresses it needs.  The first IP address is dedicated to transmissions and / or receptions (requiring the implementation of an IP address) of data contents according to the secure data exchange method according to the invention between the management node SRM 002 and any other device of the network 1000.  The second IP address is dedicated only to the updating of the SRM revocation lists of the devices of the network 1000 during authentication of the secure data exchange method according to the invention in the framework of connection establishment on this second IP address as explained below.  In a step 302, the manager node SRM waits in a step 303 for a new device according to the secure data exchange method according to the invention (for example a device compliant with the DTCP protocol) to be inserted into the home network 1000.  If no new device according to the secure data exchange method according to the invention is inserted in the network 1000, then the waiting step 302 is implemented.  The detection by the managerial node SRM 002 of such a new device can be performed by, for example, a high level discovery mechanism such as the UPnP protocol.  If a new device according to the secure data exchange method according to the invention (for example the terminal 013) is detected by the manager node SRM 002, then in a step 304, the latter initiates a connection in protection mode copy (i. e.  using the secure data exchange method according to the invention) with the new device 013 using its first IP address.  Thus, during this initialization, in a step 305, an authentication and key exchange phase in accordance with the secure data exchange method of the invention (and also in accordance with the DTCP protocol) is initialized. between the SRM manager node 002 and the new device 013.  In the same way as for the DTCP protocol (cf.  FIG. 2), during this authentication and key exchange phase, in a step 306, the SRM manager node 002 and the new device 013 mutually identify their version number (otherwise known as the SRM status) of the checklist. SRM revocation (step 204 of Figure 2).  In the same way as for the DTCP protocol (cf.  FIG. 2), in a step 307, if the version number of the SRM list of the new device 013 is older than the version number of the SRM list of the manager node SRM 1002, then the manager node SRM 002 updates. the SRM list of the new device 013 using its own SRM list, and then step 302 is again implemented.  If the version number of the SRM list of the new device 013 is newer than the version number of the SRM list of the manager node SRM 002, then the new device 013 updates the SRM list of the manager node SRM 002 to the using its own SRM list.  The following steps are implemented in the case where the version number of the SRM list of the new device 013 (new revocation list) is newer than the version number of the SRM list of the manager node SRM 002.  Then, in a step 308, the manager node SRM 002 detects, in the network 1000, a target device, not up to date (whose SRM list version number is prior to the version number of the list of the manager node SRM 002 which has just been updated), for example device 012.  Then, in a step 309, the SRM manager node 002 initiates a copy protection connection with this non-update device 012 using its second IP address.  It uses its second IP address for this authentication to predict the case, for example, where it would have already authenticated with the device 012 in connection with the establishment of a connection (still valid) to allow 2906097 21 the exchange of a content between the device 012 and the management node 002 (in fact, a single address does not allow multiple simultaneous authentications).  Thus, during this initialization, in a step 310, an authentication and key exchange phase in accordance with the secure data exchange method of the invention (and also in accordance with the DTCP protocol) is initialized between the manager node SRM 002 and the non-updated device 012 during which the manager node SRM 002 updates the SRM list of the non updated device 012.  In a step 311, the manager node SRM 002 checks whether there remains in the network 1000 at least one other out-of-date device (whose SRM list version number is earlier than the version number of the list of the manager node SRM 002).  According to the first embodiment of the invention, if there remains in the network 1000 at least one other device not up to date, then the steps 308 to 311 are implemented by the management device SRM 002 for each of these devices not up to date of network 1000.  According to the second embodiment of the invention, if there remains in the network 1000 at least one other device not up to date, then the steps 308 to 311 are implemented by the management device SRM 002 for only some of these devices not up to date of the network 1000.  Then, the devices updated by the manager node SRM 002 in turn update other out-of-date devices and so on.  Thus, according to this second embodiment, updating the non-up to date devices of the network 1000 is carried out step by step.  Once all the devices of the network 1000 are up to date (have an identical SRM list version number as that of the SRM manager node 002), then step 302 is re-implemented.  Consequently, the secure data exchange method according to the invention is distinguished from the DTCP protocol essentially by the fact that this secure data exchange method of the invention allows the implementation of at least a second phase. authentication and exchange of keys in the frame of the initialization of a second connection while a first connection, resulting from a first phase of authentication and key exchange, is still active.  In function

  of the client or server type of the devices with which it establishes connections (for example the new device 013 or the non-updated device 012), the manager node SRM 002 must behave alternately as a server or a client. This is why the management node SRM 002 is preferably a device of the client / server type. FIG. 6 illustrates an algorithm for setting up an HTTP connection, compliant with the secure data exchange method according to the invention, between the manager node SRM 002 (behaving like an HTTP client). and an HTTP server device 500 (behaving like an HTTP server). In a first step 501 for initializing the server device 500 (which is for example a WEB server), the management node SRM 002 (which acts as a controller) indicates, in a conventional manner, to the server device 500, notably the name of the server device 500. the host and its IP address, the directory from which content is to be downloaded, the default WEB page, password management data (if any), and error handling algorithms.

Furthermore, the SRM manager node 002 transmits to the server device 500, a callback algorithm that is implemented by the server device 500 before sending content to a client. Indeed, this algorithm enables it to carry out specific processing on the content such as, for example, DTCP-IP protocol-specific processing (which consists in adapting the HTTP header with the appropriate type of content, the insertion of PCP headers and the achievement of AES-128 / CBC encryption of the content). In a second step 502, the controller calls the programming interface (or Application Programming Interface in English) called DTCP_OpenServerSession of the server device 500 which makes it possible to open a server session conforming to the DTCP protocol. In particular, this programming interface creates an authentication server that waits, by listening on the TCP port dedicated to the DTCP-IP authentications, the client connections before accepting them (if any). This call (step 502) of the programming interface provides the host name and port number used for DTCP-IP authentication. Thus, these host name (or host name in English) and port number (or port number in English) can be used for the construction of URLs such as, for example the following address: http: / hostname / path /filename.type? CONTENTPROTECTION = DTCP1 & DTCP 10 1HOST = hostname & DTCP1PORT = portnum that conforms to the DTCP-IP protocol and allows you to present the hostname and port number to the client. In a third step 503, the controller calls the programming interface called DTCP_AddServerStream of the server device 500. This programming interface makes it possible to add a stream corresponding to a content in a previously created server session, associating this stream with the E- EMI that must be used for this content. It is recalled that the E-EMI defines the level of copy protection associated with a stream protected by a DTCP protocol. In the case of the DTCP-IP protocol, seven levels of protection are thus defined (including a free copy level). In the case of the DTCP-1394 protocol, four levels of protection are defined (including a free copy level). It is possible to add several different streams (for example associated with different E-EMIs) in a single server session.

FIG. 7 illustrates an algorithm for establishing an HTTP connection between the manager node SRM 002 (behaving like an HTTP server) and an HTTP client device 600 (behaving like a HTTP client) according to FIG. the secure data exchange method according to the invention.

In a first step 601, the SRM manager node 002 (which plays the role of controller) transmits to the HTTP client device 600 a URL address to be opened. Then in a step 602, the HTTP client device 600 analyzes this URL to verify if it refers to protected content using the DTCP-IP protocol. If this is the case (i.e., the content has a DTCP-IP compliant form), the client device 600 retrieves, from the URL, the hostname, and the port related to DTCP-IP authentication. In a second step 603, the controller calls the programming interface called DTCP_OpenClientSession of the client device 600. This programming interface makes it possible to open a client session compliant with the DTCP-IP protocol associated with the HTTP server (manager node SRM 002) with the hostname obtained. In particular, this programming interface opens an authentication TCP connection with the obtained host name and port number and initiates the authentication phase according to the DTCP-IP protocol. As indicated above, in connection with FIG. 2, this authentication phase enables the client device to obtain from the server an authentication key and an exchange key and also makes it possible to set day the SRM list of the server or that of the client according to the generation and / or the version number of their SRM lists. In a third step 604, the controller calls the programming interface called DTCP_AddClientStream of the client device 600. This programming interface makes it possible to add a stream corresponding to a content identified by its URL address in a previously created client session. In the case where a client has to retrieve multiple protected contents according to the DTCP-IP protocol on the same server, it is possible to add several different streams in a single client session. This call (step 604) of the programming interface allows the HTTP client to associate the content with the appropriate exchange key obtained during the authentication phase. Then, conventionally, the controller calls a TCP connection opening with a network interface 6000 for the HTTP content (step 605), a sending of the obtained HTTP request (step 606), a retrieval of the response (step 607) and analyzing the response content (step 608). The HTTP protocol is explained in the reference document entitled RFC 2616, Hypertext Transfer Protocol ù http / 1.1.

5 is now placed in the context of the communication network of FIG. 3. In order to obtain the following configuration: the client node 403 can access a content c (and this access is restricted to the client node 403) available, via the adapter node 400, on the server node 407; while forbidding, for example, the client nodes 401 and 402 to access said content c, a solution is the implementation of the secure data exchange method according to one embodiment of the invention.

Indeed, in order to obtain the aforementioned configuration, one solution is that the adapter node 400 obtains at least two network addresses (IP addresses in the case where the links of the network of FIG. 3 are Ethernet links). One of these network addresses (also known as the public address) is used by the adapter node 400 for the authentication and key exchange phases DTCP for unrestricted content transmission. It is associated with public encryption keys. Another address of these network addresses (also called private address) is used by the adapter node 400 for the authentication and key exchange phases DTCP for the transmission of content whose access is restricted.

It is associated with private encryption keys. Thus, a connection for the transmission, in accordance with the secure data exchange method according to the invention, of the content c, whose access is restricted to the client node 403, is established (as described with reference to FIGS. 7) between the adapter node 400 and the client node 403 through the private address.

This leads to the generation and exchange of an encryption key only shared by the client nodes 403 and adapter 400. Thus, the content c encrypted by the adapter node 400 by means of the encryption key private Kcl is accessible only for the client node 403 while the client node 403 is still able to receive and decrypt contents previously encrypted by means of public keys. With reference to FIG. 8, the main steps of a method for secure data exchange of the restricted access content c of the server node 407 to the client node 403 in the network of FIG. 3 are presented according to a third embodiment. of the invention.

In a step 500, the communication network of Figure 3 is initialized. During the IP assignment phase, in a step 501, the adapter node 400 requests and obtains at least two IP addresses, for example a first IP address and a second IP address.

To do this, it can, for example, ask a DHCP-compliant server (for Dynamic Host Configuration Protocol) included in the communication network (not shown in FIG. 3), these two IP addresses. But it can also (according to another example) declare having a number of output ports equal to the number of addresses it needs.

The first IP address (also called public address) is dedicated to transmissions and / or receptions (requiring the implementation of an IP address) of data contents between the adapter node 400 and any other device of the network of FIG. but also for unrestricted access of one or more client nodes to content stored on the server node 407.

The second IP address (also called private address) is dedicated only to restricted access to one or more client nodes (s) to contents stored on the server node 407 (such as content c cited in connection with FIG. 7) . In a step 502, the adapter node 400 waits, in a step 503, a DTCP compliant client node to require access to content 2906097 stored on the server node 407. If no access request to a content stored on the server node 407 is not received by the adapter node 400, then the waiting step 502 is carried out.

If a request for access to content stored on the server node 407 is received by the adapter node 400, then in a step 504, the latter verifies whether the request is a restricted access request to the content or not. If the request is a restricted access request to the content, then in a step 506, the adapter node 400 uses the private address to implement an authentication and key exchange phase DTCP with the requesting node. If the request is not a restricted access request to the content, then in a step 505, the adapter node 400 uses the public address to implement an authentication and key exchange phase DTCP with the requesting node. .

Thus, the use of these two public and private addresses leads to the implementation of at least one public key and at least one private key which are distinct, which ensures that a content to which an access mode retreint is requested by the client node 403 can not be read by another authenticated client node.

Then, in a step 507, the adapter node 400 initializes a copy protection connection (ie using the secure data exchange method according to the invention) between the requesting node and the adapter node 400 (the Figures 6 and 7 previously described illustrate the establishment of such a connection).

In a step 508, an authentication and key exchange phase DTCP is performed between the requesting node and the adapter node 400 with the IP address obtained in steps 505 or 506.

Claims (24)

  A secure data exchange method between a first device (002) and a second device in a communication network (1000) comprising a plurality of devices (010, 011, 012, 013, 014, 015, 000, 001, 002 , 003; 400, 401, 402, 403, 407), said first and second devices using a content protection protocol including a first authentication in connection with the initialization of a first connection between at least the first and second devices , characterized in that it comprises the following steps implemented by the first device: detection of an event for exchanging at least one complementary piece of information; second authentication (310; 508) with the second device in the context of initializing a second connection to exchange said complementary information, the first connection being active, said second authentication being implemented after the detection of said event.   2. Method according to claim 1, characterized in that the first and second connections are respectively associated with first and second addresses of the first device (002), said first address being distinct from said second address.   3. Method according to claim 2, characterized in that the first and second addresses are associated with first and second output ports of the first device (002).   4. Method according to any one of claims 2 to 3, characterized in that the first and second addresses are obtained (301; 501) from an address server included in the communication network.   5. Method according to any one of claims 1 to 4, characterized in that the content protection protocol is the DTCP-IP protocol.   The method of any one of claims 1 to 5, said first and second devices including a revocation list associated with the content protection protocol, characterized in that the detected event is a difference between the revocation lists. said first and second devices and that the complementary information is the most recent revocation list. 5   7. Method according to claim 6, characterized in that it comprises the following steps implemented by the first device for at least the second device: determining if the revocation list of the second device is earlier than the revocation list of the first device. device (002); 10 - if the revocation list of the second device is earlier than the revocation list of the first device, updating (310) of the revocation list of the second device by means of the revocation list of the first device.   8. Method according to any one of claims 6 to 7, characterized in that it comprises in advance the following steps: reception (305) of a revocation list of a third device of the communication network; updating (307) the revocation list of the first device (002) with the received revocation list. 20   9. Method according to any one of claims 1 to 5, characterized in that the detected event is a request for exchange of private content between the first device and the second device and in that the complementary information comprises encryption key parameters corresponding to the second connection. 25   A secure data exchange method between a first device and a second device (002) in a communication network (1000) comprising a plurality of devices (010, 011, 012, 013, 014, 015, 000, 001, 002 , 003; 400, 401, 402, 403, 407), said first and second devices using a content protection protocol including a first authentication in connection with the initialization of a first connection between at least the first and second 2906097 devices, characterized in that it comprises the following step implemented by the first device: second authentication (310; 508) with the second device in the context 5 of the initialization of a second connection to exchange at the less additional information, the first connection being active, said second authentication being implemented after the detection of said event.   11. The method of claim 10, characterized in that the content protection protocol is the DTCP-IP protocol.   Computer program product, characterized in that it comprises program code instructions for the execution of the steps of the exchange methods according to any one of claims 1 to 9 and / or according to any one of Claims 10 and 11, when said program is run on a computer.   13. A computer-readable storage medium storing a set of instructions executable by said computer for carrying out the exchange methods according to any one of claims 1 to 9 and / or according to any one of claims 10 and 11. 20   14. First device (002) comprising secure data exchange means with a second device, said first and second devices belonging to a communication network (1000) comprising a plurality of devices (010, 011, 012, 013, 014 , 015, 000, 001, 002, 003, 400, 401, 402, 403, 407), said exchange means comprising first initialization means, for initializing a first connection between the first device and at least one the second device according to a content protection protocol, said first initialization means comprising first authentication means of the first device with the second device according to the content protection protocol, characterized in that the exchange means include: event detection means for exchanging at least one complementary information; second initialization means, for initializing a second connection between the first device and the second device according to the content protection protocol for exchanging said complementary information, said second initialization means comprising second authentication means of the second device; first device with the second device according to the content protection protocol; activation means of the second initialization means which activates the second initialization means if the first connection is active and the event is detected.   The first device according to claim 14, characterized in that the first and second connections are respectively associated with first and second addresses of the first device (002), said first address being distinct from said second address.   16. First device according to claim 15, characterized in that the first and second addresses are associated with first and second output ports of the first device (002).   17. The first device according to claim 14, comprising means for obtaining the first and second addresses from an address server included in the communication network. .   18. First device according to any one of claims 14 to 17, characterized in that the content protection protocol is the DTCP-25 IP protocol.   The first device according to any one of claims 14 to 18, said first and second devices comprising a revocation list associated with the content protection protocol, characterized in that the detected event is a difference between the revocation lists of said first device (002) and second device and in that the complementary information is the most recent revocation list.   The first device according to claim 19, characterized in that it comprises: means for determining whether the revocation list of the second device 5 is earlier than the revocation list of the first device (002); means for updating the revocation list of the second device by means of the revocation list of the first device, said updating means being activated if the revocation list of the second device is earlier than the revocation list of the first device; device. 10   21. First device according to any one of claims 19 to 20, characterized in that it comprises: - means for receiving a revocation list of a third device of the communication network - means for updating of the revocation list of the first device (002) with the received revocation list.   22. First device according to any one of claims 14 to 18, characterized in that the detected event is a request for exchange of private content between the first device and the second device and in that the complementary information includes encryption key parameters corresponding to the second connection.   23. First device comprising secure data exchange means with a second device, said first and second devices belonging to a communication network (1000) comprising a plurality of devices (010, 011, 012, 013, 014, 015, 000, 001, 002, 003; 400, 401, 402, 403, 407), said exchange means comprising first initialization means for initializing a first connection between the first device and at least the second device according to a content protection protocol, said first initialization means comprising first authentication means of the first device with the second device according to the content protection protocol, characterized in that the exchange means comprises: second initialization means for initiating a second connection between the first device and the second device in accordance with the protection protocol of content for exchanging at least one complementary information, said second initialization means comprising second means for authenticating the first device with the second device according to the content protection protocol; activation means of the second initialization means which activates the second initialization means if the first connection is active.   The first device according to claim 23, characterized in that the content protection protocol is the DTCP-IP protocol.