CA2405902C - Time division partial encryption - Google Patents
Time division partial encryption Download PDFInfo
- Publication number
- CA2405902C CA2405902C CA 2405902 CA2405902A CA2405902C CA 2405902 C CA2405902 C CA 2405902C CA 2405902 CA2405902 CA 2405902 CA 2405902 A CA2405902 A CA 2405902A CA 2405902 C CA2405902 C CA 2405902C
- Authority
- CA
- Canada
- Prior art keywords
- encrypted
- television program
- pid
- unencrypted
- television
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Lifetime
Links
Abstract
An encryption arrangement for multiple encryption of television programs. A
system according to embodiments of the present invention multiple encrypts only a portion of the data required for full presentation of a television program to permit coexistence of multiple conditional access encryption systems associated with multiple manufacturer's set-top boxes within a single system. In one embodiment, a time slicing technique is used to encrypt portions of a program on a time allocated basis. By only encrypting a portion of the program, dramatically less bandwidth is consumed than the alternative of multiple encryption of all program data, thus permitting a larger number of programs to be carried over the same bandwidth while permitting coexistence of multiple conditional access systems in a single cable television system.
system according to embodiments of the present invention multiple encrypts only a portion of the data required for full presentation of a television program to permit coexistence of multiple conditional access encryption systems associated with multiple manufacturer's set-top boxes within a single system. In one embodiment, a time slicing technique is used to encrypt portions of a program on a time allocated basis. By only encrypting a portion of the program, dramatically less bandwidth is consumed than the alternative of multiple encryption of all program data, thus permitting a larger number of programs to be carried over the same bandwidth while permitting coexistence of multiple conditional access systems in a single cable television system.
Description
'~ ~' CA 02405902, 2002-10-O1 i , 12 ' TIME DIVISION PARTIAL ENCRYPTION
CROSS REFERENCE TO RELATED DOCUMENTS
16 This application is related to U.S. provisional patent application serial 17 number 601296,673 filed June 6, 2001 to Candelore, et al. entitled "Method for 18 Allowing Multiple CA Providers to Interoperate iri a Content Delivery System by 19 Sending Video in the Clear for Some Content, and Dual Carriage of Audio and Dual Carriage of Video and Audio for Other Content"; and provisional patent application 21 serial number 60/304,241 filed July 10, 2001 to Unger et al., entitled "Independent 22 Selective fncryptions of Program Content for Dual Carriage", and provisional 23 patent application serial number 60/304,131 filed July 10, 2001 to Candelore et al., 24 entitled "Method for Allowing Multiple GA Providers to Interoperate in a Content Delivery System by Partial Scrambling Content on a Time Slice Basis" and to U.S.
26 provisional patent application serial no. 601 ; filed on October 26, 2001 27 to Candelore et al., entitled "Television Encryption Systems", docket number SNY-28 R4646P, which are hereby incorporated herein by reference.
Docket No.: SNY-84646.02 -1- PATENT
o , 1 ~ This application is being filed simultaneously with patent applications 2 docket number SNY-84646.01 entitled "Critical Packet Partial Encryption" to Unger 3 et al., serial number ; docket number SNY-84646.03 entitled 4 "Elementary Stream Partial Encryption" to Candelore, serial number ' ; docket number SNY-84646.04 entitled "Partial Encryption and and docket 6 PID Mapping to Unger et al., serial number 7 number SNY-84646.05 entitled "Decoding and Decrypting of Partially Encrypted 8 Information" to Unger et al., serial number These simultaneously 9 filed patent applications are hereby incorporated by reference herein.
12 A portion of the disclosure of this patent document contains material which 13 is subject to copyright protection. The copyright owner has no objection to the 14 facsimile reproduction of the patent document or the patent disclosure, as it appears in the Patent and Trademark Office patent file or records, but otherwise 16 reserves all copyright rights whatsoever.
19 This invention relates generally to the field of encryption systems. More particularly, this invention relates to systems, methods and apparatus for providing 21 partial encryption and decryption of digital of television signals.
24 Television is used to deliver entertainment and education to viewers. The source material (audio, video, etc.) is multiplexed into a combined signal which is 26 then used to modulate a carrier. This carrier is commonly known as a channel. (A
27 typical channel can carry one analog program, one or two high definition (HD) 28 digital program(s), or several (e.g. nine) standard definition digital programs.) In a 29 terrestrial system, these channels correspond to government assigned frequencies Docket No.: SNY-84646.02 -2- PATENT
a ~' CA 02405902 2002-10-O1 1 frequencies and are distributed over the air. The program is delivered to a receiver 2 that has a tuner that pulls the signal from the air and delivers it to a demodulator, 3 which in turn provides video to a display and audio to speakers. In a cable system 4 the modulated channels are carried over a cable. There may also be an in-band or out-of-band feed of a program guide indicating what programs are available and 6 the associated tuning information. The number of cable channels is finite and 7 limited by equipment/cable bandwidth. Cable distribution systems require a 8 significant capital investment and are expensive to upgrade.
9 Much of television content is valuable to its producers, therefore copyright holders want to control access and restrict copies. Examples of typically protected 11 material include feature films, sporting events, and adult programming.
Conditional 12 access (CA) systems are used to control availability of programming in content 13 delivery systems such as cable systems. CA systems come as matched sets-one 14 part is integrated into the cable system headend and encrypts premium content, the other part provides decryption and is built into the set-top boxes (STB) installed in 16 user's homes. Several CA systems are used in the cable industry including those 17 provided by NDS (Newport Beach, CA), Motorola (Schaumberg, IL) and Scientific 18 Atlanta (Atlanta, GA). This matched set aspect of CA systems has the, effect that 19 the "legacy" vendor is locked in as the supplier of additional STBs. Since the various technologies for conditional access are not mutually compatible (and are 21 often proprietary), any new potential supplier is forced to license the legacy CA.
22 Thus, the cable operator finds itself unable to acquire newer technology or 23 competing technology from other set-top box manufacturers since the technology 24 owners are often unwilling to cooperate, or charge reasonable license fees.
This inflexibility can be especially troublesome when cable companies with disparate CA
26 systems are merged. Service providers would tike more than one source for STBs 27 for any number of reasons.
28 Once a cable operator picks an encryption scheme, it is difficult to change 29 or upgrade the content encryption scheme without introducing a backward Docket No.: SNY-84646.02 -3- PATENT
CA 02405902 2002-10-O1 f 1 compatible decoding device (e.g. set-top box). Providing multiple mode capability 2 in new set-top boxes to handle multiple encryption systems can add substantial cost 3 to any.new set-top box, providing that the technology can be made available to the 4 STB vendor to provide the multiple.decryption capability.
The only known current option to avoiding domination by the legacy vendor 6 (short of wholesale replacement) is using "full dual carriages. Full dual carriage 7 means that transmission is duplicated for each encrypted program - once for each 8 type of CA encryption to be used. To provide full dual carriage, the headend is 9 enhanced to provide each form of CA simultaneously. Legacy STBs should not be impacted and should continue to perform their function despite any change.
11 However, full dual carriage often comes at an unpalatable price because of the 12 bandwidth impact, thus reducing the number of unique programs available.
13 Generally, the number of premium channels suffers so that the number of options 14 available to the viewer are limited .and the value that can be provided by the cable operator is restricted.
16 A conventional cable system arrangement is depicted in FIGURE 1. In such ..
17 a system, the cable operator processes audiolvideo (AN) content 14 with CA
18 technology from manufacturer A (system A) using CA encryption equipment 18 19 compliant with system A at the cable system -headend 22. The encrypted A/V
content along with system information (S1) 26 and program specific information 21 (PSI) 27 is multiplexed together and transmitted over the cable system 32 to a 22 user's STB 36. STB 36 incorporates decrypting CA equipment from system A
23 (manufacturer A} 40 that decrypts the AN content. The decrypted AN content can 24 then be supplied to a television set 44 for viewing by the user.
In a cable system such as that of FIGURE 1, digital program streams are 26 broken into packets for transmission. Packets for each component of a program 27 (video, audio, auxiliary data, etc.) are tagged with a packet identifier or PID. These 28 packet streams for each component of all programs carried within a channel are 29 aggregated into one composite stream. Additional packets are also included to Docket No.: SNY-84646.02 -4- PATENT
1 provide decryption keys and other overhead information. Otherwise unused 2 bandwidth is filled with null packets. Bandwidth budgets are usually adjusted to 3 utilize about 95% of the available channel bandwidth.
4 Overhead information usually includes guide data describing what programs are available and how to locate the associated channels and components. This fi guide data is also known as system information or SI. S1 may be delivered to the 7 STB in-band (part of the data encoded within a channel) or out-of-band (using a 8 special channel dedicated to the purpose). Electronically delivered SI may be 9 partially duplicated in more traditional forms - grids published in newspapers and magazines.
11 In order for a viewer to have a satisfying television experience, it is generally 12 desirable that the viewer have clear access to both audio and video content. Some 13 analog cable systems have used various filtering techniques to obscure the video 14 to prevent an unauthorized viewer from receiving programming that has not been paid for. In such a system, the analog audio is sometimes sent in the clear.
In the 1fi Motorola VideoCipher2 Plus system used in C-band satellite transmissions, strong 17 digital audio encryption is used in conjunction with a relatively weak protection of 18 , the analog video (using sync inversion). In airline in-flight movie systems, the 19 availability of audio only through rental of headphones has been used to provide the full audio and video only to paying customers.
22 ' BRIEF DESCRIPTION OF THE DRAWINGS
23 The features of the invention believed to be novel are set forth with 24 particularity in the appended claims. The invention itself however, both as to organization and method of operation, together with objects and advantages 26 thereof, may be best understood by reference to the following detailed description 27 of the invention, which describes certain exemplary embodiments of the invention, 28 taken in conjunction with the accompanying drawings in which:
29 FIGURE 1 is a block diagram of a conventional conditional access cable Docket No.: SNY-84646.02 -5- PATENT
CA 02405902 2002-10-O1 '' 1 system.
2 FIGURE 2 is a block diagram of a system consistent with one embodiment 3 of the present invention in which dual encrypted audio is transmfitted along with 4 clear video.
~ FIGURE 3 is a block diagram of a system consistent with an embodiment of 6 the present invention in which portions of programming are dual encrypted 7 according to a time slice mechanism.
8 FIGURE 4 is a flow chart of a dual encryption process consistent with certain 9 embodiments of the present invention.
FIGURE 5 is a flow chart of a decryption process consistent with certain 11 embodiments of the present invention.
12 FIGURE 6 is a block diagram of a system consistent with an embodiment of 13 the present invention in which portions of programming are dual encrypted on a 14 packet basis.
FIGURE 7 is a.flow chart of a dual encryption process consistent with certain 16 embodiments of the present invention.
17 FIGURE 8 is a flow chart of a decryption process consistent with certain 18 embodiments of the present invention.
19 FIGURE 9 is a block diagram of a system consistent with an embodiment of ' the present invention in which system information is encrypted and programming 21 is sent in the clear.
22 FIGURE 10 is a block diagram of a generic system consistent with various 23 embodiments of the present invention. .
24 FIGURE 11 is a block diagram of a first embodiment of implementation of an encryption system consistent with embodiments of the present invention in a cable 26 system headend.
27 FIGURE 12 is a block diagram of a second embodiment of implementation 28 of an encryption system consistent with embodiments of the present invention in a 29 cable system headend.
Docket No.: SNY-84646.02 -6- ' PATENT
CA 02405902 2002-10-O1 ~~
r 1 FIGURE 13 is a flow chart of an overall encryption process used to 2 implement certain embodiments of the present invention in a cable system 3 headend.
4 FIGURE 14 is a block diagram of a first embodiment of a set-top box implementation of a decoding system consistent with embodiments of the 6 present invention.
7 FIGURE 15 is a block diagram of a second embodiment of implementation 8 of a decoding system consistent with embodiments of the present invention in a 9 cable system STB.
FIGURE 16 is a block diagram of a third embodiment of implementation of 11 a decoding system consistent with embodiments of the present invention in a 12 cable system STB.
13 FIGURE 17 illustrates the PlD remapping process carried out in one 14 embodiment of a set-top box PfD re-mapper.
FIGURE 18 is a block diagram of an exemplary decoder chip that can be 16 utilized in a television set-top box consistent with the present invention.
19 While this invention is susceptible of embodiment in many different forms, there is shown in the drawings and will herein be described in detail specific 21 embodiments, with the understanding that the present disclosure is to be 22 considered as an example of the principles ofthe invention and not intended to limit 23 the invention to the specific embodiments shown and described. In the description 24 below, like reference numerals are used to describe the same, similar or corresponding parts in the several views of the drawings. The terms "scramble"
26 and "encrypt" and variations thereof are used synonymously herein. Also, the term 27 "television program" and similar terms can be interpreted in the normal 28 conversational sense, as well as a meaning wherein the term means any segment 29 of A/V content that can be displayed on a television set or similar monitor device.
Docket No.: SNY-84646.02 -7- PATENT
'. CA 02405902 2002-10-O1 I~
r , 1 OVERVIEW ..
2 Modern digital cable networks generally use CA systems that fully encrypt 3 digital audio and video to make programming inaccessible except to those who .
4 have properly subscribed. Such encryption is designed to thwart hackers and non-subscribers from receiving programming that has not been paid for. However, as' 6 cable operators wish to provide their subscribers with set-top boxes from any of 7 several manufacturers, they are frustrated by the need to transmit multiple copies 8 ~ of a single program encrypted with multiple encryption technologies compliant with 9 the CA systems of each STB manufacturer.
This need to carry multiple copies of the programming (called "full dual 11 caririage") uses up valuable bandwidth that could be used to provide the viewer with, 12 additional programming content. Certain embodiments of the present invention 13 address this problem in which the bandwidth requirements to provide an equivalent 14 to multiple carriage are minimized. The result could be described as "Virtual Dual S
Carriage" since the benefits of full dual carriage are .provided without the full 16 bandwidth cost. Several embodiments of the present invention are presented 17 herein to accomplish effective partial scrambling. These embodiments vary by the 18 criteria used to select the portion to encrypt. The portion selected in tum affects the 19 additional bandwidth requirements and the effectiveness of the encryption.
It may be desirable to use one encryption process or several processes in combination in 21 a manner consistent with embodiments of the present invention.
22 Certain of the implementations of partial dual encryption described herein 23 utilize an additional (secondary) PID for each duplicated component. These 24 secondary PIDs are used to tag packets that carry duplicated content with an additional encryption method. The PSI is enhanced to convey information about the 26 ~ ~ existence these new PIDs in such a way that inserted PIDs are ignored by legacy 27 STBs but can be easily extracted by new STBs.
28 Some implementations of partial dual encryption involve duplicating only 29 certain packets tagged with a given PID. Methods for selecting which packets to Docket No.: SNY-84648.02 -8- PATENT
CA 02405902 2002-10-O1 I.
1 encrypt are detailed hereinafter. The original (i.e. legacy) PID continues to tag the 2 packets encrypted with legacy encryption .as wel l as other packets sent in the clear.
3 The new PID is used to tag packets encrypted by the second encryption method.
4 . Packets with the secondary PID shadow the encrypted packets tagged with the primary PID. The packets making up the encrypted pairs can occur in either order 6 but, in the preferred implementation, maintain sequence with the clear portion of the 7 PID stream. By use of the primary and secondary PIDs, the decoder located in the 8 set-top box can readily determine which packets are to be decrypted using the 9 decryption method associated with that set-top box, as will be clear upon consideration of the following description. The processes used to manipulate PIDs 11 will be described later in greater detail.
12 The encryption techniques described herein can be broadly categorized 13 (according to one categorization) into three basic variations - encrypting just a 14 major portion (i.e. audio), encrypting just the St, and encrypting just selected packets. In general, each of the encryption techniques used iwthe embodiments 16 disclosed herein seek to encrypt portions of the an AN signal or associated 17 information while leaving other portions of the AN signal in the clear to conserve 18 bandwidth. Bandwidth can be conserved because the same clear portion can be 19 sent to all varieties of set-top boxes. Various methods are used to select the portions of infbrmation to be encrypted. By so doing, the various embodiments of 21 this invention eliminate the traditional "brute-force" technique of encrypting the 22 entire content in one specific scrambling scheme, which predicates the redundant 23 use of bandwidth if alternate scrambling schemes are desired. In addition, each of 24 the partial dual encryption schemes described herein can be used as a single partial encryption scheme without departing from embodiments of the present 26 invention.
27 The various embodiments of the invention use several processes, alone or 28 in combination, to send substantial portions of content in the clear while encrypting 29 only a small amount of information required to correctly reproduce the content.
Docket No.: SNY-84848.02 -9- PATENT
1 ~ ~ Therefore the amount. of. information transmitted that is uniquely encrypted in a 2 particular scrambling scheme is a small percentage of the content, as opposed to 3 the entire replication of each desired program stream. For purposes of the 4 exemplary systems in this document, encryption system A wial be considered the legacy system throughout. Each of the several encryption techniques described 6 above will now be described in detail.
7 The various embodiments of the invention allow each participating CA
8 system to be operated independently. Each is orthogonal to the other. Key sharing 9 in the headend is not required since each system encrypts its own patents.
Different key epochs may be used by each CA system. For example, packets encrypted with 11 Motorola's proprietary encryption can use fast changing encryption keys using the 12 embedded security ASIC, while packets encrypted with NDS' smart card based 13 system use slightly slower changing keys. This embodiment works equally well for 14 Scientific Atlanta and Motorola legacy encryption.
17 Turning now to FIGURE 2, one embodiment of a system that reduces the 18 need for additional bandwidth to provide multiple carriage is illustrated as system 19 100. In this embodiment, the system takes advantage of the fact that viewing television programming withaut audio is usually undesirable. While there are 21 exceptions (e.g., adult programming, some sporting events, etc.), the typical viewer 22 is unlikely to accept routine viewing of television programming without being able 23 to hear the audio. Thus, at headend 122, the video signal 104 is provided in the 24 clear (unencrypted) while the clear audio 106 is provided to multiple CA
systems for broadcast overthe cable network. In the exemplary system 100, clear audio 26 is provided to an encryption system 118 that encrypts audio data using encryption 27 system A (encryption system A wil I be considered the legacy system throughout this 28 document). Simultaneously, clear audio 1 ~ is provided to encryption system 29 that encrypts the audio data using encryption system B. Clear video is than Docket No.: SNY-84646.02 -1 O- PATENT
CA 02405902 2002-10-O1 ~ -1 multiplexed along with encrypted audio from 118 (Audio A) and encrypted audio 2 from 124 (Audio B), system information 128 and program specific information 129.
4 After distribution through the cable system 32, the video, system information, program specific information, Audio A and Audio B are al l delivered to set-top boxes 6 36 and 136. At legacy STB 36, the video is displayed and the encrypted audio is 7 decrypted at CA system A 40 for play on television set 44.' Similarly, at new STB
8 136, the video is displayed and the encrypted audio is decrypted at CA
system B
9 140 for play on television set 144.
Audio has a relatively low bandwidth requirement compared with a complete 11 AN program (or even just the video portion). The current maximum bit rate for 12 stereophonic audio at 384 Kblsecond is approximately 10°l° of a 3.8Mb/second 13 television program. Thus, for dual carriage of only encrypted audio (with video 14 transmitted in the clear) in a system with ten channels carried with 256 QAM
(quadrature amplitude modulation); a loss of only about one channel worth of 16 bandwidth would occur. Therefore, approximately nine channels could be carried.
17 This is a dramatic improvement over the need to dual encrypt all channels,.which 18 would result in a decrease in available channels from ten to five. Where deemed 19 necessary, e.g., sporting events, pay per view, adult programming, etc., dual encryption of both audio and video can still be carried out, if desired.
21 Both legacy and new set-top boxes can function in a normal manner 22 receiving video in the clear and decrypting the audio in the same manner used for 23 fully decrypting encrypted AN content. if the user has not subscribed to the 24 programming encrypted according to the above scheme, at best the user can only view the video without an ability to hear the audio. For enhanced security over the 26 video, it possible to employ other embodiments of the invention (as will be 27 described later) here as well. (For example, the SI may be scrambled to make it 28 more difficult for a non-authorized set-top box to tune to the video portion of the 29 program.) Unauthorized set-top boxes that have not been modified by a hacker, will Docket No.: SNY-84646.02 -11- PATENT
1 blank the video as a result of receipt of the encrypted audio.
2 Authorized set-top boxes receive Entitlement Control Messages (ECM) that 3 are used to get access criteria and descrambling keys. The set-top box attempts 4 to apply the keys to video as well as the audio. Since the video is not scrambled, it simply passes through the set-top boxes' descrambler unaffected. The set-top 6 boxes do not care that the video is in-the-clear. The un-modified and un-subscribed 7 set-top boxes behave as being un-authorized for the scrambled audio as well as the 8 clear video. The video, as well as the audio which was actually scrambled, will be 9 blanked. An on-screen display may appear on the TV stating that the viewer needs 'to subscribe to programming. This desirably totally inhibits the casual viewer from 11 both hearing and viewing the content.
12 fn one embodiment of the present invention, the encrypted audio is 13 transmitted as digitized packets overthe AIV channel. Two (or more) audio streams .
14 are transmitted encrypted according to the two (or more) encryption systems in use by the system's set-top boxes. In order for the two (or more) STBs to properly 16 decrypt and decode their respective audio streams, SI (system information) data are 17 transmitted from the cable system's headend 122 that identifies the particular 18 channel where the audio can be found using a transmitted Service Identifier to 19 locate the audio. This is accomplished by assigning the audio for system A
is a first packet identifier .(PID) and assigning the audio for system B a second packet 21 identifier (PID). By way of example, and not limitation, the following program 22 specific information (PSI) can be sent to identify the location of the audio for two 23 systems, one using NDS conditional access and one using Motorola conditional 24 access. Those skilled in the art will understand how to adapt this information to the other embodiments of partial encryption described later herein.
26 The SI can be separately delivered to both legacy and non-legacy set-top 27 - boxes. It is possible to send SI information so that the legacy and non-legacy set-28 top boxes operate essentiallywithout interference. 1n the SI delivered to legacy set-29 top boxes, the VCT (virtual channel table) would state that the desired program, e.g.
Docket No.: SNY-84646.02 -12- PATENT
s v 1 HBO referenced as program number 1, is on Service ID "1" and that the VCT
2 access control bit is set. The network information table (NIT) delivered to that first 3 STB would indicate that Service ID "1" is at frequency = 1234. In the Sl delivered 4 to non-legacy set-top boxes, the VCT would state that the desired program, e.g.
HBO referenced as program number 1001, is on Service ID "1001" and that the 6 VCT access control bit is set. The network information table delivered to the non-? legacy STB would indicate that the Service ID "1001" is at frequency 1234.
The 8 following exemplary program association Table PS1 data are sent to both legacy 9 and non-legacy set-top boxes (in MPEG data structure format):
Docket No.: SNY-84648.02 -13- PATENT
2 PAT sent on PID=0x0000 3 PAT 0x0000 4 - Transport Stream ID
- PAT version 6 - Program Number 1 7 - PMT 0x0010 8 ' - Program Number 2 9 - PMT 0x0020 - Program Number 3 11 - PMT 0x0030 12 - Program Number 4 13 - PMT 0x0040 14 - Program Number 5 - PMT 0x0050 16 - Program Number 6 1 T - PMT 0x0060 18 - Program Number 7 19 - PMT 0x0070 - Program Number'8 21 - PMT 0x0080 22 - Program Number 9 23 - PMT 0x0090 24 - Program Number 1001 - PMT 0x1010 26 - Program Number 1002 27 - PMT 0x1020 ' 28 - Program Number 1003 29 - PMT 0x1030 - Program Number 1004 , .
31 - PMT 0x1040 32 - Program Number 1005 33 - PMT 0x1050 34 - Program Number 1006 - PMT 0x1060 36 - Program Number 1007 37 - PMT 0x1070 38 - Program Number 1008 39 - PMT 0x1080 .
- Program Number 1009 41 - PMT 0x1090 43 The following exemplary program map table PSI data are selectively 44 received by legacy and non-legacy set-top boxes (in MPEG data structure format):
Docket No.: SNY-84646.02 -14- PATENT
i 2 . PMT sent on PID=0x0010 3 PMT 0x0010 4 PMT Program number 1 PMT Section Version 10 6 PCR PID 0x0011 7 Elementary Stream 8 - Stream Type (Video 0x02 or 0x80) .
9 - Elementary PID (0x0011) - Descriptor 11 - CA Descriptor (ECM) for CA provider #1 12 Elementary Stream 13 - Stream Type (Audio 0x81) 14 - Elementary PID (0x0012) - Descriptor 16 - CA Descriptor (ECM) for CA provider #1 18 ~ PMT sent on P!D=0x1010 19 PMT 0x1010 PMT Program number 1010 21 PMT Section Version 10 22 PCR PID 0x0011 23 Elementary Stream 24 - Stream Type (Video 0x02 or 0x80) - Elementary PID (0x0011) 26 - Descriptor 27 - CA Descriptor (ECM) for CA provider #2 28 Elementary Stream 29 - Stream Type (Audio 0x81) - Elementary PID (0x0013) 31 - Descriptor 32 . - CA Descriptor (ECM) for CA provider #2 36 Considering an example wherein it is desired to deliver programming in a 37 system using either Motorola or Scientific Atlanta as well as NDS CA, the above 38 communications are consistent with the PSI delivered by both Motorola and 39 Scientific Atlanta in their CA systems, with only minor changes. The program association table (PAT) is changed to reference an additional program map table 41 (PMT) for each program. Each program in this embodiment has two program 42 numbers in the PAT. In the table above, program number 1 and program number 43 1001 are the same program except that they wil I reference different audio PIDs and Docket No.: SNY-84646.02 -15- PATENT
1 CA descriptors. Changes in the system to create multiple PMTs and to multiplex 2 new PAT and PMT information with the data stream can be made to appropriately 3 modify the cable system headend equipment. Again, those skilled in the art will 4 understand how to adapt these messages to other partial encryption schemes described herein. An advantage of this approach is that no special hardware or 6 software is required for headend or for legacy and non-legacy set-top boxes to 7 deliver audio that is both legacy and non-legacy encrypted using this scheme.
8 This technique deters the user from use of premium programming which has 9 not been paid for by rendering it inaudible, but a hacker may attempt to tune the video. To combat this, the mechanisms employed in other encryption techniques 11 consistent with the present invention (as will be described later) can be employed 12 simultaneously, if desired. Since closed captioning is generally transmitted as a 13 part of the video data, the user can still obtain readable audio information in 14 conjunction with clear video. Thus, although adequate for some applications, the . present technique alone may not provide adequate protection in all scenarios. In 16 another embodiment, video packets containing closed captioning information as a 17 part of the payload can additionally be scrambled.
18 In an alternative embodiment, only the video may be dual encrypted with 19 , separate PIDs assigned to each set of encrypted video. While this may provide a more secure encryption for general programming (since video may be more 21 important than audio), the amount of bandwidth. savings compared with full dual 22 carriage is only approximately ten percent, since only the audio is shared amongst 23 all the set-top boxes. However, this approach might be used for certain content, 24 ~ e.g. adult and sports, and help reduce the bandwidth overhead for that content while the audio encryption approach may be used for other content types. In the 26 Digital Satellite Service (DSS) transport standard used for the DirecTVT""
service, 27 the ardio packets can be identified for encryption by use of the service channel 28 identifier (SCID) which is considered equivalent.
Docket No.: SNY-84646.02 -16- PATENT
r 2 ~ Another embodiment consistent with the present invention is referred to 3 herein as time slicing and is illustrated in FIGURE 3 as system 200. In this 4 embodiment, a.portion of each program is encrypted on a time dependent basis in a manner that disrupts viewing of the program unless the user has paid for the 6 programming. This embodiment of the invention can be implemented as partially 7 encrypted video and clear audio, clear video and partially encrypted audio or 8 partially encrypted video and audio. The duration of the time slice that is encrypted, 9 taken as a percentage of the total time, can be selected to meet any suitable desired balance of bandwidth usage, security against hackers. In general, under 11 any of the embodiments described herein, less than 100 percent of the content is 12 encrypted to produce a desired partial encryption. . The following example details 13 partially encrypted video and audio.
14 By way of example, and not limitation, consider a system which has nine programs that are to be dual partially encrypted according to the present exemplary 16 embodiment. These nine channels are fed to the cable headend as a multiplexed 17 stream of packets and are digitally encoded using packet identifiers (P-ID) to identify 18 packets associated with a particular one of the nine programs. In this example, 19 assume that those nine programs have video PIDs numbered 101-109 and audio PIDs numbered 201-209. The partial encryption, according to this embodiment is 21 time multiplexed among the programs so that only packets from a single program 22 are encrypted at any given time. The method does not need to be content aware.
23 With reference to TABLE 1 below, an exemplary embodiment of a time slice 24 dual encryption scheme consistent with an embodiment of the invention is illustrated. For program 1 having primary video PID 101 and primary audio PID
201, 26 during the first time period, packets having PID 101 and PID201 are encrypted 27 using encryption system A, while the others representing the other programs are 28 sent in the clear. In this embodiment, secondary PIDs are also assigned to both the 29 video and the audio. The secondary PlDs .are PID 111 for video and PID 211 for Docket No.: SNY-84646.02 -17- PATENT
CA 02405902 2002-10-O1 y 1 audio respectively for program 1. The packets with the secondary PIDs are 2 encrypted using encryption system B during the first time period. The next eight 3 time periods are sent in the clear. Then for time period 10, packets having any of 4 the above four PIDs are again encrypted followed by the next eight time periods being sent in the clear. In a similar manner, during the second period of program 6 2 having primary video PID 102 and primary audio PID 201 are encrypted using 7 encryption system A and packets with their associated secondary PIDs are 8 encrypted using encryption system B, and during the next eight time periods are 9 sent in the clear, and so on. This pattern can be seen clearly in TABLE 1 by 10- examination of the first nine rows. Both audio and video packets, or audio 11 alone or video alone can be encrypted according to this technique, without 12 departing from the invention. Also, the audio and video can have their own 13 individual encryption sequence. In TABLE 1, P1 indicates time period number 1, 14 P2 indicated time period number 2 and so on. EA indicates that the information is encrypted using CA system A and EB indicates that the information is encrypted 16 using CA encryption system B.
Docket No.: SNY-84848.02 -1$- PATENT
~ ' 2 PROti.IDEO AUCNO P9 P4 P5 P6 P7 P8 P10P11P12 PID PID s ~ o v ...
3 1 PID PID EA clearclearclearclearclearclearclearclearEA
clearclear...
4 2 PiD PID cl~rEA clearclearolearclearclearclearclearclearEA
clear...
3 PID PID clearclearEA clearclearclearclearclearclearclearclearEA .
4 PID PID clearclearclearEA
clearclearclearclearclearclearclearclear...
7 6 PID PID clearclearclearclearEA
clearclearclearclearclearclearclear...
$ 6 PID PID clearclearclearclearclearEA
clearclearclearclearclearclear...
9 7 PID PID clearclearclearclearcl~rclearEA
clearclearclearclearclear...
8 PID PID clearclearclearclearclearclearclearEA
clearclearclearclear...
11 8 PID PID clearclearclearclearclearclearclearclearEA
clearclearclear...
111 211 ~
-17 ~ P1D PID EB
22 In orderto retain compatibility with an established legacy encryption system 23 (encryption system A), the encrypted periods for each of programs one through nine 24 are encrypted using encryption system A. Legacy STB equipment will accept such , partially encrypted A/V data streams passing unencrypted packets and decrypting 26 encrypted packets transparently. However, it is desired to obtain dual encryption 27 using both encryption system A and encryption system B. fn order to achieve this, 28 a specified program is assigned both primary PIDs {e.g., for program 1, video PID
29 101 and audio PID 201 ) and a secondary PID (e.g., for program 1, video PID
and audio PID 211 ) to cant' the elementary data streams for a given premium 31 channel.
32 - With reference to L=IGURE 3, system 200 generally depicts the functionality 33 of the cable system headend 222 wherein N channels of clear video 204 at the 34 headend 222 are provided to an intelligent switch 216 (operating under control of a programmed processor) which routes packets that are to be transmitted in the 36 clear to be assigned a primary PID at 220. Packets that are to be encrypted are Docket No.: SNY-84846.02 -19- PATENT
1 routed to both conditional access system A encrypter 218 and to conditional access 2 system B encrypter 224. Once encrypted, these encrypted packets from 218 and 3 224 are assigned primary or secondary PIDs respectively at 220. System 4 information from 228 is multiplexed or combined with the clear packets, the system A encrypted packets and the system B encrypted packets and broadcast over the 6 cable system 32.
CROSS REFERENCE TO RELATED DOCUMENTS
16 This application is related to U.S. provisional patent application serial 17 number 601296,673 filed June 6, 2001 to Candelore, et al. entitled "Method for 18 Allowing Multiple CA Providers to Interoperate iri a Content Delivery System by 19 Sending Video in the Clear for Some Content, and Dual Carriage of Audio and Dual Carriage of Video and Audio for Other Content"; and provisional patent application 21 serial number 60/304,241 filed July 10, 2001 to Unger et al., entitled "Independent 22 Selective fncryptions of Program Content for Dual Carriage", and provisional 23 patent application serial number 60/304,131 filed July 10, 2001 to Candelore et al., 24 entitled "Method for Allowing Multiple GA Providers to Interoperate in a Content Delivery System by Partial Scrambling Content on a Time Slice Basis" and to U.S.
26 provisional patent application serial no. 601 ; filed on October 26, 2001 27 to Candelore et al., entitled "Television Encryption Systems", docket number SNY-28 R4646P, which are hereby incorporated herein by reference.
Docket No.: SNY-84646.02 -1- PATENT
o , 1 ~ This application is being filed simultaneously with patent applications 2 docket number SNY-84646.01 entitled "Critical Packet Partial Encryption" to Unger 3 et al., serial number ; docket number SNY-84646.03 entitled 4 "Elementary Stream Partial Encryption" to Candelore, serial number ' ; docket number SNY-84646.04 entitled "Partial Encryption and and docket 6 PID Mapping to Unger et al., serial number 7 number SNY-84646.05 entitled "Decoding and Decrypting of Partially Encrypted 8 Information" to Unger et al., serial number These simultaneously 9 filed patent applications are hereby incorporated by reference herein.
12 A portion of the disclosure of this patent document contains material which 13 is subject to copyright protection. The copyright owner has no objection to the 14 facsimile reproduction of the patent document or the patent disclosure, as it appears in the Patent and Trademark Office patent file or records, but otherwise 16 reserves all copyright rights whatsoever.
19 This invention relates generally to the field of encryption systems. More particularly, this invention relates to systems, methods and apparatus for providing 21 partial encryption and decryption of digital of television signals.
24 Television is used to deliver entertainment and education to viewers. The source material (audio, video, etc.) is multiplexed into a combined signal which is 26 then used to modulate a carrier. This carrier is commonly known as a channel. (A
27 typical channel can carry one analog program, one or two high definition (HD) 28 digital program(s), or several (e.g. nine) standard definition digital programs.) In a 29 terrestrial system, these channels correspond to government assigned frequencies Docket No.: SNY-84646.02 -2- PATENT
a ~' CA 02405902 2002-10-O1 1 frequencies and are distributed over the air. The program is delivered to a receiver 2 that has a tuner that pulls the signal from the air and delivers it to a demodulator, 3 which in turn provides video to a display and audio to speakers. In a cable system 4 the modulated channels are carried over a cable. There may also be an in-band or out-of-band feed of a program guide indicating what programs are available and 6 the associated tuning information. The number of cable channels is finite and 7 limited by equipment/cable bandwidth. Cable distribution systems require a 8 significant capital investment and are expensive to upgrade.
9 Much of television content is valuable to its producers, therefore copyright holders want to control access and restrict copies. Examples of typically protected 11 material include feature films, sporting events, and adult programming.
Conditional 12 access (CA) systems are used to control availability of programming in content 13 delivery systems such as cable systems. CA systems come as matched sets-one 14 part is integrated into the cable system headend and encrypts premium content, the other part provides decryption and is built into the set-top boxes (STB) installed in 16 user's homes. Several CA systems are used in the cable industry including those 17 provided by NDS (Newport Beach, CA), Motorola (Schaumberg, IL) and Scientific 18 Atlanta (Atlanta, GA). This matched set aspect of CA systems has the, effect that 19 the "legacy" vendor is locked in as the supplier of additional STBs. Since the various technologies for conditional access are not mutually compatible (and are 21 often proprietary), any new potential supplier is forced to license the legacy CA.
22 Thus, the cable operator finds itself unable to acquire newer technology or 23 competing technology from other set-top box manufacturers since the technology 24 owners are often unwilling to cooperate, or charge reasonable license fees.
This inflexibility can be especially troublesome when cable companies with disparate CA
26 systems are merged. Service providers would tike more than one source for STBs 27 for any number of reasons.
28 Once a cable operator picks an encryption scheme, it is difficult to change 29 or upgrade the content encryption scheme without introducing a backward Docket No.: SNY-84646.02 -3- PATENT
CA 02405902 2002-10-O1 f 1 compatible decoding device (e.g. set-top box). Providing multiple mode capability 2 in new set-top boxes to handle multiple encryption systems can add substantial cost 3 to any.new set-top box, providing that the technology can be made available to the 4 STB vendor to provide the multiple.decryption capability.
The only known current option to avoiding domination by the legacy vendor 6 (short of wholesale replacement) is using "full dual carriages. Full dual carriage 7 means that transmission is duplicated for each encrypted program - once for each 8 type of CA encryption to be used. To provide full dual carriage, the headend is 9 enhanced to provide each form of CA simultaneously. Legacy STBs should not be impacted and should continue to perform their function despite any change.
11 However, full dual carriage often comes at an unpalatable price because of the 12 bandwidth impact, thus reducing the number of unique programs available.
13 Generally, the number of premium channels suffers so that the number of options 14 available to the viewer are limited .and the value that can be provided by the cable operator is restricted.
16 A conventional cable system arrangement is depicted in FIGURE 1. In such ..
17 a system, the cable operator processes audiolvideo (AN) content 14 with CA
18 technology from manufacturer A (system A) using CA encryption equipment 18 19 compliant with system A at the cable system -headend 22. The encrypted A/V
content along with system information (S1) 26 and program specific information 21 (PSI) 27 is multiplexed together and transmitted over the cable system 32 to a 22 user's STB 36. STB 36 incorporates decrypting CA equipment from system A
23 (manufacturer A} 40 that decrypts the AN content. The decrypted AN content can 24 then be supplied to a television set 44 for viewing by the user.
In a cable system such as that of FIGURE 1, digital program streams are 26 broken into packets for transmission. Packets for each component of a program 27 (video, audio, auxiliary data, etc.) are tagged with a packet identifier or PID. These 28 packet streams for each component of all programs carried within a channel are 29 aggregated into one composite stream. Additional packets are also included to Docket No.: SNY-84646.02 -4- PATENT
1 provide decryption keys and other overhead information. Otherwise unused 2 bandwidth is filled with null packets. Bandwidth budgets are usually adjusted to 3 utilize about 95% of the available channel bandwidth.
4 Overhead information usually includes guide data describing what programs are available and how to locate the associated channels and components. This fi guide data is also known as system information or SI. S1 may be delivered to the 7 STB in-band (part of the data encoded within a channel) or out-of-band (using a 8 special channel dedicated to the purpose). Electronically delivered SI may be 9 partially duplicated in more traditional forms - grids published in newspapers and magazines.
11 In order for a viewer to have a satisfying television experience, it is generally 12 desirable that the viewer have clear access to both audio and video content. Some 13 analog cable systems have used various filtering techniques to obscure the video 14 to prevent an unauthorized viewer from receiving programming that has not been paid for. In such a system, the analog audio is sometimes sent in the clear.
In the 1fi Motorola VideoCipher2 Plus system used in C-band satellite transmissions, strong 17 digital audio encryption is used in conjunction with a relatively weak protection of 18 , the analog video (using sync inversion). In airline in-flight movie systems, the 19 availability of audio only through rental of headphones has been used to provide the full audio and video only to paying customers.
22 ' BRIEF DESCRIPTION OF THE DRAWINGS
23 The features of the invention believed to be novel are set forth with 24 particularity in the appended claims. The invention itself however, both as to organization and method of operation, together with objects and advantages 26 thereof, may be best understood by reference to the following detailed description 27 of the invention, which describes certain exemplary embodiments of the invention, 28 taken in conjunction with the accompanying drawings in which:
29 FIGURE 1 is a block diagram of a conventional conditional access cable Docket No.: SNY-84646.02 -5- PATENT
CA 02405902 2002-10-O1 '' 1 system.
2 FIGURE 2 is a block diagram of a system consistent with one embodiment 3 of the present invention in which dual encrypted audio is transmfitted along with 4 clear video.
~ FIGURE 3 is a block diagram of a system consistent with an embodiment of 6 the present invention in which portions of programming are dual encrypted 7 according to a time slice mechanism.
8 FIGURE 4 is a flow chart of a dual encryption process consistent with certain 9 embodiments of the present invention.
FIGURE 5 is a flow chart of a decryption process consistent with certain 11 embodiments of the present invention.
12 FIGURE 6 is a block diagram of a system consistent with an embodiment of 13 the present invention in which portions of programming are dual encrypted on a 14 packet basis.
FIGURE 7 is a.flow chart of a dual encryption process consistent with certain 16 embodiments of the present invention.
17 FIGURE 8 is a flow chart of a decryption process consistent with certain 18 embodiments of the present invention.
19 FIGURE 9 is a block diagram of a system consistent with an embodiment of ' the present invention in which system information is encrypted and programming 21 is sent in the clear.
22 FIGURE 10 is a block diagram of a generic system consistent with various 23 embodiments of the present invention. .
24 FIGURE 11 is a block diagram of a first embodiment of implementation of an encryption system consistent with embodiments of the present invention in a cable 26 system headend.
27 FIGURE 12 is a block diagram of a second embodiment of implementation 28 of an encryption system consistent with embodiments of the present invention in a 29 cable system headend.
Docket No.: SNY-84646.02 -6- ' PATENT
CA 02405902 2002-10-O1 ~~
r 1 FIGURE 13 is a flow chart of an overall encryption process used to 2 implement certain embodiments of the present invention in a cable system 3 headend.
4 FIGURE 14 is a block diagram of a first embodiment of a set-top box implementation of a decoding system consistent with embodiments of the 6 present invention.
7 FIGURE 15 is a block diagram of a second embodiment of implementation 8 of a decoding system consistent with embodiments of the present invention in a 9 cable system STB.
FIGURE 16 is a block diagram of a third embodiment of implementation of 11 a decoding system consistent with embodiments of the present invention in a 12 cable system STB.
13 FIGURE 17 illustrates the PlD remapping process carried out in one 14 embodiment of a set-top box PfD re-mapper.
FIGURE 18 is a block diagram of an exemplary decoder chip that can be 16 utilized in a television set-top box consistent with the present invention.
19 While this invention is susceptible of embodiment in many different forms, there is shown in the drawings and will herein be described in detail specific 21 embodiments, with the understanding that the present disclosure is to be 22 considered as an example of the principles ofthe invention and not intended to limit 23 the invention to the specific embodiments shown and described. In the description 24 below, like reference numerals are used to describe the same, similar or corresponding parts in the several views of the drawings. The terms "scramble"
26 and "encrypt" and variations thereof are used synonymously herein. Also, the term 27 "television program" and similar terms can be interpreted in the normal 28 conversational sense, as well as a meaning wherein the term means any segment 29 of A/V content that can be displayed on a television set or similar monitor device.
Docket No.: SNY-84646.02 -7- PATENT
'. CA 02405902 2002-10-O1 I~
r , 1 OVERVIEW ..
2 Modern digital cable networks generally use CA systems that fully encrypt 3 digital audio and video to make programming inaccessible except to those who .
4 have properly subscribed. Such encryption is designed to thwart hackers and non-subscribers from receiving programming that has not been paid for. However, as' 6 cable operators wish to provide their subscribers with set-top boxes from any of 7 several manufacturers, they are frustrated by the need to transmit multiple copies 8 ~ of a single program encrypted with multiple encryption technologies compliant with 9 the CA systems of each STB manufacturer.
This need to carry multiple copies of the programming (called "full dual 11 caririage") uses up valuable bandwidth that could be used to provide the viewer with, 12 additional programming content. Certain embodiments of the present invention 13 address this problem in which the bandwidth requirements to provide an equivalent 14 to multiple carriage are minimized. The result could be described as "Virtual Dual S
Carriage" since the benefits of full dual carriage are .provided without the full 16 bandwidth cost. Several embodiments of the present invention are presented 17 herein to accomplish effective partial scrambling. These embodiments vary by the 18 criteria used to select the portion to encrypt. The portion selected in tum affects the 19 additional bandwidth requirements and the effectiveness of the encryption.
It may be desirable to use one encryption process or several processes in combination in 21 a manner consistent with embodiments of the present invention.
22 Certain of the implementations of partial dual encryption described herein 23 utilize an additional (secondary) PID for each duplicated component. These 24 secondary PIDs are used to tag packets that carry duplicated content with an additional encryption method. The PSI is enhanced to convey information about the 26 ~ ~ existence these new PIDs in such a way that inserted PIDs are ignored by legacy 27 STBs but can be easily extracted by new STBs.
28 Some implementations of partial dual encryption involve duplicating only 29 certain packets tagged with a given PID. Methods for selecting which packets to Docket No.: SNY-84648.02 -8- PATENT
CA 02405902 2002-10-O1 I.
1 encrypt are detailed hereinafter. The original (i.e. legacy) PID continues to tag the 2 packets encrypted with legacy encryption .as wel l as other packets sent in the clear.
3 The new PID is used to tag packets encrypted by the second encryption method.
4 . Packets with the secondary PID shadow the encrypted packets tagged with the primary PID. The packets making up the encrypted pairs can occur in either order 6 but, in the preferred implementation, maintain sequence with the clear portion of the 7 PID stream. By use of the primary and secondary PIDs, the decoder located in the 8 set-top box can readily determine which packets are to be decrypted using the 9 decryption method associated with that set-top box, as will be clear upon consideration of the following description. The processes used to manipulate PIDs 11 will be described later in greater detail.
12 The encryption techniques described herein can be broadly categorized 13 (according to one categorization) into three basic variations - encrypting just a 14 major portion (i.e. audio), encrypting just the St, and encrypting just selected packets. In general, each of the encryption techniques used iwthe embodiments 16 disclosed herein seek to encrypt portions of the an AN signal or associated 17 information while leaving other portions of the AN signal in the clear to conserve 18 bandwidth. Bandwidth can be conserved because the same clear portion can be 19 sent to all varieties of set-top boxes. Various methods are used to select the portions of infbrmation to be encrypted. By so doing, the various embodiments of 21 this invention eliminate the traditional "brute-force" technique of encrypting the 22 entire content in one specific scrambling scheme, which predicates the redundant 23 use of bandwidth if alternate scrambling schemes are desired. In addition, each of 24 the partial dual encryption schemes described herein can be used as a single partial encryption scheme without departing from embodiments of the present 26 invention.
27 The various embodiments of the invention use several processes, alone or 28 in combination, to send substantial portions of content in the clear while encrypting 29 only a small amount of information required to correctly reproduce the content.
Docket No.: SNY-84848.02 -9- PATENT
1 ~ ~ Therefore the amount. of. information transmitted that is uniquely encrypted in a 2 particular scrambling scheme is a small percentage of the content, as opposed to 3 the entire replication of each desired program stream. For purposes of the 4 exemplary systems in this document, encryption system A wial be considered the legacy system throughout. Each of the several encryption techniques described 6 above will now be described in detail.
7 The various embodiments of the invention allow each participating CA
8 system to be operated independently. Each is orthogonal to the other. Key sharing 9 in the headend is not required since each system encrypts its own patents.
Different key epochs may be used by each CA system. For example, packets encrypted with 11 Motorola's proprietary encryption can use fast changing encryption keys using the 12 embedded security ASIC, while packets encrypted with NDS' smart card based 13 system use slightly slower changing keys. This embodiment works equally well for 14 Scientific Atlanta and Motorola legacy encryption.
17 Turning now to FIGURE 2, one embodiment of a system that reduces the 18 need for additional bandwidth to provide multiple carriage is illustrated as system 19 100. In this embodiment, the system takes advantage of the fact that viewing television programming withaut audio is usually undesirable. While there are 21 exceptions (e.g., adult programming, some sporting events, etc.), the typical viewer 22 is unlikely to accept routine viewing of television programming without being able 23 to hear the audio. Thus, at headend 122, the video signal 104 is provided in the 24 clear (unencrypted) while the clear audio 106 is provided to multiple CA
systems for broadcast overthe cable network. In the exemplary system 100, clear audio 26 is provided to an encryption system 118 that encrypts audio data using encryption 27 system A (encryption system A wil I be considered the legacy system throughout this 28 document). Simultaneously, clear audio 1 ~ is provided to encryption system 29 that encrypts the audio data using encryption system B. Clear video is than Docket No.: SNY-84646.02 -1 O- PATENT
CA 02405902 2002-10-O1 ~ -1 multiplexed along with encrypted audio from 118 (Audio A) and encrypted audio 2 from 124 (Audio B), system information 128 and program specific information 129.
4 After distribution through the cable system 32, the video, system information, program specific information, Audio A and Audio B are al l delivered to set-top boxes 6 36 and 136. At legacy STB 36, the video is displayed and the encrypted audio is 7 decrypted at CA system A 40 for play on television set 44.' Similarly, at new STB
8 136, the video is displayed and the encrypted audio is decrypted at CA
system B
9 140 for play on television set 144.
Audio has a relatively low bandwidth requirement compared with a complete 11 AN program (or even just the video portion). The current maximum bit rate for 12 stereophonic audio at 384 Kblsecond is approximately 10°l° of a 3.8Mb/second 13 television program. Thus, for dual carriage of only encrypted audio (with video 14 transmitted in the clear) in a system with ten channels carried with 256 QAM
(quadrature amplitude modulation); a loss of only about one channel worth of 16 bandwidth would occur. Therefore, approximately nine channels could be carried.
17 This is a dramatic improvement over the need to dual encrypt all channels,.which 18 would result in a decrease in available channels from ten to five. Where deemed 19 necessary, e.g., sporting events, pay per view, adult programming, etc., dual encryption of both audio and video can still be carried out, if desired.
21 Both legacy and new set-top boxes can function in a normal manner 22 receiving video in the clear and decrypting the audio in the same manner used for 23 fully decrypting encrypted AN content. if the user has not subscribed to the 24 programming encrypted according to the above scheme, at best the user can only view the video without an ability to hear the audio. For enhanced security over the 26 video, it possible to employ other embodiments of the invention (as will be 27 described later) here as well. (For example, the SI may be scrambled to make it 28 more difficult for a non-authorized set-top box to tune to the video portion of the 29 program.) Unauthorized set-top boxes that have not been modified by a hacker, will Docket No.: SNY-84646.02 -11- PATENT
1 blank the video as a result of receipt of the encrypted audio.
2 Authorized set-top boxes receive Entitlement Control Messages (ECM) that 3 are used to get access criteria and descrambling keys. The set-top box attempts 4 to apply the keys to video as well as the audio. Since the video is not scrambled, it simply passes through the set-top boxes' descrambler unaffected. The set-top 6 boxes do not care that the video is in-the-clear. The un-modified and un-subscribed 7 set-top boxes behave as being un-authorized for the scrambled audio as well as the 8 clear video. The video, as well as the audio which was actually scrambled, will be 9 blanked. An on-screen display may appear on the TV stating that the viewer needs 'to subscribe to programming. This desirably totally inhibits the casual viewer from 11 both hearing and viewing the content.
12 fn one embodiment of the present invention, the encrypted audio is 13 transmitted as digitized packets overthe AIV channel. Two (or more) audio streams .
14 are transmitted encrypted according to the two (or more) encryption systems in use by the system's set-top boxes. In order for the two (or more) STBs to properly 16 decrypt and decode their respective audio streams, SI (system information) data are 17 transmitted from the cable system's headend 122 that identifies the particular 18 channel where the audio can be found using a transmitted Service Identifier to 19 locate the audio. This is accomplished by assigning the audio for system A
is a first packet identifier .(PID) and assigning the audio for system B a second packet 21 identifier (PID). By way of example, and not limitation, the following program 22 specific information (PSI) can be sent to identify the location of the audio for two 23 systems, one using NDS conditional access and one using Motorola conditional 24 access. Those skilled in the art will understand how to adapt this information to the other embodiments of partial encryption described later herein.
26 The SI can be separately delivered to both legacy and non-legacy set-top 27 - boxes. It is possible to send SI information so that the legacy and non-legacy set-28 top boxes operate essentiallywithout interference. 1n the SI delivered to legacy set-29 top boxes, the VCT (virtual channel table) would state that the desired program, e.g.
Docket No.: SNY-84646.02 -12- PATENT
s v 1 HBO referenced as program number 1, is on Service ID "1" and that the VCT
2 access control bit is set. The network information table (NIT) delivered to that first 3 STB would indicate that Service ID "1" is at frequency = 1234. In the Sl delivered 4 to non-legacy set-top boxes, the VCT would state that the desired program, e.g.
HBO referenced as program number 1001, is on Service ID "1001" and that the 6 VCT access control bit is set. The network information table delivered to the non-? legacy STB would indicate that the Service ID "1001" is at frequency 1234.
The 8 following exemplary program association Table PS1 data are sent to both legacy 9 and non-legacy set-top boxes (in MPEG data structure format):
Docket No.: SNY-84648.02 -13- PATENT
2 PAT sent on PID=0x0000 3 PAT 0x0000 4 - Transport Stream ID
- PAT version 6 - Program Number 1 7 - PMT 0x0010 8 ' - Program Number 2 9 - PMT 0x0020 - Program Number 3 11 - PMT 0x0030 12 - Program Number 4 13 - PMT 0x0040 14 - Program Number 5 - PMT 0x0050 16 - Program Number 6 1 T - PMT 0x0060 18 - Program Number 7 19 - PMT 0x0070 - Program Number'8 21 - PMT 0x0080 22 - Program Number 9 23 - PMT 0x0090 24 - Program Number 1001 - PMT 0x1010 26 - Program Number 1002 27 - PMT 0x1020 ' 28 - Program Number 1003 29 - PMT 0x1030 - Program Number 1004 , .
31 - PMT 0x1040 32 - Program Number 1005 33 - PMT 0x1050 34 - Program Number 1006 - PMT 0x1060 36 - Program Number 1007 37 - PMT 0x1070 38 - Program Number 1008 39 - PMT 0x1080 .
- Program Number 1009 41 - PMT 0x1090 43 The following exemplary program map table PSI data are selectively 44 received by legacy and non-legacy set-top boxes (in MPEG data structure format):
Docket No.: SNY-84646.02 -14- PATENT
i 2 . PMT sent on PID=0x0010 3 PMT 0x0010 4 PMT Program number 1 PMT Section Version 10 6 PCR PID 0x0011 7 Elementary Stream 8 - Stream Type (Video 0x02 or 0x80) .
9 - Elementary PID (0x0011) - Descriptor 11 - CA Descriptor (ECM) for CA provider #1 12 Elementary Stream 13 - Stream Type (Audio 0x81) 14 - Elementary PID (0x0012) - Descriptor 16 - CA Descriptor (ECM) for CA provider #1 18 ~ PMT sent on P!D=0x1010 19 PMT 0x1010 PMT Program number 1010 21 PMT Section Version 10 22 PCR PID 0x0011 23 Elementary Stream 24 - Stream Type (Video 0x02 or 0x80) - Elementary PID (0x0011) 26 - Descriptor 27 - CA Descriptor (ECM) for CA provider #2 28 Elementary Stream 29 - Stream Type (Audio 0x81) - Elementary PID (0x0013) 31 - Descriptor 32 . - CA Descriptor (ECM) for CA provider #2 36 Considering an example wherein it is desired to deliver programming in a 37 system using either Motorola or Scientific Atlanta as well as NDS CA, the above 38 communications are consistent with the PSI delivered by both Motorola and 39 Scientific Atlanta in their CA systems, with only minor changes. The program association table (PAT) is changed to reference an additional program map table 41 (PMT) for each program. Each program in this embodiment has two program 42 numbers in the PAT. In the table above, program number 1 and program number 43 1001 are the same program except that they wil I reference different audio PIDs and Docket No.: SNY-84646.02 -15- PATENT
1 CA descriptors. Changes in the system to create multiple PMTs and to multiplex 2 new PAT and PMT information with the data stream can be made to appropriately 3 modify the cable system headend equipment. Again, those skilled in the art will 4 understand how to adapt these messages to other partial encryption schemes described herein. An advantage of this approach is that no special hardware or 6 software is required for headend or for legacy and non-legacy set-top boxes to 7 deliver audio that is both legacy and non-legacy encrypted using this scheme.
8 This technique deters the user from use of premium programming which has 9 not been paid for by rendering it inaudible, but a hacker may attempt to tune the video. To combat this, the mechanisms employed in other encryption techniques 11 consistent with the present invention (as will be described later) can be employed 12 simultaneously, if desired. Since closed captioning is generally transmitted as a 13 part of the video data, the user can still obtain readable audio information in 14 conjunction with clear video. Thus, although adequate for some applications, the . present technique alone may not provide adequate protection in all scenarios. In 16 another embodiment, video packets containing closed captioning information as a 17 part of the payload can additionally be scrambled.
18 In an alternative embodiment, only the video may be dual encrypted with 19 , separate PIDs assigned to each set of encrypted video. While this may provide a more secure encryption for general programming (since video may be more 21 important than audio), the amount of bandwidth. savings compared with full dual 22 carriage is only approximately ten percent, since only the audio is shared amongst 23 all the set-top boxes. However, this approach might be used for certain content, 24 ~ e.g. adult and sports, and help reduce the bandwidth overhead for that content while the audio encryption approach may be used for other content types. In the 26 Digital Satellite Service (DSS) transport standard used for the DirecTVT""
service, 27 the ardio packets can be identified for encryption by use of the service channel 28 identifier (SCID) which is considered equivalent.
Docket No.: SNY-84646.02 -16- PATENT
r 2 ~ Another embodiment consistent with the present invention is referred to 3 herein as time slicing and is illustrated in FIGURE 3 as system 200. In this 4 embodiment, a.portion of each program is encrypted on a time dependent basis in a manner that disrupts viewing of the program unless the user has paid for the 6 programming. This embodiment of the invention can be implemented as partially 7 encrypted video and clear audio, clear video and partially encrypted audio or 8 partially encrypted video and audio. The duration of the time slice that is encrypted, 9 taken as a percentage of the total time, can be selected to meet any suitable desired balance of bandwidth usage, security against hackers. In general, under 11 any of the embodiments described herein, less than 100 percent of the content is 12 encrypted to produce a desired partial encryption. . The following example details 13 partially encrypted video and audio.
14 By way of example, and not limitation, consider a system which has nine programs that are to be dual partially encrypted according to the present exemplary 16 embodiment. These nine channels are fed to the cable headend as a multiplexed 17 stream of packets and are digitally encoded using packet identifiers (P-ID) to identify 18 packets associated with a particular one of the nine programs. In this example, 19 assume that those nine programs have video PIDs numbered 101-109 and audio PIDs numbered 201-209. The partial encryption, according to this embodiment is 21 time multiplexed among the programs so that only packets from a single program 22 are encrypted at any given time. The method does not need to be content aware.
23 With reference to TABLE 1 below, an exemplary embodiment of a time slice 24 dual encryption scheme consistent with an embodiment of the invention is illustrated. For program 1 having primary video PID 101 and primary audio PID
201, 26 during the first time period, packets having PID 101 and PID201 are encrypted 27 using encryption system A, while the others representing the other programs are 28 sent in the clear. In this embodiment, secondary PIDs are also assigned to both the 29 video and the audio. The secondary PlDs .are PID 111 for video and PID 211 for Docket No.: SNY-84646.02 -17- PATENT
CA 02405902 2002-10-O1 y 1 audio respectively for program 1. The packets with the secondary PIDs are 2 encrypted using encryption system B during the first time period. The next eight 3 time periods are sent in the clear. Then for time period 10, packets having any of 4 the above four PIDs are again encrypted followed by the next eight time periods being sent in the clear. In a similar manner, during the second period of program 6 2 having primary video PID 102 and primary audio PID 201 are encrypted using 7 encryption system A and packets with their associated secondary PIDs are 8 encrypted using encryption system B, and during the next eight time periods are 9 sent in the clear, and so on. This pattern can be seen clearly in TABLE 1 by 10- examination of the first nine rows. Both audio and video packets, or audio 11 alone or video alone can be encrypted according to this technique, without 12 departing from the invention. Also, the audio and video can have their own 13 individual encryption sequence. In TABLE 1, P1 indicates time period number 1, 14 P2 indicated time period number 2 and so on. EA indicates that the information is encrypted using CA system A and EB indicates that the information is encrypted 16 using CA encryption system B.
Docket No.: SNY-84848.02 -1$- PATENT
~ ' 2 PROti.IDEO AUCNO P9 P4 P5 P6 P7 P8 P10P11P12 PID PID s ~ o v ...
3 1 PID PID EA clearclearclearclearclearclearclearclearEA
clearclear...
4 2 PiD PID cl~rEA clearclearolearclearclearclearclearclearEA
clear...
3 PID PID clearclearEA clearclearclearclearclearclearclearclearEA .
4 PID PID clearclearclearEA
clearclearclearclearclearclearclearclear...
7 6 PID PID clearclearclearclearEA
clearclearclearclearclearclearclear...
$ 6 PID PID clearclearclearclearclearEA
clearclearclearclearclearclear...
9 7 PID PID clearclearclearclearcl~rclearEA
clearclearclearclearclear...
8 PID PID clearclearclearclearclearclearclearEA
clearclearclearclear...
11 8 PID PID clearclearclearclearclearclearclearclearEA
clearclearclear...
111 211 ~
-17 ~ P1D PID EB
22 In orderto retain compatibility with an established legacy encryption system 23 (encryption system A), the encrypted periods for each of programs one through nine 24 are encrypted using encryption system A. Legacy STB equipment will accept such , partially encrypted A/V data streams passing unencrypted packets and decrypting 26 encrypted packets transparently. However, it is desired to obtain dual encryption 27 using both encryption system A and encryption system B. fn order to achieve this, 28 a specified program is assigned both primary PIDs {e.g., for program 1, video PID
29 101 and audio PID 201 ) and a secondary PID (e.g., for program 1, video PID
and audio PID 211 ) to cant' the elementary data streams for a given premium 31 channel.
32 - With reference to L=IGURE 3, system 200 generally depicts the functionality 33 of the cable system headend 222 wherein N channels of clear video 204 at the 34 headend 222 are provided to an intelligent switch 216 (operating under control of a programmed processor) which routes packets that are to be transmitted in the 36 clear to be assigned a primary PID at 220. Packets that are to be encrypted are Docket No.: SNY-84846.02 -19- PATENT
1 routed to both conditional access system A encrypter 218 and to conditional access 2 system B encrypter 224. Once encrypted, these encrypted packets from 218 and 3 224 are assigned primary or secondary PIDs respectively at 220. System 4 information from 228 is multiplexed or combined with the clear packets, the system A encrypted packets and the system B encrypted packets and broadcast over the 6 cable system 32.
7 For discussion purposes, if the period of the time slice is 100 milli-seconds, 8 then as shown in TABLE 1, there are on average one and a fraction encrypted 9 periods totaling 111 mini-seconds each second for all nine-programs. If the period is 50 milii-seconds, then there are on average two and a fraction encrypted periods 11 totaling 111 milli-seconds. A non-subscribing box attempting to tune video would 12 obtain a very poor image if it could maintain any sort of image lock and the audio 13 would be garbled.
14 The PSI for a partially scrambled stream is handled slightly differently from the dual audio encryption example above. Essentially, the same Sf and PAT PSI
16 information can be sent to both legacy and non-legacy set-top boxes. The 17 difference lies with the PMT PSI information. The legacy set-top box parses the 18 PMT PSI and obtains the primary video and audio PIDs as before. The non-legacy 19 set-top box obtains the primary PIDs like the legacy set-top box but must look at the CA descriptors in the PMT PSI to see if the stream is partially scrambled. The 21 secondary PID is scrambled specifically for a particular CA provider, consequently 22 it makes sense to use the CA descriptor specific to a particular CA
provider to 23 signal that PID. The invention can allow more than two CA providers to co-exist by 24 allowing more than one secondary PID. The secondary PID shall be unique to a particular CA provider. The set-top box know the CA ID for the CA it has, and can 26 check all CA descriptors for the relevant one for it.
27 v1/hile it is possible to send the secondary PID data as private data in the 28 same CA descriptor used for the ECM, the preferred embodiment uses separate CA
29 descriptors. The secondary PID is placed in the CA PID field. This allows headend processing equipment to "see" the PID without having to parse the private Docket No.: SNY-84646.02 -20- PATENT
1 data field of the CA descriptor. To tell the difference between the ECM and 2 secondary PiD CA descriptor, a dummy private data value can be sent.
PMT sent on PID=0x0010 6 PMT 0x0010 7 PMT Program number 1 8 PMT Section Version 10 9 PCR PID 0x0011 Elementary Stream 11 - Stream Type (Video 0x02 or 0x80) 12 - Elementary PID (0x0011) 13 - Descriptor 14 - CA Descriptor (ECM) for CA provider #1 - CA Descriptor (ECM) for CA provider #2 1 - CA Descriptor (Secondary PID) for CA provider fi #2 17 Elementary Stream 18 - Stream Type (Audio 0x81) 19 - Elementary PID (0x0012) - Descriptor 21 - CA Descriptor (ECM) for CA provider #1 22 - CA Descriptor (ECM) for CA provider #2 23 - CA Descriptor (Secondary PID) for CA provider . #2 Descriptor for CA
Provider #2 (ECM) 29 Descriptor Tag: Conditional Access (0x09) 31 Length: 4 Bytes 32 Data 33 - CA System ID:.Ox0942 (2"d CA provider) 34 - CA PID (0x0015) Docket No.: SNY-84646.02 -21- PATENT
CA Descriptor for CA Provider #2 (Secondary PID) 4 Descriptor Tag: Conditional Access (0x09) 6 Length: 5 Bytes 7 Data 8 - CA System ID: 0x1234 (2"d CA provider) 9 - CA PID (0x0016) - Private Data 13 Legacy STB 36 operating under CA system A receives the data, ignores 14 the secondary PIDs, decrypts the packets encrypted under CA system A and presents the program to the television set 44. New or non-legacy STB 236 16 receives the SI 228. It receives PSI 229 and uses the PMT to identify the 17 primary and secondary PID, called out in the second CA descriptor, associated 18 with the program being viewed. The packets encrypted under CA system A are 19 discarded and the packets encrypted under CA system B with the secondary PID
are decrypted.by CA system B 240 and inserted into the clear data stream for 21 decoding and display on television set 244.
22 FIGURE 4 illustrates one process for encoding at the cable system headend 23 that can be used to implement an embodiment of the present invention wherein CA
24 system A is the legacy system and CA system B is the new system to be introduced.
As a clear packet is received, at 250 for a given program, if the packet (or frame) 26 is not to be encrypted (i.e., it is not the current time slice for encryption for this 27 program), the clear packet (C) is passed on to be inserted into the output stream 28 at 254. .If the current packet is to be encrypted by virtue of the current packet being 29 a part of the encryption time slice, the packet is passed for encryption to both packet encryption process A 258 and packet encryption process B 262. The 31 encrypted packets from encryption process A at 258 (EA) are passed on to 254 for 32 insertion into the output stream. The encrypted packets from encryption process 33 . B at 262 (EB) are assigned a secondary PID at 264 for insertion into the output 34 stream at 254. This is repeated for all packets in the program.
Docket No.: SNY-84646.02 -22- PATENT
~, ~, 1 FIGURE 5 illustrates a process used in the STB 236 having the riewly 2 introduced CA system B for decrypting and decoding the received data stream 3 containing C, EAand EB packets having primary and secondary PIDs as described.
4 When a packet is received at 272, it is inspected to see if it has a the primary PID
of interest. if not, the packet is examined to see if it has the secondary PID
of 6 interest at 274. If the packet has neither the primary or secondary PID, it is ignored 7 or dropped at 278. Any intervening packets between the EA and EB packets that 8 are not the primary or secondary P1D are discarded. It is an implementation and 9 mainly a buffering issue whether a decoder can receive multiple EA or EB in a row before receiving the replacement matched EA or EB packet. Also, just as easy to 11 detect for secondary packets that come before and not after the primary packet.
12 It is also possible to design a circuit where either case can happen - the secondary 13 packet can before or after the primary packet. If the packet has the primary PID of 14 interest, the packet is examined at 284 to determine if it is encrypted. If not, the packet (C) is passed directly to the decoder at 288 for decoding. If the packet is 16 encrypted at 284, it is deemed to be an EA packet and is dropped or ignored at 278.
17 In some implementations, the primary packet's encryption does not get checked at 18 284. Rather, its simple position relative to the secondary packet can be checked 19 ~ at 284 to identify it for replacement.
If the packet has the secondary PID at 274, the PID is remapped to the 21 primary PID at 292 (or equivalently, the primary PID is remapped to the secondary 22 PID value). The packet is then decrypted at 296 and sent to the packet decoder at 23 288 for decoding. Of course, those skilled in the art wilt recognize. that many 24 variations are possible without departing from the invention, for example, the order of 292 and 296 or the order of 272 and 274 can be reversed. As mentioned earlier, 26 284 can be replaced with a check of primary packet position with respect to the 27 secondary packet. Other variations will occur to those skilled in the art.
28 Legacy STB 36 operating under the encryption system A totally ignores the 29 secondary PID packets. Packets with the primary PID are decrypted, if necessary, and passed to the decoder without decryption if they are clear packets. Thus, a so Docket No.: SNY-84646.02 -23- PATENT
1 called "legacy" STB operating under encryption system Awill properly decrypt and 2 decode the partially encrypted data stream' associated with the primary PID
and 3 ignore the secondary PID without modification. STBs operatingunder the 4 encryption system B ace programmed to ignore all encrypted packets associated with the primary PID and to use the encrypted packets transmitted with the 6 secondary PID associated with a particular channel.
7 Thus, each dual partially encrypted program-has two sets of PIDs associated 8 therewith. If, as described, the encryption is carried out on a period-by-period 9 basis, for the system shown with an appropriate time slice interval, the picture will be essentially unviewable on a STB with neither decryption.
11 In order to implement this system in the headend 322 of FIGURE 6, the SI
12 and PSI can be modified for inclusion of a second set of CA descriptor information.
13 ~ Legacy set-top boxes may not be able to tolerate 'unknown CA descriptors.
14 Consequently, alternatively, in the set-top box, it may be possible to "hard code"
offsets from the legacy CA PIDs for both the content PIDs andlor the Si/PSl and 16 ECM PIDs. Alternatively, parallel PSI may be sent. For example; an auxiliary PAT
17 can be delivered on PID 1000 instead of PID 0 for the non-legacy set-top boxes. It 18 can reference auxiliary PMTs not found in the legacy PAT. The auxiliary PMTs can 19 contain the non-legacy CA descriptors. Since auxiliary PMTs would not be known to the legacy set-top boxes, there would not be any interoperation issue.
21 In systems where system A corresponds to legacy set-top boxes 22 manufactured by Motorola or Scientific Atlanta, no modifications to the STBs are 23 required. For the system B compliant STBs, for dual carriage of partially encrypted 24 programs as described herein, the video and audio decoder are adapted to listen to two PIDs each (a primary and a secondary PID) instead of just one. There may 26 be one or more secondary shadow PIDs, depending on the number of non-Legacy 27 CA systems in use, however a specific set-top box only listens to one of the 28 secondary PIDs as appropriate for the CA method being used by that specific STB.
29 In addition, ideally the encrypted packets from the PID carrying the mostly clear video or audio are ignored. Since ignoring "bad packets" (those that cannot be Docket No.: SNY-R464fi.02 -24- PATENT
1 readily decoded as is) may already be a function that many decoders perform, thus 2 requiring no modification. For systems with decoders that do not ignore bad 3 packets, afiltering function can be used. It should be understood that the time slice 4 encryption technique could be applied to just the video or the audio. Also, the video may be time slice .encrypted while the audio is dual encrypted as in the earlier 6 embodiment. The time slice technique may be applied to multiple programs 7 concurrently. The number of programs that encrypted during a period of time is 8 mainly an issue of bandwidth allocation, and although the example discusses 9 scrambling a single program at a time, the invention is not limited by that.
Other combinations of encryption techniques described in this document will also occur 11 to those skiNed in the art.
14 MT" AND N PACKET ENCRYPTION
Another embodiment consistent with the preserit invention is referred to 16 herein as M~' & N packet encryption. This is a variation of the embodiment 17 illustrated in FIGURE 3 as system 200. In this embodiment, packets of each PID
18 representing a program are encrypted in a manner that disrupts viewing of the 19 program unless the user has paid for the programming. In this embodiment, M
represents the number of packets between the start of an encryption event. N
21 represents the number of packets that are encrypted in a row, once encryption 22 takes place. N is less than M. If M=9 and N=1, then every nine packets there is an 23 encryption event lasting 1 packet. If M=16 and N=2, then every sixteen packets 24 there is an encryption event lasting two packets. Each packet to be dual partially encrypted is duplicated and processed using CA system A 218, and CA system B
26 224 as in the previous embodiment. The difference in operation between this 27 embodiment and the time slicing technique previously is in the operation of switch 28 216 to effect the selection of packets to encrypt under control of a programmed 29 processor.
Docket No.: SNY-84848.02 -25- PATENT
1 By way of example, and not limitation, consider a system which has nine 2 channels of programming that are to be dual encrypted according to the present 3 exemplary embodiment. These nine channels are digitally encoded using packet 4 identifiers (PID) to identify packets associated with a particular one of nine programs. In this example, assume that those nine programs have video PIDs 6 numbered 101-109 and audio PIDs numbered 201-209. The encryption, according 7 to this embodiment is random program-to-program so that packets from other 8' programs may be encrypted at the same time. This is illustrated in TABLE 2 below 9 in which M=6 and N=2 and in which only video is encrypted, but this should not be considered limiting. The method does not need to be content aware. In TABLE 2, 11 PK1 indicated packet number 1, PK2 indicates packet number 2, and so on.
Docket No.: SNY-84646.02 -26- PATENT
2 PRO(3.VIDEOPK1PK2 PK3 PK4 PKb PlCBPKT PK8 PK8 PK10PK11PK12 3 1 PID EA EA chr clearclearGearEA EA clearclearclear' ...
101 cl~r 4 2 PID chrclearclearEA EA dearclearclearclearEA EA clear...
3 PID clearclearEA EA clearclearchr clearEA EA cl~rchr ...
4 PID clearclearclearEA EA clearclearclearchr EA EA chr ...
7 5 RID clearclearEA EA clearclearclearcl~rEA EA clearclear..
6 PID EA chr clearclearclearEA EA clearcV~rcl~rchr EA ...
7 PID EA EA clearclearclearclearEA EA chr clearclearcl~r ...
8 PlD clearEA EA clearclearGearclearEA EA clearchr clear...
1 1 9 PID EA clearclearclearclearEA EA clear~ GearclearEA ...
109 clear 12 1 PID EB EB EB EB ...
'~ 3 2 PID EB EB EB EB ...
14 3 PID EB EB EB EB ...
4 PID EB EB EB EB ...
16 5 PID EB EB EB EB ...
17 6 PID EB EB EB EB ...
18 7 PID EB EB EB EB ...
117 .
19 8 P1D EB ~EB EB EB ...
9 PID EB EB EB EB ...
23 In the example of TABLE 2, each program is encrypted fully independently 24 of the others using the M=6 and N=2 encryption scheme. Again, the illustrated example encrypts only the video, but audio could also be encrypted according to this 26 or another arrangement. If applied to just the video, audio may be dual scrambled 27 or time slice encrypted as in earl ier embodiments. Alternatively, if applied to just the 28 audio, the video may be time sliced as in the earlier embodiment.
29 Those skilled in the art will recognize that many variations of the technique can be devised consistent with the partial scrambling concepts disclosed herein.
31 For example, a pattern of five clear followed by two encrypted followed by two clear 32 followed by one encrypted (CCCCCEECCECCCCCEECCE...) is consistent.with Docket No.: SNY-84648.02 -27- PATENT
1 variations of the present partial encryption concept, as are random, pseudo-random 2 and semi-random values for M and N may be used for selection of packets to 3 encrypt. Random, pseudo-random or semi-random (herein collectively referred to 4 as "random" herein) selection of packets can make it difficult for a hacker to algorithmically reconstruct packets in a post processing attempt to recover recorded 6 scrambled content. Those skilled in the art will understand how to adapt this 7 information to the other embodiments of partial encryption described later herein.
8 Some of the embodiments can be used in combination to more effectively secure the 9 content.
12 Another partial encryption method consistent with embodiments of the present 13 invention uses a data structure as a basis for encryption. By way of example and 14 not limitation, one convenient data structure to use for encryption is an MPEG video frame. This is illustrated (again with video only) in TABLE 3 below in which every 16 tenth video frame is encrypted. In this embodiment, each program's ten frame 17 encryption cycle is distinct from each other channel, but this should not be 18 considered limiting. This concept can be viewed as a variation of the time slice or 19 M~' and N partial encryption arrangement (or other pattern) based upon video or audio frames (or some other data structure) with the exemplary embodiment having 21 M=10 and N=1. Of course, other values of M and N can be used in a similar 22 embodiment. fn TABLE 3, F1 represents frame number 1, F2 represents frame 23 number 2 and so on.
Docket No.: SNY-84646.02 -28- PATENT
2 PROG.VIDEOF1 F2 F3 F4 F5 F6 F7 F8 F8 F10 F11 F12 3 1 PID EA clearGearclearclearclearclearclearclearclearEA clear...
4 2 PID clearclearclearEA chr clearclearclearclearclearclearclear...
3 PlD clearclearEA clearclearclearclearclearclearclearclearclear...
6 4 PID clearclearclearclearEA
clearclearclearclearclearclearclear...
7 5 PID clearclearclearEA
clearclearclearclearclearclearclearclear...
8 6 P1D EA clearclearclearclearclear- clearclearclearEA clear...
106 clear 9 7 PID chrEA clearclearclearclearclearclearclearclearclearEA ...
8 PID clearEA clearclearGar clearclearclearchr clearclearFJ1 ...
11 9 PID EA clearclearclearGearclearchr clearclearclearEA clear...
12 1 PID EB EB ...
13 2 PID EB ...
14 3 PID EB ...
4 PID EB ...
16 5 PID EB ...
17 6 PID EB EB ...
18 7 PID EB EB ...
19 8 PID EB EB ...
9 PID EB EB ...
23 Thus, again each encrypted program has two sets of PIDs associated 24 therewith. If, as described, the encryption is carried out on a period-by-period basis, for the system shown, the picture will be essentially unviewable. For a nine program 26 system at 30 frames per second as depicted, approximately three frames per second 27 will be encrypted. For viewers who are not entitled to view the program, their STB
28 will be unable to capture much more than an occasional frozen frame as the STB
29 constantly attempts to synchronize and recover. Viewers who have subscribed to the programming will be able to readily view the programming. The bandwidth cost 31 for such an encryption arrangement depends upon the frequency with which the 32 encryption is applied. In the above example, an extra factor of 1/9 of data are Docket No.: SNY-84646.02 -29- PATENT
1 transmitted for each program. .In this example, approximately one program's worth 2 of bandwidth is used. With a greater number of programs, fewer packets per 3 program are encrypted and the security of the encryption system may degrade 4 somewhat. As in the randomized M and N method, random.frames may be selected.
Choosing random frames, in the video case, would help guarantee that all frame 6 types would be affected - intra-coded frames (I frames), predictive-coded (P
7 frames), Bi-directional-coded (B frames) and DC frames.
8 In a variation of the invention, it may be possible to encrypt fewer packets to 9 achieve an acceptable level of security: That is, perhaps in a system of nine programs, only one frame per second may need to be encrypted to achieve 11 acceptable levels of security. In such a system, the overhead becomes one 12 encrypted period per second per program or approximately 1 /30 of data transmitted 13 in overhead. This level of overhead is a dramatic improvement over the 50%
loss 14 of bandwidth associated with full dual carriage of encryption under two encryption systems. In another variation of the invention, it may be possible to encrypt only 16 certain video frames to achieve an acceptable level of security. For example, for 17 MPEG content, only intra-coded frames (I frames) may be scrambled to further 18 reduce the bandwidth overhead and still maintain an acceptable level of security.
19 These offer significant improvement over the bandwidth required for full dual carriage.
23 Substantial efficiency in bandwidth utilization can be achieved by use of a 24 selective packet-by-packet dual encryption technique. In this technique, packets are selected for encryption based upon their importance to the proper decoding of the 26 audio and/or video of the program content.
27 This embodiment can reduce the bandwidth requirement compared with full 28 dual carriage of encrypted content by only scrambling a small fraction of the packets.
29 Clear packets are shared between the two (or more) dual carriage PIDs: In one preferred embodiment, as will be disclosed, less that about one percent of the total Docket No.: SNY-84646.02 -30- PATENT
1 content bandwidth is used. In a system with a legacy encryption scheme, clear ' 2 program content packets can be received by both legacy and new set-top boxes.
3 As mentioned before, encrypted packets are dual carried and processed by the 4 respective set-top boxes with the appropriate CA. Each CA system is orthogonal.
Key sharing is not required and different key epochs may be used by each CA
6 system. For example, a system with Motorola's proprietary encryption can generate 7 fast changing encryption keys using the embedded security ASIC, while an NDS
8 smart card based system can generate slightly slower changing keys. This 9 embodiment works equallywell for ScientificAtlanta and Motorola legacy encryption.
Referring now to FIGURE 6, a block diagram of a system consistent with an 11 embodiment of the present invention in which portions of programming are dual 12 encrypted on a packet-by-packet basis is illustrated as system 300. In this system, 13 packets of each program are dual encrypted using, for example, legacy CA
system 14 A and CA system B. The packets that are encrypted are selected based upon their importance to the proper decoding of the video and/or audio stream.
16 In the system illustrated in FIGURE 6, the cable system headend 322 selects 17 A/V content 304 packets at a packet selector 316 for encryption. Packets selected 18 for encryption are chosen so that their non-receipt (by a non-paying decoder) would 19 severely affect the real-time decoding of a program, and any possible post processing of recorded content. That is, only critical packets are encrypted.
For the 21 video and audio, this can be accomplished by encrypting "start of frame"
transport 22 stream packets containing PES (packetized elementary stream) headers and other 23 headers as part of the payload, since without this information, the STB
decoder 24 cannot decompress the MPEG compressed data. MPEG2 streams identify "start of frame" packets with the "Packet Unit Start Indicator" in the transport header.
26 Generally, packets carrying a payload that contains a group of pictures header or 27 a video sequence header can be used to effect the present scrambling technique.
28 MPEG (Moving Pictures Expert Group) compliant compressed video 29 repackages the elementary data stream into the transport stream in somewhat arbitrary payloads of 188 bytes of data. As such, the transport stream packets Docket No.: SNY-R4fi46.02 -31- PATENT
1 containing a PES header can be selected for encryption at selector 316 and dual 2 encrypted by both the CA system A encrypter 318 and the CA system B
encrypter 3 324. Packets to be dual partially encrypted are duplicated and the PIDs of duplicate 4 packets encrypted by encrypter 324 are remapped at 330 to a secondary PID as in the previous embodiment. The remaining packets are passed in the clear. The 6 clear packets, system A encrypted packets, system B encrypted packets and system 7 information 328 are multiplexed together for broadcast over the cable system 32.
8 As with the previous system, the legacy STB 36 receives clear data and data 9 encrypted under CA encryption system A and transparently passes unencrypted data combined with data decrypted by CA decryption A 40 to its decoder. In the new 11 STB 336, the program is assigned to both a primary and a secondary PID. The clear 12 packets with the primary PID are received and passed to the decoder. The 13 encrypted packets with the primary PID are discarded. Encrypted packets with the 14 secondary PID are decrypted and then recombined with the data stream (e.g., by rernapping the packets to the primary PID) for decoding.
16 Using video is used as an example, each sample is known as a frame and the 17 sample rate is typically 30 frames per second. If the samples are encoded to fit into 18 3.8 Mbps, each frame would occupy 127K bits of bandwidth. This data is sliced for 19 MPEG transport into packets of 188 bytes with the first packets) of each frame containing the header used for instructions to process the body, of the frame data.
21 Dual encrypting just the first header packet (1504 additional bits) requires only 1.2%
22 (1504/127K) of additional bandwidth. For high definition (19 Mbps) streams the 23 percentage is even less.
24 As previously stated, transport stream packets containing a PES header are the preferred target for encryption according to the present embodiment. These 26 packets contain sequence headers, sequence extension headers, picture headers, 27 quantization and other decode tables that also fall within the same packet.
If these 28 packets cannot be decoded (i.e., by a hacker attempting to view unauthorized 29 programming without paying the subscription charges), not even small portions of the program can be viewed. In general, any attempt to tune to the program will likely Docket No.: SNY-84646.02 -32- PATENT
1 be met with a blank screen and no audio whatsoever since known decoder 2 integrated circuits use the PES header to sync up to an elementary stream such as 3 video and audio in real-time. By encrypting the APES header, the decoding engine 4 in an un-authorized set-top box cannot even get started. Post processing attacks,' e.g. on stored content, are thwarted by critical dynamically changing information in 6 the packet containing the PES header. Those skilled in the art will appreciate that 7 for implementation of this embodiment of the invention, other critical or important 8 packets or content elements may also be identified for encryption that could severely 9 inhibit unauthorized viewing without departing from the present invention.
For example, MPEG intra-coded or I frame picture packets could be encrypted to inhibit 11 viewing of the video portion of the program. Embodiments the present invention may 12 be used in any combination with other embodiments, e.g. scrambling the packet 13 containing the PES header as well as random, M~' and N, or data structure 14 encryption of the other packets. Critical packet encryption may be applied to video encryption, while a different method may be applied to audio. Audio could be dual 16 encrypted, for instance. Other variations within the scope of the present invention 17 will occur to those skilled in the art.
18 FIGURE 7 is a flow chart depicting an exemplary encoding process such .as 19 that which would be used at headend 322 of FIGURE 6. When a transport stream packet is received at 350, the packet is examined to determine if it meets a selection 21 criteria for encryption. In the preferred embodiment, this selection criteria is the 22 presence of a PES header as a portion of the packet payload. If not, the packet is 23 passed as a clear unencrypted packet (C) for insertion into the output data stream 24 at 354. If the packet meets the criteria, it is encrypted under CA
encryption system A at 358 to produce an encrypted packet EA. The packet is also duplicated and 26 encrypted under CA encryption system B at 362 to produce an encrypted packet.
27 This encrypted packet is mapped to a secondary PID at 366 to produce an 28 encrypted packet EB. Encrypted packets EA and EB are inserted into the output 29 data stream along with clear packets C at 354. Preferably, the EA and EB
packets are inserted at the location in the data stream where the single original packet was Docket No.: SNY-84646.02 -33- PATENT
1 obtained for encryption so that the sequencing of the data remains essentially the 2 same.
3 When the output data stream from 354 is received at an STB compliant with 4 CA encryption system B such as 336 of FIGURE 6, a process such as that of FIGURE 8 (which is similar to that of FIGURE 5) can be utilized to decrypt and 6 decode the program. When a packet is received having either the primary or the 7 secondary PID at 370, a determination is made as to whether the packet is clear (C) 8 or encrypted under system A (EA} at 370 or encrypted under system B (EB) at 374.
9 If the packet is clear, it is passed directly to the decoder 378. In some embodiments, the relative position of the primary packet, before or after, to the secondary packet 11 may be used to signal a primary packet for replacement in the stream. A
check of 12 the scrambling state of the primary packet is not specifically required. If the packet 13 is an EA packet, it is dropped at 380. If the packet is an EB packet, it is decrypted 14 at 384. At this point, the secondary PID packets and/or the primary PID
packets are remapped to the same PID at 388. The decrypted and clear packets are decoded 16 at 378.
17 The dual partial encryption arrangement described above can greatly reduce 18 the bandwidth requirements over that required for full dual carriage.
Encrypting the 19 PES header information can be effective in securing video and audio content, while allowing two or more CA systems to independently "co-exist" on the same cable 21 system. Legacy system A set-top boxes are un-affected, and system B set-top 22 boxes require only an minor hardware, firmware, or software enhancement to listen 23 for two PIDs each for video and audio. Each type of STB, legacy and non-legacy, 24 retains its intrinsic CA methodology. Headend modification is limited to selecting content for encryption, introducing the second encrypter, and providing a means to 26 mix the combination into a composite output stream.
27 In one embodiment, the headend equipment is configured to opportunistically 28 scramble as much of the content as the bandwidth will allow, and not just the critical 29 PES headers. These additional scrambled packets would be either in the PES
Docket No.: SNY-84646.02 -34- PATENT
( E
1 payload or other packets throughout the videolaudio frame to provide even further 2 security of the content.
Turning now to FIGURE 9, one embodiment of a system that minimizes 6 the need for any additional bandwidth is illustrated as system 400. In this 7 embodiment, the system takes advantage of the fact that system information (S1) 428 8 is required for a set-top box to tune programming. In a cable system, SI is sent in 9 the out-of-band, a frequency set aside from the normal viewing channels. It is possible to also sent it in-band. If sent in-band, the SI 428 is replicated and sent 11 with each stream. For discussion purposes, assume that the SI delivered to "legacy"
12 set-top boxes from previous manufacturers is separate from the SI delivered to set-13 tops from new manufacturers such as STB 436. Consequently, each version of the 14 SI can be independently scrambled as illustrated using conditional access system A 418 and conditional access system B 424. The clear video 404 and clear audio 16 406 are delivered in the clear, but in order to understand how to find them, the SI
17 information 428 is needed.
18 The SI delivers information about channel names and program guide 19 information such as program names and start times, etc. ... as well as the frequency tuning information for each channel. Digital channels are multiplexed.
together and 21 delivered at particular frequencies. In the embodiment of the invention, the SI
22 information is encrypted, and only made available to authorized set-top boxes. If the 23 SI information is not received to allow knowledge of the location of all the AIV
24 frequencies in the plant, then tuning cannot take place.
To frustrate a hacker who might program a set-top box to trial or scan 26 frequencies, the frequencies for the channels can be offset from the standard 27 frequencies. Also, the frequencies can be dynamically changed on a daily, weekly 28 or other periodic or random basis. A typical cable headend may have roughly 29 frequencies in use. Each frequency is typically chosen to avoid interference between, among other things, each other, terrestrial broadcast signals, and Docket No.: SNY-84646.02 -35- PATENT
l, 1 frequencies used by clocks of the receiving equipment. Each channel has at least 2 1 independent alternate frequency that if used would not could not cause 3 interference, or cause the frequency of adjoining channels to be changed.
The 4 actual possible frequency maps are therefore 23° or 1.07 x 109.
However, a hacker might simply quickly try both frequencies on each tune attempt for each of the 6 channels or so. If successful in locating a frequency with content, the hacker's set-7 top box can then parse the PSI 429 to learn about the individual PIDs that make up 8 a program. The hacker will have difficulty learning that "program 1" is "CNN", and 9 that °program 5" is "TNN", and so on. That information is sent with the SI, which as 'f 0 stated above is scrambled and otherwise unavailable to the un-authorized set-top 11 box. However, a persistent hacker might yet figure those out by selecting each one 12 and examining the content delivered. So in order to frustrate the identification of 13 channels, the assignment of a program within a single stream can move around, e.g.
14 program 2 and program 5 swapped in the example above so that "program 1" is "TNN" and "program 5" is "CNN". Also, it is possible to move programs to entirely 16 different streams with entirely new program groupings. A typical digital cable 17 headend can deliver 250 programs of content including music. Each can be 18 uniquely tuned. The possible combinations for re-ordering are 250!
(factorial).
19 Without a map of the content provided by either the delivered SI or by a hacker, the user is faced with randomly selecting each program in a stream to see if it is the one 21 interest.
22 Thus, at headend 422, the video signal 404 and the audio signal 406 are 23 provided in the clear (unencrypted) while the SI 428 is provided to multiple CA
24 systems for delivery over the cable network. Thus, in the exemplary system 400, clear SI 428 is provided to an encryption system 428 that encrypts SI data using 26 encryption system A. Simultaneously, clear SI 428 is provided to encryption system 27 424 that encrypts the SI data using encryption system B. Clear video and audio are 28 then multiplexed along with encrypted SI from 418 (S1 A) and encrypted audio from 29 424 (S1 B) out of band system information 428.
Docket No.: SNY-R464fi.02 -36- PATENT
1 After distribution through the cable system 32, the video, the audio, system 2 information A and system information B are all delivered to set-top boxes 36 and 3 436. At STB 36, the encrypted SI is decrypted at CA system A 40 to provide tuning 4 information to the set-top box. The set-top box tunes a particular program to allow it to be displayed on television set 44. Similarly, at STB 436, the encrypted SI is 6 decrypted at CA system B 440 to provide tuning information for the set-top box, allow 7 a particular program to be tuned and displayed on television set 444.
8 An advantage of this-approach is that no additional AIV bandwidth is required 9 in the content delivery system, e.g. cable system. Only the SI is dual carried. No special hardware is required. Any offset frequencies from the standard ones can be 11 easily accommodated by most tuners. S1 decryption can be performed in software 12 or can be aided by hardware. For example, legacy Motorola set-top boxes have an 13 ability to descramble the SI delivered in the Motorola out-of-band using a hardware 14 decrypter built into the decoder IC chip.
A determined hacker can potentially use a spectrum analyzer on the coax 16 cable to team where the AN channels are located. Also, it may be possible for the 17 hacker to program a set-top box to auto-scan the frequency band to learn where the 18 A/V channels are - a relatively slow process. If the A/V channel frequencies 19 changed dynamically, then that could foil the hackers, since they would need to be constantly analyzing or scanning the band. Also, the program numbers and assigned 21 PIDs can vary. However, dynamically changing frequencies, program numbers, and 22 PIDs might create operational difficulties to a service provider, e.g.
cable operator.
GENERALIZED REPRESENTATION
26 Each of the above techniques can be represented generically by the system 27 500 of FIGURE 10. This system 500 has a cable system headend 522 with clear 28 video 504, clear audio 506, Sl 528, and PSI 529 any of which can be selectively 29 switched through an intelligent processor controlled switch 518, which also serves to assign PIDs (in embodiments requiring PID assignment or reassignment), to Docket No.: SNY-84646.02 -37- PATENT
1 conditional access system A 504 or conditional access system B 524 or passed in 2 the clear to the cable system 32. As previously, the program or SI encrypted 3 according to the legacy CA system A can be properly decoded by STB 36. The CA
4 system B encrypted information is understood by STBs 536 and decrypted and decoded accordingly, as described previously.
8 The PID mapping concepts described above can be generally applied to the 9 dual partial encryption techniques described herein, where needed. At the cable headend, the general concept is that a data stream of packets is manipulated to 11 duplicate packets selected for encryption. Those packets are duplicated and 12 encrypted under two distinct encryption methods. The duplicated packets are 13 assigned separate PIDs (one of which matches the legacy CA PID used for clear 14 content) and reinserted in the location of the original selected packet in the data stream for transmission over the cable system. At the output of the cable system 16 headend, a stream of packets appears with the legacy encrypted packets and clear 17 packets having the same PID. A secondary PID identifies the packets that are 18 encrypted under the new encryption system. In addition to the PID remapping that 19 takes place at the headend, MPEG packets utilize a continuity counter to maintain the appropriate sequence of the packets. In order to assure proper decoding, this 21 continuity counter should be properly maintained during creation of the packetized 22 data stream at the headend. This is accomplished by assuring that packets with 23 each PID are assigned continuity counters sequentially in a normal manner.
Thus, 24 packets with the secondary PID will carry a separate continuity counter from those of the primary PID. This is illustrated below in simplified form where PID 025 is the 26 primary PID and PID 125 is the secondary PID, E represents an encrypted packet, 27 C represents a clear packet,. and the end number represents a continuity counter.
Docket No.: SNY-84646.02 -3$- PATENT
1 In this exemplary segment of packets, packets with PID 025 are seen to have 2 their own sequence of continuity counters (04, 05, 06, 07, 08, 09, ...).
Similarly, the 3 packets with secondary PID 125 also have their own sequence of continuity counters 4 (11, 12, ...).
At the STB, the PIDs can be manipulated in any number of ways to correctly 6 associate the encrypted packets with secondary PID with the correct program.
In 7 one implementation, the packet headers of an input stream segment illustrated 8 below:
025C04 025E05 125E11 025C06 025C07 ~ 025C08 I 025C09 I 025E10 I
12 are manipulated to create the following output stream segment:
14 125C04 025E11 125E05 125C06 125C07 125C08 125C09 ~ 125E10 1 16 The primary PIDs (025) in the input stream are replaced with the secondary PID
17 (125) for the clear packets (C). For the encrypted packets; the primary PID
and 18 secondary PID are retained, but the continuity counters are swapped. Thus, the 19 stream of packets can now be properly decrypted and decoded without errors caused by loss of continuity using the secondary PID. Other methods for 21 manipulation of the PIDs, e.g. mapping the PID (125) on the scrambled legacy 22 packet to a NOP PID (all ones) or other PID value not decoded, and the continuity 23 . counters can also be used in embodiments consistent with the present invention.
24 The primary and secondary PIDs are conveyed to the STBs in the program map table (PMT) transmitted as a part of the program system information (PSI) data 26 stream. The existence of a secondary PID can be established to be ignored by the 27 STB operating under CA encryption system A (the "legacy" system), but new STBs 28 operating under CA encryption system B are programmed to recognize that 29 secondary PIDs are used to convey the encrypted part of the program associated Docket No.: SNY-84646.02 -39- PATENT
1 with the primary PID. The set-top boxes are alerted to the fact that this encryption 2 scheme is being used by the presence of a CA descriptor in the elementary PID "for 3 loop" of the PMT. There typically would be a CA descriptor for the video elementary 4 PID "for loop", and another one in the audio elementary PID "for loop". The CA
descriptor uses a Private Data Byte to identify the CA PID as either the ECM
PID
6 or the secondary PID used for partial scrambling, thus setting up the STB
operating 7 under system B to lookfor both primary and secondary PIDs associated with a single 8 program. Since the PID field in the transport header is thirteen bits in length, there 9 are 2'3 or 8,192 PIDs available for use, any spare PIDs can be utilized for the secondary PIDs as required.
11 In addition to the assignment of a PID for each program component or 12 selected portion thereof, a new PID may be assigned to tag ECM data used in the 13 second encryption technique. Each PID number assigned can be noted as a user 14 defined stream type to prevent disrupting operation of a legacy STB. MPEG
defines a reserved block of such numbers for user defined data stream types.
16 While conceptually the PID mapping at the cable headend is a simple 17 operation, in practice the cable headend equipment is often already established and 18 is therefore modified to accomplish this task in a manner that is minimally disruptive 19 to the established cable system while being cost effective. Thus, the details of the actual implementation within the cable system headend are somewhat dependent 21 upon the actual legacy hardware present in the headend, examples of which are 22 described in greater detail below.
Headend IMPLEMENTATIONS
26 Those skilled in the art will appreciate that the above descriptions as related 27 to FIGURES 2, 3, 6, 9 and 10 are somewhat conceptual in nature and are used to .
28 explain the overall ideas and concepts associated with the various embodiments of 29 the present invention. In realizing a real world implementation of the present invention, those skilled in the art will recognize that a significant real world issue to Docket No.: SNY-84646.02 -40- PATENT
1 contend with is providing a cost effective implementation of the various partial 2 encryption methods within existing legacx headend equipment at established cable 3 providers. Taking two of the primary legacy cable_ systems as examples, the 4 following describes how the above techniques can be implemented at a cable headend.
6 First, consider a cable system headend using a Motorola brand conditional 7 access system. In such a system the modifications shown in FIGURE 11 can .be 8 done to provide a cost effective mechanism for partial dual encryption 9 implementation. In a typical Motorola system, a HITS (Headend In The Sky) or similar data feed is provided from a satellite. This feed provides aggregated 11 digitized content that is supplied to cable providers and is received by a receiver l 12 descrambler I scrambler system 604 such as the Motorola Integrated Receiver 13 Transcoder (18T) models IRT 1000 arid IRT 2000, and Motorola Modular Processing 14 System (MPS). A clear stream of digitized television data can be obtained from the satellite descrambler functional block 606 of the receiver / descrambler /
scrambler 16 604. This clear stream can be manipulated by a new functional block shown as 17 packet selector / duplicator 610. This new block 610 may be implemented as a 18 programmed processor or may be otherwise implemented in hardware, software or 19 a combination thereof.
Packet selector / duplicator 610 selects packets that are to be dual encrypted 21 under any of the above partial dual encryption methods. Those packets are then 22 duplicated with new PIDs so that they can be later identified for encryption. For 23 example, if packets at the input of 610 associated with a particular program have 24 PID A, then packet selector / duplicator 610 identifies packets to be encrypted and duplicates those packets and remaps them to PIDs B and C respectively, so that 26 they can be identified later for encryption under two different systems.
Preferably, 27 the duplicate packets are inserted into the data stream adjacent one another in the 28 location of the originally duplicated packet now with PID C so that they remain in the 29 same order originally presented (except that there are two packets where one previously resided in the data stream). Assume, for the moment, that the new CA
Docket No.: SNY-84646.02 -41- PATENT
1 system to be added is NDS encryption, In this case, PID A will represent clear 2 packets, PID B will represent NDS encrypted packets and PID C will represent 3 Motorola encrypted packets. The packets having PID B may be encrypted under the 4 NDS encryption at this point in 610 or may be encrypted later.
The packets with PIDs B and C are then returned to the system 604 where 6 packets with PID C are encrypted under Motorola encryption at cable scrambler 612 7 as instructed by the control system 614 associated with the Motorola equipment.
8 The output stream from cable scrambler 612 then proceeds to another new device -9 PID remapper and scrambler 620, which receives the output stream from 612 and now remaps the remaining packets with PID A to PID C and encrypts the PID B
11 packets under the NDS encryption algorithm under control of control system 624.
12 The output stream at 626 has clear unencrypted packets with PID C and selected 13 packets which have been duplicated and encrypted under the Motorola encryption 14 system with PID C along with encrypted packets under the NDS encryption system with PID B. This stream is then modulated (e.g., Quadrature Amplitude Modulated 16 and RF modulated) for distribution over the cable system. The preferred 17 embodiment maps the unencrypted packets on PID A to match the scrambled 18 packets on PID C because the audio and video PIDs called out in legacy program 19 specific information (PSI) is correct that way. The control computer, the scrambler, and legacy set-top boxes only know about PID C. Alternatively, the scrambled 21 packets on PID C could be mapped back to PID A, but this would likely mean editing 22 the PSI, that was automatically generated, to map the PID numbers from PID
C back 23 to PID A in the PID remapper and scrambler 620.
24 In the above example, the PID remapper and scrambler620 may also be used to demultiplex PSI information, modify it to reflect the addition of the NDS
encryption 26 (through the use of CA descriptors in the PMT) and multiplex the modified PSI
27 information back into the data stream. The ECMs to support NDS encryption may 28 also be inserted into the data stream at PID remapper and scrambler 620 (or could 29 be inserted by packet selector / duplicator 610).
Docket No.: SNY-84646.02 -42- PATENT
(.
1 Thus, in order to add NDS encryption (or another encryption system) to a 2 cable system headend using Motorola equipment, packets are duplicated and PIDs 3 are remapped in the data stream from the satellite descrambler. The remapped 4 PIDs are then used to identify packets that are to be scrambled under each CA
system. Once the legacy system encryption has taken place, the clear PID is then 6 remapped so that both clear and encrypted packets in the legacy system share the 7 same PID (or PIDs). PID remapping as in 620 and packet selection and duplication 8 as in 610 can be implemented using a programmed processor or using custom or 9 semi-custom integrated circuitry such as an application specific integrated circuit or a programmable logic device or field programmable gate array. Other 11 implementations are also possible without departing from the present invention.
12 FIGURE 12 depicts a similar equipment configuration such as that used in 13 implementing the partial dual encryption of the present, invention in a Scientific 14 Atlanta based cable headend. In this embodiment, the HITS feed or similar is received at IRD 704 which incorporates a satellite descrambler 706. This may be 16 a Motorola IRT or MPS with only the satellite descrambler function enabled.
The 17 output of the satellite descrambler 706 again provides a clear data stream that can 18 be manipulated by a new packet selector l duplicator 710 which selects packets to 19 be encrypted, duplicates them and maps the PIDs of the duplicate packets to new PIDs. Again, for example, packets to remain in the clear are assigned PID A, 21 packets to be encrypted under the new system (e.g., NDS) are assigned PID B
and 22 packets to be encrypted under the Scientific Atlanta encryption system are assigned 23 PID C. The packets with PID B may be encrypted at this point under the NDS
24 encryption system.
The stream of packets is then sent to a multiplexes 712 (e.g., a Scientific 26 Atlanta multiplexes) where the packets having PID C are encrypted under the 27 Scientific Atlanta encryption system at 714 under control of control system 28 associated with multiplexes 712. The stream of data is then supplied internal to 29 multiplexes 712 to a QAM modulator 720. In order to properly remap the,packets, the QAM modulated signal at the output of multiplexes 712 is provided to a new Docket No.: SNY-84646.02 -43- PATENT
1 processor system 724 where the QAM modulated signal is demodulated at a QAM
2 demodulator 730 and the clear PID A packets are remapped to PID C at PID
3 remapper 734 under control of a control system 738. Encryption under the NDS
4 encryption algorithm can also be carried out here rather than in 710. The data stream with remapped PIDs and dual partial encryption is then QAM and RF
6 modulated at 742 for distribution over the cable system.
7 In the above example, the PID remapper and scrambler 734 may also be used 8 to demultiplex PSI information, modify it to reflect the addition of the NDS
encryption 9 (adding the CA descriptors to the PMT) and multiplex the modified PSI
information back into the data stream. The ECMs to support NDS encryption may also be 11 inserted into the data stream at PID remapper and scrambler 734 (or could be 12 inserted by packet selector I duplicator 710). PID remapping and or scrambling as 13 in 734 along with QAM demodulation and QAM modulation as in 730 and 742 14 respectively, and packet selection and duplication as in 710 can be implemented using a programmed processor or using custom or semi-custom integrated circuitry 16 such as an application specific integrated circuit or a programmable logic device or 17 field programmable gate array. Other implementations are also possible without 18 departing from the present.invention.
19 The above embodiments of the present invention allow legacy scrambling equipment to scramble only the packets desired in an elementary stream instead of 21 the entire elementary stream. The scrambling of certain packets of an elementary 22 stream is accomplished by using a PID. number for packets that are not going to be 23 scrambled, e.g., PID A. Packets that will be scrambled will be placed on PID C. The 24 scrambling equipment will scramble the packets on PID C (the ones that have been selected for scrambling). After the scrambling has taken place, the unscrambled 26 packets have the PID number mapped to the same as the scrambled packet -PID
27 A becomes PID C. The legacy set-top boxes will receive an elementary stream with 28 both scrambled and un-scrambled packets.
29 The packets in these embodiments are handled as a stream. The entire stream is sent to the legacy scrambling equipment for scrambling. This keeps all of Docket No.: SNY-84646.02 -44- PATENT
1 the packets in exact time synchronous order. If packets were extracted from a 2 stream and sent to the legacy scrambling equipment, time fitter might be introduced.
3 The present embodiment avoids that problem by keeping all the packets in a stream.
4 The embodiment does not require cooperation from the legacy scrambling equipment provider because that equipment is not involved in the remapping of 6 packets- from PID A to PID C. This remapping is preferable because the PID
called 7 out by the PSf generated by the legacy scrambling system does not need to change.
8 The legacy system knows about PID C, but not PID A. The entire elementary stream 9 to be scrambled by the legacy scrambling equipment is found on a single PID
that the scrambling system has been instructed to scramble.
11 In the above examples, the use of NDS as the second encryption system 12 should not be considered limiting. Moreover, although two widely used systems -13 Motorola and Scientific Atlanta have been depicted by way of example, .similar 14 modifications to legacy systems to permit PID remapping and dual~partial encryption can be used. In general, the technique described above involves the process 16 generally described as 800 in FIGURE 13. A feed is received at 806 which is 17 descrambled as it is received at 810 to produce a clear data stream of packets. At 18 814, packets are selected according to the desired partial dual encryption technique 19 (e.g., audio only, packets containing PES header, etc.). At 818, the selected packets are duplicated and the duplicate pairs are remapped to two new PIDs (e.g., 21 P1D B and PID C). The duplicated packets are then encrypted based upon PID
(that 22 is, PID C is encrypted according to legacy encryption and PID B is encrypted 23 according to the new encryption system) at 822. The clear packets (e.g., PID A) are 24 then remapped to the same PID as the legacy encrypted PID (PID C) at 826.
The order in which some of the elements of the process of FIGURE 13 are 26 carried out can vary according to the particular legacy system being modified to 27 accommodate the particular dual-encryption arrangement being used. For example, 28 encryption under a new encryption system can be carried out either at the time of 29 duplication or later at the time of remapping the legacy packets, as illustrated in FIGURE 11 and 12. Additionally, various demodulation and re-modulation Docket No.: SNY-84848.02 -45- PATENT
1 operations can be carried out as needed to accommodate the particular legacy 2 system at hand (not shown in FIGURE 13).
Several set-top box implementations are possible within the scope of the 6 present invention. The method used at the headend to select packets for encryption 7 is irrelevant to the STB.
8 One such implementation is illustrated in FIGURE 14. In this embodiment, 9 packets from a tuner and demodulator 904 are provided to a decoder circuit 908's demultiplexer 910. The packets are buffered into a memory 912 (e.g., using a 11 unified memory architecture) and processed by the STB's main CPU 916 using 12 software stored in ROM memory 920.
13 Selected PIDs can be stripped from the incoming transport via the STB's PID
14 filter, decrypted and buffered in SDRAM, similar to the initial processing required in preparation for transfer to an HDD in a PVR application. The host CPU 916 can then 16 "manually" filter the buffered data in SDRAM for elimination of the packets 17 containing unneeded PIDs. There are some obvious side effects to this process.
18 The host overhead is estimated to be about 1 % of the bandwidth of the CPU.
19 In the worst case, this is equivalent to 40K byteslSecond for a 15 Mbit/S
video stream. This reduction is possible since at most only 4 bytes of each packet is 21 evaluated and the location is on 188 byte intervals so the intervening data does not 22 have to be considered. Each packet header in SDRAM can therefore be directly 23 accessed through simple memory pointer manipulation. Additionally, Packets are 24 cached in blocks and evaluated en masse to reduce task switching of the host. This would eliminate an interrupt to other tasks upon the reception of each new packet.
26 This may produce a increased latency for starting decode of a stream upon channel 27 change to allow time for cache fill. This may be negligible depending upon the 28 allocated SDRAM cache buffer size.
29 The host filtered packets in the SDRAM buffer are then transferred to the A/V
Queue through existing hardware DMA processes and mimics a PVR
Docket No.: SNY-84646.02 -46- PATENT
t 1 implementation. The filtered packets are then provided to the decoder 922 for 2 decoding.
3 A second technique for implementation in a set-top box is illustrated in 4 FIGURE 15. Since RISC processor AIV decoder module in 930 processes the partial transport PIDs and strips/concatenates for decode, the firmware within 6 decoder IC 930 'can be altered to exclude individual packets in a partial transport 7 stream based upon criteria in each packet header. Alternatively, the demultiplexer 8 910 can be designed to exclude the packets. Legacy scrambled packets) pass 9 through the CA module still encrypted. By using the decoder IC 930 to perform the removal of the legacy scrambled packets and assuming that the packets encrypted 11 under the new encryption algorithm (e.g., NDS) is immediately adjacent the legacy 12 encrypted packet (or at least prior to next primary stream video packet) then the 13 pruning of the legacy packet in effect accomplishes the merging of a single, clear 14 stream into the header strip and video queue.
A third technique for implementation of partial decryption in a set-top box is 16 illustrated in FIGURE 16. In this embodiment, the PID remapping is carried out 17 either within a circuit such as an ASIC, Field Programmable Gate Array (FPGA), or 18 a programmable logic device (PLD) 938 or other custom designed circuit placed 19 between the tuner and demodulator 904 and the decoder IC 908. In a variation of this embodiment, the decoder IC 908 can be modified to implement the PID
21 remapping within demultiplexer 940. In either case, the legacy encrypted packets 22 are dropped and the non-legacy packets re-mapped either in circuit 938 or 23 demultiplexer 940.
24 This third technique can be implemented in one embodiment using the PLD
depicted in FIGURE 17. This implementation assumes that there will be not be more 26 than one encrypted packet of a particular PID appearing in a row, thus, the 27 implementation could be modified to accommodate bursts of encrypted packets such 28 as with the M and N~' encryption arrangement described above (as will be explained 29 later). The input stream passes through a PID identifier 950 which serves to demultiplex the input stream based upon PID. Primary PID packets are checked for Docket No.: SNY-84646.02 -47- PATENT
1 continuity at 958. If a continuity error is detected, the error is noted and the counter 2 is reset at 960.
3 The original input packet stream contains packets tagged with many PIDs.
4 The PID identifier 950 separates packets with the two PIDs of interest (primary and secondary PIDs) from all other packets. This capability can be scaled to process 6 multiple PID pairs. These other packets are bypassed directly to the revised output 7 stream. This processing results in a three or four byte clocking delay.
8 Packets with the secondary PID are routed by the PID identifier 950 to a 9 continuity count checker 954 which verifies sequence integrity for this PID.
Any errors are noted at 956, but specific handling of errors is not relevant to 11 understanding the present invention. The packet's continuity value is preserved for 12 use in checking the sequence of packets to follow. A corresponding continuity check 13 958 is done for packets with the primary PID using the independent primary counter, 14 and again any errors are noted at 960.
The secondary packet is checked for a secondary flag at 962. This Boolean 16 indicator is used to remember if a secondary packet has been processed since the 17 last clear packet. More than one secondary packet between clear packets is an 18 error in this embodiment and is noted at 964. Presence of a secondary packet is 19 remembered by setting the secondary flag at 966.
The continuity counter of the secondary packet is changed at 968 to fit into 21 the sequence of the clear packets. Data for this substitution comes from the value 22 used to verify continuity of the primary stream at 958. The revised packet is sent out 23 from 968 and merged into the revised stream forming the output stream.
24 After packets with primary PIDs have had their continuity checked at 958, they are differentiated at 970 by the scrambling flags in the header. If the packet is 26 scrambled, the primary flag is queried at 974. This primary flag Boolean indicator 27 is used to remember if a primary encrypted packet has been processed since the 28 last clear packet. More than one encrypted primary packet between clear packets 29 is an error in this embodiment and is noted at 976 before the packet is discarded at 978. Presence of a encrypted primary packet is remembered by setting the primary Docket No.: SNY-84648.02 -48- PATENT
1 flag at 980. If there is no downstream consumer for the primary encrypted packet, 2 it can be discarded at 978. In some cases it may be necessary for the packet to 3 continue on (in which case its continuity counter can use the discarded secondary 4 continuity value).
If the primary PID scramble test at 970 detects a clear packet, the state of the 6 secondary and primary flags is tested at 984. Valid conditions are neither set and 7 both set, since encrypted packets should come in matched pairs. A sequence of one 8 without the other should be noted as an error at 988. However, the order of 9 appearance is inconsequential in this embodiment. It should be noted that there may be other ways to flag a primary packet for deletion other than the scrambling 11 bits in the transport header, e.g. the transport_priority bit. Also, it is possible not to 12 use any bits what-so-ever, e.g. using the primary packet's simple positional 13 information, before or after the secondary packet, as an indicator for replacement.
14 Clear packets with the primary PID then have their PID value changed at 992 to the secondary PID before being output in the revised output stream.
Alternatively, 16 the secondary PID packets can be remapped to the primary PID value. The content 17 can be decoded when the decoder is provided with the correct PID for decoding the 18 content (whether the primary or secondary PID). Presence of a clear packet also 19 clears the primary and secondary Boolean flags.
In all the embodiments proposed, the secondary packet can be inserted 21 adjoining the primary packet to be replaced even when a series of primary packets 22 are tagged for replacement. However, in some instances, it may facilitate headend 23 partial scrambling if multiple encrypted packets can be inserted into the stream 24 without the intervening secondary packets. In order to accommodate multiple consecutive encrypted packets (such as with the M~" and N partial encryption 26 method), the use of primary and secondary flags can be replaced with a counter 27 matching test function. Thus, in place of elements 962, 964 and 966, a secondary 28 encrypted packet counter can be incremented. In place of elements 970, 974, 29 and 980, a primary encrypted packet counter can be incremented. Element 984 can be replaced with a comparison of the primary and secondary encrypted packet Docket No.: SNY-84646.02 -49- PATENT
1 counters to assure that the same number of encrypted packets are received in both 2 the primary and secondary paths. Instead of clearing flags at 992, the counters are 3 cleared. Using this variation, multiple encrypted packets may be consecutively 4 received and the number received are compared to monitor the integrity of the data stream. Other variations will occur to those skilled in the art.
6 The function described above in connection with FIGURE 17 can be 7 integrated into an A/V decoder chip that functions similar to that of the commercially 8 available Broadcom series 70xx or 71 xx decoder used in commercial set-top boxes.
9 FIGURE 18 illustrates a block diagram for such a decoder chip where the functions already provided in the commercial chip are essentially unchanged. Normally, 11 commercial decoder chips expect there to be a one-to-one correspondence between 12 the PIDs and program components (e.g., audio or video).
13 The decoder illustrated in FIGURE 18 permits multiple PIDs to be 14 programmed into the decoder via a connection to the STB central processor so that both primary and secondary PIDs can be handled for main audio, main video and 16 a secondary video used for picture-in-picture (PiP) functions. In this embodiment, 17 the raw data stream is received- by a Packet sorter 1002 that provides a function 18 similar to that described in connection with FIGURE 1T above to demultiplex the 19 stream of packets based upon PID. Preferably, the decoder of FIGURE.18 carries out the PID sorting function of 1002 using hard wired logic circuitry rather than 21 programmed software. Program guide and stream navigation information is output 22 for use by an STB's main processor, for example. The packets associated with the 23 main audio program are buffered in a FIFO 1006, decrypted in a decrypter 1010 and 24 then buffered at 1014 for retrieval by an MPEG audio decoder 1018 as needed.
Decoded MPEG audio is then provided as an output from the decoder.
26 In a similar manner, packets associated with the main video program are 27 buffered. in a FIFO 1024, decrypted in a decrypter 1028 and then buffered at 102 28 for retrieval by an MPEG video decoder 1036 as needed. Decoded MPEG video for 29 the main channel is then provided to a compositer 1040 and then provided as an output from the decoder. Similarly, packets associated with picture-in-picture video Docket No.: SNY-84646.02 -50- PATENT
1 are buffered in a FIFO 1044, decrypted in a decrypter 1048 and then buffered at 2 1052 for retrieval by an MPEG video decoder 1056 as needed. Decoded MPEG
3 video for the picture-in-picture channel is then provided to the composites 4 where it is combined with the main channel video and then provided as a decoded video output from the decoder. Other packets not associated with the main or 6 picture-in-picture channel are discarded. Of course, other functions may be 7 incorporated in the decoder chip or deleted without departing from embodiments of 8 the present invention.
CONCLUSION
11 As previously mentioned, in order to thwart a persistent threat by hackers, 12 several of the above partial encryption arrangements can be combined to further 13 enhance security. For example, the critical packet encryption can be used in any 14 combination with SI encryption, M~' an N, random encryption, time slice and other techniques to further enhance security. In one embodiment, as many packets would 16 be encrypted as bandwidth is available. The amount of encryption might depend on 17 whether the content was a regular program or premium (such as a pay-per-view or 18 VOD), whether it was an adult program or a regular movie, and the security level that 19 the various cable operators feel comfortable operating. Those skilled in the art will appreciate that many other combinations are possible to further enhance the 21 security of the encryption without departing from the present invention.
22 The present invention, as described above in its various embodiments, has 23 been described in terms of a digital AIV system using MPEG 2 coding. Thus, the 24 various packet names and protocol specifically discussed is related the coding and decoding. However, those skilled in the art will appreciate that the 26 concepts disclosed and claimed herein are not to be construed in such a limited 27 scope. The same or analogous techniques can be used in any digital cable system 28 without limitation to MPEG 2 protocols. Moreover, the present techniques can be 29 used in any other suitable content delivery scenario including, but not limited to, terrestrial broadcast based content delivery systems, Internet based content Docket No.: SNY-84646.02 -51- PATENT
1 delivery, satellite based content delivery systems such as, for example, the Digital 2 Satellite Service (DSS) such as that used in the DirecTVT"" system, as well as 3 package media (e.g. CDs and DVDs). These various alternatives are considered 4 equivalent for purposes of this document, and the exemplary MPEG 2 cable embodirnent should be considered to be an exemplary embodiment presented for 6 illustrative purposes.
7 In addition, the present invention has been described in terms of decoding 8 partially encrypted television programs using a television set-top box.
However, the 9 present decoding mechanism can equally be implemented within a television.
receiver without need for an STB, or music player such as an MP3 player. Such 11 embodiments are considered equivalent.
12 Also, while the present invention has been described in terms of the use of 13 the encryption techniques described to provide a mechanism for dual partial 14 encryption of a television program, .these partial encryption techniques could be used as a single encryption technique orfor multiple encryption under more than two 16 encryption systems without limitation. More than two encryption systems would be 17 accommodated with additional duplicated packets that are encrypted.
Alternatively, 18 the encryption key for one of the duplicated packets may be shared amongst the 19 multiple encryption systems. Additionally, although specifically disclosed for the purpose of encryption of television programming, the present inventions can be 21 utilized for single or dual encryption of other content including, but not limited to 22 content for download over the Internet or other network, music content, packaged 23 media content as well as other types of information content. Such content may be 24 played on any number of playback devices including but not limited to personal digital assistants (PDAs), personal computers, personal music players, audio 26 systems, audio I video systems, etc. without departing from the present invention.
27 Those skilled in the art will recognize that the present invention has been 28 described in terms of exemplary embodiments that can be realized by use of a 29 programmed processor. However, the invention should not be so limited, since the present invention could be implemented using hardware component equivalents Docket No.: SNY-84646.02 -52- PATENT
,. . CA 02405902 2002-10-O1 1- such as special purpose hardware and/or dedicated processors which are 2 equivalents to the invention as described and claimed. Similarly, general purpose 3 computers, microprocessor based computers, micro-controllers, optical computers, 4 analog computers, dedicated processors andlor dedicated hard wired logic may be used to construct alternative equivalent embodiments of the present invention.
6 Those skilled in the art will appreciate that the program steps and associated 7 data used to implement the embodiments described above can be implemented 8 using disc storage as well as other farms of storage such as for example Read Only 9 Memory (ROM) devices, Random Access Memory (RAM) devices; optical storage elements, magnetic storage elements, magneto-optical storage elements, flash 11 memory, core memory and/or other equivalent storage technologies without 12 departing from the present invention. Such alternative storage devices should be 13 considered equivalents.
14 The present invention, as described in embodiments herein, can be implemented using a programmed processor executing programming instructions 16 that are broadly described above in flow chart form that can be stored on any 17 suitable electronic storage medium or transmitted over any suitable electronic 18 communication medium. However, those skilled in the art will appreciate that the 19 processes described above can be implemented in any nuri~ber of variations and in many suitable programming languages without departing from the present invention.
21 For example, the order of certain operations carried out can often be varied, 22 additional operations can be added or operations can be deleted without departing 23 from the invention. Error trapping can be added andlor enhanced and variations can 24 be made in user interface and information presentation without departing from the present invention. Such variations are contemplated and 26 considered equivalent. .
27 While the invention has been described in conjunction with specific 28 embodiments, it is evident that many alternatives, modifications, permutations and 29 variations will become apparent to those skilled in the art in light of the foregoing description. Accordingly, it is intended that the present invention embrace all such Docket No.: SNY-84646.02 -53- PATENT
alternatives, modifications and variations as fall within the scope of the appended 2 claims.
Docket No.: SNY-84646.02 -54- PATENT
14 The PSI for a partially scrambled stream is handled slightly differently from the dual audio encryption example above. Essentially, the same Sf and PAT PSI
16 information can be sent to both legacy and non-legacy set-top boxes. The 17 difference lies with the PMT PSI information. The legacy set-top box parses the 18 PMT PSI and obtains the primary video and audio PIDs as before. The non-legacy 19 set-top box obtains the primary PIDs like the legacy set-top box but must look at the CA descriptors in the PMT PSI to see if the stream is partially scrambled. The 21 secondary PID is scrambled specifically for a particular CA provider, consequently 22 it makes sense to use the CA descriptor specific to a particular CA
provider to 23 signal that PID. The invention can allow more than two CA providers to co-exist by 24 allowing more than one secondary PID. The secondary PID shall be unique to a particular CA provider. The set-top box know the CA ID for the CA it has, and can 26 check all CA descriptors for the relevant one for it.
27 v1/hile it is possible to send the secondary PID data as private data in the 28 same CA descriptor used for the ECM, the preferred embodiment uses separate CA
29 descriptors. The secondary PID is placed in the CA PID field. This allows headend processing equipment to "see" the PID without having to parse the private Docket No.: SNY-84646.02 -20- PATENT
1 data field of the CA descriptor. To tell the difference between the ECM and 2 secondary PiD CA descriptor, a dummy private data value can be sent.
PMT sent on PID=0x0010 6 PMT 0x0010 7 PMT Program number 1 8 PMT Section Version 10 9 PCR PID 0x0011 Elementary Stream 11 - Stream Type (Video 0x02 or 0x80) 12 - Elementary PID (0x0011) 13 - Descriptor 14 - CA Descriptor (ECM) for CA provider #1 - CA Descriptor (ECM) for CA provider #2 1 - CA Descriptor (Secondary PID) for CA provider fi #2 17 Elementary Stream 18 - Stream Type (Audio 0x81) 19 - Elementary PID (0x0012) - Descriptor 21 - CA Descriptor (ECM) for CA provider #1 22 - CA Descriptor (ECM) for CA provider #2 23 - CA Descriptor (Secondary PID) for CA provider . #2 Descriptor for CA
Provider #2 (ECM) 29 Descriptor Tag: Conditional Access (0x09) 31 Length: 4 Bytes 32 Data 33 - CA System ID:.Ox0942 (2"d CA provider) 34 - CA PID (0x0015) Docket No.: SNY-84646.02 -21- PATENT
CA Descriptor for CA Provider #2 (Secondary PID) 4 Descriptor Tag: Conditional Access (0x09) 6 Length: 5 Bytes 7 Data 8 - CA System ID: 0x1234 (2"d CA provider) 9 - CA PID (0x0016) - Private Data 13 Legacy STB 36 operating under CA system A receives the data, ignores 14 the secondary PIDs, decrypts the packets encrypted under CA system A and presents the program to the television set 44. New or non-legacy STB 236 16 receives the SI 228. It receives PSI 229 and uses the PMT to identify the 17 primary and secondary PID, called out in the second CA descriptor, associated 18 with the program being viewed. The packets encrypted under CA system A are 19 discarded and the packets encrypted under CA system B with the secondary PID
are decrypted.by CA system B 240 and inserted into the clear data stream for 21 decoding and display on television set 244.
22 FIGURE 4 illustrates one process for encoding at the cable system headend 23 that can be used to implement an embodiment of the present invention wherein CA
24 system A is the legacy system and CA system B is the new system to be introduced.
As a clear packet is received, at 250 for a given program, if the packet (or frame) 26 is not to be encrypted (i.e., it is not the current time slice for encryption for this 27 program), the clear packet (C) is passed on to be inserted into the output stream 28 at 254. .If the current packet is to be encrypted by virtue of the current packet being 29 a part of the encryption time slice, the packet is passed for encryption to both packet encryption process A 258 and packet encryption process B 262. The 31 encrypted packets from encryption process A at 258 (EA) are passed on to 254 for 32 insertion into the output stream. The encrypted packets from encryption process 33 . B at 262 (EB) are assigned a secondary PID at 264 for insertion into the output 34 stream at 254. This is repeated for all packets in the program.
Docket No.: SNY-84646.02 -22- PATENT
~, ~, 1 FIGURE 5 illustrates a process used in the STB 236 having the riewly 2 introduced CA system B for decrypting and decoding the received data stream 3 containing C, EAand EB packets having primary and secondary PIDs as described.
4 When a packet is received at 272, it is inspected to see if it has a the primary PID
of interest. if not, the packet is examined to see if it has the secondary PID
of 6 interest at 274. If the packet has neither the primary or secondary PID, it is ignored 7 or dropped at 278. Any intervening packets between the EA and EB packets that 8 are not the primary or secondary P1D are discarded. It is an implementation and 9 mainly a buffering issue whether a decoder can receive multiple EA or EB in a row before receiving the replacement matched EA or EB packet. Also, just as easy to 11 detect for secondary packets that come before and not after the primary packet.
12 It is also possible to design a circuit where either case can happen - the secondary 13 packet can before or after the primary packet. If the packet has the primary PID of 14 interest, the packet is examined at 284 to determine if it is encrypted. If not, the packet (C) is passed directly to the decoder at 288 for decoding. If the packet is 16 encrypted at 284, it is deemed to be an EA packet and is dropped or ignored at 278.
17 In some implementations, the primary packet's encryption does not get checked at 18 284. Rather, its simple position relative to the secondary packet can be checked 19 ~ at 284 to identify it for replacement.
If the packet has the secondary PID at 274, the PID is remapped to the 21 primary PID at 292 (or equivalently, the primary PID is remapped to the secondary 22 PID value). The packet is then decrypted at 296 and sent to the packet decoder at 23 288 for decoding. Of course, those skilled in the art wilt recognize. that many 24 variations are possible without departing from the invention, for example, the order of 292 and 296 or the order of 272 and 274 can be reversed. As mentioned earlier, 26 284 can be replaced with a check of primary packet position with respect to the 27 secondary packet. Other variations will occur to those skilled in the art.
28 Legacy STB 36 operating under the encryption system A totally ignores the 29 secondary PID packets. Packets with the primary PID are decrypted, if necessary, and passed to the decoder without decryption if they are clear packets. Thus, a so Docket No.: SNY-84646.02 -23- PATENT
1 called "legacy" STB operating under encryption system Awill properly decrypt and 2 decode the partially encrypted data stream' associated with the primary PID
and 3 ignore the secondary PID without modification. STBs operatingunder the 4 encryption system B ace programmed to ignore all encrypted packets associated with the primary PID and to use the encrypted packets transmitted with the 6 secondary PID associated with a particular channel.
7 Thus, each dual partially encrypted program-has two sets of PIDs associated 8 therewith. If, as described, the encryption is carried out on a period-by-period 9 basis, for the system shown with an appropriate time slice interval, the picture will be essentially unviewable on a STB with neither decryption.
11 In order to implement this system in the headend 322 of FIGURE 6, the SI
12 and PSI can be modified for inclusion of a second set of CA descriptor information.
13 ~ Legacy set-top boxes may not be able to tolerate 'unknown CA descriptors.
14 Consequently, alternatively, in the set-top box, it may be possible to "hard code"
offsets from the legacy CA PIDs for both the content PIDs andlor the Si/PSl and 16 ECM PIDs. Alternatively, parallel PSI may be sent. For example; an auxiliary PAT
17 can be delivered on PID 1000 instead of PID 0 for the non-legacy set-top boxes. It 18 can reference auxiliary PMTs not found in the legacy PAT. The auxiliary PMTs can 19 contain the non-legacy CA descriptors. Since auxiliary PMTs would not be known to the legacy set-top boxes, there would not be any interoperation issue.
21 In systems where system A corresponds to legacy set-top boxes 22 manufactured by Motorola or Scientific Atlanta, no modifications to the STBs are 23 required. For the system B compliant STBs, for dual carriage of partially encrypted 24 programs as described herein, the video and audio decoder are adapted to listen to two PIDs each (a primary and a secondary PID) instead of just one. There may 26 be one or more secondary shadow PIDs, depending on the number of non-Legacy 27 CA systems in use, however a specific set-top box only listens to one of the 28 secondary PIDs as appropriate for the CA method being used by that specific STB.
29 In addition, ideally the encrypted packets from the PID carrying the mostly clear video or audio are ignored. Since ignoring "bad packets" (those that cannot be Docket No.: SNY-R464fi.02 -24- PATENT
1 readily decoded as is) may already be a function that many decoders perform, thus 2 requiring no modification. For systems with decoders that do not ignore bad 3 packets, afiltering function can be used. It should be understood that the time slice 4 encryption technique could be applied to just the video or the audio. Also, the video may be time slice .encrypted while the audio is dual encrypted as in the earlier 6 embodiment. The time slice technique may be applied to multiple programs 7 concurrently. The number of programs that encrypted during a period of time is 8 mainly an issue of bandwidth allocation, and although the example discusses 9 scrambling a single program at a time, the invention is not limited by that.
Other combinations of encryption techniques described in this document will also occur 11 to those skiNed in the art.
14 MT" AND N PACKET ENCRYPTION
Another embodiment consistent with the preserit invention is referred to 16 herein as M~' & N packet encryption. This is a variation of the embodiment 17 illustrated in FIGURE 3 as system 200. In this embodiment, packets of each PID
18 representing a program are encrypted in a manner that disrupts viewing of the 19 program unless the user has paid for the programming. In this embodiment, M
represents the number of packets between the start of an encryption event. N
21 represents the number of packets that are encrypted in a row, once encryption 22 takes place. N is less than M. If M=9 and N=1, then every nine packets there is an 23 encryption event lasting 1 packet. If M=16 and N=2, then every sixteen packets 24 there is an encryption event lasting two packets. Each packet to be dual partially encrypted is duplicated and processed using CA system A 218, and CA system B
26 224 as in the previous embodiment. The difference in operation between this 27 embodiment and the time slicing technique previously is in the operation of switch 28 216 to effect the selection of packets to encrypt under control of a programmed 29 processor.
Docket No.: SNY-84848.02 -25- PATENT
1 By way of example, and not limitation, consider a system which has nine 2 channels of programming that are to be dual encrypted according to the present 3 exemplary embodiment. These nine channels are digitally encoded using packet 4 identifiers (PID) to identify packets associated with a particular one of nine programs. In this example, assume that those nine programs have video PIDs 6 numbered 101-109 and audio PIDs numbered 201-209. The encryption, according 7 to this embodiment is random program-to-program so that packets from other 8' programs may be encrypted at the same time. This is illustrated in TABLE 2 below 9 in which M=6 and N=2 and in which only video is encrypted, but this should not be considered limiting. The method does not need to be content aware. In TABLE 2, 11 PK1 indicated packet number 1, PK2 indicates packet number 2, and so on.
Docket No.: SNY-84646.02 -26- PATENT
2 PRO(3.VIDEOPK1PK2 PK3 PK4 PKb PlCBPKT PK8 PK8 PK10PK11PK12 3 1 PID EA EA chr clearclearGearEA EA clearclearclear' ...
101 cl~r 4 2 PID chrclearclearEA EA dearclearclearclearEA EA clear...
3 PID clearclearEA EA clearclearchr clearEA EA cl~rchr ...
4 PID clearclearclearEA EA clearclearclearchr EA EA chr ...
7 5 RID clearclearEA EA clearclearclearcl~rEA EA clearclear..
6 PID EA chr clearclearclearEA EA clearcV~rcl~rchr EA ...
7 PID EA EA clearclearclearclearEA EA chr clearclearcl~r ...
8 PlD clearEA EA clearclearGearclearEA EA clearchr clear...
1 1 9 PID EA clearclearclearclearEA EA clear~ GearclearEA ...
109 clear 12 1 PID EB EB EB EB ...
'~ 3 2 PID EB EB EB EB ...
14 3 PID EB EB EB EB ...
4 PID EB EB EB EB ...
16 5 PID EB EB EB EB ...
17 6 PID EB EB EB EB ...
18 7 PID EB EB EB EB ...
117 .
19 8 P1D EB ~EB EB EB ...
9 PID EB EB EB EB ...
23 In the example of TABLE 2, each program is encrypted fully independently 24 of the others using the M=6 and N=2 encryption scheme. Again, the illustrated example encrypts only the video, but audio could also be encrypted according to this 26 or another arrangement. If applied to just the video, audio may be dual scrambled 27 or time slice encrypted as in earl ier embodiments. Alternatively, if applied to just the 28 audio, the video may be time sliced as in the earlier embodiment.
29 Those skilled in the art will recognize that many variations of the technique can be devised consistent with the partial scrambling concepts disclosed herein.
31 For example, a pattern of five clear followed by two encrypted followed by two clear 32 followed by one encrypted (CCCCCEECCECCCCCEECCE...) is consistent.with Docket No.: SNY-84648.02 -27- PATENT
1 variations of the present partial encryption concept, as are random, pseudo-random 2 and semi-random values for M and N may be used for selection of packets to 3 encrypt. Random, pseudo-random or semi-random (herein collectively referred to 4 as "random" herein) selection of packets can make it difficult for a hacker to algorithmically reconstruct packets in a post processing attempt to recover recorded 6 scrambled content. Those skilled in the art will understand how to adapt this 7 information to the other embodiments of partial encryption described later herein.
8 Some of the embodiments can be used in combination to more effectively secure the 9 content.
12 Another partial encryption method consistent with embodiments of the present 13 invention uses a data structure as a basis for encryption. By way of example and 14 not limitation, one convenient data structure to use for encryption is an MPEG video frame. This is illustrated (again with video only) in TABLE 3 below in which every 16 tenth video frame is encrypted. In this embodiment, each program's ten frame 17 encryption cycle is distinct from each other channel, but this should not be 18 considered limiting. This concept can be viewed as a variation of the time slice or 19 M~' and N partial encryption arrangement (or other pattern) based upon video or audio frames (or some other data structure) with the exemplary embodiment having 21 M=10 and N=1. Of course, other values of M and N can be used in a similar 22 embodiment. fn TABLE 3, F1 represents frame number 1, F2 represents frame 23 number 2 and so on.
Docket No.: SNY-84646.02 -28- PATENT
2 PROG.VIDEOF1 F2 F3 F4 F5 F6 F7 F8 F8 F10 F11 F12 3 1 PID EA clearGearclearclearclearclearclearclearclearEA clear...
4 2 PID clearclearclearEA chr clearclearclearclearclearclearclear...
3 PlD clearclearEA clearclearclearclearclearclearclearclearclear...
6 4 PID clearclearclearclearEA
clearclearclearclearclearclearclear...
7 5 PID clearclearclearEA
clearclearclearclearclearclearclearclear...
8 6 P1D EA clearclearclearclearclear- clearclearclearEA clear...
106 clear 9 7 PID chrEA clearclearclearclearclearclearclearclearclearEA ...
8 PID clearEA clearclearGar clearclearclearchr clearclearFJ1 ...
11 9 PID EA clearclearclearGearclearchr clearclearclearEA clear...
12 1 PID EB EB ...
13 2 PID EB ...
14 3 PID EB ...
4 PID EB ...
16 5 PID EB ...
17 6 PID EB EB ...
18 7 PID EB EB ...
19 8 PID EB EB ...
9 PID EB EB ...
23 Thus, again each encrypted program has two sets of PIDs associated 24 therewith. If, as described, the encryption is carried out on a period-by-period basis, for the system shown, the picture will be essentially unviewable. For a nine program 26 system at 30 frames per second as depicted, approximately three frames per second 27 will be encrypted. For viewers who are not entitled to view the program, their STB
28 will be unable to capture much more than an occasional frozen frame as the STB
29 constantly attempts to synchronize and recover. Viewers who have subscribed to the programming will be able to readily view the programming. The bandwidth cost 31 for such an encryption arrangement depends upon the frequency with which the 32 encryption is applied. In the above example, an extra factor of 1/9 of data are Docket No.: SNY-84646.02 -29- PATENT
1 transmitted for each program. .In this example, approximately one program's worth 2 of bandwidth is used. With a greater number of programs, fewer packets per 3 program are encrypted and the security of the encryption system may degrade 4 somewhat. As in the randomized M and N method, random.frames may be selected.
Choosing random frames, in the video case, would help guarantee that all frame 6 types would be affected - intra-coded frames (I frames), predictive-coded (P
7 frames), Bi-directional-coded (B frames) and DC frames.
8 In a variation of the invention, it may be possible to encrypt fewer packets to 9 achieve an acceptable level of security: That is, perhaps in a system of nine programs, only one frame per second may need to be encrypted to achieve 11 acceptable levels of security. In such a system, the overhead becomes one 12 encrypted period per second per program or approximately 1 /30 of data transmitted 13 in overhead. This level of overhead is a dramatic improvement over the 50%
loss 14 of bandwidth associated with full dual carriage of encryption under two encryption systems. In another variation of the invention, it may be possible to encrypt only 16 certain video frames to achieve an acceptable level of security. For example, for 17 MPEG content, only intra-coded frames (I frames) may be scrambled to further 18 reduce the bandwidth overhead and still maintain an acceptable level of security.
19 These offer significant improvement over the bandwidth required for full dual carriage.
23 Substantial efficiency in bandwidth utilization can be achieved by use of a 24 selective packet-by-packet dual encryption technique. In this technique, packets are selected for encryption based upon their importance to the proper decoding of the 26 audio and/or video of the program content.
27 This embodiment can reduce the bandwidth requirement compared with full 28 dual carriage of encrypted content by only scrambling a small fraction of the packets.
29 Clear packets are shared between the two (or more) dual carriage PIDs: In one preferred embodiment, as will be disclosed, less that about one percent of the total Docket No.: SNY-84646.02 -30- PATENT
1 content bandwidth is used. In a system with a legacy encryption scheme, clear ' 2 program content packets can be received by both legacy and new set-top boxes.
3 As mentioned before, encrypted packets are dual carried and processed by the 4 respective set-top boxes with the appropriate CA. Each CA system is orthogonal.
Key sharing is not required and different key epochs may be used by each CA
6 system. For example, a system with Motorola's proprietary encryption can generate 7 fast changing encryption keys using the embedded security ASIC, while an NDS
8 smart card based system can generate slightly slower changing keys. This 9 embodiment works equallywell for ScientificAtlanta and Motorola legacy encryption.
Referring now to FIGURE 6, a block diagram of a system consistent with an 11 embodiment of the present invention in which portions of programming are dual 12 encrypted on a packet-by-packet basis is illustrated as system 300. In this system, 13 packets of each program are dual encrypted using, for example, legacy CA
system 14 A and CA system B. The packets that are encrypted are selected based upon their importance to the proper decoding of the video and/or audio stream.
16 In the system illustrated in FIGURE 6, the cable system headend 322 selects 17 A/V content 304 packets at a packet selector 316 for encryption. Packets selected 18 for encryption are chosen so that their non-receipt (by a non-paying decoder) would 19 severely affect the real-time decoding of a program, and any possible post processing of recorded content. That is, only critical packets are encrypted.
For the 21 video and audio, this can be accomplished by encrypting "start of frame"
transport 22 stream packets containing PES (packetized elementary stream) headers and other 23 headers as part of the payload, since without this information, the STB
decoder 24 cannot decompress the MPEG compressed data. MPEG2 streams identify "start of frame" packets with the "Packet Unit Start Indicator" in the transport header.
26 Generally, packets carrying a payload that contains a group of pictures header or 27 a video sequence header can be used to effect the present scrambling technique.
28 MPEG (Moving Pictures Expert Group) compliant compressed video 29 repackages the elementary data stream into the transport stream in somewhat arbitrary payloads of 188 bytes of data. As such, the transport stream packets Docket No.: SNY-R4fi46.02 -31- PATENT
1 containing a PES header can be selected for encryption at selector 316 and dual 2 encrypted by both the CA system A encrypter 318 and the CA system B
encrypter 3 324. Packets to be dual partially encrypted are duplicated and the PIDs of duplicate 4 packets encrypted by encrypter 324 are remapped at 330 to a secondary PID as in the previous embodiment. The remaining packets are passed in the clear. The 6 clear packets, system A encrypted packets, system B encrypted packets and system 7 information 328 are multiplexed together for broadcast over the cable system 32.
8 As with the previous system, the legacy STB 36 receives clear data and data 9 encrypted under CA encryption system A and transparently passes unencrypted data combined with data decrypted by CA decryption A 40 to its decoder. In the new 11 STB 336, the program is assigned to both a primary and a secondary PID. The clear 12 packets with the primary PID are received and passed to the decoder. The 13 encrypted packets with the primary PID are discarded. Encrypted packets with the 14 secondary PID are decrypted and then recombined with the data stream (e.g., by rernapping the packets to the primary PID) for decoding.
16 Using video is used as an example, each sample is known as a frame and the 17 sample rate is typically 30 frames per second. If the samples are encoded to fit into 18 3.8 Mbps, each frame would occupy 127K bits of bandwidth. This data is sliced for 19 MPEG transport into packets of 188 bytes with the first packets) of each frame containing the header used for instructions to process the body, of the frame data.
21 Dual encrypting just the first header packet (1504 additional bits) requires only 1.2%
22 (1504/127K) of additional bandwidth. For high definition (19 Mbps) streams the 23 percentage is even less.
24 As previously stated, transport stream packets containing a PES header are the preferred target for encryption according to the present embodiment. These 26 packets contain sequence headers, sequence extension headers, picture headers, 27 quantization and other decode tables that also fall within the same packet.
If these 28 packets cannot be decoded (i.e., by a hacker attempting to view unauthorized 29 programming without paying the subscription charges), not even small portions of the program can be viewed. In general, any attempt to tune to the program will likely Docket No.: SNY-84646.02 -32- PATENT
1 be met with a blank screen and no audio whatsoever since known decoder 2 integrated circuits use the PES header to sync up to an elementary stream such as 3 video and audio in real-time. By encrypting the APES header, the decoding engine 4 in an un-authorized set-top box cannot even get started. Post processing attacks,' e.g. on stored content, are thwarted by critical dynamically changing information in 6 the packet containing the PES header. Those skilled in the art will appreciate that 7 for implementation of this embodiment of the invention, other critical or important 8 packets or content elements may also be identified for encryption that could severely 9 inhibit unauthorized viewing without departing from the present invention.
For example, MPEG intra-coded or I frame picture packets could be encrypted to inhibit 11 viewing of the video portion of the program. Embodiments the present invention may 12 be used in any combination with other embodiments, e.g. scrambling the packet 13 containing the PES header as well as random, M~' and N, or data structure 14 encryption of the other packets. Critical packet encryption may be applied to video encryption, while a different method may be applied to audio. Audio could be dual 16 encrypted, for instance. Other variations within the scope of the present invention 17 will occur to those skilled in the art.
18 FIGURE 7 is a flow chart depicting an exemplary encoding process such .as 19 that which would be used at headend 322 of FIGURE 6. When a transport stream packet is received at 350, the packet is examined to determine if it meets a selection 21 criteria for encryption. In the preferred embodiment, this selection criteria is the 22 presence of a PES header as a portion of the packet payload. If not, the packet is 23 passed as a clear unencrypted packet (C) for insertion into the output data stream 24 at 354. If the packet meets the criteria, it is encrypted under CA
encryption system A at 358 to produce an encrypted packet EA. The packet is also duplicated and 26 encrypted under CA encryption system B at 362 to produce an encrypted packet.
27 This encrypted packet is mapped to a secondary PID at 366 to produce an 28 encrypted packet EB. Encrypted packets EA and EB are inserted into the output 29 data stream along with clear packets C at 354. Preferably, the EA and EB
packets are inserted at the location in the data stream where the single original packet was Docket No.: SNY-84646.02 -33- PATENT
1 obtained for encryption so that the sequencing of the data remains essentially the 2 same.
3 When the output data stream from 354 is received at an STB compliant with 4 CA encryption system B such as 336 of FIGURE 6, a process such as that of FIGURE 8 (which is similar to that of FIGURE 5) can be utilized to decrypt and 6 decode the program. When a packet is received having either the primary or the 7 secondary PID at 370, a determination is made as to whether the packet is clear (C) 8 or encrypted under system A (EA} at 370 or encrypted under system B (EB) at 374.
9 If the packet is clear, it is passed directly to the decoder 378. In some embodiments, the relative position of the primary packet, before or after, to the secondary packet 11 may be used to signal a primary packet for replacement in the stream. A
check of 12 the scrambling state of the primary packet is not specifically required. If the packet 13 is an EA packet, it is dropped at 380. If the packet is an EB packet, it is decrypted 14 at 384. At this point, the secondary PID packets and/or the primary PID
packets are remapped to the same PID at 388. The decrypted and clear packets are decoded 16 at 378.
17 The dual partial encryption arrangement described above can greatly reduce 18 the bandwidth requirements over that required for full dual carriage.
Encrypting the 19 PES header information can be effective in securing video and audio content, while allowing two or more CA systems to independently "co-exist" on the same cable 21 system. Legacy system A set-top boxes are un-affected, and system B set-top 22 boxes require only an minor hardware, firmware, or software enhancement to listen 23 for two PIDs each for video and audio. Each type of STB, legacy and non-legacy, 24 retains its intrinsic CA methodology. Headend modification is limited to selecting content for encryption, introducing the second encrypter, and providing a means to 26 mix the combination into a composite output stream.
27 In one embodiment, the headend equipment is configured to opportunistically 28 scramble as much of the content as the bandwidth will allow, and not just the critical 29 PES headers. These additional scrambled packets would be either in the PES
Docket No.: SNY-84646.02 -34- PATENT
( E
1 payload or other packets throughout the videolaudio frame to provide even further 2 security of the content.
Turning now to FIGURE 9, one embodiment of a system that minimizes 6 the need for any additional bandwidth is illustrated as system 400. In this 7 embodiment, the system takes advantage of the fact that system information (S1) 428 8 is required for a set-top box to tune programming. In a cable system, SI is sent in 9 the out-of-band, a frequency set aside from the normal viewing channels. It is possible to also sent it in-band. If sent in-band, the SI 428 is replicated and sent 11 with each stream. For discussion purposes, assume that the SI delivered to "legacy"
12 set-top boxes from previous manufacturers is separate from the SI delivered to set-13 tops from new manufacturers such as STB 436. Consequently, each version of the 14 SI can be independently scrambled as illustrated using conditional access system A 418 and conditional access system B 424. The clear video 404 and clear audio 16 406 are delivered in the clear, but in order to understand how to find them, the SI
17 information 428 is needed.
18 The SI delivers information about channel names and program guide 19 information such as program names and start times, etc. ... as well as the frequency tuning information for each channel. Digital channels are multiplexed.
together and 21 delivered at particular frequencies. In the embodiment of the invention, the SI
22 information is encrypted, and only made available to authorized set-top boxes. If the 23 SI information is not received to allow knowledge of the location of all the AIV
24 frequencies in the plant, then tuning cannot take place.
To frustrate a hacker who might program a set-top box to trial or scan 26 frequencies, the frequencies for the channels can be offset from the standard 27 frequencies. Also, the frequencies can be dynamically changed on a daily, weekly 28 or other periodic or random basis. A typical cable headend may have roughly 29 frequencies in use. Each frequency is typically chosen to avoid interference between, among other things, each other, terrestrial broadcast signals, and Docket No.: SNY-84646.02 -35- PATENT
l, 1 frequencies used by clocks of the receiving equipment. Each channel has at least 2 1 independent alternate frequency that if used would not could not cause 3 interference, or cause the frequency of adjoining channels to be changed.
The 4 actual possible frequency maps are therefore 23° or 1.07 x 109.
However, a hacker might simply quickly try both frequencies on each tune attempt for each of the 6 channels or so. If successful in locating a frequency with content, the hacker's set-7 top box can then parse the PSI 429 to learn about the individual PIDs that make up 8 a program. The hacker will have difficulty learning that "program 1" is "CNN", and 9 that °program 5" is "TNN", and so on. That information is sent with the SI, which as 'f 0 stated above is scrambled and otherwise unavailable to the un-authorized set-top 11 box. However, a persistent hacker might yet figure those out by selecting each one 12 and examining the content delivered. So in order to frustrate the identification of 13 channels, the assignment of a program within a single stream can move around, e.g.
14 program 2 and program 5 swapped in the example above so that "program 1" is "TNN" and "program 5" is "CNN". Also, it is possible to move programs to entirely 16 different streams with entirely new program groupings. A typical digital cable 17 headend can deliver 250 programs of content including music. Each can be 18 uniquely tuned. The possible combinations for re-ordering are 250!
(factorial).
19 Without a map of the content provided by either the delivered SI or by a hacker, the user is faced with randomly selecting each program in a stream to see if it is the one 21 interest.
22 Thus, at headend 422, the video signal 404 and the audio signal 406 are 23 provided in the clear (unencrypted) while the SI 428 is provided to multiple CA
24 systems for delivery over the cable network. Thus, in the exemplary system 400, clear SI 428 is provided to an encryption system 428 that encrypts SI data using 26 encryption system A. Simultaneously, clear SI 428 is provided to encryption system 27 424 that encrypts the SI data using encryption system B. Clear video and audio are 28 then multiplexed along with encrypted SI from 418 (S1 A) and encrypted audio from 29 424 (S1 B) out of band system information 428.
Docket No.: SNY-R464fi.02 -36- PATENT
1 After distribution through the cable system 32, the video, the audio, system 2 information A and system information B are all delivered to set-top boxes 36 and 3 436. At STB 36, the encrypted SI is decrypted at CA system A 40 to provide tuning 4 information to the set-top box. The set-top box tunes a particular program to allow it to be displayed on television set 44. Similarly, at STB 436, the encrypted SI is 6 decrypted at CA system B 440 to provide tuning information for the set-top box, allow 7 a particular program to be tuned and displayed on television set 444.
8 An advantage of this-approach is that no additional AIV bandwidth is required 9 in the content delivery system, e.g. cable system. Only the SI is dual carried. No special hardware is required. Any offset frequencies from the standard ones can be 11 easily accommodated by most tuners. S1 decryption can be performed in software 12 or can be aided by hardware. For example, legacy Motorola set-top boxes have an 13 ability to descramble the SI delivered in the Motorola out-of-band using a hardware 14 decrypter built into the decoder IC chip.
A determined hacker can potentially use a spectrum analyzer on the coax 16 cable to team where the AN channels are located. Also, it may be possible for the 17 hacker to program a set-top box to auto-scan the frequency band to learn where the 18 A/V channels are - a relatively slow process. If the A/V channel frequencies 19 changed dynamically, then that could foil the hackers, since they would need to be constantly analyzing or scanning the band. Also, the program numbers and assigned 21 PIDs can vary. However, dynamically changing frequencies, program numbers, and 22 PIDs might create operational difficulties to a service provider, e.g.
cable operator.
GENERALIZED REPRESENTATION
26 Each of the above techniques can be represented generically by the system 27 500 of FIGURE 10. This system 500 has a cable system headend 522 with clear 28 video 504, clear audio 506, Sl 528, and PSI 529 any of which can be selectively 29 switched through an intelligent processor controlled switch 518, which also serves to assign PIDs (in embodiments requiring PID assignment or reassignment), to Docket No.: SNY-84646.02 -37- PATENT
1 conditional access system A 504 or conditional access system B 524 or passed in 2 the clear to the cable system 32. As previously, the program or SI encrypted 3 according to the legacy CA system A can be properly decoded by STB 36. The CA
4 system B encrypted information is understood by STBs 536 and decrypted and decoded accordingly, as described previously.
8 The PID mapping concepts described above can be generally applied to the 9 dual partial encryption techniques described herein, where needed. At the cable headend, the general concept is that a data stream of packets is manipulated to 11 duplicate packets selected for encryption. Those packets are duplicated and 12 encrypted under two distinct encryption methods. The duplicated packets are 13 assigned separate PIDs (one of which matches the legacy CA PID used for clear 14 content) and reinserted in the location of the original selected packet in the data stream for transmission over the cable system. At the output of the cable system 16 headend, a stream of packets appears with the legacy encrypted packets and clear 17 packets having the same PID. A secondary PID identifies the packets that are 18 encrypted under the new encryption system. In addition to the PID remapping that 19 takes place at the headend, MPEG packets utilize a continuity counter to maintain the appropriate sequence of the packets. In order to assure proper decoding, this 21 continuity counter should be properly maintained during creation of the packetized 22 data stream at the headend. This is accomplished by assuring that packets with 23 each PID are assigned continuity counters sequentially in a normal manner.
Thus, 24 packets with the secondary PID will carry a separate continuity counter from those of the primary PID. This is illustrated below in simplified form where PID 025 is the 26 primary PID and PID 125 is the secondary PID, E represents an encrypted packet, 27 C represents a clear packet,. and the end number represents a continuity counter.
Docket No.: SNY-84646.02 -3$- PATENT
1 In this exemplary segment of packets, packets with PID 025 are seen to have 2 their own sequence of continuity counters (04, 05, 06, 07, 08, 09, ...).
Similarly, the 3 packets with secondary PID 125 also have their own sequence of continuity counters 4 (11, 12, ...).
At the STB, the PIDs can be manipulated in any number of ways to correctly 6 associate the encrypted packets with secondary PID with the correct program.
In 7 one implementation, the packet headers of an input stream segment illustrated 8 below:
025C04 025E05 125E11 025C06 025C07 ~ 025C08 I 025C09 I 025E10 I
12 are manipulated to create the following output stream segment:
14 125C04 025E11 125E05 125C06 125C07 125C08 125C09 ~ 125E10 1 16 The primary PIDs (025) in the input stream are replaced with the secondary PID
17 (125) for the clear packets (C). For the encrypted packets; the primary PID
and 18 secondary PID are retained, but the continuity counters are swapped. Thus, the 19 stream of packets can now be properly decrypted and decoded without errors caused by loss of continuity using the secondary PID. Other methods for 21 manipulation of the PIDs, e.g. mapping the PID (125) on the scrambled legacy 22 packet to a NOP PID (all ones) or other PID value not decoded, and the continuity 23 . counters can also be used in embodiments consistent with the present invention.
24 The primary and secondary PIDs are conveyed to the STBs in the program map table (PMT) transmitted as a part of the program system information (PSI) data 26 stream. The existence of a secondary PID can be established to be ignored by the 27 STB operating under CA encryption system A (the "legacy" system), but new STBs 28 operating under CA encryption system B are programmed to recognize that 29 secondary PIDs are used to convey the encrypted part of the program associated Docket No.: SNY-84646.02 -39- PATENT
1 with the primary PID. The set-top boxes are alerted to the fact that this encryption 2 scheme is being used by the presence of a CA descriptor in the elementary PID "for 3 loop" of the PMT. There typically would be a CA descriptor for the video elementary 4 PID "for loop", and another one in the audio elementary PID "for loop". The CA
descriptor uses a Private Data Byte to identify the CA PID as either the ECM
PID
6 or the secondary PID used for partial scrambling, thus setting up the STB
operating 7 under system B to lookfor both primary and secondary PIDs associated with a single 8 program. Since the PID field in the transport header is thirteen bits in length, there 9 are 2'3 or 8,192 PIDs available for use, any spare PIDs can be utilized for the secondary PIDs as required.
11 In addition to the assignment of a PID for each program component or 12 selected portion thereof, a new PID may be assigned to tag ECM data used in the 13 second encryption technique. Each PID number assigned can be noted as a user 14 defined stream type to prevent disrupting operation of a legacy STB. MPEG
defines a reserved block of such numbers for user defined data stream types.
16 While conceptually the PID mapping at the cable headend is a simple 17 operation, in practice the cable headend equipment is often already established and 18 is therefore modified to accomplish this task in a manner that is minimally disruptive 19 to the established cable system while being cost effective. Thus, the details of the actual implementation within the cable system headend are somewhat dependent 21 upon the actual legacy hardware present in the headend, examples of which are 22 described in greater detail below.
Headend IMPLEMENTATIONS
26 Those skilled in the art will appreciate that the above descriptions as related 27 to FIGURES 2, 3, 6, 9 and 10 are somewhat conceptual in nature and are used to .
28 explain the overall ideas and concepts associated with the various embodiments of 29 the present invention. In realizing a real world implementation of the present invention, those skilled in the art will recognize that a significant real world issue to Docket No.: SNY-84646.02 -40- PATENT
1 contend with is providing a cost effective implementation of the various partial 2 encryption methods within existing legacx headend equipment at established cable 3 providers. Taking two of the primary legacy cable_ systems as examples, the 4 following describes how the above techniques can be implemented at a cable headend.
6 First, consider a cable system headend using a Motorola brand conditional 7 access system. In such a system the modifications shown in FIGURE 11 can .be 8 done to provide a cost effective mechanism for partial dual encryption 9 implementation. In a typical Motorola system, a HITS (Headend In The Sky) or similar data feed is provided from a satellite. This feed provides aggregated 11 digitized content that is supplied to cable providers and is received by a receiver l 12 descrambler I scrambler system 604 such as the Motorola Integrated Receiver 13 Transcoder (18T) models IRT 1000 arid IRT 2000, and Motorola Modular Processing 14 System (MPS). A clear stream of digitized television data can be obtained from the satellite descrambler functional block 606 of the receiver / descrambler /
scrambler 16 604. This clear stream can be manipulated by a new functional block shown as 17 packet selector / duplicator 610. This new block 610 may be implemented as a 18 programmed processor or may be otherwise implemented in hardware, software or 19 a combination thereof.
Packet selector / duplicator 610 selects packets that are to be dual encrypted 21 under any of the above partial dual encryption methods. Those packets are then 22 duplicated with new PIDs so that they can be later identified for encryption. For 23 example, if packets at the input of 610 associated with a particular program have 24 PID A, then packet selector / duplicator 610 identifies packets to be encrypted and duplicates those packets and remaps them to PIDs B and C respectively, so that 26 they can be identified later for encryption under two different systems.
Preferably, 27 the duplicate packets are inserted into the data stream adjacent one another in the 28 location of the originally duplicated packet now with PID C so that they remain in the 29 same order originally presented (except that there are two packets where one previously resided in the data stream). Assume, for the moment, that the new CA
Docket No.: SNY-84646.02 -41- PATENT
1 system to be added is NDS encryption, In this case, PID A will represent clear 2 packets, PID B will represent NDS encrypted packets and PID C will represent 3 Motorola encrypted packets. The packets having PID B may be encrypted under the 4 NDS encryption at this point in 610 or may be encrypted later.
The packets with PIDs B and C are then returned to the system 604 where 6 packets with PID C are encrypted under Motorola encryption at cable scrambler 612 7 as instructed by the control system 614 associated with the Motorola equipment.
8 The output stream from cable scrambler 612 then proceeds to another new device -9 PID remapper and scrambler 620, which receives the output stream from 612 and now remaps the remaining packets with PID A to PID C and encrypts the PID B
11 packets under the NDS encryption algorithm under control of control system 624.
12 The output stream at 626 has clear unencrypted packets with PID C and selected 13 packets which have been duplicated and encrypted under the Motorola encryption 14 system with PID C along with encrypted packets under the NDS encryption system with PID B. This stream is then modulated (e.g., Quadrature Amplitude Modulated 16 and RF modulated) for distribution over the cable system. The preferred 17 embodiment maps the unencrypted packets on PID A to match the scrambled 18 packets on PID C because the audio and video PIDs called out in legacy program 19 specific information (PSI) is correct that way. The control computer, the scrambler, and legacy set-top boxes only know about PID C. Alternatively, the scrambled 21 packets on PID C could be mapped back to PID A, but this would likely mean editing 22 the PSI, that was automatically generated, to map the PID numbers from PID
C back 23 to PID A in the PID remapper and scrambler 620.
24 In the above example, the PID remapper and scrambler620 may also be used to demultiplex PSI information, modify it to reflect the addition of the NDS
encryption 26 (through the use of CA descriptors in the PMT) and multiplex the modified PSI
27 information back into the data stream. The ECMs to support NDS encryption may 28 also be inserted into the data stream at PID remapper and scrambler 620 (or could 29 be inserted by packet selector / duplicator 610).
Docket No.: SNY-84646.02 -42- PATENT
(.
1 Thus, in order to add NDS encryption (or another encryption system) to a 2 cable system headend using Motorola equipment, packets are duplicated and PIDs 3 are remapped in the data stream from the satellite descrambler. The remapped 4 PIDs are then used to identify packets that are to be scrambled under each CA
system. Once the legacy system encryption has taken place, the clear PID is then 6 remapped so that both clear and encrypted packets in the legacy system share the 7 same PID (or PIDs). PID remapping as in 620 and packet selection and duplication 8 as in 610 can be implemented using a programmed processor or using custom or 9 semi-custom integrated circuitry such as an application specific integrated circuit or a programmable logic device or field programmable gate array. Other 11 implementations are also possible without departing from the present invention.
12 FIGURE 12 depicts a similar equipment configuration such as that used in 13 implementing the partial dual encryption of the present, invention in a Scientific 14 Atlanta based cable headend. In this embodiment, the HITS feed or similar is received at IRD 704 which incorporates a satellite descrambler 706. This may be 16 a Motorola IRT or MPS with only the satellite descrambler function enabled.
The 17 output of the satellite descrambler 706 again provides a clear data stream that can 18 be manipulated by a new packet selector l duplicator 710 which selects packets to 19 be encrypted, duplicates them and maps the PIDs of the duplicate packets to new PIDs. Again, for example, packets to remain in the clear are assigned PID A, 21 packets to be encrypted under the new system (e.g., NDS) are assigned PID B
and 22 packets to be encrypted under the Scientific Atlanta encryption system are assigned 23 PID C. The packets with PID B may be encrypted at this point under the NDS
24 encryption system.
The stream of packets is then sent to a multiplexes 712 (e.g., a Scientific 26 Atlanta multiplexes) where the packets having PID C are encrypted under the 27 Scientific Atlanta encryption system at 714 under control of control system 28 associated with multiplexes 712. The stream of data is then supplied internal to 29 multiplexes 712 to a QAM modulator 720. In order to properly remap the,packets, the QAM modulated signal at the output of multiplexes 712 is provided to a new Docket No.: SNY-84646.02 -43- PATENT
1 processor system 724 where the QAM modulated signal is demodulated at a QAM
2 demodulator 730 and the clear PID A packets are remapped to PID C at PID
3 remapper 734 under control of a control system 738. Encryption under the NDS
4 encryption algorithm can also be carried out here rather than in 710. The data stream with remapped PIDs and dual partial encryption is then QAM and RF
6 modulated at 742 for distribution over the cable system.
7 In the above example, the PID remapper and scrambler 734 may also be used 8 to demultiplex PSI information, modify it to reflect the addition of the NDS
encryption 9 (adding the CA descriptors to the PMT) and multiplex the modified PSI
information back into the data stream. The ECMs to support NDS encryption may also be 11 inserted into the data stream at PID remapper and scrambler 734 (or could be 12 inserted by packet selector I duplicator 710). PID remapping and or scrambling as 13 in 734 along with QAM demodulation and QAM modulation as in 730 and 742 14 respectively, and packet selection and duplication as in 710 can be implemented using a programmed processor or using custom or semi-custom integrated circuitry 16 such as an application specific integrated circuit or a programmable logic device or 17 field programmable gate array. Other implementations are also possible without 18 departing from the present.invention.
19 The above embodiments of the present invention allow legacy scrambling equipment to scramble only the packets desired in an elementary stream instead of 21 the entire elementary stream. The scrambling of certain packets of an elementary 22 stream is accomplished by using a PID. number for packets that are not going to be 23 scrambled, e.g., PID A. Packets that will be scrambled will be placed on PID C. The 24 scrambling equipment will scramble the packets on PID C (the ones that have been selected for scrambling). After the scrambling has taken place, the unscrambled 26 packets have the PID number mapped to the same as the scrambled packet -PID
27 A becomes PID C. The legacy set-top boxes will receive an elementary stream with 28 both scrambled and un-scrambled packets.
29 The packets in these embodiments are handled as a stream. The entire stream is sent to the legacy scrambling equipment for scrambling. This keeps all of Docket No.: SNY-84646.02 -44- PATENT
1 the packets in exact time synchronous order. If packets were extracted from a 2 stream and sent to the legacy scrambling equipment, time fitter might be introduced.
3 The present embodiment avoids that problem by keeping all the packets in a stream.
4 The embodiment does not require cooperation from the legacy scrambling equipment provider because that equipment is not involved in the remapping of 6 packets- from PID A to PID C. This remapping is preferable because the PID
called 7 out by the PSf generated by the legacy scrambling system does not need to change.
8 The legacy system knows about PID C, but not PID A. The entire elementary stream 9 to be scrambled by the legacy scrambling equipment is found on a single PID
that the scrambling system has been instructed to scramble.
11 In the above examples, the use of NDS as the second encryption system 12 should not be considered limiting. Moreover, although two widely used systems -13 Motorola and Scientific Atlanta have been depicted by way of example, .similar 14 modifications to legacy systems to permit PID remapping and dual~partial encryption can be used. In general, the technique described above involves the process 16 generally described as 800 in FIGURE 13. A feed is received at 806 which is 17 descrambled as it is received at 810 to produce a clear data stream of packets. At 18 814, packets are selected according to the desired partial dual encryption technique 19 (e.g., audio only, packets containing PES header, etc.). At 818, the selected packets are duplicated and the duplicate pairs are remapped to two new PIDs (e.g., 21 P1D B and PID C). The duplicated packets are then encrypted based upon PID
(that 22 is, PID C is encrypted according to legacy encryption and PID B is encrypted 23 according to the new encryption system) at 822. The clear packets (e.g., PID A) are 24 then remapped to the same PID as the legacy encrypted PID (PID C) at 826.
The order in which some of the elements of the process of FIGURE 13 are 26 carried out can vary according to the particular legacy system being modified to 27 accommodate the particular dual-encryption arrangement being used. For example, 28 encryption under a new encryption system can be carried out either at the time of 29 duplication or later at the time of remapping the legacy packets, as illustrated in FIGURE 11 and 12. Additionally, various demodulation and re-modulation Docket No.: SNY-84848.02 -45- PATENT
1 operations can be carried out as needed to accommodate the particular legacy 2 system at hand (not shown in FIGURE 13).
Several set-top box implementations are possible within the scope of the 6 present invention. The method used at the headend to select packets for encryption 7 is irrelevant to the STB.
8 One such implementation is illustrated in FIGURE 14. In this embodiment, 9 packets from a tuner and demodulator 904 are provided to a decoder circuit 908's demultiplexer 910. The packets are buffered into a memory 912 (e.g., using a 11 unified memory architecture) and processed by the STB's main CPU 916 using 12 software stored in ROM memory 920.
13 Selected PIDs can be stripped from the incoming transport via the STB's PID
14 filter, decrypted and buffered in SDRAM, similar to the initial processing required in preparation for transfer to an HDD in a PVR application. The host CPU 916 can then 16 "manually" filter the buffered data in SDRAM for elimination of the packets 17 containing unneeded PIDs. There are some obvious side effects to this process.
18 The host overhead is estimated to be about 1 % of the bandwidth of the CPU.
19 In the worst case, this is equivalent to 40K byteslSecond for a 15 Mbit/S
video stream. This reduction is possible since at most only 4 bytes of each packet is 21 evaluated and the location is on 188 byte intervals so the intervening data does not 22 have to be considered. Each packet header in SDRAM can therefore be directly 23 accessed through simple memory pointer manipulation. Additionally, Packets are 24 cached in blocks and evaluated en masse to reduce task switching of the host. This would eliminate an interrupt to other tasks upon the reception of each new packet.
26 This may produce a increased latency for starting decode of a stream upon channel 27 change to allow time for cache fill. This may be negligible depending upon the 28 allocated SDRAM cache buffer size.
29 The host filtered packets in the SDRAM buffer are then transferred to the A/V
Queue through existing hardware DMA processes and mimics a PVR
Docket No.: SNY-84646.02 -46- PATENT
t 1 implementation. The filtered packets are then provided to the decoder 922 for 2 decoding.
3 A second technique for implementation in a set-top box is illustrated in 4 FIGURE 15. Since RISC processor AIV decoder module in 930 processes the partial transport PIDs and strips/concatenates for decode, the firmware within 6 decoder IC 930 'can be altered to exclude individual packets in a partial transport 7 stream based upon criteria in each packet header. Alternatively, the demultiplexer 8 910 can be designed to exclude the packets. Legacy scrambled packets) pass 9 through the CA module still encrypted. By using the decoder IC 930 to perform the removal of the legacy scrambled packets and assuming that the packets encrypted 11 under the new encryption algorithm (e.g., NDS) is immediately adjacent the legacy 12 encrypted packet (or at least prior to next primary stream video packet) then the 13 pruning of the legacy packet in effect accomplishes the merging of a single, clear 14 stream into the header strip and video queue.
A third technique for implementation of partial decryption in a set-top box is 16 illustrated in FIGURE 16. In this embodiment, the PID remapping is carried out 17 either within a circuit such as an ASIC, Field Programmable Gate Array (FPGA), or 18 a programmable logic device (PLD) 938 or other custom designed circuit placed 19 between the tuner and demodulator 904 and the decoder IC 908. In a variation of this embodiment, the decoder IC 908 can be modified to implement the PID
21 remapping within demultiplexer 940. In either case, the legacy encrypted packets 22 are dropped and the non-legacy packets re-mapped either in circuit 938 or 23 demultiplexer 940.
24 This third technique can be implemented in one embodiment using the PLD
depicted in FIGURE 17. This implementation assumes that there will be not be more 26 than one encrypted packet of a particular PID appearing in a row, thus, the 27 implementation could be modified to accommodate bursts of encrypted packets such 28 as with the M and N~' encryption arrangement described above (as will be explained 29 later). The input stream passes through a PID identifier 950 which serves to demultiplex the input stream based upon PID. Primary PID packets are checked for Docket No.: SNY-84646.02 -47- PATENT
1 continuity at 958. If a continuity error is detected, the error is noted and the counter 2 is reset at 960.
3 The original input packet stream contains packets tagged with many PIDs.
4 The PID identifier 950 separates packets with the two PIDs of interest (primary and secondary PIDs) from all other packets. This capability can be scaled to process 6 multiple PID pairs. These other packets are bypassed directly to the revised output 7 stream. This processing results in a three or four byte clocking delay.
8 Packets with the secondary PID are routed by the PID identifier 950 to a 9 continuity count checker 954 which verifies sequence integrity for this PID.
Any errors are noted at 956, but specific handling of errors is not relevant to 11 understanding the present invention. The packet's continuity value is preserved for 12 use in checking the sequence of packets to follow. A corresponding continuity check 13 958 is done for packets with the primary PID using the independent primary counter, 14 and again any errors are noted at 960.
The secondary packet is checked for a secondary flag at 962. This Boolean 16 indicator is used to remember if a secondary packet has been processed since the 17 last clear packet. More than one secondary packet between clear packets is an 18 error in this embodiment and is noted at 964. Presence of a secondary packet is 19 remembered by setting the secondary flag at 966.
The continuity counter of the secondary packet is changed at 968 to fit into 21 the sequence of the clear packets. Data for this substitution comes from the value 22 used to verify continuity of the primary stream at 958. The revised packet is sent out 23 from 968 and merged into the revised stream forming the output stream.
24 After packets with primary PIDs have had their continuity checked at 958, they are differentiated at 970 by the scrambling flags in the header. If the packet is 26 scrambled, the primary flag is queried at 974. This primary flag Boolean indicator 27 is used to remember if a primary encrypted packet has been processed since the 28 last clear packet. More than one encrypted primary packet between clear packets 29 is an error in this embodiment and is noted at 976 before the packet is discarded at 978. Presence of a encrypted primary packet is remembered by setting the primary Docket No.: SNY-84648.02 -48- PATENT
1 flag at 980. If there is no downstream consumer for the primary encrypted packet, 2 it can be discarded at 978. In some cases it may be necessary for the packet to 3 continue on (in which case its continuity counter can use the discarded secondary 4 continuity value).
If the primary PID scramble test at 970 detects a clear packet, the state of the 6 secondary and primary flags is tested at 984. Valid conditions are neither set and 7 both set, since encrypted packets should come in matched pairs. A sequence of one 8 without the other should be noted as an error at 988. However, the order of 9 appearance is inconsequential in this embodiment. It should be noted that there may be other ways to flag a primary packet for deletion other than the scrambling 11 bits in the transport header, e.g. the transport_priority bit. Also, it is possible not to 12 use any bits what-so-ever, e.g. using the primary packet's simple positional 13 information, before or after the secondary packet, as an indicator for replacement.
14 Clear packets with the primary PID then have their PID value changed at 992 to the secondary PID before being output in the revised output stream.
Alternatively, 16 the secondary PID packets can be remapped to the primary PID value. The content 17 can be decoded when the decoder is provided with the correct PID for decoding the 18 content (whether the primary or secondary PID). Presence of a clear packet also 19 clears the primary and secondary Boolean flags.
In all the embodiments proposed, the secondary packet can be inserted 21 adjoining the primary packet to be replaced even when a series of primary packets 22 are tagged for replacement. However, in some instances, it may facilitate headend 23 partial scrambling if multiple encrypted packets can be inserted into the stream 24 without the intervening secondary packets. In order to accommodate multiple consecutive encrypted packets (such as with the M~" and N partial encryption 26 method), the use of primary and secondary flags can be replaced with a counter 27 matching test function. Thus, in place of elements 962, 964 and 966, a secondary 28 encrypted packet counter can be incremented. In place of elements 970, 974, 29 and 980, a primary encrypted packet counter can be incremented. Element 984 can be replaced with a comparison of the primary and secondary encrypted packet Docket No.: SNY-84646.02 -49- PATENT
1 counters to assure that the same number of encrypted packets are received in both 2 the primary and secondary paths. Instead of clearing flags at 992, the counters are 3 cleared. Using this variation, multiple encrypted packets may be consecutively 4 received and the number received are compared to monitor the integrity of the data stream. Other variations will occur to those skilled in the art.
6 The function described above in connection with FIGURE 17 can be 7 integrated into an A/V decoder chip that functions similar to that of the commercially 8 available Broadcom series 70xx or 71 xx decoder used in commercial set-top boxes.
9 FIGURE 18 illustrates a block diagram for such a decoder chip where the functions already provided in the commercial chip are essentially unchanged. Normally, 11 commercial decoder chips expect there to be a one-to-one correspondence between 12 the PIDs and program components (e.g., audio or video).
13 The decoder illustrated in FIGURE 18 permits multiple PIDs to be 14 programmed into the decoder via a connection to the STB central processor so that both primary and secondary PIDs can be handled for main audio, main video and 16 a secondary video used for picture-in-picture (PiP) functions. In this embodiment, 17 the raw data stream is received- by a Packet sorter 1002 that provides a function 18 similar to that described in connection with FIGURE 1T above to demultiplex the 19 stream of packets based upon PID. Preferably, the decoder of FIGURE.18 carries out the PID sorting function of 1002 using hard wired logic circuitry rather than 21 programmed software. Program guide and stream navigation information is output 22 for use by an STB's main processor, for example. The packets associated with the 23 main audio program are buffered in a FIFO 1006, decrypted in a decrypter 1010 and 24 then buffered at 1014 for retrieval by an MPEG audio decoder 1018 as needed.
Decoded MPEG audio is then provided as an output from the decoder.
26 In a similar manner, packets associated with the main video program are 27 buffered. in a FIFO 1024, decrypted in a decrypter 1028 and then buffered at 102 28 for retrieval by an MPEG video decoder 1036 as needed. Decoded MPEG video for 29 the main channel is then provided to a compositer 1040 and then provided as an output from the decoder. Similarly, packets associated with picture-in-picture video Docket No.: SNY-84646.02 -50- PATENT
1 are buffered in a FIFO 1044, decrypted in a decrypter 1048 and then buffered at 2 1052 for retrieval by an MPEG video decoder 1056 as needed. Decoded MPEG
3 video for the picture-in-picture channel is then provided to the composites 4 where it is combined with the main channel video and then provided as a decoded video output from the decoder. Other packets not associated with the main or 6 picture-in-picture channel are discarded. Of course, other functions may be 7 incorporated in the decoder chip or deleted without departing from embodiments of 8 the present invention.
CONCLUSION
11 As previously mentioned, in order to thwart a persistent threat by hackers, 12 several of the above partial encryption arrangements can be combined to further 13 enhance security. For example, the critical packet encryption can be used in any 14 combination with SI encryption, M~' an N, random encryption, time slice and other techniques to further enhance security. In one embodiment, as many packets would 16 be encrypted as bandwidth is available. The amount of encryption might depend on 17 whether the content was a regular program or premium (such as a pay-per-view or 18 VOD), whether it was an adult program or a regular movie, and the security level that 19 the various cable operators feel comfortable operating. Those skilled in the art will appreciate that many other combinations are possible to further enhance the 21 security of the encryption without departing from the present invention.
22 The present invention, as described above in its various embodiments, has 23 been described in terms of a digital AIV system using MPEG 2 coding. Thus, the 24 various packet names and protocol specifically discussed is related the coding and decoding. However, those skilled in the art will appreciate that the 26 concepts disclosed and claimed herein are not to be construed in such a limited 27 scope. The same or analogous techniques can be used in any digital cable system 28 without limitation to MPEG 2 protocols. Moreover, the present techniques can be 29 used in any other suitable content delivery scenario including, but not limited to, terrestrial broadcast based content delivery systems, Internet based content Docket No.: SNY-84646.02 -51- PATENT
1 delivery, satellite based content delivery systems such as, for example, the Digital 2 Satellite Service (DSS) such as that used in the DirecTVT"" system, as well as 3 package media (e.g. CDs and DVDs). These various alternatives are considered 4 equivalent for purposes of this document, and the exemplary MPEG 2 cable embodirnent should be considered to be an exemplary embodiment presented for 6 illustrative purposes.
7 In addition, the present invention has been described in terms of decoding 8 partially encrypted television programs using a television set-top box.
However, the 9 present decoding mechanism can equally be implemented within a television.
receiver without need for an STB, or music player such as an MP3 player. Such 11 embodiments are considered equivalent.
12 Also, while the present invention has been described in terms of the use of 13 the encryption techniques described to provide a mechanism for dual partial 14 encryption of a television program, .these partial encryption techniques could be used as a single encryption technique orfor multiple encryption under more than two 16 encryption systems without limitation. More than two encryption systems would be 17 accommodated with additional duplicated packets that are encrypted.
Alternatively, 18 the encryption key for one of the duplicated packets may be shared amongst the 19 multiple encryption systems. Additionally, although specifically disclosed for the purpose of encryption of television programming, the present inventions can be 21 utilized for single or dual encryption of other content including, but not limited to 22 content for download over the Internet or other network, music content, packaged 23 media content as well as other types of information content. Such content may be 24 played on any number of playback devices including but not limited to personal digital assistants (PDAs), personal computers, personal music players, audio 26 systems, audio I video systems, etc. without departing from the present invention.
27 Those skilled in the art will recognize that the present invention has been 28 described in terms of exemplary embodiments that can be realized by use of a 29 programmed processor. However, the invention should not be so limited, since the present invention could be implemented using hardware component equivalents Docket No.: SNY-84646.02 -52- PATENT
,. . CA 02405902 2002-10-O1 1- such as special purpose hardware and/or dedicated processors which are 2 equivalents to the invention as described and claimed. Similarly, general purpose 3 computers, microprocessor based computers, micro-controllers, optical computers, 4 analog computers, dedicated processors andlor dedicated hard wired logic may be used to construct alternative equivalent embodiments of the present invention.
6 Those skilled in the art will appreciate that the program steps and associated 7 data used to implement the embodiments described above can be implemented 8 using disc storage as well as other farms of storage such as for example Read Only 9 Memory (ROM) devices, Random Access Memory (RAM) devices; optical storage elements, magnetic storage elements, magneto-optical storage elements, flash 11 memory, core memory and/or other equivalent storage technologies without 12 departing from the present invention. Such alternative storage devices should be 13 considered equivalents.
14 The present invention, as described in embodiments herein, can be implemented using a programmed processor executing programming instructions 16 that are broadly described above in flow chart form that can be stored on any 17 suitable electronic storage medium or transmitted over any suitable electronic 18 communication medium. However, those skilled in the art will appreciate that the 19 processes described above can be implemented in any nuri~ber of variations and in many suitable programming languages without departing from the present invention.
21 For example, the order of certain operations carried out can often be varied, 22 additional operations can be added or operations can be deleted without departing 23 from the invention. Error trapping can be added andlor enhanced and variations can 24 be made in user interface and information presentation without departing from the present invention. Such variations are contemplated and 26 considered equivalent. .
27 While the invention has been described in conjunction with specific 28 embodiments, it is evident that many alternatives, modifications, permutations and 29 variations will become apparent to those skilled in the art in light of the foregoing description. Accordingly, it is intended that the present invention embrace all such Docket No.: SNY-84646.02 -53- PATENT
alternatives, modifications and variations as fall within the scope of the appended 2 claims.
Docket No.: SNY-84646.02 -54- PATENT
Claims (110)
1. A method of encrypting an unencrypted television program, comprising:
sampling the unencrypted television program at a specified time interval;
for each sample:
encrypting the sample according to a first encryption method to create a.first encrypted sample; and encrypting the sample according to a second encryption method to create a second encrypted sample.
sampling the unencrypted television program at a specified time interval;
for each sample:
encrypting the sample according to a first encryption method to create a.first encrypted sample; and encrypting the sample according to a second encryption method to create a second encrypted sample.
2. The method according to claim 1, further comprising, combining the first and second encrypted samples with unsampled portions of the unencrypted television program to produce partially dual encrypted television programs.
3. The method according to claim 2, further comprising distributing the partially dual encrypted television program over a communication medium.
4. The method according to claim 2, further comprising assigning a of plurality primary packet identifiers (PID) to data packets containing unencrypted portions of the television program, the primary packet identifiers associating the unencrypted portion with the television program.
5. The method according to claim 2, further comprising assigning a plurality of primary packet identifiers (PID) to data packets containing first encrypted samples of the television program, the primary packet identifiers associating the first encrypted samples with the television program.
6. The method according to claim 2, further comprising assigning a plurality of secondary packet identifiers (PID) to data packets containing second encrypted samples of the television program, the secondary packet identifiers associating the second encrypted samples with the television program.
7. The method according to claim 2, further comprising:
assigning a plurality of primary packet identifiers (PID) to data packets containing unencrypted portions of the television program, the primary packet identifiers associating the unencrypted portions with the television program;
assigning the plurality of primary packet identifiers to data packets containing first encrypted samples of the television program, the primary packet identifiers associating the first encrypted samples with the television program; and assigning a plurality of secondary packet identifiers to data packets containing second encrypted samples of the television program, the secondary packet identifiers associating the second encrypted samples with the television program.
assigning a plurality of primary packet identifiers (PID) to data packets containing unencrypted portions of the television program, the primary packet identifiers associating the unencrypted portions with the television program;
assigning the plurality of primary packet identifiers to data packets containing first encrypted samples of the television program, the primary packet identifiers associating the first encrypted samples with the television program; and assigning a plurality of secondary packet identifiers to data packets containing second encrypted samples of the television program, the secondary packet identifiers associating the second encrypted samples with the television program.
8. The method according to claim 7, further comprising transmitting system information to identify the primary and secondary PID associated with the television program.
9. The method according to claim 1, wherein the sample comprises a data associated with a frame of video.
10. The method according to claim 1, wherein the sample comprises at least one packet of data.
11. The method according to claim 1, wherein the specified time interval comprises a randomly occurring time interval.
12. The method according to claim 1, further comprising distributing at least one of the first and second encrypted samples separately from unsampled portions of the unencrypted television program.
13. An electronic storage medium storing instructions which, when executed on a programmed processor, carry out the method according to claim 1.
14. An electronic transmission medium carrying an encrypted television signal encrypted by the method according to claim 1.
15. An encrypted television signal, comprising:
a first encrypted sample of the television signal, the first encrypted sample comprising a first sample encrypted under a first encryption method;
a second encrypted sample of the television signal, the second encrypted sample comprising the first sample encrypted under a second encryption method;
and an unencrypted portion.
a first encrypted sample of the television signal, the first encrypted sample comprising a first sample encrypted under a first encryption method;
a second encrypted sample of the television signal, the second encrypted sample comprising the first sample encrypted under a second encryption method;
and an unencrypted portion.
16. The encrypted television signal according to claim 13, wherein the_television signal comprises a digital television signal, and wherein the first encrypted samples and second encrypted samples comprise first encrypted packets and second encrypted packets, and the unencrypted portion comprises unencrypted packets.
17. The encrypted television signal according to claim 16, wherein the digital television signal complies with an MPEG standard, and wherein the first encrypted packets are identified by a first packet identifier, and wherein the second encrypted packets are identified by a second packet identifier.
18. The encrypted television signal according to claim 14, wherein the digital television signal complies with an MPEG standard, and wherein the unencrypted packets are identified by a first packet identifier, and wherein the first encrypted packets are identified by the first packet identifier, and wherein the second encrypted packets are identified by a second packet identifier.
19. A method of encrypting an unencrypted television program, comprising:
sampling the unencrypted television program at a specified time interval; and for each sample, encrypting the sample according to a first encryption method to create a first encrypted sample for the television program.
sampling the unencrypted television program at a specified time interval; and for each sample, encrypting the sample according to a first encryption method to create a first encrypted sample for the television program.
20. The method according to claim 19, further comprising, combining the first encrypted samples with the unsampled portions of the unencrypted television program to produce a partially encrypted television program.
21. The method according to claim 20, further comprising distributing the partially encrypted television program over a cable television system.
22. The method according to claim 20, further comprising assigning a packet identifier (PID) to data packets containing unencrypted portions of the television program, the packet identifier associating the unencrypted portion with a particular television program.
23. The method according to claim 20, further comprising assigning a packet identifier (PID) to data packets containing first encrypted samples of the television program, the packet identifier associating the first encrypted samples with a particular television program.
24. The method according to claim 20, further comprising assigning a secondary packet identifier (PID) to data packets containing first encrypted sample of the television program, the secondary packet identifier associating the first.
encrypted samples with a particular television program.
encrypted samples with a particular television program.
25. The method according to claim 20, further comprising assigning a packet identifier (PID) to data packets containing first encrypted samples and unencrypted portions of the television program, the packet identifier associating the first encrypted samples and the unencrypted portions with a particular television program.
26. The method according to claim 20, further comprising assigning a primary packet identifier (PID) to data packets containing unencrypted portions of the television program, the packet identifier associating the unencrypted portions with a particular television program; and assigning a secondary packet identifier (PID) to data packets containing encrypted samples of the television program, the secondary packet identifier associating the encrypted samples with the particular television program
27. The method according to claim 20, wherein the sample comprises a data associated with a frame of video.
28. The method according to claim 19, wherein the sample comprises at least one packet of data.
29. An electronic storage medium storing instructions which, when executed on a programmed processor, carry out the method according to claim 19.
30. An electronic transmission medium carrying an encrypted television program encrypted by the method according to claim 19.
31. A method of encrypting an unencrypted television program; comprising:
encrypting N periods out of every M periods of the television program according to a first encryption method, where M is greater than N; and encrypting the N periods of the television program according to a second encryption method.
encrypting N periods out of every M periods of the television program according to a first encryption method, where M is greater than N; and encrypting the N periods of the television program according to a second encryption method.
32. The method according to claim 31, further comprising, combining the first and second encrypted periods with unencrypted periods to produce a partially dual encrypted television program.
33. The method according to claim 32, further comprising distributing the partially dual encrypted television program over a cable television system.
34. The method according to claim 32, further comprising assigning a primary packet identifier (PID) to unencrypted periods of the television program.
35. The method according to claim 32, further comprising assigning a primary packet identifier (PID) to periods encrypted under the first encryption method.
36. The method according to claim 32, further comprising assigning a secondary packet identifier (PID) to periods encrypted under the second encryption method.
37. The method according to claim 32, further comprising:
assigning a primary packet identifier (PID) to unencrypted periods of the television program;
assigning a primary packet identifier (PID) to periods encrypted under the first encryption method; and assigning a secondary packet identifier (PID) to periods encrypted under the second encryption method.
assigning a primary packet identifier (PID) to unencrypted periods of the television program;
assigning a primary packet identifier (PID) to periods encrypted under the first encryption method; and assigning a secondary packet identifier (PID) to periods encrypted under the second encryption method.
38. The method according to claim 37, further comprising transmitting system information to identify the primary and secondary PID associated with the television program.
39. The method according to claim 32, wherein the period comprises data associated with a frame of video.
40. The method according to claim 32, wherein the period comprises at least one packet of data.
41. The method according to claim 31, wherein the N periods and M periods are selected randomly.
42. An electronic storage medium storing instructions which, when executed on a programmed processor, carry out the method according to claim 32.
43. An electronic transmission medium carrying an encrypted television program encrypted by the method according to claim 32.
44. A partially encrypted television signal, comprising:
a first portion of the television signal, the portion being encrypted under a first encryption method and under a second encryption method; and an unencrypted portion, wherein for every M periods of the television signal, N periods are encrypted.
a first portion of the television signal, the portion being encrypted under a first encryption method and under a second encryption method; and an unencrypted portion, wherein for every M periods of the television signal, N periods are encrypted.
45. The partially encrypted television signal according to claim 44, wherein the television signal is a digital television signal, and wherein the period comprises a packet.
46. The partially encrypted television signal according to claim 44, wherein the period comprises a video frame.
47. The partially encrypted television signal according to claim 44, wherein the digital television signal complies with an MPEG standard, and wherein the first encrypted portion is identified by a first packet identifier, and wherein the second encrypted portion is identified by a second packet identifier.
48. The partially encrypted television signal according to claim 44, wherein the digital television signal complies with an MPEG standard, and wherein the unencrypted portion is identified by a first packet identifier, and wherein the encrypted portion encrypted under the first encryption method is identified by the first packet identifier, and wherein the encrypted portion encrypted under the second encryption method is identified by a second packet identifier.
49. A method of encrypting an unencrypted television program, comprising:
encrypting N portions of the television program out of every M portions of the television program according to a first encryption method; and leaving a remainder of the television program unencrypted, wherein the combination of the encrypted portion and the remainder comprises a partially encrypted television program.
encrypting N portions of the television program out of every M portions of the television program according to a first encryption method; and leaving a remainder of the television program unencrypted, wherein the combination of the encrypted portion and the remainder comprises a partially encrypted television program.
50. The method according to claim 49, further comprising distributing the partially encrypted television program over one of the following: a terrestrial broadcast system, a cable television system and a satellite television system.
51. The method according to claim 49, further comprising assigning a packet identifier (PID) to data packets containing the encrypted portions and the remainder of the television program, the packet identifier associating the encrypted portion and the remainder with the television program.
52. The method according to claim 49, further comprising assigning a primary packet identifier (PID) to data packets containing the encrypted portions and the remainder of the television program, the packet identifier associating the encrypted portion and the remainder with the television program; and assigning a secondary packet identifier (PID) to data packets containing the encrypted portions of each television program, the secondary packet identifier associating the first encrypted samples with the television program.
53. The method according to claim 49, wherein the N portions comprise N frames of video.
54. An electronic storage medium storing instructions which, when executed on a programmed processor, carry out the method according to claim 49.
55. An electronic transmission medium carrying an encrypted television program encrypted by the method according to claim 49.
56. A method of processing a television signal, comprising:
receiving a television signal comprising:
a first encrypted sample of the television program, the sample being encrypted under a first encryption method, a second encrypted sample of the television program, the sample being encrypted under a second encryption method, and an unencrypted portion; and decrypting the first encrypted sample to produce a decrypted sample.
receiving a television signal comprising:
a first encrypted sample of the television program, the sample being encrypted under a first encryption method, a second encrypted sample of the television program, the sample being encrypted under a second encryption method, and an unencrypted portion; and decrypting the first encrypted sample to produce a decrypted sample.
57. The method according to claim 56, further comprising decoding the unencrypted portion and the decrypted sample.
58. The method according to claim 56, wherein the television signal is a digital television signal, and wherein the first encrypted samples and second encrypted samples comprise first encrypted packets and second encrypted packets, and the unencrypted portion comprises unencrypted packets.
59. The method according to claim 58, wherein the digital television signal complies with an MPEG standard, and wherein the first encrypted packets are identified by a first packet identifier, and wherein the second encrypted packets are identified by a second packet identifier.
60. The method according to claim 59, wherein the digital television signal complies with an MPEG standard, and wherein the unencrypted packets are identified by a first packet identifier, and wherein the first encrypted packets are identified by the first packet identifier, and wherein the second encrypted packets are identified by a second packet identifier.
61. The method according to claim 56, carried out in a television device.
62. The method according to claim 56, carried out in a television set-top box.
63. The method according to claim 56, carried out in an integrated circuit.
64. The method according to claim 56, carried out in one of an application specific integrated circuit and a field programmable gate array.
65. A method of processing digital content, comprising:
receiving a signal containing the digital content, the digital content comprising:
a first encrypted sample the digital content, the sample being encrypted under a first encryption method, a second encrypted sample of the digital content, the sample being encrypted under a second encryption method, and an unencrypted portion; and decrypting the first encrypted sample to produce a decrypted sample.
receiving a signal containing the digital content, the digital content comprising:
a first encrypted sample the digital content, the sample being encrypted under a first encryption method, a second encrypted sample of the digital content, the sample being encrypted under a second encryption method, and an unencrypted portion; and decrypting the first encrypted sample to produce a decrypted sample.
66. The method according to claim 65, further comprising decoding the unencrypted portion and the decrypted sample.
67. The method according to claim 65, carried out in an integrated circuit.
68. The method according to claim 65, carried out in one of a television device, a content player, a PDA and a music player.
69. A method of decoding a television program, comprising:
receiving a television signal having N periods out of every M periods of the television program encrypted according to a first encryption method, where M
is greater than N, and wherein the same N periods of the television program encrypted according to a second encryption method, wherein M-N periods are unencrypted;
decrypting the N periods according to a first decryption method to produce decrypted periods;
discarding the N periods encrypted according to the second encryption method; and decoding the decrypted periods and the unencrypted periods.
receiving a television signal having N periods out of every M periods of the television program encrypted according to a first encryption method, where M
is greater than N, and wherein the same N periods of the television program encrypted according to a second encryption method, wherein M-N periods are unencrypted;
decrypting the N periods according to a first decryption method to produce decrypted periods;
discarding the N periods encrypted according to the second encryption method; and decoding the decrypted periods and the unencrypted periods.
70. The method according to claim 69, further comprising filtering out the N
periods encrypted according to the second encryption method.
periods encrypted according to the second encryption method.
71. The method according to claim 70, wherein the filtering is carried out by filtering on a packet identifier (PID) associated with data packets.
72. The method according to claim 69, wherein the period comprises data associated with a frame of video.
73. The method according to claim 69, wherein the period comprises at least one packet of data.
74. The method according to claim 69, wherein the period comprises data associated with a frame of audio.
75. An electronic storage medium storing instructions which, when executed on a programmed processor, carry out the method according to claim 69.
76. The method according to claim 69, carried out in a television device.
77. The method according to claim 69, carried out in a television set-top box.
78. The method according to claim 69, carried out in an integrated circuit.
79. The method according to claim 69, carried out in one of an application specific integrated circuit and a field programmable gate array.
80. A television set-top box for decoding a television signal, comprising:
a receiver that receives a television signal having:
a first encrypted sample of the television program, the sample being encrypted under a first encryption method, a second encrypted sample of the television program, the sample being encrypted under a second encryption method, and an unencrypted portion;
a decrypter that decrypts the first encrypted sample to produce a decrypted sample; and a decoder that decodes the unencrypted portion and the decrypted sample.
a receiver that receives a television signal having:
a first encrypted sample of the television program, the sample being encrypted under a first encryption method, a second encrypted sample of the television program, the sample being encrypted under a second encryption method, and an unencrypted portion;
a decrypter that decrypts the first encrypted sample to produce a decrypted sample; and a decoder that decodes the unencrypted portion and the decrypted sample.
81. The apparatus according to claim 80, wherein the television signal is a digital television signal, and wherein the first encrypted samples and second encrypted samples comprise first encrypted packets and second encrypted packets, and the unencrypted portion comprises unencrypted packets.
82. The apparatus according to claim 81, wherein the digital television signal complies with an MPEG standard, and wherein the first encrypted packets are identified by a first packet identifier, and wherein the second encrypted packets are identified by a second packet identifier.
83. The apparatus according to claim 81, wherein the digital television signal complies with an MPEG standard, and wherein the unencrypted packets are identified by a first packet identifier, and wherein the first encrypted packets are identified by the first packet identifier, and wherein the second encrypted packets are identified by a second packet identifier.
84. A television set-top box for decoding a television program, comprising:
a receiver receiving a television program having N periods out of every M
periods of the television program encrypted according to a first encryption method, where M is greater than N, and wherein the same N periods of the television program encrypted according to a second encryption method, wherein M-N periods are unencrypted;
a decrypter that decrypts the N periods according to a first decryption method to produce decrypted periods;
filtering means for discarding the N periods encrypted according to the second encryption method; and a decoder that decodes the decrypted periods and the unencrypted periods.
a receiver receiving a television program having N periods out of every M
periods of the television program encrypted according to a first encryption method, where M is greater than N, and wherein the same N periods of the television program encrypted according to a second encryption method, wherein M-N periods are unencrypted;
a decrypter that decrypts the N periods according to a first decryption method to produce decrypted periods;
filtering means for discarding the N periods encrypted according to the second encryption method; and a decoder that decodes the decrypted periods and the unencrypted periods.
85. The method according to claim 84, further comprising filtering out the N
periods encrypted according to the second encryption method.
periods encrypted according to the second encryption method.
86. The method according to claim 85, wherein the filtering is carried out by filtering on a packet identifier (PID) associated with data packets.
87. The method according to claim 84, wherein the period comprises data associated with a frame of video.
88. The method according to claim 84, wherein the period comprises at least one packet of data.
89. An electronic storage medium storing instructions which, when executed on a programmed processor, carry out the method according to claim 84.
90. A method of encrypting a plurality of unencrypted television programs, comprising:
selecting a video frame from each unencrypted television program at a specified time interval;
encrypting the frame according to a first encryption method to create a first encrypted frame for each television program; and encrypting the frame according to a second encryption method to create a second encrypted frame for each television program.
selecting a video frame from each unencrypted television program at a specified time interval;
encrypting the frame according to a first encryption method to create a first encrypted frame for each television program; and encrypting the frame according to a second encryption method to create a second encrypted frame for each television program.
91. The method according to claim 90, further comprising, combining the first and second encrypted frames with unencrypted frames of the unencrypted television programs to produce partially dual encrypted television programs.
92. The method according to claim 91, further comprising distributing the partially dual encrypted television programs over one of a cable television system, a terrestrial broadcast system, and a satellite system.
93. The method according to claim 91, further comprising assigning a plurality primary packet identifiers (PID) to data packets containing unencrypted portions of each television program, the primary packet identifiers associating the unencrypted portions with each particular television program.
94. The method according to claim 91, further comprising assigning a plurality primary packet identifiers (PID) to data packets containing first encrypted frames of each television program, the primary packet identifiers associating the first encrypted frames with each particular television program.
95. The method according to claim 91, further comprising assigning a plurality of secondary packet identifiers (PID) to data packets containing second encrypted frames of each television program, the secondary packet identifiers associating the second encrypted frames with a particular television program.
96. The method according to claim 91, further comprising:
assigning a plurality primary packet identifiers (PID) to data packets containing unencrypted portions of each television program, the primary packet identifiers associating the unencrypted portions with each particular television program;
assigning the plurality of primary packet identifiers to data packets containing first encrypted frames of each television, program, the primary packet identifiers associating the first encrypted frames with each particular television program; and assigning a plurality of secondary packet identifiers to data packets containing second encrypted frames of each television program, the secondary packet identifiers associating the second encrypted samples with a particular television program.
assigning a plurality primary packet identifiers (PID) to data packets containing unencrypted portions of each television program, the primary packet identifiers associating the unencrypted portions with each particular television program;
assigning the plurality of primary packet identifiers to data packets containing first encrypted frames of each television, program, the primary packet identifiers associating the first encrypted frames with each particular television program; and assigning a plurality of secondary packet identifiers to data packets containing second encrypted frames of each television program, the secondary packet identifiers associating the second encrypted samples with a particular television program.
97. The method according to claim 96, further comprising transmitting system information to identify the primary and secondary packet identifiers associated with each television program.
98. The method according to claim 90, wherein the specified time interval is selected at random.
99. An electronic storage medium storing instructions which, when executed on a programmed processor, carry out the method according to claim 90.
100. An electronic transmission medium carrying an encrypted television signal encrypted by the method according to claim 90.
101. A method of encrypting an unencrypted television program, comprising:
selecting a frame of the unencrypted television program at a specified time interval; and encrypting the frame according to a first encryption method to create a first encrypted sample for the television program.
selecting a frame of the unencrypted television program at a specified time interval; and encrypting the frame according to a first encryption method to create a first encrypted sample for the television program.
102. The method according to claim 101, further comprising, combining the first encrypted frame with unencrypted portions of the television program to produce a partially encrypted television program.
103. The method according to claim 102, further comprising distributing the partially encrypted television program over a cable television system.
104. The method according to claim 102, further comprising assigning a packet identifier (PID) to data packets containing unencrypted portions of the television program, the packet identifier associating the unencrypted portion with a particular television program.
105. The method according to claim 102, further comprising assigning a packet identifier (PID) to data packets containing first encrypted frames of the television program, the packet identifier associating the first encrypted frames with a particular television program.
106. The method according to claim 102, further comprising assigning a secondary packet identifier (PID) to data packets containing first encrypted frames of the television program, the secondary packet identifier associating the first encrypted samples with a particular television program.
107. The method according to claim 102, further comprising assigning a packet identifier (PID) to data packets containing first encrypted frames and unencrypted portions of the television program, the packet identifier associating the first encrypted frames and the unencrypted portions with a particular television program.
108. The method according to claim 102, further comprising:
assigning a primary packet identifier (PID) to data packets containing unencrypted portions of the television program, the packet identifier associating the unencrypted portions with a particular television program; and assigning a secondary packet identifier (PID) to data packets containing encrypted frames of the television program, the secondary packet identifier associating the encrypted frames with the particular television program.
assigning a primary packet identifier (PID) to data packets containing unencrypted portions of the television program, the packet identifier associating the unencrypted portions with a particular television program; and assigning a secondary packet identifier (PID) to data packets containing encrypted frames of the television program, the secondary packet identifier associating the encrypted frames with the particular television program.
109. An electronic storage medium storing instructions which, when executed on a programmed processor, carry out the method according to claim 101.
.
.
110. An electronic transmission medium carrying an encrypted television program encrypted by the method according to claim 101.
Priority Applications (8)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| MXPA04006248A MXPA04006248A (en) | 2002-01-02 | 2002-12-13 | Time division partial encryption. |
| AU2002360605A AU2002360605A1 (en) | 2002-01-02 | 2002-12-13 | Time division partial encryption |
| PCT/US2002/040054 WO2003059039A2 (en) | 2002-01-02 | 2002-12-13 | Time division partial encryption |
| JP2003559216A JP4446742B2 (en) | 2002-01-02 | 2002-12-13 | Time division partial encryption |
| EP02795875.0A EP1468561B1 (en) | 2002-01-02 | 2002-12-13 | Time division partial encryption |
| KR1020107008920A KR101053376B1 (en) | 2002-01-02 | 2002-12-13 | Time Division Partial Encryption |
| KR1020047010452A KR100978187B1 (en) | 2002-01-02 | 2002-12-13 | Time division partial encryption |
| CNB028284496A CN100420303C (en) | 2002-01-02 | 2002-12-13 | Time division partial encryption |
Applications Claiming Priority (4)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US34371001P | 2001-10-26 | 2001-10-26 | |
| US60/343,710 | 2001-10-26 | ||
| US10/038,032 | 2002-01-02 | ||
| US10/038,032 US7139398B2 (en) | 2001-06-06 | 2002-01-02 | Time division partial encryption |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CA2405902A1 CA2405902A1 (en) | 2003-04-26 |
| CA2405902C true CA2405902C (en) | 2010-08-10 |
Family
ID=26714783
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CA 2405902 Expired - Lifetime CA2405902C (en) | 2001-10-26 | 2002-10-01 | Time division partial encryption |
Country Status (1)
| Country | Link |
|---|---|
| CA (1) | CA2405902C (en) |
-
2002
- 2002-10-01 CA CA 2405902 patent/CA2405902C/en not_active Expired - Lifetime
Also Published As
| Publication number | Publication date |
|---|---|
| CA2405902A1 (en) | 2003-04-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8411857B2 (en) | Partial multiple encryption | |
| US7760879B2 (en) | Multiple partial encryption | |
| US8724806B2 (en) | Partial multiple encryption | |
| EP1464174A1 (en) | Critical packet partial encryption | |
| WO2003061173A2 (en) | Elementary stream partial encryption | |
| WO2003065724A1 (en) | Decoding and decryption of partially encrypted information | |
| EP1468561A2 (en) | Time division partial encryption | |
| CA2406329C (en) | Decoding and decryption of partially encrypted information | |
| CA2405899C (en) | Partial encryption and pid mapping | |
| CA2405902C (en) | Time division partial encryption | |
| CA2405865C (en) | Elementary stream partial encryption |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| EEER | Examination request | ||
| MKEX | Expiry |
Effective date: 20221003 |