EP1698176A1 - Procede et systeme d'acces conditionnel applique a la protection de contenu - Google Patents
Procede et systeme d'acces conditionnel applique a la protection de contenuInfo
- Publication number
- EP1698176A1 EP1698176A1 EP03810016A EP03810016A EP1698176A1 EP 1698176 A1 EP1698176 A1 EP 1698176A1 EP 03810016 A EP03810016 A EP 03810016A EP 03810016 A EP03810016 A EP 03810016A EP 1698176 A1 EP1698176 A1 EP 1698176A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- ecm
- key
- message
- cwi
- content
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N7/00—Television systems
- H04N7/16—Analogue secrecy systems; Analogue subscription systems
- H04N7/162—Authorising the user terminal, e.g. by paying; Registering the use of a subscription channel, e.g. billing
- H04N7/163—Authorising the user terminal, e.g. by paying; Registering the use of a subscription channel, e.g. billing by receiver means only
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/60—Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client
- H04N21/63—Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
- H04N21/633—Control signals issued by server directed to the network components or client
- H04N21/6332—Control signals issued by server directed to the network components or client directed to client
- H04N21/6334—Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/266—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/266—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
- H04N21/26606—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing entitlement messages, e.g. Entitlement Control Message [ECM] or Entitlement Management Message [EMM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/41—Structure of client; Structure of client peripherals
- H04N21/418—External card to be used in combination with the client device, e.g. for conditional access
- H04N21/4181—External card to be used in combination with the client device, e.g. for conditional access for conditional access
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/432—Content retrieval operation from a local storage medium, e.g. hard-disk
- H04N21/4325—Content retrieval operation from a local storage medium, e.g. hard-disk by playing back content from the storage medium
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/433—Content storage operation, e.g. storage operation in response to a pause request, caching operations
- H04N21/4334—Recording operations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/45—Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
- H04N21/462—Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
- H04N21/4623—Processing of entitlement messages, e.g. ECM [Entitlement Control Message] or EMM [Entitlement Management Message]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/60—Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client
- H04N21/63—Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
- H04N21/633—Control signals issued by server directed to the network components or client
- H04N21/6332—Control signals issued by server directed to the network components or client directed to client
- H04N21/6334—Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key
- H04N21/63345—Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key by transmitting keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N7/00—Television systems
- H04N7/16—Analogue secrecy systems; Analogue subscription systems
- H04N7/167—Systems rendering the television signal unintelligible and subsequently intelligible
- H04N7/1675—Providing digital key or authorisation information for generation or regeneration of the scrambling sequence
Definitions
- the invention relates to the field of access control and relates more particularly to a method and a system for transmitting / receiving information with access control through an MPEG2 broadcasting network. This method is applicable to any multiplex data stream based on the use of packet or frame.
- the invention also relates to a scrambling platform and a descrambling receiver intended to implement this method. More specifically, the invention relates to a method and a system for controlling access to a digital data stream broadcast and scrambled beforehand by a CW encryption key transmitted in encrypted form in an ECM access title control message (for "Entitlement Control Message") comprising at least one CA criterion for controlling access to the data of the stream.
- the transmitted data may be decrypted on the fly or saved as is in a receiving terminal.
- FIG. 1 represents a general diagram of an access control system of the prior art in which a scrambling platform 2, generally arranged at the head of the network, receives a clear flow F x and provides a receiver terminal 4 encrypted content F xs .
- the platform 2 comprises a generator 6 of CWi scrambling and descrambling keys, a generator for access title control messages (ECM) 8, and a generator for access title management messages (EMM) (for "Entitlement Management Message) 10.
- the receiver terminal 4 comprises a descrambling module 12, a security processor 14 comprising a decryption module 16 of the control keys CWi and a memory 18. Before the data streams are broadcast, these are scrambled by the scrambling platform 2 by means of the CWi keys. In order to allow descrambling of the content of the broadcast streams, the CWi descrambling keys are transmitted to the terminals 4 in encrypted form in the title title control messages. ECM access with at least one access control criterion CA. After verification of the access criteria by means of a comparator 20 to rights previously transmitted to the terminals 4, in the management messages access card (EMM) and written in memory 18, the descrambling keys C i are decrypted then transmitted to the descrambling module 12.
- ECM management messages access card
- the descrambling keys C i change regularly on crypto-periods CPi (typically a few seconds) and are generally applied to the descrambler 12 by couple [CW ⁇ , CW i + ⁇ ] where CWi represents the descrambling key valid during the CPi crypto-period, and CWi + i representing the descrambling key valid during the CPi + i crypto-period.
- Each descrambling key to be used is referenced by a bit indicating the parity of i so that on each change of ECM, two descrambling keys, an ECW pair and an odd OCW, are configured on the descrambler before the effective change of crypto-period.
- a known technique for protecting the content once broadcast consists of recording this content with the associated conditional access signaling.
- a first drawback of this solution stems from the fact that it does not make it possible to associate separate access criteria for the phases: - direct viewing of the content from the stream; - content recording; and - viewing the flow from the locally recorded content.
- a second drawback of this technique stems from the fact that the secret operating keys stored in a security processor and used for decrypting the ECMs are regularly updated.
- the ECMs stored with the content are not more valid and the latter becomes unusable even if the customer has acquired rights of use beyond this period.
- a third drawback is linked to the synchronization aspects between the supply and the exploitation of the descrambling keys C i during an exploitation of recorded content. In this case, the reverse read function cannot be performed in a simple way, because the anticipated value of the next descrambling key (representing the previous descrambling key) is not provided in the ECM.
- DRM Digital Right Management
- This type of solution is based on: - the use of certificates to establish a chain of trust between the components of the system; - content encryption or pre-scrambling using a private key algorithm; - the online sending of this private key associated with the rights of use to form an encrypted license using an encryption algorithm using a public key of the client.
- This solution is not adapted to the context of television broadcasting in which the use of a return channel is not systematic.
- this type of solution does not make it possible to condition access to content through the possession of registered rights either over the air or online in a security processor.
- the aim of the ⁇ nvention is to overcome the drawbacks of the prior art described above by means of a method and a device using a scrambling process based on periodic changes of control words and ensuring a backward compatibility with previous conditional access systems.
- the invention recommends a method for controlling access to a digital data stream broadcast and previously scrambled by means of a CW encryption key transmitted in encrypted form in an ECM access title control message. further comprising at least one CA criterion for access control, said digital data being capable of being recorded as such in a receiving terminal or decrypted on the fly.
- this method comprises the following steps: on transmission:
- the keys CW, KR C and KP C are encrypted by a first service key K s .
- the keys CW, KR C and KP C are encrypted by three different service keys respectively K s , K SR and K SP .
- the transmission phase comprises the following steps: for each data stream - cutting out the scrambling period into a series of crypto-periods CPi each defining a period of validity of an individual key CWi , and at each change of crypto-period, - scramble the content of the stream using the key CWi, and store a value p (i) representative of the parity of i, - calculate an access title control message SC -ECMi based on encryption keys CWi_ ⁇ , CWi, C i + i previously defined, of the value p (i) and of the criterion CAi, said message SC-ECMi being intended to convey access rights to a segment Si of data corresponding to at least two crypto- periods, - encrypt the keys CWi-i, CWi, CWi + ⁇ using the replay key KP C , - encrypt the encryption result from the previous step using a second service key K ' s , - encrypt the encryption
- the transmission phase comprises the following steps: for each data stream: - cutting the scrambling period into a series of CPi crypto-periods each defining a period of validity of an individual key CWi, and, at each change of crypto-period i, - scramble the content of the stream using the CWi key, and store a value p (i) representative of the parity of i, - calculate a title control message d SC-ECMi as a function of the encryption keys CWi-i, CWi, CWi + i previously defined, the value p (i) and the criterion CAi, said message SC-ECMi being intended to convey access rights to a segment Si of data corresponding to at least two cryptoperiods, - encrypt the keys CWi_ ⁇ , CWi, CW i + ⁇ using a second service key K ' sr - encrypt the encryption result from the previous step using the replay key KP C ,
- ECMi ECMi
- P-ECM C ECMi
- R-ECM c ECMi
- SC-ECMi SECMi
- These can either be broadcast on the ECM channel associated with the content of the Si segment, or be delivered in part to the receiving terminal from a Server.
- Authorization at the head of the network on request and depending on the type of exploitation of the content envisaged.
- R-ECM and / or P-ECM messages can be delivered to the receiving terminal on request from an Authorization Server at the head of the network if recording and / or re-reading are envisaged.
- the reception phase includes the following steps: - recovering the ECM channel of the ECMi message from the signaling attached to the service broadcasting the data stream, and at each change of i , - analyze the message ECMi in order to recover the even control words OCW, and odd ECW, to descramble the content of the broadcast stream so as to obtain direct access to this content.
- the reception phase includes the following steps: - recovering the ECM channel from P-ECM C messages,
- R-ECM C SC-ECMi from the signaling attached to the service broadcasting the content; - analyze the R-ECM C message to check the criteria for accessing the CRR record - memorize the KR C record key; - retrieve the P-ECM C message and store it with the content; and for each crypto-period i: - recover the message SC-ECMi, - decrypt the message SC-ECMi using the registration key KR C , and - record the message SC — ECMi decrypted with the content.
- the reading of the content of the recorded stream is obtained according to the following steps: - recovering the P-ECM C message in the content and analyzing it to verify the access criteria for reading CRP, - memorizing the reading key KP C ; and - retrieve the message from the content
- SC-ECMi current decrypt the message SC-ECMi with the replay key KP C and check the access criteria, - recover the encrypted keys CWi-i, CWi, C i + i and the value p (i) indicating the parity of i, and - deciphering, by means of the second key K ' s , said keys according to the direction of reading in order to deduce therefrom ECW and OCW; then, - apply either ECW or OCW to descramble the content during proofreading.
- access to the rereading of the content of the stream is obtained according to the following steps: - retrieving the P-ECM C message in the content, - analyzing the P-ECM C message to verify the criteria for accessing CRP reading, - memorize KP C , and - recover the message from the content
- SC-ECMi current decrypt the message SC-ECMi with the second service key K ' s and check the access criteria, - recover the encrypted keys CWi_ ⁇ , CWi, C i + i and the value p (i) indicating the parity of i, and - deciphering, by means of the second key KRc, said keys according to the direction of reading in order to deduce therefrom ECW and OCW; then, - apply either ECW or OCW to descramble the content.
- the reception phase also comprises the following steps: generate a local key K ⁇ from attributes contained in the R-ECM message and at least one parameter relating to the identity of the receiving terminal, locally encrypt the content to be recorded with this Ki key. - on re-reading, regenerate the key Ki from attributes contained in the P-ECM message and at least one parameter relating to the identity of the receiver-terminal, - decrypt the recorded content using the key Kj. regenerated.
- the digital data broadcast represents audiovisual programs.
- the invention also relates to a system for controlling access to a digital data stream comprising a scrambling platform comprising at least one generator for ECM access title control messages and at least one descrambling receiver provided with 'a security processor.
- the scrambling platform further comprises: - a R-ECM C message generator for controlling the title of access to the recording of the content of the received stream and a P-ECM C message generator for controlling the access title to the replay of the content of a recorded stream
- the descrambling receiver comprises: - means for recovering the ECM channel of the P-ECM C , R-ECM C messages, - means for decrypting the content of a stream received to record it, - means for decrypting the content of a recorded stream to replay it.
- the descrambling receiver further comprises means for generating a local key Ki from attributes contained in the R-ECM message and from the identity of the receiver terminal to locally encrypt / decrypt the content of the received stream.
- the invention also relates to a scrambling platform comprising at least one generator for ECM access title control messages to a data stream broadcast in scrambled form, an R-ECM C message generator for access title control. at the recording of the content of a received stream and a P-ECM C message generator for controlling the title of access to the replay of the content of a recorded stream.
- the scrambling platform further comprises: - means for cutting the scrambling period into a series of crypto-periods CPi each defining a period of validity of an individual key CWi, - means for encrypting the content of the flow at each change of crypto-period i by means of the key CWi, - means for calculating an access title control message SC-ECMi as a function of the keys CWi_ ⁇ , CWi, C i + i corresponding respectively to the cryptoperiods CPi , CPi-i and CPi + i, a parity parameter p (i) and the access control criterion CAi, said message SC-ECMi being intended to convey access rights to a segment Si of corresponding data at least two crypto-periods, - means for encrypting the keys C ⁇ -i, CWi, CWi + i by means of a replay key KP C , - means for encrypting the encryption result of the previous
- the invention also relates to a descrambling receiver for a data stream broadcast in scrambled form by a scrambling key C i comprising a security processor in which is stored at least one registration key KR C intended to descramble access control messages to the recording R-ECM C and at least one replay key KP C intended to descramble messages access control to replay P-ECM C.
- this receiver comprises: - means for recovering the ECM channel P-C ECM messages, and R-C ECM messages from the signaling connected the service broadcasting the content; - means for decrypting the message R-ECMc using the registration key KR C to verify the right to record the content of a received stream, - means for decrypting the message P-ECMc using the key re-reading KP C to verify the right to re-read the content of a recorded stream,
- the receiver according to the invention further comprises means for generating a key Ki from the identity of the receiver to locally encrypt and decrypt the content of the received stream.
- the security processor is a smart card.
- FIG. 1 represents a general diagram of an access control system of the prior art
- - Figure 2 shows a block diagram illustrating the scrambling phase of the streams to be broadcast by an access control system according to the invention
- - Figure 3 schematically illustrates the process of controlling access to the recording of a data flow according to the invention
- FIG. 4 schematically illustrates the process of controlling access to the replay of the data flow recorded according to the invention.
- the method is based on a broadcasting of content through a structure of multiplexed packets whose form is indicated in appendix 1.
- the signaling of the program broadcasting the content includes a precise description indicating the channels of the multiplex by an identifier of “Packet Identifier” package in English useful for receiving the content as well as the nature of the data transmitted in each channel (sound, video or other component).
- This signaling includes a conditional access descriptor "CA_descriptor" indicating the presence and location of the channels transporting the ECMs.
- This descriptor is associated either at the global level of the program, or at the level of each declaration of a component channel.
- the format of this descriptor is standard in the case of an MPEG2 broadcast IS013818-1 shown in appendix 2.
- the private data "private_data_byte" for the described method are described in appendix 3 for an embodiment. They have an XID suffix in the header of the ECMs and serve as a discriminator to distinguish the ECMs possibly carried on the same packet channel.
- Step 30 consists in generating a secret registration key KR C for controlling access to the recording and a replay secret key KP C for controlling access to the replay.
- Step 32 consists of cutting out, for each data stream, the scrambling period into a series of crypto-periods CPi each defining a period of validity of an individual key CWi.
- the packets thus formed are then applied to a scrambling and multiplexing module 34 which receives in parallel an ECMi message containing the descrambling keys CWi, C i + i for controlling the title of access to the content of the stream and at least one criterion.
- a message SC-ECMi containing the descrambling keys CWi-i, CWi, CWi + i for controlling the title of access to the contents of a segment Si of data corresponding to at least two crypto-periods, one R-ECM C message containing the KR C registration control key for access to the recording of the content of the segment Si and at least one CRR criterion defining a right to the recording of this content, and a P-ECM message c containing the KP replay key C for controlling access to the replay of the content of the segment If recorded and at least one CRP access control criterion for replaying the content of this segment.
- step 36 the descrambling keys CWi, CWi + ⁇ are encrypted by a first secret service key K s extracted from a smart card 38, and in step 40, the descrambling keys CWi- i, CWi, CWi + i are successively encrypted by the registration key KR C then by the replay key KP C , in step 42, the key KP C is encrypted by a second service key K ' s extracted from the smart card 38, and in step 44, the key KR C is encrypted by the second service key K ' s .
- step 42 amounts to performing an over-encryption of the control words CWi-i, CWi, C i + i successively by means of the replay key KP C , the second service key K ' s , then the KR C registration key.
- FIG. 3 schematically illustrates the phase of reception and descrambling of a broadcast content with a view to its recording.
- Step 50 consists in searching for the ECM channels present in P-ECM C , R-ECM C , SC-ECMi messages in the signaling attached to the service broadcasting the content. Step 51 is only carried out if the message
- Step 51 consists in connecting to an Authorization Server by declining the identifier of the content to be recorded and the identity of the client terminal. According to criteria known to the Authorization Server, the latter delivers online the R-ECM C necessary for recording the content.
- the message R-ECM C is presented to the security processor which, after verification of the criteria for accessing the recording, stores the key KR C. Step 52 is only carried out if the P-ECM C message is broadcast.
- step 54 the P-ECM C message is retrieved and then stored as is in the header of the content storage file.
- step 56 for each crypto-period i, the message SC-ECMi is recovered then presented to the security processor which deciphers it with the key KR C to recover a decrypted message SC-ECMi which is then recorded with the multiplex packets constituting the content.
- these multiplex packets are encrypted locally (step 58) with a key Kj. generated in step 60 from attributes contained in the K-EMC C message and a parameter relating to the identity of the decoder.
- this parameter can be the serial number of the decoder, the unique identifier (UA) of the smart card or even the serial number of a hard disk fitted to the receiving terminal.
- FIG. 4 schematically illustrates the descrambling phase of content recorded in a recording medium 60 with a view to its replay. Step 62 consists in searching for the message
- Step 63 consists in connecting to an Authorization Server by declining the identifier of the content to be read and the identity of the client terminal. According to criteria known to the Authorization Server, the latter delivers online P-ECM C necessary for reading the content.
- the message P-ECM C found is presented to the security processor which, after verification of the read access criteria, stores the replay key KP C in the smart card 38.
- the local identity key Ki is then calculated from the identity information of the receiving terminal (step 68), and for each cryptoperiod i, the multiplex content is decrypted on the fly with the Kj key . (step 70).
- the key Ki upon re-reading, the key Ki is regenerated from attributes contained in the P-ECM message and from at least one parameter relating to the identity of the terminal receiver and is used to decrypt recorded content.
- the current SC-ECMi message is retrieved, then presented to the security processor
- step 74 which deciphers it with the key KP C to check the CRP access criteria for re-reading and recover the control words CWi_ ⁇ , CWi, CWi + i and the parity of i.
- one of the descrambling keys ECW or OCW is supplied to the descrambler to descramble the data segment Si.
- the method according to the invention makes it possible to search for the channel ECM and the index of ECMi in the signaling attached to the service broadcasting the content at each change of i and applying the ECMi to the security processor to recover the even and odd control words OCW, ECW and applying them to the descrambler 80 .
- ANNEX 1 ANNEX 1
- the payload sequence is broken down into Payload () ⁇ data bytes m bytes padding bytes p bytes
- ECM channel present in the mul tiplex see): ⁇ ECM_CHANNEL_TAG 1 byte channel descriptor indicator SC_ECM ECM_XID; 1 byte indexes of the ECM Stream in the ECM_CI packet channel; 1 byte version of the crypto-algorithm for the ECM Stream ECM_SOID; 3 bytes reference of the private key set used for the Stream ⁇ If SC_ECM channel present in the mul tiplex: (// Extension of the system SC_ECM_CHANNEL_TAG 1 byte indicator of descriptor channel SC_ECM PPS_ECM_CI; 1 byte
- R_ECM R_ECM_PID x packet channel identity bytes for R_ECM R_ECM _ XID; 1 byte indexes R_ECM in the packet channel ⁇ If P_ECM channel present in the mul tiplex: ⁇ P_ECM_CHANNEL_TAG 1 byte indicator descriptor channel P ECM P_ECM_SOID; 3 bytes
Landscapes
- Engineering & Computer Science (AREA)
- Multimedia (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Databases & Information Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
- Storage Device Security (AREA)
- Signal Processing For Digital Recording And Reproducing (AREA)
Abstract
Description
Claims
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/FR2003/050207 WO2005071963A1 (fr) | 2003-12-23 | 2003-12-23 | Procede et systeme d'acces conditionnel applique a la protection de contenu |
Publications (1)
Publication Number | Publication Date |
---|---|
EP1698176A1 true EP1698176A1 (fr) | 2006-09-06 |
Family
ID=34803301
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP03810016A Ceased EP1698176A1 (fr) | 2003-12-23 | 2003-12-23 | Procede et systeme d'acces conditionnel applique a la protection de contenu |
Country Status (6)
Country | Link |
---|---|
US (1) | US7647641B2 (fr) |
EP (1) | EP1698176A1 (fr) |
KR (1) | KR101035893B1 (fr) |
CN (1) | CN100592787C (fr) |
AU (1) | AU2003302200A1 (fr) |
WO (1) | WO2005071963A1 (fr) |
Families Citing this family (26)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2871017B1 (fr) * | 2004-05-28 | 2008-02-29 | Viaccess Sa | Procede de diffusion de donnees numeriques a un parc de terminaux recepteurs cible |
EP1742475A1 (fr) * | 2005-07-07 | 2007-01-10 | Nagravision S.A. | Méthode de contrôle d'accès à des données chiffrées |
FR2894757B1 (fr) * | 2005-12-13 | 2008-05-09 | Viaccess Sa | Procede de controle d'acces a un contenu embrouille |
EP2439946B1 (fr) * | 2006-05-04 | 2013-07-10 | NDS Limited | Donnee numerique brouillee |
US9277295B2 (en) | 2006-06-16 | 2016-03-01 | Cisco Technology, Inc. | Securing media content using interchangeable encryption key |
US9137480B2 (en) | 2006-06-30 | 2015-09-15 | Cisco Technology, Inc. | Secure escrow and recovery of media device content keys |
US20080137850A1 (en) * | 2006-12-07 | 2008-06-12 | Rajesh Mamidwar | Method and system for a generic key packet for mpeg-2 transport scrambling |
US8509435B2 (en) * | 2006-12-07 | 2013-08-13 | Broadcom Corporation | Method and system for a transport single key change point for all package identifier channels |
US8108680B2 (en) * | 2007-07-23 | 2012-01-31 | Murray Mark R | Preventing unauthorized poaching of set top box assets |
US8385545B2 (en) * | 2007-07-27 | 2013-02-26 | Howard G. Pinder | Secure content key distribution using multiple distinct methods |
US20090067625A1 (en) * | 2007-09-07 | 2009-03-12 | Aceurity, Inc. | Method for protection of digital rights at points of vulnerability in real time |
US20090080665A1 (en) * | 2007-09-25 | 2009-03-26 | Aceurity, Inc. | Method of Generating Secure Codes for a Randomized Scrambling Scheme for the Protection of Unprotected Transient Information |
US7949133B2 (en) * | 2007-09-26 | 2011-05-24 | Pinder Howard G | Controlled cryptoperiod timing to reduce decoder processing load |
US8726352B2 (en) * | 2007-11-06 | 2014-05-13 | International Business Machines Corporation | Administration of access control keys in a virtual world |
FR2931972A1 (fr) * | 2008-05-27 | 2009-12-04 | France Telecom | Controle d'acces a un contenu audiovisuel. |
EP2334069A1 (fr) * | 2009-12-11 | 2011-06-15 | Irdeto Access B.V. | Fourniture de mots de commande à un récepteur |
IL213611A0 (en) * | 2011-06-16 | 2011-07-31 | Erez Waisbard | Secure fast channel changing |
US8819407B2 (en) * | 2011-09-26 | 2014-08-26 | Verizon New Jersey Inc. | Personal messaging security |
US9888283B2 (en) | 2013-03-13 | 2018-02-06 | Nagrastar Llc | Systems and methods for performing transport I/O |
US9647997B2 (en) | 2013-03-13 | 2017-05-09 | Nagrastar, Llc | USB interface for performing transport I/O |
USD759022S1 (en) | 2013-03-13 | 2016-06-14 | Nagrastar Llc | Smart card interface |
USD758372S1 (en) | 2013-03-13 | 2016-06-07 | Nagrastar Llc | Smart card interface |
US9485533B2 (en) | 2013-03-13 | 2016-11-01 | Nagrastar Llc | Systems and methods for assembling and extracting command and control data |
USD729808S1 (en) | 2013-03-13 | 2015-05-19 | Nagrastar Llc | Smart card interface |
USD780763S1 (en) | 2015-03-20 | 2017-03-07 | Nagrastar Llc | Smart card interface |
USD864968S1 (en) | 2015-04-30 | 2019-10-29 | Echostar Technologies L.L.C. | Smart card interface |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5991400A (en) * | 1995-10-31 | 1999-11-23 | U.S. Philips Corporation | Time-shifted conditional access |
EP1143722A1 (fr) * | 2000-04-07 | 2001-10-10 | Irdeto Access B.V. | Système d'enchiffrage et de déchiffrage des données |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1244306B1 (fr) * | 1994-07-08 | 2008-02-06 | Sony Corporation | Réception de signaux de télédiffusion en accès conditionnel pour la reproduction plus d'une fois |
US6178242B1 (en) * | 1997-02-07 | 2001-01-23 | Nds Limited | Digital recording protection system |
EP0936774A1 (fr) | 1998-02-13 | 1999-08-18 | CANAL+ Société Anonyme | Enrégistrement de données numériques brouillées |
JP4517436B2 (ja) | 2000-02-09 | 2010-08-04 | ソニー株式会社 | 受信システム、受信装置、及び受信システムの制御方法 |
-
2003
- 2003-12-23 KR KR1020067014846A patent/KR101035893B1/ko active IP Right Grant
- 2003-12-23 WO PCT/FR2003/050207 patent/WO2005071963A1/fr active Application Filing
- 2003-12-23 US US10/584,511 patent/US7647641B2/en not_active Expired - Fee Related
- 2003-12-23 CN CN200380110886A patent/CN100592787C/zh not_active Expired - Fee Related
- 2003-12-23 EP EP03810016A patent/EP1698176A1/fr not_active Ceased
- 2003-12-23 AU AU2003302200A patent/AU2003302200A1/en not_active Abandoned
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5991400A (en) * | 1995-10-31 | 1999-11-23 | U.S. Philips Corporation | Time-shifted conditional access |
EP1143722A1 (fr) * | 2000-04-07 | 2001-10-10 | Irdeto Access B.V. | Système d'enchiffrage et de déchiffrage des données |
Non-Patent Citations (1)
Title |
---|
U. M. MAURER, J. L. MASSEY: "Cascade Ciphers: The Importance of Being First", JOURNAL OF CRYPTOLOGY, vol. 6, no. 1, March 1993 (1993-03-01), pages 55 - 61, XP002108137, ISSN: 1432-1378 * |
Also Published As
Publication number | Publication date |
---|---|
WO2005071963A1 (fr) | 2005-08-04 |
CN1910923A (zh) | 2007-02-07 |
US20070150960A1 (en) | 2007-06-28 |
KR20060101788A (ko) | 2006-09-26 |
KR101035893B1 (ko) | 2011-05-23 |
AU2003302200A1 (en) | 2005-08-11 |
CN100592787C (zh) | 2010-02-24 |
US7647641B2 (en) | 2010-01-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP1698176A1 (fr) | Procede et systeme d'acces conditionnel applique a la protection de contenu | |
EP1305948B1 (fr) | Methode de distribution securisee de donnees numeriques representatives d'un contenu multimedia | |
EP2055102B1 (fr) | Procédé de transmission d'une donnée complémentaire a un terminal de réception | |
EP2052539B1 (fr) | Méthode de révocation de modules de sécurité utilisés pour sécuriser des messages diffusés | |
US20060229992A1 (en) | Securely relaying content using key chains | |
FR2755809A1 (fr) | Procede de protection d'information transmise d'un element de securite vers un decodeur et systeme de protection utilisant un tel procede | |
FR2974475A1 (fr) | Procede de protection d'un contenu multimedia enregistre | |
CA2478114A1 (fr) | Methode de stockage securise de donnees encryptees | |
WO2011138333A1 (fr) | Procedes de dechiffrement, de transmission et de reception de mots de controle, support d'enregistrement et serveur de mots de controle pour la mise en oeuvre de ces procedes | |
EP2548371A1 (fr) | Procede et systeme de diffusion securisee d'un flux de donnees numeriques | |
EP1479234B1 (fr) | Procede de traitement de donnees chiffrees pour un premier domaine et recues dans un reseau appartenant a un second domaine | |
WO2004056114A1 (fr) | Synchronisation de flux audiovisuels securises | |
EP1419640B1 (fr) | Reseau numerique local, procedes d'installation de nouveaux dispositifs et procedes de diffusion et de reception de donnees dans un tel reseau | |
EP1994718B1 (fr) | Procédé et équipement de distribution de contenus audiovisuels numériques sécurisés par des solutions interopérables | |
FR2843257A1 (fr) | Procede et systeme d'acces conditionnel applique a la protection de contenu | |
WO2005039098A1 (fr) | Procede et systeme repartis securises pour la distribution de flux audiovisuels | |
EP1474923B1 (fr) | Procede pour controler l'acces a un contenu par un terminal, terminal, serveur de droits d'usage, automate de distribution, serveur fournisseur, support de donnees et systeme associes | |
US8656499B1 (en) | Client-side bit-stripping system and method | |
EP2326035B1 (fr) | Procédé de traitement par un module de sécurité de messages de contrôle d'accès à un contenu et module de sécurité associé | |
EP2334007A1 (fr) | Procédé de déchiffrement de données par un équipement utilisateur comportant un terminal et un module de sécurité | |
FR2846831A1 (fr) | Pseudo video a la demande(pvod) | |
WO2004032508A1 (fr) | Method pour la transmission securisee de fichiers audiovisuels |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20060621 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LI LU MC NL PT RO SE SI SK TR |
|
DAX | Request for extension of the european patent (deleted) | ||
17Q | First examination report despatched |
Effective date: 20100809 |
|
APBK | Appeal reference recorded |
Free format text: ORIGINAL CODE: EPIDOSNREFNE |
|
APBN | Date of receipt of notice of appeal recorded |
Free format text: ORIGINAL CODE: EPIDOSNNOA2E |
|
APBR | Date of receipt of statement of grounds of appeal recorded |
Free format text: ORIGINAL CODE: EPIDOSNNOA3E |
|
APAF | Appeal reference modified |
Free format text: ORIGINAL CODE: EPIDOSCREFNE |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R003 |
|
APBT | Appeal procedure closed |
Free format text: ORIGINAL CODE: EPIDOSNNOA9E |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED |
|
18R | Application refused |
Effective date: 20201207 |