GB2573756A - Secure interoperable set top box through reverse OTP - Google Patents

Secure interoperable set top box through reverse OTP Download PDF

Info

Publication number
GB2573756A
GB2573756A GB1807797.4A GB201807797A GB2573756A GB 2573756 A GB2573756 A GB 2573756A GB 201807797 A GB201807797 A GB 201807797A GB 2573756 A GB2573756 A GB 2573756A
Authority
GB
United Kingdom
Prior art keywords
stb
operator
otp
key
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB1807797.4A
Other versions
GB201807797D0 (en
Inventor
Tyagi Vipin
B Sridharan
Dutta Pallab
Jain Priyanka
Yadavrao Gadge Maheshkumar
Babu E Giri
N Nayak Nagaraj
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Centre for Development of Telematics
Centre for Development of Telematics C DOT
Original Assignee
Centre for Development of Telematics
Centre for Development of Telematics C DOT
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Centre for Development of Telematics, Centre for Development of Telematics C DOT filed Critical Centre for Development of Telematics
Priority to GB1807797.4A priority Critical patent/GB2573756A/en
Publication of GB201807797D0 publication Critical patent/GB201807797D0/en
Publication of GB2573756A publication Critical patent/GB2573756A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/41Structure of client; Structure of client peripherals
    • H04N21/418External card to be used in combination with the client device, e.g. for conditional access
    • H04N21/4181External card to be used in combination with the client device, e.g. for conditional access for conditional access
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04HBROADCAST COMMUNICATION
    • H04H60/00Arrangements for broadcast applications with a direct linking to broadcast information or broadcast space-time; Broadcast-related systems
    • H04H60/09Arrangements for device control with a direct linkage to broadcast information or to broadcast space-time; Arrangements for control of broadcast-related services
    • H04H60/14Arrangements for conditional access to broadcast information or to broadcast-related services
    • H04H60/23Arrangements for conditional access to broadcast information or to broadcast-related services using cryptography, e.g. encryption, authentication, key distribution
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/067Network architectures or network communication protocols for network security for supporting key management in a packet data network using one-time keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/266Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
    • H04N21/26613Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing keys in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/41Structure of client; Structure of client peripherals
    • H04N21/418External card to be used in combination with the client device, e.g. for conditional access
    • H04N21/4182External card to be used in combination with the client device, e.g. for conditional access for identification purposes, e.g. storing user identification data, preferences, personal settings or data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/435Processing of additional data, e.g. decrypting of additional data, reconstructing software from modules extracted from the transport stream
    • H04N21/4353Processing of additional data, e.g. decrypting of additional data, reconstructing software from modules extracted from the transport stream involving decryption of additional data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/63Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
    • H04N21/633Control signals issued by server directed to the network components or client
    • H04N21/6332Control signals issued by server directed to the network components or client directed to client
    • H04N21/6334Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key
    • H04N21/63345Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key by transmitting keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/63Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
    • H04N21/637Control signals issued by the client directed to the server or network components
    • H04N21/6377Control signals issued by the client directed to the server or network components directed to server
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/65Transmission of management data between client and server
    • H04N21/654Transmission by server directed to the client
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/061Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying further key derivation, e.g. deriving traffic keys from a pair-wise master key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]

Abstract

There is provided a set top box (STB) 126 configured to receive an unregistered smart card (SC) 124 issued by an operator, said STB also configured to enable said unregistered SC to generate and encrypt a one-time-password (OTP). The STB transmits said encrypted OTP to the operator 122 through a user mobile device (e.g. smartphone 128) that is coupled 146 with said STB. Upon receipt, the operator decrypts the OTP, and uses said decrypted OTP to transmit STB-specific control messages to said STB and facilitate registration of said SC. Also provided is a smart card (SC) issued by an operator and configured to be received in the STB, and a method of registering the SC with the STB.

Description

[0001] The present disclosures relate to the field of television signals delivered via broadcast networks. More particularly, the present disclosures relates to a system and method for authenticating a set top box (STB) in a broadcast network.
BACKGROUND OF THE DISCLOSURE [0002] The background description includes information that may be useful in understanding the present invention. It is not an admission that any of the information provided herein is prior art or relevant to the presently claimed invention, or that any publication specifically or implicitly referenced is prior art.
(0003] Background description includes information that may be useful in understanding the present invention. It is not an admission that any of the information provided herein is prior art or relevant to the presently claimed invention, or that any publication specifically or implicitly referenced is prior art.
[0004] Set top boxes (STBs) are well known and have become most popular means of delivering secure content (usually content for which a user/subscriber has paid, hence also known as pay-TV content) that is broadcast using Cable TV and Direct to Home (D'.l 11) to subscribers worldwide by different sendee providers using their broadcast networks. While other modes such as Internet Protocol TV, Head-end in the Sky (HITS) are also being developed, overall they have a minuscule subscriber base compared to Cable TV and Direct to Home systems.
[0005] In DTH services a Customer Premises Equipment (CPE) that includes a set top box, a .Dish Antenna along with LNBC (low noise block converter)· and RE’ cable is required to be connected to a TV set, while in Cable TV services, the CPE comprises of STB only. Further, in many cases, the smart cards are also used along with the STBs.
[0006] Service providers ensure IV programs being transmitted by them on their broadcast networks can be received only by people duly authorized (for example, people who have paid to receive signal of a TV channel, interchangeably termed as paid subscribers of that
TV channel) by scrambling their signals with control words that are decrypted by a smart card to enable unscrambling of the signals by the STB.
(0007] Presently the STB of a particular sendee operator installed at the premises of a subscriber cannot be used by the subscriber for reception of signals of other operators. Although all S TBs used for pay-1V services perform essentially same functions they remain distinct from each other, as if they were different equipment, hi such a scenario, if a subscriber wants to change his operator (broadcast network) for any reason, he is forced to buy STB of service operator he is changing to. This limitation is referred to as non-interoperability of STB. STB is non-interoperable and is tied to specific service operator due to various technical, commercial and market driven reasons.
[GOOS] As is obvious, this non-interoperability of STBs has major commercial issues for all concerned. At the customer end, it can lead to high dissatisfaction level in case he is not satisfied with his existing operator since he cannot change the operator without discarding his existing STB. In extreme cases, customers may decide to discard the STB leading to a huge waste wherein a large number of SIBs remain idle, mainly because of this vexing issue of noninteroperability of STBs. Associated is the problem of large e-waste generation. Besides, noninteroperability of STBs between different service providers doesn’t encourage competition and so, hinders technological innovation, improvement in service quality and overall sector growth. [00091 While efforts are underway to bring interoperability of STBs as is essential for an interoperable STB framework, content security remains a foremost concern. Any service provider wants content being sent out from its headend (headend being a control centre in a television system where various content signals are brought together and monitored before being introduced into broadcast network) to be enjoyed only by its paid/authorized subscribers. However, since broadcast system is a one way system (transmission is always from headend to STB), any unauthorized reception of content is very difficult to detect on headend side by an operator.
[00010] Hence there is a need in the art for a system that prevents any unauthorized reception of content in an interoperable S TB framework, [00011] All publications herein are incorporated by reference to the same extent as if each individual publication or patent application were specifically and individually indicated to be incorporated by reference. Where a definition or use of a term in an incorporated reference is inconsistent or contrary to the definition of that term provided herein, the definition of that term provided herein applies and the definition of that term in the reference does not apply.
[00012J In some embodiments, the numbers expressing quantities or dimensions of items, and so forth, used to describe and claim certain embodiments of the invention are to be understood as being modified in some instances by the term “about.” Accordingly, in some embodiments, the numerical parameters set forth in the written description and attached claims are approximations that can vary depending upon the desired properties sought to be obtained by a particular embodiment. In some embodiments, the numerical parameters should be construed in light of the number of reported significant digits and by applying ordinary rounding techniques, Notwithstanding that the numerical ranges and parameters setting forth the broad scope of some embodiments of the invention are approximations, the numerical values set forth in the specific examples are reported as precisely as practicable. The numerical values presented in some embodiments of the invention may contain certain errors necessarily resulting from the standard deviation found in their respective testing measurements.
[00013] I he recitation of ranges of values herein is merely intended to serve as a shorthand method of referring individually to each separate value falling within the range. Unless otherwise indicated herein, each individual value is incorporated into the specification as if it were individually recited herein. All methods described herein can be performed in any suitable order unless otherwise indicated herein or otherwise clearly contradicted by context, lhe use of any and all examples, or exemplary language (e.g. “such as”) provided with respect to certain embodiments herein is intended merely to better illuminate the invention and does not pose a limitation on the scope of the invention otherwise claimed. No language in the specification should be construed as indicating any non-claimed element essential to the practice of the invention.
[00014] Groupings of alternative elements or embodiments of the invention disclosed herein are not to be construed as limitations. Each group member can be referred to and claimed individually or in any combination with other members of the group or other elements found herein. One oi more members of a group can be included in, or deleted from, a group for reasons of convenience and/or patentability. When any such inclusion or deletion occurs, the specification is herein deemed to contain the group as modified thus fulfilling the written description of all groups used in the appended claims.
OBJECTS OF THE DISCLOSURE [00015] Some of the objects of the present disclosure, which at least one embodiment herein satisfies are as listed herein below.
[00016] It is an object of the present disclosure to provide for an interoperable set top box (SIB) framework wherein an STB can be used with different operators thereby encouraging competition and technical innovation, and reducing e-waste.
[00017] It is an object of the present disclosure to provide for an STB that need not be discarded when its operator is changed.
[00018] It is an object of the present disclosure to provide for an STB that prevents any unauthorized reception of content in an interoperable STB framework.
SUMMARY [00019] The present disclosures relates to a system and method for authenticating a set top box (STB) in a broadcast network. In particular, it relates to a STB that uses a reverse One Time Password procedure for its authentication.
[00020] In an aspect, present disclosure elaborates upon a set top box (STB) that can be configured to receive (say by physical insertion) an unregistered smart card (SC) that is issued by an operator, said STB being further configured to: enable the unregistered SC to generate and encrypt a one-time-password (OTP); and transmit the encrypted OTP to the operator through a user mobile device that is operatively coupled with the STB, wherein the operator can decrypt the received OTP, and can use the decrypted ΟΓΡ so as to transmit STB specific control messages to the STB and facilitate registration of the SC.
[00021] In another aspect, the SC can be configured to store any or a combination of a unique SC ID, user key, SC certificate, and a public key part of public-private key pair, and wherein the SC can encrypt the OTP using the user key.
[00022] In yet another aspect, the STB can be bought from a manufacturer that can be different from the operator, the STB being associated with a unique STB ID.
[00023] In an aspect, the user mobile device can be configured with an application provided by the operator, the application being coupled with registered mobile number of the user mobile device.
[00024] In another aspect, the application can generate a key pair and can receive a certificate issued for the key pair from the operator, using which, a session can be initiated between the operator and the application configured in the user mobile device.
[00025] In yet another aspect, the operator can verify subscriber corresponding to the user mobile device based on the registered mobile number.
[00026] In an aspect, upon receipt of the SC in the STB, the SC and the STB can authenticate each other so as to establish a secure communication channel between them using a shared session key.
[00027] In another aspect, a second secure communication channel can be established between the user mobile device and the STB using a second shared session key.
[00028] In yet another aspect, at the operator, the decrypted OTP can be processed along with a user key assigned to subscriber of the SC so as to generate a temporary key (TK) that can be also generated by the SC configured in the STB. In an aspect, the operator can be configured to generate a random periodic key (PK) that can be used to encrypt subscriber-specific data after the SC is registered, wherein the PK can be encrypted with TK, and subsequently with public key of a public-private key pair of the STB, such that upon receipt of the encrypted information by the STB, the STB can decrypt the encrypted information with its private key of the key pair, post which the SC can decrypt the encrypted information with its TK so as to obtain PK based on which the SC can be registered.
[60029] In another aspect, the STB and the SC can, as part of registration process or afterwards, generate separate random pairing-ids, and share them with each other for future confirmation on whether they are paired with each other.
[00030] In another aspect, the present disclosure elaborates upon a smart card (SC) that can be issued by an operator, and can be configured to be received in a set top box (STB), wherein the SC can be initially unregistered and, as part of its registration process: can generate and encrypt a one-time-password (OTP); and using the STB, can transmit the encrypted OTP to the operator through a user mobile device that can be operatively coupled with the STB, wherein the operator can decrypt the received OTP, and can use the decrypted OTP so as to transmit STB specific control messages to the STB and facilitate registration of the SC.
[00031] In another aspect of the SC, the SC can be configured to store any or a combination of a unique SC ID, user key, SC certificate, and a public key part of public-private key pair, and wherein the SC can encrypt the OTP using the user key.
[00032] In yet another aspect of the SC, upon receipt of the SC in the STB, the SC and the STB can authenticate each other so as to establish a secure communication channel between them using a shared session key.
[00033] In an aspect of the SC, at the operator, the decrypted OTP can be processed along with a user key assigned to subscriber of the SC so as to generate a temporary key (TK). which can be also generated by the SC configured in the STB.
[00034] In another aspect of the SC, the operator can be configured to generate a random periodic key (PK) that can be used to encrypt subscriber-specific data after the SC is registered, wherein the PK can be encrypted with TK and subsequently with public key of a public-private key pair of the S ΓΒ, such that upon receipt of the encrypted information, the STB can decrypt the encrypted information with its private key of the key pair, post which the SC can decrypt the encrypted information with its IK so as to obtain PK based on which the SC can be registered. [00035] In yet another aspect of the SC, the STB and the SC can generate separate random pairing-ids and can share them with each other for future confirmation of whether they are paired with each other.
[00036] In an aspect present disclosure elaborates upon a method of registering a smart card (SC) with a set top box (STB) configured to receive the SC, the method including the steps of: enabling, at the SC, generation and encryption of a one-time-password (OTP): and transmitting, from the STB, to the operator, the encrypted OTP through a user mobile device that is operatively coupled with the STB, wherein the operator can decrypt the received OTP, and can use the decrypted OTP so as to transmit STB specific control messages to the STB and facilitate registration of the SC.
[00037] In another aspect, the method can further include the steps of: processing, at the operator, the decrypted OTP along with a user key assigned to subscriber of the SC so as to generate a temporary key (TK); generating, at the SC, the TK using the user key and the OTP; generating, at the operator, a random periodic key (PK) that is used to encrypt subscriber-specific data after the SC is registered, wherein the PK is subsequently encrypted with TK and subsequently with public key of a public-private key pair of the STB to generate aggregate encrypted information; transmitting, from the operator, to the STB, the aggregate encrypted information; upon receipt of the aggregate encrypted information, decrypting, at the STB, the encrypted information with its private key of the key pair; decrypting, at the SC, the remaining encrypted information with its TK so as to obtain PK, based on which the SC can be registered. [00038] In yet another aspect the method can further include the step of generating separate random pairing-ids at the STB and the SC and share them with each other for future confirmation of whether they are paired with each other.
[00039] In an aspect, the method can further include the step of, upon receipt of the SC in the STB, enabling the SC and the STB to authenticate each other so as to establish a secure communication channel between them using a shared session key, [00040] Various objects, features, aspects and advantages of die present disclosure will become more apparent from the following detailed description of preferred embodiments, along with the accompanying drawing figures in which like numerals represent like features.
BRIEF DESCRIPTION OF DRAWINGS [00041] The accompanying drawings are included to provide a farther understanding of the present disclosure, and are incorporated in and constitute a part of this specification. The drawings illustrate exemplary embodiments of the present disclosure and, together with the description, serve to explain the principles of the present disclosure. The diagrams are for illustration only, which thus is not a limitation of the present disclosure, and wherein:
[00042] FIG. 1A illustrates an exemplary architecture of proposed invention, in accordance with an embodiment of the present disclosure.
[00043] FIG. IB illustrates another exemplary architecture of the proposed invention in accordance with an exemplary embodiment of the present disclosure, [00044] FIG. 2 elaborates via a sequence chart working of tire proposed invention, in accordance with an exemplary embodiment of the present disclosure.
[00045] FIG. 3 illustrates a method of working of the proposed invention in accordance with an exemplary embodiment of the present disclosure.
DETAILED DESCRIPTION [00046] The following is a detailed description of embodiments of the disclosure depicted in the accompanying drawings. The embodiments are in such detail as to clearly communicate the disclosure. However, the amount of detail offered is not intended to limit the anticipated variations of embodiments; on the contrary, the intention is to cover all modifications, equivalents, and alternatives falling within the spirit and scope of the present disclosure as defined by the appended claims.
[00047] In the following description, numerous specific details are set forth in order to provide a thorough understanding of embodiments of the present invention. It will be apparent to one skilled in the art that embodiments of the present invention may be practiced without some of these specific details.
[00048] Embodiments of the present invention include various steps, which will be described below. The steps may be performed by hardware components or may be embodied in machine-executable instructions, which may be used to cause a general-purpose or specialpurpose processor programmed with the instractions to perform the steps. Alternatively, steps may be performed by a combination of hardware, software, and firmware and/or by human operators.
[Θ0049] Embodiments of the present invention may be provided as a computer program product including a mobile application. These may include a machine-readable storage medium tangibly embodying thereon instructions, which may be used to program a computer (or other electronic devices) toperform a process. The machine-readable medium may include, but is not limited to, fixed (hard) drives, magnetic tape, floppy diskettes, optical disks, compact disc readonly memories (CD-ROMs), and magneto-optical disks, semiconductor memories, such as ROMs, PROMs, random access memories (RAMs), programmable read-only memories (PROMs), erasable PROMs (EPROMs), electrically erasable PROMs (EEPROMs), flash memory, magnetic or optical cards, or other type of media/machine-readable medium suitable for storing electronic instructions (e.g., computer programming code, such as software or firmware). [00050] Various methods described herein may be practiced by combining one or more machine-readable storage media containing the code according to the present invention with appropriate standard computer hardware to execute the code contained therein. An apparatus for practicing various embodiments of the present invention may involve one or more computers (or one or more processors within a single computer) and storage systems containing or having network access to computer program(s) coded in accordance with various methods described herein, and the method steps of the invention could be accomplished by modules, routines, subroutines, or subparts of a computer program product.
[00051] If the specification states a component or feature “may”, “can”, “could”, or “might” be included or have a characteristic, that particular component or feature is not required to be included or have the characteristic.
[00052] As used in the description herein and throughout the claims that follow, the meaning of “a,” “an,” and “the” includes plural reference unless the context clearly dictates otherwise. Also, as used in the description herein, the meaning of “in” includes “in” and “on” unless the context clearly dictates otherwise.
[00053] Exemplary embodiments will now be described more fully hereinafter with reference to the accompanying drawings, in which exemplary embodiments are shown. These exemplary embodiments are provided only for illustrative purposes and so that this disclosure will be thorough and complete and will fully convey the scope of the invention to those of ordinary skill in the art. The invention disclosed may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. Various modifications will be readily apparent to persons skilled in the art. The general principles defined herein may be applied to other embodiments and applications without departing from tire spirit and scope of the invention. Moreover, all statements herein reciting embodiments of the invention, as well as specific examples thereof, are intended to encompass both structural and functional equivalents thereof. Additionally, it is intended that such equivalents include both currently known equivalents as well as equivalents developed in the future (i.e., any elements developed that perform the same function, regardless of structure). Also, the terminology and phraseology used is for the purpose of describing exemplary embodiments and should not be considered limiting. Thus, the present invention is to be accorded the widest scope encompassing numerous alternatives, modifications and equivalents consistent with the principles and features disclosed. For purpose of clarity, details relating to technical material that is known in the technical fields related to the invention have not been described in detail so as not to unnecessarily obscure the present invention.
[00054] Thus, for example, it will be appreciated by those of ordinary skill in the art that the diagrams, schematics, illustrations, and the like represent conceptual views or processes illustrating systems and methods embodying this invention. The functions of the various elements sho wn in the figures may be provided through the use of dedicated hardware as well as hardware capable of executing associated software. Similarly, any switches shown in the figures are conceptual only. Their function may be carried out through the operation of program logic, through dedicated logic, through the interaction of program control and dedicated logic, or even manually, the particular technique being selectable by the entity implementing this invention. Those of ordinary skill in the art further understand that the exemplary' hardware, software, processes, methods, and/or operating systems described herein are for illustrative purposes and, thus, are not intended to be limited to any particular named element.
[00055] Each of the appended claims defines a separate invention, which for infringement purposes is recognized as including equivalents to the various elements or limitations specified in the claims. Depending on the context, all references below' to the invention may in some cases refer to certain specific embodiments only. In other cases it will be recognized that references to the invention will refer to subject matter recited in one or more, but not necessarily all, of the claims.
[00056] All methods described herein can be performed in any suitable order unless otherwise indicated herein or otherwise clearly contradicted by context. The use of any and all examples, or exemplary language (e.g., “such as”) provided with respect to certain embodiments herein is intended merely to better illuminate the invention and does not pose a limitation on the scope of the invention otherwise claimed. No language in the specification should be construed as indicating any non-claimed element essential to the practice of the invention.
[00057] Various terms as used herein are shown below. To the extent a term used in a claim is not defined below, it should be given the broadest definition persons in the pertinent art have given that term as reflected in printed publications and issued patents at the time of filing. [00058] The present disclosures relates to a system and method for authenticating a set top box (STS) in a broadcast network. In particular, it relates to a STB that uses a reverse One Time Password procedure for its authentication.
[00059] In an aspect, present disclosure elaborates upon a set top box (STB) that can be configured to receive an unregistered smart card (SC) that is issued by an operator, the STB being further configured to: enable the unregistered SC to generate and encrypt a one-timepassword (OTP); and transmit the encrypted OTP to the operator through a user mobile device that is operatively coupled with the STB, wherein the operator can decrypt the received OTP, and can use the decrypted OTP so as to transmit STB specific control messages to the STB and facilitate registration of the SC.
[00060] In another aspect, the SC can be configured to store any or a combination of a unique SC ID, user key, SC certificate, and a public key part of public-private key pair, and wherein the SC can encrypt the OTP using the user key.
[0006.1] In yet another aspect, the S I B can be bought from a manufacturer that can be different from the operator, the STB being associated with a unique STB ID.
[00062] In an aspect, the user mobile device can be configured with an application provided by the operator, the application being coupled with registered mobile number of the user mobile device.
[00063] In another aspect, the application can generate a key pair and can receive a certificate issued for the key pair from the operator, using which, a session can be initiated between the operator and the application configured in the user mobile device.
[00064] In yet another aspect, the operator can verify subscriber corresponding to the user mobile device based on the registered mobile number.
[00065] In an aspect, upon receipt of the SC in the STB, the SC and the STB can authenticate each other so as to establish a secure communication channel between them using a shared session key.
[00066] In another aspect, a second secure conununication channel can be established between the user mobile device and the STB using a second shared session key.
[00067] In yet another aspect, at the operator the decrypted OTP can be processed along with a user key assigned ίο subscriber of the SC so as to generate a temporary key (TK), which can be also generated by the SC configured in the STB.
[00068] In an aspect, the operator can be configured to generate a random periodic key' (PK) that can be used to encrypt subscriber-specific data after the SC is registered, wherein the PK can be encrypted with 1K and subsequently with public key of a public-private key pair of the STB, such that upon receipt of the encrypted information, the STB can decrypt the encrypted information with its private key of the key pair, post which the SC can decrypt the encrypted information with its TK so as to obtain PK based on which the SC can be registered.
[00069] In another aspect, the STB and the SC can generate separate random pairing-ids and can share them with each other for future confinnation of whether they are paired with each other.
[00070] In an aspect present disclosure elaborates upon a smart card (SC) that can be issued by an operator and can be configured to be received in a set top box (STB), wherein the SC can be initially unregistered and, as part of its registration process: can. generate and encrvpt a one-time-password (OTP); and using the STB, can transmit the encrypted OTP to the operator through a user mobile device that can be operatively coupled with the STB, wherein the operator can decrypt the received OTP, and can use the decrypted OTP so as to transmit STB specific control messages to the STB and facilitate registration of the SC.
[00871 ] In another aspect of the SC, the SC can be configured ίο store any or a combination of a unique SC ID, user key, SC certificate, and a public key part of public-private key pair, and wherein the SC can encrypt the OTP using the user key.
[00072] In yet another aspect of the SC, upon receipt of the SC in the STB, the SC and the STB can authenticate each other so as to establish a secure communication channel between them using a shared session key.
[ 00073] In an aspect of the SC, at the operator, the decrypted OTP can be processed along with a user key assigned to subscriber of the SC so as to generate a temporary key (TK), which can be also generated by the SC configured in the STB.
[00074] In another aspect of the SC, the operator can be configured to generate a random periodic key (PK) that can be used to encrypt subscriber-specific data after the SC is registered, wherein the PK can be encrypted with TK and subsequently with public key of a public-private key pair of the STB, such that upon receipt of the encrypted information, the STB can decrypt the encrypted information with its private key' of the key pair, post which the SC can decrypt the encrypted information with its TK so as to obtain PK based on which the SC can be registered.
[00075] In yet another aspect of the SC, the STB and the SC can generate separate random pairing-ids and can share them with each other for future confirmation of whether they are paired with each other.
[00076] In an aspect present disclosure elaborates upon a method of registering a smart card (SC) with a set top box (STB) configured to receive the SC, the method including the steps oi: enabling, at the SC, generation and encryption of a one-time-password (OTP); and transmitting, from the STB, to the operator, the encrypted OTP through a user mobile device that is operatively coupled with the STB, wherein the operator can decrypt the received OTP, and can use the decrypted OTP so as to transmit STB specific control messages to the STB and facilitate registration of the SC.
[00077] In another aspect, the method can further include the steps of: processing, at the operator, the decrypted OTP along with a user key assigned to subscriber of the SC so as to generate a temporary key (TK); generating, at the SC, the TK using the user key and the OTP; generating, at the operator, a random periodic key (PK) that is used to encrypt subscriber-specific data after the SC is registered, wherein the PK is subsequently encrypted with TK and subsequently with public key of a public-private key pair of the STB to generate aggregate encrypted information; transmitting, from the operator, to the STB, the aggregate encrypted information; upon receipt of the aggregate encrypted information, decrypting, at the STB, the encrypted information with its private key of the key pair; decrypting, at the SC, the remaining encrypted information with its TK so as to obtain PK, based on which the SC can be registered.
[00078] hi yet another aspect, the method can further include the step of generating separate random pairing-ids at the STB and the SC and share them with each other for future confinnation of whether they are paired with each other.
[00079] In an aspect, the method can further include the step of, upon receipt of the SC in the STB, enabling the SC and the STB to authenticate each other so as to establish a secure communication channel between them using a shared session key.
[00080] The present disclosure relates to the field of television signals delivered via broadcast networks. More particularly, present disclosure relates to a system and method for authenticating a set top box (STB) in a broadcast network wherein a One Time Password (OTP) sent via a registered smartphone of a user is used to authenticate the set top box by a service provider (operator) and deliver content accordingly to it.
[00081] In an aspect, the present disclosure discloses a Reverse OTP (One Time Password) method to enhance system security in an interoperable STB framework. Whereas in usual OTP authentication methods source sends out an OTP to a recipient to authenticate the recipient, in the present invention, the recipient (a smart card SC as described herein configured in a SIB ) generates a random OTP for the source (operator headend) to authenticate itselfZassociated STB. Hence, proposed invention can be said to be using a Reverse OTP method. [00082] In another aspect, proposed invention can enable a user to use his/her registered smartphone (also referred to as mobile device or mobile phone or simply as phone) to communicate with an SIB through a paired application (app), and the smartphone can receive the random. OTP generated by the SC in the STB, [00083] hi yet another aspect, the random OTP can be sent by the registered smartphone to corresponding operator headend over mobile network, and the operator headend (also simply referred to as operator hereinafter) can use this OTP in its broadcast network for authorization of the STB and accordingly, delivery of content to the STB.
[00084] In an aspect, even if smart card security is compromised, and smart card of an authenticated STB is cloned, the proposed invention can still restrict provision of service to only the authenticated STB.
[00085] In another aspect, proposed invention can detect a compromised STB (for example one carrying a cloned smart card) by using a challenge response method between the STB and operator headend through the registered smartphone.
[00086] FIG. 1A illustrates an exemplary architecture of proposed invention, in accordance with an embodiment of the present disclosure.
[00087] In an aspect, an STB manufacturer having a key pair from root TA (Trusted Authority) can provide a Private / Public Key pair to an STB 102. Similarly, a smartphone 104 (or any other configured portable computing device such as a Tablet PC, a Laptop, a mobile device, or a wearable device) that is registered for an authorized user can obtain its own Private / Public Key pair from an operator (or any oilier configured third party) having the key pair from the same or a second root TA.
[00088] In another aspect, the proposed disclosure can include an application that can be downloaded/installed onto the smartphone 104, wherein using the .Private/Public Key pair and the application (such as an app downloaded installed on the mobile/smart phone), STB 102 and smartphone 104 can perform handshake and authenticate each other. For the purpose the application/smartphone 104 can be operatively coupled with the STB 102 using any Personal
Area Network (PAN) technology method shown as 116 such as near field communication (NFC), bluetooth or USB communication.
[00089] In yet another aspect, after such authentication, the smart card (SC) provided in STB 102 can generate a random OTP and the OTP can be sent to smartphone 104 using any Personal Area Network (PAN) technology method shown as 116 such as near field communication (NFC), bluetooth or USB communication.
[00090] In yet another aspect, upon receipt of the OTP, smartphone 104 can scramble it and send the scrambled OIP to operator headend 106 over mobile network 108. Alternatively, the OTP can be encrypted by the smart card (SC) that is configured in the STB 102 using the user key of the SC, and then sent to the operator through the smart phone 104. In another example, the encrypted OTP can be sent directly to the operator 106.
[00091] Upon receipt of tire encrypted/scrambled OTP, operator headend 106 can be configured to decrypt/unscramble the OTP, and use said OTP value to scramble STB specific control messages and send such messages to STB 102. Smart card 110 can decrypt such messages and provide necessary information to STB 102 so that STB 102 can descramble TV signals being received and display them on the TV 114.
[00092] In another aspect, proposed invention can initiate a challenge response method between operator headend 106 and the STB if a security breach is suspected on STB 102, [00093] FIG.IB illustrates another exemplary architecture of the proposed invention in accordance with an exemplary embodiment of the present disclosure.
[00094] In an aspect, secure interoperable STB 126being described herein may be operatively configured to receive a smart card (SC) 124 that is issued by an operator, which enables the STB to receive SC of any operator and then initiate a registration process to ensure compatibility between the STB and the SC and also capability of the STB to process messages/content received from the operation of the respective/fitted SC. STB 126 may be connected as required with a mobile device/smart phone 128 using a link 126, that may, in an aspect, be a physical link (such as a USB connection or any method suitable such as NFC communication to enable communication between the STB 126 and smartphone 128). An application/app 132 may be downloaded and installed on smartphone 128 so as to enable intended communication between the STB 126 and the operator 1.22 during registration of the SC that has been issued by the operator 122 to the user of the mobile phone 128. In an aspect, the smartphone 128 can have cellular connectivity enabled by normal cellular connection indicated as Registered Mobile Number (RMN) 130, wherein the RMN can be the mobile number of smartphone 128 that is registered for use with the STB 126 and/or with the operator 122, as elaborated further.
[00095] In another aspect, SC 124 of the present disclosure can be provided by an operator, said operator managing an operator headend shown as 122. Operator headend can have an OTP server 134 that is operatively connected to a MUX 136 and a modulator 138, the modulator 138 being configured to supply signals/chamiel data via an RF link 144 to STB 126. in an exemplary aspect, once the STB 126 has been properly verified/registered, the STB 126 can in turn supply unencrypted channel data to television display 148. For the purpose of this disclosure, terms operator headend 122 and operator can be used interchangeably. Also, it would be appreciated that the manner of communication including the protocols being used, technical standards being incorporated, type of data/content being transmission, and attributes related thereto are not limiting the scope of the invention in any manner, and all the representations and explanations there are exemplary and only for better appreciation of the claimed subject matter [00096] hr an aspect, application 132 can communicate with OTP server 134 using an IP link 142 such as Internet, while RMN 130 (and so, smartphone 128) can communicate with the OIP server 134 using a cellular link 130. Any other suitable communication means can be similarly deployed and are completely a part of the present disclosure.
[00097] In an exemplary aspect, the proposed system can be deployed in two phases --- a registration phase (that can include a registered mobile number (RMN) verification phase and an SC registration phase), and a runtime phase.
RMN VERIFICATION PHASE [00098] During this phase, a subscriber/user can purchase a subscription from an operator that uses the proposed system. At this tune, the operator can issue a smart card (SC 124) to the subscriber/user. said SC 124 being configured to support reverse OTP binding process described herein. The operator can also store, in its subscriber database, subscriber’s/user’s mobile number (hereinafter termed Registered Mobile Number or RMN) of the user’s smartphone (interchangeably termed as mobile device herein, mobile device with the RMN being termed also as registered mobile device) along with other details pertinent such as smart card ID, user key, key authenticity certificate etc. The subscriber database can be stored at the OTP server 134. The database can also store the duration/period of subscription of each subscriber.
[00099] In another aspect, the user/subscriber can buy/get a set top box (STB 126) also configured to support the reverse OTP process described herein. Each STB can have its corresponding unique identification STB ID (that can, for example, be hard coded in the STB’s firmware during its manufacturing by the STB manufacturer itself).User can install an application (app 132) provided by the Operator of the proposed system in the smartphone /mobile device 128 configured for the Registered Mobile Number (RMN 130) such that during the registration process, when the subscriber starts the application 132 for the first time on his smartphone 128, the application 132 can generate a new RS A key pair, and obtain a certificate for the key pair issued by the operator. As known, RSA (Rivest-Shamir-Adleman) is a publickey cryptosystem widely used for data transmission wherein the encryption key is public and can be different from the decryption key which is kept secret (private), the two being termed as a key pair. Any other cryptosystem can easily be configured, and all such implementations/embodiments are well within the scope of the present invention, [000100] In another aspect, the operator (via OTP server 134) and the application 132 can establish a secure communication channel by sharing a session key using their respective RSA key pairs. As known, a session key can be/incoiporate an encryption and decryption key that is randomly generated to ensure the security of a communication session. In an aspect, once a secure communication channel has been established, the OTP server 134 (and through the OTP server, the operator) can then verify the subscriber’s registered mobile number (RMN) using application 132 installed in the smartphone 128. For instance, the application can automatically retrieve the mobile number of the smartphone being used and send the mobile number to OTP server 134. OTP server 134 can check if the mobile number is one of the RMNs in its subscriber database and if so, get all information pertaining to the RMN such as corresponding smart card ID, user key, smart card’s certificate, public key etc. Upon successful verification, an appropriate message can be sent to the mobile device. For instance, the message can be “Your RMN has been verified”. This verification of RMN can happen every time the subscriber wants to complete the registration.
SC REGISTRATION PHASE [000101] During this phase, Smart Card SC 124 can be inserted into STB 126 (that can be any STB that the user has procured from open market, and not necessarily the one supplied by the Operator): and the STB 126 powered on. Thereafter, SC 124 and STB 126 can authenticate each other and consequently establish a secure communication channel between them using a shared session key. STB 126 can subsequently request for registration status from SC 124 such that if the registration process has been completed, STB 126 and SC 124 can pair with each other using pairing-ids stored at the time of registration. Once paired, STB 126 can decrypt, using SC 124, the encrypted data transmission that STB 126 is receiving from modulator 138 via RF link 144, and can send the decrypted data to display/television 148 of the subscriber/user, display 148 being operatively connected to STB 126.
[000102] However, if registration process is not complete yet, STB 126 can display an appropriate message on the user s TV/display 148 advising the user to complete the registration process at the earliest, as elaborated hereunder.
[000103] In an aspect, for the purpose of registration, the subscriber/user can connect his/her smartphone 128 (that carries the RMN as elaborated above) to the SIB 126, based on which the STB 126 and the application 132 that is configured in the smartphone 128 can authenticate each other, and establish a secure communication channel using a shared session key. For the purpose the application 132/smartphone 128 can be operatively coupled with the STB 126 using any Personal Area Network (PAN) technology method shown as 116 such as near field communication (NFC), bluetooth or USB communication, or even through a wired communication if required.Thereafter, STB 126 can ask SC 124 to generate a random nonce (interchangeably termed as OTP herein).As known, a nonce is an arbitrary number that can only be used once. It is usually a random or pseudo-random number deployed very frequently in authentication protocols to ensure that old communications cannot be reused in replay attacks. SC 124 can generate the OTP, encrypt the same with its user key, and send the encrypted OTP to OTP server 134 (the operator) via STB 126 and the application 132.For the purpose, as seen in FIG. 1A, STB 126 and smartphone 128 can be physically linked so that the application 132 can communicate with STB 126. In another embodiment, the application 132/smartphone 128 can communicate with STB 126 through any Personal Area Network (PAN) technology (such as NFC, Bluetooth or USB) for which both the STB 126 and the smartphone 128 can be configured appropriately. All means of communication between the application 132/smartphone 128 and the STB 126 are completely within the scope of the present disclosure.
[000104] Further, the encrypted OTP can be sent to OTP server 134 using an IP Link 142 that can be setup between the application 132 and the OTP server 134.Alternatively, the application 132 can transfer the encrypted OTP to cellular portion of smartphone 128 (shown as RMN 130) and cellular imk 140 can be used to transfer the encrypted OTP to OTP server! 34, or any other alternate means can be similarly deployed. All means of communication between smartphone 128 and OTP server 134 are completely a part of the present disclosure.
[000105] In yet another aspect, OTP server 134 can decrypt the OTP received using the subscriber's user key. Thereafter, the server can form a temporary key (TK) using:
TK :::: f(OTP, user key) [000106] In an aspect, the function f() can be a one way function, e.g. hash function with strong collision resistance. In this manner, uniqueness of different TKs is assured.
[000107] In another aspect, SC 124 can also form the same TK using same function as used by the ΟIP server (as SC generated the OTP and a public user key can be configured with SC 124/made accessible to SC 124 at anytime). In this manner, both OTP server 134 and SC 124 can have the same TK.
[000108] In yet another aspect, OTP server 134 can thereafter generate a random periodic key (PK) that can encrypt all subscribe-specific data that is to be used after the registration process is finished. Such data can include, for instance, channels subscribed by the user/subscriber, subscription period, appropriate codecs to encrypt/decrypt data being transmitted over various channels, and any other such data relevant.
[000109] In an embodiment, the PK can be configured to have a validity/duration same as that of registration sought by the user. Thereafter, the operator can renew the periodic key (PK) automatically if subscriber does not re-register before validity expires.
[000110] In another exemplary embodiment, in case the user renews his/her registration (that is, goes for a further validity period), the operator can generate a new periodic key for the new validity period and the operator can continue sending data to the user’s STB. On the other hand, if the user does not renew his/her registration, the corresponding PK can expire and accordingly, the operator can stop sending data to the user’s S TB. Renewal of registration can require the user getting a new SC, or getting the existing SC itself overwritten by new data as elaborated above.
[000111] In another aspect, the PK as formed above can be encrypted along with other relevant information using the IK to generate an encrypted PK. The encrypted PK can again be encrypted using the STB’s public key to generate aggregate encrypted information (AEI). Thereafter, the AEI can be sent by OTP server 134 to app 132 that can in tom send the AEI to STB 126. In another exemplary embodiment, OTP server 134 can send the AEI to STB 126 using RF link 144 enabled via MUX 136 and modulator 138.
[000112] hi yet another aspect, upon receipt of the AEI, STB 126 can decrypt it wi th STB’s private key to derive the decrypted AEI (but still encrypted using the TK). This decrypted AEI can be sent by STB 126 to SC 124. Using the temporary key (TK) that SC 124 also has, SC 124 can decrypt remaining information in the AEI and thereby get access to all subscriber-specific data that the periodic key (PK) has.
[000113] Since SC 124 now has all subscriber-specific data, data stream being received by STB 126 from operator headend 122 via RF link 144 can be appropriately processed. Decrypted data of channels that the user has subscribed to, for the period of subscription, can be sent to display 148 by SB 126 and the user/subscriber can watch such channels as usual.
[000114] In another aspect, SC 124 and STB 126 can generate separate random pairing-ids and share them with each other. These ids can be stored by them in their non-volatile memories and can be further used by them to identify each other as and when required.
[000115] In yet another aspect, SC 124 can also send registration data like paired STB JD, pairing-ids etc to operator/OTP server 134 by encrypting it with its public key. The operator can use this information for some security checks and validation. Further, using such data SC 124 and STB 136 can be paired for future use.
[000116] In this manner, after security checks and validation as above, the operator/OTP server 134 can send registration success status to STB 126 smartphone 128/app 132. The status can accordingly be communicated to SC 124 by STB 126, as well as displayed on smartphone 128. As already elaborated, upon successful registration, SC 124 has information regarding the time period for which it can decrypt the encrypted transmission data being received by the STB (by using the PK as elaborated above). In this manner, SC 124 can be registered to work with STB 126 for the operator headed/operator that has provided SC 124 to the subscriber/user.
RUNTIME PHASE [000117] After successful registration as elaborated above, whenever STB 126 powers up with SC 124 inserted in it, STB 124 and SC 126 can check if they are paired with each other and if so, SC 124 can use subscriber-specific data (PK) as already available with it to process the transmission data being received by STB 124, as elaborated above.
[000118] In another aspect, if STB 124 and SC 126 can notbe paired with each other (for instance, when a non-registered SC is inserted into STB 126), STB 126 can ask the subscriber/user to complete the registration process as elaborated above, [000119] If they are not paired with each other, STB 126 can display an appropriate message on the user’s TV/display 148 advising the user to complete the registration process at the earliest, as elaborated above.
[000120] FIG, 2 elaborates via a sequence chart working of the proposed invention, in accordance with an exemplary embodiment of the present disclosure.
[000121] As illustrated, proposed system can enable a smart card (SC) provided by an operator to generate an encrypted one-time password (OTP). The smart card can be operatively configured/connected with a set top box (STB) and so, the STB can receive the encrypted OTP, [000122] A registered mobile device (RMD, interchangeably termed as smartphone herein) of the user can be connected to the STB. The connection can be physical (for instance, a USB cable) or any other suitable communication method such as a Near Field Communication(NFC) method like Bluetooth. Using such means, the STB can send the encrypted OTP to the registered mobile device as shown at step 2.
[000123] The RAID can have a mobile application of the proposed system installed on itself. Using an IP link enabled by the app, the RMD can send the encrypted OTP to the operator, as shown at step 3. It can be readily understood that the operator can be, for instance, a server with a subscriber database that stores various subscriber data such as registered mobile number, user key and the like.
[000124] The operator can verify that the encrypted OTP is being sent from a mobile device whose registered mobile number exists in its subscriber database. Thereafter, by retrieving the user key from the database, the operator/ server can decrypt the encrypted OTP as indicated at step 4 and accordingly send control messages to the STB, as illustrated at step 5.
[000125] Further, the operator can generate a temporary key (TK) using the OTP as illustrated at step 6. The same temporary key can also be generated by the smart card, as shown at step 7 (or the operator can send the TK to the STB that can then pass the TK to the SC}.
[000126] Next, the operator can generate a random periodic key PK) as shown at step 8. The PK can be used to encrypt all subscriber-specific data. Such data can include, for instance, channels subscribed by the user/subscriber, subscription period, appropriate codecs to encrypt/decrypt data being transmitted over various channels, and any other such data relevant. The operator can send various channels data during the subscription period to the STB, and thereafter stop sending such data (or appropriate codecs) unless subscriber renews the subscription period.
[000127] At step 9, the operator can encrypt the PK with the TK, and at step 10, further encrypt the encrypted PK. with public key of the STB to generate aggregate encrypted information (AEI). Thereafter, the operator can send the AEI to the smartphone as shown at step 11 and the smartphone can then provide the AEI to the STB. The AEI can be sent to the application configured in the smartphone using an IP Link.
[000128] Upon receipt of the AEI, the STB can decrypt the AEI using its private key as shown at step 13. Further, the STB can provide the decrypted AEI to the smart card (SC) it is operatively connected to, as shown at step 14.
[000129] Upon receipt of the decrypted AEI, the smart card can use the TK to decrypt the remaining encrypted information. In this manner the smart card can get all subscriber-specific data, for instance, channels subscribed by the user/subscriber, subscription period, appropriate codecs to receive and decode the data being transmitted over various channels, and any other such data. Using all such data the SC can decrypt various channel data being received by the STB and the STB can accordingly provide decrypted data to a receiver it can be connected to.
[000130] In this manner, proposed system can enable STB independence/interoperability since any STB need only be inserted with SC provided by an operator to enable receipt of various channels being transmitted by the operator as per subscription specific data of the subscriber/user who has obtained the SC. Only channels subscribed to by the user can be received by the user, thereby avoiding reception of unauthorized content.
[000131] HG. 3 illustrates a method of working of the proposed invention in accordance with an exemplary embodiment of the present disclosure.
[000132] In an aspect, present disclosure elaborates upon a method for authenticating a set top box (STB) in a broadcast network wherein a One Time Password (OTP) sent via a registered smartphone of a user is used to authenticate the set top box by a service provider (operator) and deli ver content accordingly to it.
[000133] The method can include at step 302, enabling, at a smart card (SC) generation and encryption of a one-time-password (OTP) [000134] The method can include, at step 304, transmitting, from a set top box (STB) configured to receive the SC, to an operator, the encrypted OTP through a user mobile device that is operatively coupled with the STB, wherein the operator can decrypt the received OTP, and can use the decrypted OTP so as to transmit STB specific control messages to the STB and facilitate regi stration of the SC.
[000135] The method can further include, at step 306, processing, at the operator, the decrypted OTP along with a user key assigned to subscriber of the SC so as to generate a temporary key (TK), and at step 308, generating, at the SC, the TK using the user key and the OTP.
[000136] The method can further include, at step 310, generating, at the operator, a random periodic key (PK) that is used to encrypt subscriber-specific data after the SC is registered, wherein the PK is subsequently encrypted with TK and subsequently with public key of a publicprivate key pair of the STB to generate aggregate encrypted information, and at step 312, transmitting, from the operator, to the STB, the aggregate encrypted information.
[000137] The method can further include, at step 314, upon receipt of the aggregate encrypted information, decrypting, at the STB, the encrypted information with its private key of the key pair, and at step 316 decrypting, at the SC, the remaining encrypted information with its TK so as to obtain PK, based on which the SC can be registered.
[000138] In another aspect, the method can also include initiating a challenge response method at operator headend if a security breach is suspected on STB.
[000139] In a non-limiting embodiment, a Private/Public Key management in an interoperable STB can be achieved in the following manner:
i. A TA(trusted authority’) allocates separate Private /Public Key pair to each operator and STB manufacturer;
ii. STB manufacturers and operators act as secondary TA iii. STB manufacturers allocate Private /Public Key pair to each STB it manufactures;
iv. Operators allocate Private /Public Key pair to each smart card it provides to the subscribed users;
v. Operators also allocate Private /Public Key pair to each smartphone of its registered users.
[000140] Although the proposed system has been elaborated as above to include all the main components, it is completely possible that actual implementations may include only a part of the proposed components or a combination of those or a division of those into sub-modules in various combinations across multiple devices that can be operatively coupled with each other, including in the cloud. Further the components can be configured in any sequence to achieve objectives elaborated. Also, it can be appreciated that proposed system can be configured in a computing device or across a plurality of computing devices operatively connected with each other, wherein the computing devices can be any of a computer, a laptop, a smartphone, an Internet enabled mobile device and the like. Therefore, all possible modifications, implementations and embodiments of where and how the proposed system is configured are well within the scope of the present invention.
[000141] As used herein, and unless the context dictates otherwise, the term “coupled to” is intended to include both direct coupling (in which two elements that are coupled to each other or in contact each other) and indirect coupling (in which at least one additional element is located between the two elements). Therefore, the terms “coupled to” and “coupled with” are used synonymously. Within the context of this document terms “coupled to” and “coupled with” are also used euphemistically to mean “communicatively coupled with” over a network, where two or more devices are able to exchange data with each other over the network, possibly via one osmore intermediary device.
[000142] Moreover, in interpreting both the specification and the claims, all terms should be interpreted in the broadest possible manner consistent with the context. In particular, the terms comprises' and “comprising'’ should be interpreted as referring to elements, components, or steps in a non-exclusive manner, indicating that the referenced elements, components, or steps may be present, or utilized, or combined with other elements, components, or steps that are not expressly referenced. Where the specification claims refers to at least one of something selected from the group consisting of A, B, C ....and N. the text should be interpreted as requiring only one element from the group, not A plus N, or B plus N, etc.
[000143] While some embodiments of the present disclosure have been illustrated and described, those are completely exemplary in nature. The disclosure is not limited to the embodiments as elaborated herein only and it would be apparent to those skilled in the art that numerous modifications besides those already described are possible without departing from the inventive concepts herein. All such modifications, changes, variations, substitutions, and equivalents are completely within the scope of the present disclosure. The inventive subject matter, therefore, is not to be restricted except in the spirit of the appended claims.
AD VANTAGES OF THE INVENTION [000144] The present disclosure provides for an interoperable set top box (STB) framework wherein an STB can be used with different operators thereby encouraging competition and technical innovation, and reducing e-waste.
[000145] The present disclosure provides for an STB that need not be discarded when its operator is changed.
[000146] The present disclosure provides for an STB that prevents any unauthorized reception of content in an interoperable STB framework.

Claims (21)

1. A set top box (STB) configured to receive an unregistered smart card (SC) that is issued by an operator, said STB being further configured to:
enable said unregistered SC to generate and encrypt a one-time-password (OTP); and transmit said encrypted OTP to the operator through a user mobile device that is operatively coupled with said STB, wherein said operator decrypts said received OTP, and uses said decrypted OTP so as to transmit STB specific control messages to said STB and facilitate registration of said SC.
2. The STB as claimed in claim 1, wherein said SC is configured to store any or a combination of a unique SC ID, user key, SC certificate, and a public key part of public-private key pair, and wherein said SC encrypts said OTP using said user key.
3. The STB as claimed in claim 1, wherein said STB is bought from a manufacturer that is different from said operator, said STB being associated with a unique STB ID.
4. The STB as claimed in claim 1, wherein said user mobile device is configured with an application provided by the operator, said application being coupled with registered mobile number of said user mobile device.
5. The STB as claimed in claim 4, wherein said application generates a key pair and receives a certificate issued for said key pair from said operator, using which, a session is initiated between said operator and said application configured in said user mobile device.
6. The STB as claimed in claim 4, wherein said operator verifies subscriber corresponding to said user mobile device based on said registered mobile number.
7. The STB as claimed in claim 1, wherein upon receipt of said SC in said STB, said SC and said STB authenticate each other so as to establish a secure communication channel between them using a shared session key.
8. The STB as claimed in claim 1, wherein a second secure communication channel is established between said user mobile device and said STB using a second shared session key.
9. The STB as claimed in claim 1, wherein, at the operator, the decrypted OTP is processed along with a user key assigned to subscriber of said SC so as to generate a temporary key (TK), which is also generated by the SC configured in the STB.
10. The STB as claimed in claim 9, wherein said operator is configured to generate a random periodic key (PK) that is used to encrypt subscriber-specific data after said SC is registered, wherein said PK is encrypted with TK and subsequently with public key of a public-private key pair of said STB, such that upon receipt of said encrypted information, the STB decrypts said encrypted information with its private key of the key pair, post which said SC decrypts the encrypted information with its TK so as to obtain PK, based on which said SC is registered.
11. The STB as claimed in claim 1, wherein said STB and said SC generate separate random pairing-ids and share them with each other for future confirmation of whether they are paired with each other.
12. A smart card (SC) issued by an operator and configured to be received in a set top box (STB), wherein said SC is initially unregistered and, as part of its registration process:
generates and encrypts a one-time-password (OTP); and using said STB, transmits said encrypted OTP to the operator through a user mobile device that is operatively coupled with said STB, wherein said operator decrypts said received OTP, and uses said decrypted OTP so as to transmit STB specific control messages to said STB and facilitate registration of said SC.
13. The SC as claimed in claim 12, wherein said SC is configured to store any or a combination of a unique SC ID, user key, SC certificate, and a public key part of public-private key pair, and wherein said SC encrypts said OTP using said user key.
14. The SC as claimed in claim 12, wherein upon receipt of said SC in said STB, said SC and said STB authenticate each other so as to establish a secure communication channel between them using a shared session key.
15. The SC as claimed in claim 12, wherein, at the operator, the decrypted OTP is processed along with a user key assigned to subscriber of said SC so as to generate a temporary key (TK), which is also generated by the SC configured in the STB.
16. The SC as claimed in claim 15, wherein said operator is configured to generate a random periodic key (PK) that is used to encrypt subscriber-specific data after said SC is registered, wherein said PK is encrypted with TK and subsequently with public key of a public-private key pair of said STB, such that upon receipt of said encrypted information, the STB decrypts said encrypted information with its private key of the key pair, post which said SC decrypts the encrypted information with its TK so as to obtain PK, based on which said SC is registered.
17. The SC as claimed in claim 12, wherein said STB and said SC generate separate random pairing-ids and share them with each other for future confirmation of whether they are paired with each other.
18. A method of registering a smart card (SC) with a set top box (STB) configured to receive the SC, said method comprising the steps of:
enabling, at said SC, generation and encry ption of a one-time-password (OTP); and transmitting, from said STB, to said operator, said encrypted OTP through a user mobile device that is operatively coupled with said STB, wherein said operator decrypts said received OTP, and uses said decrypted OTP so as to transmit STB specific control messages to said STB and facilitate registration of said SC.
19. The method as claimed in claim 18, said method further comprising the steps of:
processing, at the operator, the decrypted OTP along with a user key assigned to subscriber of said SC so as to generate a temporary key (TK);
generating, at the SC, said TK using said user key and said OTP;
generating, at the operator, a random periodic key (PK) that is used to encrypt subscriberspecific data after said SC is registered, wherein said PK is subsequently encrypted with TK and subsequently with public key of a public-private key pair of said STB to generate aggregate encrypted information;
transmitting, from the operator, to the STB, said aggregate encrypted information;
upon receipt of said aggregate encrypted information, decrypting, at the STB, said encrypted information with its private key of the key pair; and decrypting, at the SC, the remaining encrypted information with its TK so as to obtain PK, based on which said SC is registered.
20. The method as claimed in claim 18, further comprising the step of generating separate random pairing-ids at said STB and said SC and share them with each other for future confirmation of whether they are paired with each other.
21. The method as claimed in claim 18, further comprising the step of, upon receipt of said SC in said STB, enabling said SC and said STB to authenticate each other so as to establish a secure communication channel between them using a shared session key.
GB1807797.4A 2018-05-14 2018-05-14 Secure interoperable set top box through reverse OTP Withdrawn GB2573756A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB1807797.4A GB2573756A (en) 2018-05-14 2018-05-14 Secure interoperable set top box through reverse OTP

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB1807797.4A GB2573756A (en) 2018-05-14 2018-05-14 Secure interoperable set top box through reverse OTP

Publications (2)

Publication Number Publication Date
GB201807797D0 GB201807797D0 (en) 2018-06-27
GB2573756A true GB2573756A (en) 2019-11-20

Family

ID=62623344

Family Applications (1)

Application Number Title Priority Date Filing Date
GB1807797.4A Withdrawn GB2573756A (en) 2018-05-14 2018-05-14 Secure interoperable set top box through reverse OTP

Country Status (1)

Country Link
GB (1) GB2573756A (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180034822A1 (en) * 2016-07-29 2018-02-01 Citrix Systems, Inc. Computer network providing secure mobile device enrollment features and related methods
US20180063127A1 (en) * 2016-08-26 2018-03-01 Centre For Development Of Telematics (C-Dot) Method and an information appliance device for preventing security breach in information appliance device

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180034822A1 (en) * 2016-07-29 2018-02-01 Citrix Systems, Inc. Computer network providing secure mobile device enrollment features and related methods
US20180063127A1 (en) * 2016-08-26 2018-03-01 Centre For Development Of Telematics (C-Dot) Method and an information appliance device for preventing security breach in information appliance device

Also Published As

Publication number Publication date
GB201807797D0 (en) 2018-06-27

Similar Documents

Publication Publication Date Title
KR100724935B1 (en) Apparatus and method of interlock between entities for protecting contents, and the system thereof
US7383438B2 (en) System and method for secure conditional access download and reconfiguration
EP2595082B1 (en) Method and authentication server for verifying access identity of set-top box
US20190260720A1 (en) Key Derivation for Secure Communications
US20050050333A1 (en) System and method for secure broadcast
EP2506590A1 (en) Authentication Certificates
WO2006007796A1 (en) A method for obtaining user's on-line information
KR20140117623A (en) Service key delivery in a conditional access system
WO2006012788A1 (en) Subscriber authorizating method and authorizating system
CN111726801B (en) Network security control method
KR100663443B1 (en) Apparatus and method of interlock between entities for protecting service, and the system thereof
JP2007515112A (en) Apparatus and method for transmitting and receiving broadcast services
CN102714593A (en) Methods for decrypting, transmitting and receiving control words, storage medium for executing said methods
CN101895393A (en) IPTV (Internet Protocol Television) user security terminal
US20190356652A1 (en) Secure Interoperable Set Top Box Through Reverse OTP
KR100801286B1 (en) Broadcast transmitting system and broadcast receiving apparatus
CN101521668A (en) Method for authorizing multimedia broadcasting content
EP2568726A1 (en) Management method for authentication parameters and terminal
GB2573756A (en) Secure interoperable set top box through reverse OTP
CA3005293A1 (en) Secure interoperable set top box though reverse one time password
KR20120072030A (en) The apparatus and method for remote authentication
CN111385605A (en) Control method, system and related equipment for digital television signal encryption transmission
US20100235626A1 (en) Apparatus and method for mutual authentication in downloadable conditional access system
WO2004112385A1 (en) Adapter arrangement, method, system and user terminal for conditional access
KR101523771B1 (en) The Broadcast System for Refreshing the Scramble Key and Method for Broadcast Information in thereof

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)