EP1348276A2 - Threshold cryptography scheme for conditional access systems - Google Patents
Threshold cryptography scheme for conditional access systemsInfo
- Publication number
- EP1348276A2 EP1348276A2 EP01977153A EP01977153A EP1348276A2 EP 1348276 A2 EP1348276 A2 EP 1348276A2 EP 01977153 A EP01977153 A EP 01977153A EP 01977153 A EP01977153 A EP 01977153A EP 1348276 A2 EP1348276 A2 EP 1348276A2
- Authority
- EP
- European Patent Office
- Prior art keywords
- share
- shares
- signal
- smart card
- scrambling key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/266—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
- H04N21/26606—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing entitlement messages, e.g. Entitlement Control Message [ECM] or Entitlement Management Message [EMM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/258—Client or end-user data management, e.g. managing client capabilities, user preferences or demographics, processing of multiple end-users preferences to derive collaborative data
- H04N21/25808—Management of client data
- H04N21/25816—Management of client data involving client authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N7/00—Television systems
- H04N7/16—Analogue secrecy systems; Analogue subscription systems
- H04N7/162—Authorising the user terminal, e.g. by paying; Registering the use of a subscription channel, e.g. billing
- H04N7/163—Authorising the user terminal, e.g. by paying; Registering the use of a subscription channel, e.g. billing by receiver means only
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N7/00—Television systems
- H04N7/16—Analogue secrecy systems; Analogue subscription systems
- H04N7/167—Systems rendering the television signal unintelligible and subsequently intelligible
- H04N7/1675—Providing digital key or authorisation information for generation or regeneration of the scrambling sequence
Definitions
- This invention concerns a system for providing conditional access (i.e., managing access) to a received scrambled audio/visual (A/V) signal from a variety of sources, such as broadcast television networks, cable television networks, digital satellite systems, and internet service providers.
- conditional access i.e., managing access
- A/V audio/visual
- the system does not require the full descrambling keys to be sent to the receiving device under encryption.
- the keys are recovered using at least one share received from the service provider and at least two shares stored in the device.
- a user may receive services from a variety of service providers, such as broadcast television networks, cable television networks, digital satellite systems, and internet service providers.
- Most television receivers are capable of receiving unscrambled information or programs directly from broadcast and cable networks.
- Cable networks providing scrambled programs usually require a separate stand alone set-top box to descramble the program.
- digital satellite systems usually provide scrambled programs that also require the use of a separate set-top box.
- These set-top boxes may utilize a removable smart card which contain the keys necessary for recovering the descrambling keys. Protection of these important keys is paramount to prevent unauthorized copying of the program.
- Conditional access systems allow access to services (e.g., television, internet, etc.) based on payment and/or other requirements, such as authorization, identification and registration.
- services e.g., television, internet, etc.
- a user submits into a service agreement with a service provider to obtain access rights.
- Figure 7 shows a conventional conditional access system architecture.
- the information or content e.g., television program, movie, etc.
- the entitlement messages are protected (e.g., encrypted) before they are delivered to the subscriber.
- Entitlement control messages carry descrambling keys (sometimes referred to as 'control words') and a brief description of the program (e.g., program number, date, time, cost, etc.).
- Entitlement management messages specify the service-related authorization levels (e.g., indicating the type or service, the duration of the service, etc.).
- the EMMs can be distributed on the same channel as the service, or may be sent on a separate channel, such as a telephone line.
- the ECMs are typically multiplexed and sent with the associated program.
- Figure 8 shows a conventional transmitter side architecture for a conditional access system, such as the one shown in Figure 7.
- streams of audio, video and data from the service are multiplexed before they are scrambled, modulated and sent to the receiver (i.e., subscriber).
- Figure 9 shows a conventional receiver side architecture for a conditional access system, such as the one shown in Figure 7.
- the received bit stream is demodulated, decrypted and decompressed before separate audio, video and data streams are sent to the display device (e.g., television screen).
- the display device e.g., television screen
- Encryption-based technologies are widely used for protecting distributed content. If the subscriber is authorized to watch a particular protected program, the program is descrambled and sent to a display (e.g., television screen) for viewing. In most conditional access systems, the subscriber will have a digital device (e.g., set-top box, digital television, digital videocassette recorder) which includes a smart card for descrambling the program based on the EMMs and ECMs.
- a digital device e.g., set-top box, digital television, digital videocassette recorder
- Programs are typically scrambled using symmetric ciphers such as the Data Encryption Standard (DES).
- DES Data Encryption Standard
- the scrambling key (and hence the ECM) is changed frequently, the period of change being on the order of a few seconds.
- public key cryptography is a viable tool for transporting keys from the service provider to the subscribers.
- the descrambling keys are encrypted with a public key on the transmitter side, and recovered by the corresponding private key (stored in the smart card of the receiver) on the receiver side.
- public key cryptography has significant drawbacks. For example, public key schemes are significantly slower than symmetric key schemes, and often have longer keys (i.e., keys with more alpha-numeric characters). Additionally, computationally demanding algorithms (such as RSA described above) are required in order to recover the key.
- Separating the security functionality from the navigational functionality (i.e., channel surfing) in these digital devices is important. Separation allows device manufacturers to produce devices which operate independently of the specific conditional access systems. This is important for two reasons:
- the present invention defines a method and apparatus for managing access to a signal, representative of an event of a service provider, utilizing a smart card. That is, this method comprises receiving in a smart card a signal that is scrambled using a symmetric scrambling key, receiving data representative of a first share, constructing the scrambling key using the first share and at least two additional shares that are stored in the smart card and descrambling the signal using the constructed scrambling key to provide a descrambled signal.
- first, second and third shares are used.
- the first, second and third shares are points on a Euclidean plane and the step of constructing the scrambling key comprises calculating the Y- intercept of the parabolic curve formed on the Euclidean plane by the first, second and third shares.
- first, second, third and fourth shares are used.
- the first, second, third and fourth shares are points on a Euclidean plane and the step of constructing the scrambling key comprises calculating the Y-intercept of the curve formed on the Euclidean plane by the first, second, third and fourth shares.
- any number of shares may be used, depending upon the level of security required.
- Figure 1 is a block diagram illustrating one architecture for interfacing a common set-top box to a variety of service providers.
- Figure 2 is a block diagram a system for managing access to a device in accordance with the invention.
- Figure 3 a is a graphical representation of the determination of the scrambling key in accordance with a first exemplary embodiment of the present invention.
- Figure 3b is a graphical representation of an allocation of a unique and non- overlapping range for each service provider in accordance with Figure 3 a.
- Figure 4 is a graphical representation of the determination of the scrambling key in accordance with a second exemplary embodiment of the present invention.
- Figure 5 is a graphical representation of the determination of the scrambling key in accordance with a third exemplary embodiment of the present invention.
- Figure 6 is a graphical representation of the determination of a plurality of scrambling keys in accordance with a fourth exemplary embodiment of the present invention.
- Figure 7 is a block diagram showing a conventional conditional access system.
- Figure 8 is a block diagram showing a conventional transmitter side architecture for a conditional access system.
- Figure 9 is a block diagram showing a conventional receiver side architecture for a conditional access system.
- CA conditional access
- DES Data Encryption Standard
- the scrambling key is changed frequently, the period of change being in the order of a few seconds.
- the protection of the descrambling keys (sent with the signals) is often provided by public-key cryptography, which as discussed above requires relatively significant computational power and memory.
- a signal (e.g., an event or program) as described herein comprises information such as (1) audio/visual data (for example, a movie, weekly "television" show or a documentary); (2) textual data (for example, an electronic magazine, paper, or weather news); (3) computer software; (4) binary data (for example, images); (5) HTML data (for example, web pages); or any other information for which access control may be involved.
- the service providers include any provider broadcasting events, for example, traditional broadcast television networks, cable networks, digital satellite networks, providers of electromc list of events, such as electronic program guide providers, and in certain cases internet service providers.
- the present invention provides a method and apparatus for securely transporting the descrambling keys.
- the present invention has particular use in a conditional access system, in which programs or services may be obtained from one of a plurality of sources.
- the method when implemented within a device, such as a digital television, digital video cassette recorder or set-top box, provides convenient management of the descrambling keys because only a portion of the data necessary for key construction is stored therein.
- a device such as a digital television, digital video cassette recorder or set-top box
- system 30 depicts the general architecture for managing access to a digital television (DTN) 40.
- Smart Card (SC) 42 is inserted into, or coupled to, a smart card reader 43 of DTN 40; an internal bus 45 interconnects DTV 40 and SC 42 thereby permitting the transfer of data therebetween.
- Such smart cards include ISO 7816 cards having a card body with a plurality of terminal pins arranged on a surface in compliance with National Renewable Security Standard (NRSS) Part A or PCMCIA cards complying with NRSS Part B.
- NRSS National Renewable Security Standard
- DTV 40 has the ability to receive services from a plurality of service providers (SPs), such as a broadcast television SP 50, a cable television SP 52, a satellite system SP 54, and an internet SP 56.
- SPs service providers
- CA Conditional Access Organization
- the present invention employs the concept of secret sharing which eliminates the requirement for using public key cryptography (or any other cipher system) to ensure secure transmission of the audio/visual (A/V) stream from a service provider (e.g., SP 50-56) to the smart card (e.g., SC 42) of the subscriber.
- a service provider e.g., SP 50-56
- SC 42 smart card
- the present invention employs an application of a secret sharing scheme, originally developed by Adi Shamir, known as a 'threshold scheme' or 'threshold cryptography' (See, A. Shamir, "How to share a secret," Communications of the ACM, Vol. 22, No. 11, pp. 612-613, November 1979).
- a perfect threshold scheme is a threshold scheme in which knowledge of (t-1) or fewer pieces ('shares' or 'shadows') provides no information about the secret.
- the secret is divided into four shares but only three of the shares are required to reconstruct the secret. Two of the shares, however, cannot reconstruct the secret.
- Shamir's (t,n) threshold scheme choosing a higher value for t, and storing (t-1) secrets in the smart card would increase the system's resistance to ciphertext only attacks, but would lead to more computations for polynomial construction.
- the present invention utilizes the principles of Shamir's secret sharing to conceal the identity of a key for descrambling a scrambled signal in a conditional access system.
- the present inventor proposes a scheme where the scrambling key comprises the Y-intercept of a specific line or curve formed by two or more points in a Euclidean plane.
- the receiver e.g., smart card
- the receiver is manufactured with a share or shares already stored therein (this is often referred to as a 'prepositioned' shared secret scheme, as discussed below).
- This stored share is used to compute the key to scramble a signal at a transmitter.
- an additional or 'activating' share is transmitted therewith.
- the 'activating' share does not need to be encrypted in this scheme, since knowledge of the activating share means nothing without the knowledge of the stored share.
- the receiver On receiving the 'activating' share, the receiver reconstructs the scrambled signal using a descrambling key which is computed by finding the Y-intercept of the line formed by the stored share and the 'activating' share. Each time a new key is required, a new 'activating' share may be selected at the transmitter, thereby changing the Y-intercept of the line formed by the stored share and the 'activating' share. In this way, an infinite number of scrambling keys may be defined and utilized without changing the smart card or the receiver hardware or software.
- the key generation and distribution process may be automated by developing a program to perform the following steps:
- the 'prepositioned' shared secret scheme because a portion of the secret is 'prepositioned' at the receiver.
- the 'prepositioned' share is the share which is stored at the receiver in the smart card.
- Such 'prepositioned' shared secret schemes have been discussed by others in the field of cryptology (See, G.J. Simmons, "How to (really) share a secret,” Advances in Cryptology - CRYPTO '88 Proceedings, Springer-Verlag, pp. 390-448, 1990; G.J. Simmons, "Prepositioned shared secret and/or shared control schemes," Advances in Cryptology - EUROCRYPT '89 Proceedings, Springer-Verlag, pp. 436-467, 1990).
- the scrambling key can be changed relatively easily without changing any of the circuitry at the receiver; only the 'activating' share need to be changed.
- the above algorithm outlines a prepositioned secret sharing scheme which utilizes a secret S with only 2 shares (i.e., 2 points of a line on a Euclidean plane).
- 2 shares i.e., 2 points of a line on a Euclidean plane.
- other more complex secrets S can be developed which have many more shares (points).
- the important aspect of a prepositioned secret sharing scheme is that some of the shares are 'prepositioned' at the receiver.
- the present invention involves storing at least one of the shares of a secret at a specific location (e.g., in a smart card memory). The stored share is then used in conjunction with an 'activating' share to construct the secret.
- a (4, 4) scheme for example, preferably three (3) of the four (4) shares are stored at the specific location (e.g., smart card). Then, the last share (also referred to herein as the 'activating' share) is transmitted to the location to obtain the secret.
- the secret is not the shares themselves, but the Y-intercept of the line or curve (for higher order polynomials) formed by the shares when expressed as points on a Euclidean plane.
- FIGS. 2 and 3 together, demonstrate a first exemplary embodiment of the present invention.
- a secret with two shares is used.
- each share is defined by a point on a Euclidean plane.
- stored in SC 42 is a first share (or data point).
- the first share may be thought of as a single point on a Euclidean plane (i.e., in the form of (x 0 , y 0 )).
- Service provider 58 transmits a signal (or event or program) that may be scrambled by a symmetric key, for example a Data Encryption Standard (DES) key.
- DES Data Encryption Standard
- service provider 58 transmits a second (or 'activating') share.
- the second share may be a second single point from the same Euclidean plane (i.e., in the form of (x 1 ⁇ y ).
- the scrambled A/V signal and the second ('activating') share are received by DTV 40 and are sent to SC 42 for processing.
- SC 42 receives the second ('activating') share and utilizes both the stored first share and the received second share to reconstruct (or recover) the symmetric key.
- SC 42 uses the reconstructed symmetric key to descramble the received scrambled A/V signal and generate a descrambled A/V signal.
- This descrambled A/V signal is provided to DTV 40 for display.
- Recovery of the symmetric key is achieved by constructing a polynomial utilizing the first and the second shares; the y-intercept of the constructed polynomial being the symmetric key. For example, given (x 0 , y 0 ) and (x l5 y_), the symmetric key is constructed by computing the value of S in the given finite field, where:
- Figure 3 a illustrates a graphical representation of the first exemplary embodiment of the present invention showing exemplary shares (x 0 , y 0 ) and (x ls yi), and a line formed thereby which crosses the Y-axis at a specific point (which is the key).
- the plot in Figure 3a is obtained using real numbers, and not modular arithmetic.
- Such an approach as the one described above with reference to the first exemplary embodiment permits more than one service provider to share the stored second share (x 0 , yo) (i.e., 'activating' share).
- Each service provider would then be free to choose its own first share (i.e., (x 1 ⁇ y ).
- the probability of constructing polynomials with identical y- intercepts i.e., identical symmetric keys) is low.
- the range of possible second shares could be allocated such that each service provider has a unique and non-overlapping range (see Figure 3b).
- each service provider could choose its own first share which could be encrypted using the public key of the smart card before downloading. The share would be recovered by the smart card using its private key Ksc pr i- Additionally, as explained below, scrambling portions of the event with different keys and transmitting different second shares may increase the robustness of the defined system.
- the value of the secret S can be discovered by computing f(0):
- the value of the secret and thus the scrambling key, would be 6 (mod 23).
- the value of this secret will change with each different value of (x 1? y .
- Figure 4 illustrates a key recovery scheme according to a second exemplary embodiment of the present invention that utilizes three shares for (as opposed to the two shares of the first exemplary embodiment).
- recovery of the symmetric key is achieved by constructing a second-degree polynomial (i.e., parabolic curve) utilizing first, second and third shares (e.g., (x 0 ,yo), (x ⁇ ,y ⁇ > (X2 > y2)); the y-intercept of the constructed second-degree polynomial being the symmetric key.
- a second-degree polynomial i.e., parabolic curve
- the value of the secret S can be discovered by computing f(0):
- the first, second and third shares may be expressed as points on a Euclidean plane.
- the plot in Figure 4 is obtained using real numbers, and not modular arithmetic.
- Figure 5 illustrates a key recovery scheme according to a third exemplary embodiment of the present invention that utilizes four shares.
- recovery of the symmetric key is achieved by constructing a third-degree polynomial (i.e., curve) utilizing first, second, third and fourth shares (e.g., (xo,yo), (x ⁇ ,y ⁇ ) > (x 2 ,y 2 ), ( 3,y3)); the y-intercept of the constructed third-degree polynomial being the symmetric key.
- a third-degree polynomial i.e., curve
- first, second, third and fourth shares e.g., (xo,yo), (x ⁇ ,y ⁇ ) > (x 2 ,y 2 ), ( 3,y3)
- the y-intercept of the constructed third-degree polynomial being the symmetric key.
- f(x) a 2 x + a 2 x + aix + ao (mod 23) passing through (xo, yo), (xi, yi), (X2, y2) and (x 3 , y 3 ) can be constructed by solving:
- the value of the secret S can be discovered by computing f(0):
- the first, second, third and fourth shares may be expressed as points on a Euclidean plane.
- the plot in Figure 5 is obtained using real numbers, and not modular arithmetic.
- Conditional access system operators often define three levels of keys: (1) individual, (2) group, and (3) regional. Subscribers of the conditional access system may be assigned one or more of these different authorization levels by storing different numbers of shares in their respective smart cards.
- Level 1 Smart Card - all the smart cards in the broadcast 'region' are assigned one common share (i.e., a share common to all smart cards in the region);
- Level 2 Smart Card - all the smart cards in a specified group are assigned an additional common share (i.e., another share common to all smart cards in the specified group);
- the above-described smart cards may be used in conjunction with an 'activating' share to descramble certain programs. Since the Level 1 smart card includes only one share, while the Level 2 smart card includes 2 shares, and the Level 3 smart card includes 3 shares, each card will provide different sets of descrambling keys. Thus, all smart cards in the broadcast region (i.e., Level 1 smart cards) will have the ability to receive and descramble the general broadcast (e.g., basic television channels), but only Level 2 Smart Cards will have the ability to receive and descramble some additional programs (e.g., HBO, Showtime, etc.), and only Level 3 Smart Cards will have the ability to receive and descramble certain other additional programs (e.g., PPV movies, etc.). It will be noted that the shares which are placed in the Level 1-3 smart cards comprise 'propositioned' information which may be used in conjunction with an 'activating' share to compute a secret (e.g., the descrambling key).
- Figure 6 shows how the multiple share scheme would be constructed using the
- the three different authorization levels correspond to the three y-intercepts (i.e., "regional key”, “group key”, “individual key”).
- the first-degree polynomial (corresponding to the Level 1 or 'regional' authorization) comprises a line passing through an 'activating share' and a Level 1 common share.
- the second-degree polynomial (corresponding to the Level 2 or 'group' authorization) comprises a parabola passing through the 'activating' share, the Level 1 common share, and a Level 2 share.
- the third-degree polynomial (corresponding to the Level 3 or 'individual' authorization) comprises a curve passing through the 'activating share', the Level 1 common share, the Level 2 share, and a Level 3 share.
- the 'activating' share is used to compute each of the different keys (i.e., individual, group and regional). It should be noted that for demonstrative purposes the plot in Figure 6 is obtained using real numbers, and not modular arithmetic. Using the above example, the table below describes the relationship between the shares and the different authorization levels:
- the above-described scheme effectively combines the advantages of symmetric and public key systems.
- the 'prepositioned' information can be considered to be the private key of the receiver.
- the symmetric key to be constructed is determined by the public information sent as part of the ECM. As the descrambling keys are not generated at the source of the broadcast, no additional cipher is needed to protect them in distribution.
- the activating share transmitted with the scrambled content can then be unmasked by the receiver in a predefined process.
- An example of masking would be using a hash value of the activating share for content scrambling, but transmitting the activating share instead. Then, the receiver would perform hashing to determine the actual value.
Abstract
Description
Claims
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US25378100P | 2000-11-29 | 2000-11-29 | |
US253781P | 2000-11-29 | ||
PCT/US2001/029790 WO2002045337A2 (en) | 2000-11-29 | 2001-09-24 | Threshold cryptography scheme for conditional access systems |
Publications (1)
Publication Number | Publication Date |
---|---|
EP1348276A2 true EP1348276A2 (en) | 2003-10-01 |
Family
ID=22961673
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP01977153A Withdrawn EP1348276A2 (en) | 2000-11-29 | 2001-09-24 | Threshold cryptography scheme for conditional access systems |
EP01981324A Withdrawn EP1366594A2 (en) | 2000-11-29 | 2001-09-24 | Threshold cryptography scheme for message authentication systems |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP01981324A Withdrawn EP1366594A2 (en) | 2000-11-29 | 2001-09-24 | Threshold cryptography scheme for message authentication systems |
Country Status (8)
Country | Link |
---|---|
EP (2) | EP1348276A2 (en) |
JP (2) | JP2004515160A (en) |
KR (2) | KR20030094217A (en) |
CN (2) | CN1484901A (en) |
AU (2) | AU2002212977A1 (en) |
BR (2) | BR0115575A (en) |
MX (2) | MXPA03004822A (en) |
WO (2) | WO2002045337A2 (en) |
Families Citing this family (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7594275B2 (en) * | 2003-10-14 | 2009-09-22 | Microsoft Corporation | Digital rights management system |
US7620187B1 (en) | 2005-03-30 | 2009-11-17 | Rockwell Collins, Inc. | Method and apparatus for ad hoc cryptographic key transfer |
US7999685B2 (en) * | 2005-06-08 | 2011-08-16 | Koninklijke Philips Electronics N.V. | Deterministic key pre-distribution and operational key management for moblie body sensor networks |
JP4776378B2 (en) * | 2006-01-11 | 2011-09-21 | 日本電信電話株式会社 | MULTI-KEY AUTHENTICATION TERMINAL DEVICE, MULTI-KEY AUTHENTICATION MANAGEMENT DEVICE, MULTI-KEY AUTHENTICATION SYSTEM, AND PROGRAM |
JP4916915B2 (en) * | 2007-02-28 | 2012-04-18 | Kddi株式会社 | Terminal device, data management device, and computer program |
JP4909796B2 (en) * | 2007-04-24 | 2012-04-04 | Kddi株式会社 | Secret information management system, secret information management method and program |
GB2451505A (en) | 2007-08-01 | 2009-02-04 | Iti Scotland Ltd | Key distribution in a network using key shares in a secret sharing scheme |
US7958354B1 (en) | 2008-02-14 | 2011-06-07 | Rockwell Collins, Inc. | High-order knowledge sharing system to distribute secret data |
JP2008167505A (en) * | 2008-03-26 | 2008-07-17 | Dainippon Printing Co Ltd | Public key encryption processing system and method |
JP5608509B2 (en) * | 2010-10-21 | 2014-10-15 | Kddi株式会社 | Key management system, key management method, and computer program |
US11170094B2 (en) | 2016-01-27 | 2021-11-09 | Secret Double Octopus Ltd. | System and method for securing a communication channel |
WO2017130200A1 (en) * | 2016-01-27 | 2017-08-03 | Secret Double Octopus Ltd | System and method for securing a communication channel |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7610614B1 (en) * | 1999-02-17 | 2009-10-27 | Certco, Inc. | Cryptographic control and maintenance of organizational structure and functions |
-
2001
- 2001-09-24 KR KR10-2003-7006413A patent/KR20030094217A/en not_active Application Discontinuation
- 2001-09-24 EP EP01977153A patent/EP1348276A2/en not_active Withdrawn
- 2001-09-24 BR BR0115575-0A patent/BR0115575A/en not_active IP Right Cessation
- 2001-09-24 WO PCT/US2001/029790 patent/WO2002045337A2/en active Application Filing
- 2001-09-24 AU AU2002212977A patent/AU2002212977A1/en not_active Abandoned
- 2001-09-24 MX MXPA03004822A patent/MXPA03004822A/en active IP Right Grant
- 2001-09-24 JP JP2002546357A patent/JP2004515160A/en not_active Withdrawn
- 2001-09-24 AU AU2001296294A patent/AU2001296294A1/en not_active Abandoned
- 2001-09-24 CN CNA01819723XA patent/CN1484901A/en active Pending
- 2001-09-24 BR BR0115573-3A patent/BR0115573A/en not_active IP Right Cessation
- 2001-09-24 CN CNA018196888A patent/CN1483259A/en active Pending
- 2001-09-24 EP EP01981324A patent/EP1366594A2/en not_active Withdrawn
- 2001-09-24 JP JP2002546354A patent/JP2004515159A/en not_active Withdrawn
- 2001-09-24 MX MXPA03004599A patent/MXPA03004599A/en active IP Right Grant
- 2001-09-24 KR KR10-2003-7006964A patent/KR20040010565A/en not_active Application Discontinuation
- 2001-09-24 WO PCT/US2001/029842 patent/WO2002045340A2/en active Search and Examination
Non-Patent Citations (1)
Title |
---|
See references of WO0245337A2 * |
Also Published As
Publication number | Publication date |
---|---|
MXPA03004822A (en) | 2003-09-25 |
KR20030094217A (en) | 2003-12-11 |
JP2004515160A (en) | 2004-05-20 |
AU2002212977A1 (en) | 2002-06-11 |
CN1484901A (en) | 2004-03-24 |
WO2002045337A3 (en) | 2002-09-06 |
BR0115573A (en) | 2003-07-29 |
JP2004515159A (en) | 2004-05-20 |
WO2002045337A2 (en) | 2002-06-06 |
CN1483259A (en) | 2004-03-17 |
WO2002045340A2 (en) | 2002-06-06 |
AU2001296294A1 (en) | 2002-06-11 |
WO2002045340A3 (en) | 2002-10-17 |
EP1366594A2 (en) | 2003-12-03 |
KR20040010565A (en) | 2004-01-31 |
BR0115575A (en) | 2003-07-29 |
MXPA03004599A (en) | 2003-09-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP1059001B1 (en) | Method for protecting the audio/visual data across the nrss inte rface | |
EP0787391B1 (en) | Conditional access system | |
EP1505474B1 (en) | Process for protecting an information item transmitted from a security element to a decoder, security element and decoder using such a process | |
EP1491046B1 (en) | Selective multimedia data encryption | |
EP2219374A1 (en) | Securely providing a control word from a smartcard to a conditional access module | |
US7224806B2 (en) | Threshold cryptography scheme for conditional access systems | |
EP2373019A1 (en) | Secure descrambling of an audio / video data stream | |
WO2002045337A2 (en) | Threshold cryptography scheme for conditional access systems | |
US20040047472A1 (en) | Threshold cryptography scheme for conditional access systems | |
WO2003036975A1 (en) | Conditional access system and copy protection | |
Hou et al. | Based on cryptosystem secure communication between set-top box and smart card in DTV broadcasting | |
US9210137B2 (en) | Local digital network, methods for installing new devices and data broadcast and reception methods in such a network | |
CA2318939C (en) | Conditional access system for digital receivers | |
Eskicioglu et al. | A key transport protocol based on secret sharing applications to information security | |
Lee et al. | Efficient and secure communication between set-top box and smart card in IPTV broadcasting | |
MXPA00005722A (en) | Method for protecting the audio/visual data across the nrss inte rface |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20030623 |
|
AK | Designated contracting states |
Kind code of ref document: A2 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE TR |
|
AX | Request for extension of the european patent |
Extension state: AL LT LV MK RO SI |
|
R17D | Deferred search report published (corrected) |
Effective date: 20020906 |
|
RBV | Designated contracting states (corrected) |
Designated state(s): AT BE CH CY DE FR GB IT LI |
|
17Q | First examination report despatched |
Effective date: 20040930 |
|
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: THOMSON LICENSING |
|
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: THOMSON LICENSING |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN |
|
18D | Application deemed to be withdrawn |
Effective date: 20100223 |