HRP20000753A2 - Mechanism for matching a receiver with a security module - Google Patents

Mechanism for matching a receiver with a security module Download PDF

Info

Publication number
HRP20000753A2
HRP20000753A2 HR20000753A HRP20000753A HRP20000753A2 HR P20000753 A2 HRP20000753 A2 HR P20000753A2 HR 20000753 A HR20000753 A HR 20000753A HR P20000753 A HRP20000753 A HR P20000753A HR P20000753 A2 HRP20000753 A2 HR P20000753A2
Authority
HR
Croatia
Prior art keywords
receiver
detachable
decoding
module
security
Prior art date
Application number
HR20000753A
Other languages
Croatian (hr)
Inventor
Andre Kudelski
Marco Sasselli
Original Assignee
Nagracard Sa
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Family has litigation
First worldwide family litigation filed litigation Critical https://patents.darts-ip.com/?family=11004712&utm_source=google_patent&utm_medium=platform_link&utm_campaign=public_patent_search&patent=HRP20000753(A2) "Global patent litigation dataset” by Darts-ip is licensed under a Creative Commons Attribution 4.0 International License.
Application filed by Nagracard Sa filed Critical Nagracard Sa
Publication of HRP20000753A2 publication Critical patent/HRP20000753A2/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/436Interfacing a local distribution network, e.g. communicating with another STB or one or more peripheral devices inside the home
    • H04N21/4367Establishing a secure communication between the client and a peripheral device or smart card
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/109Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by using specially-adapted hardware at the client
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/16Program or content traceability, e.g. by watermarking
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/305Authentication, i.e. establishing the identity or authorisation of security principals by remotely controlling device operation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/72Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/72Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
    • G06F21/725Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits operating on a secure reference time value
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/77Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/85Protecting input, output or interconnection devices interconnection devices, e.g. bus-connected or in-line devices
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/0806Details of the card
    • G07F7/0813Specific details related to card security
    • G07F7/0826Embedded security module
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/41Structure of client; Structure of client peripherals
    • H04N21/418External card to be used in combination with the client device, e.g. for conditional access
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/41Structure of client; Structure of client peripherals
    • H04N21/418External card to be used in combination with the client device, e.g. for conditional access
    • H04N21/4181External card to be used in combination with the client device, e.g. for conditional access for conditional access
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/16Analogue secrecy systems; Analogue subscription systems
    • H04N7/167Systems rendering the television signal unintelligible and subsequently intelligible
    • H04N7/1675Providing digital key or authorisation information for generation or regeneration of the scrambling sequence
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2143Clearing memory, e.g. to prevent the data from being stolen

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • Signal Processing (AREA)
  • Technology Law (AREA)
  • Mathematical Physics (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
  • Selective Calling Equipment (AREA)
  • Circuits Of Receivers In General (AREA)
  • Burglar Alarm Systems (AREA)
  • Input Circuits Of Receivers And Coupling Of Receivers And Audio Equipment (AREA)
  • Compression Or Coding Systems Of Tv Signals (AREA)

Description

Tehničko područje Technical area

Ovaj se izum odnosi na sistem kontroliranja prijenosa podataka između prijemnika i sigurnosnog modula, posebice u sustava kodiranih televizijskih programa, kao i na metodu kontroliranja prijenosa kodiranih podataka. This invention relates to a system for controlling the transmission of data between a receiver and a security module, especially in the system of coded television programs, as well as to a method of controlling the transmission of coded data.

Pozadina izuma Background of the invention

Sustav za dekodiranje kodiranih televizijskih programa sastoji se od prijemnika i sigurnosnog modula. Modul može biti fiksan ili se može odvajati. Posao prijemnika je dekodiranje primljenog signala. Glavni zadatak sigurnosnog modula je kontroliranje postupka provjeravanjem ovlaštenja za dekodiranje te, ako ovlaštenje postoji, snabdijevanje podacima potrebnim za rad modula za dekodiranje, primjerice davanjem vektora za dekodiranje nazvanih "kontrolnim riječima" ("control word"). The system for decoding coded television programs consists of a receiver and a security module. The module can be fixed or detachable. The job of the receiver is to decode the received signal. The main task of the security module is to control the procedure by checking the authorization for decoding and, if the authorization exists, to supply the data necessary for the work of the decoding module, for example by providing vectors for decoding called "control words".

Postojeći sustavi rabe prijemnike koji ispituju svoje sigurnosne module, a ovi odgovaraju dajući podatke potrebne za dekodiranje. U određeno vrijeme, za istu emisiju koja se prenosi, svi sigurnosni moduli odgovaraju istim podacima. S obzirom na to da podaci koji se prenose od sigurnosnog modula do prijemnika teku sporo (otprilike 20 do 30 okteta/s), krijumčari mogu te podatke uporabiti za javni prijenos, primjerice putem interneta. Existing systems use receivers that interrogate their security modules, and these respond by providing the data needed for decoding. At a given time, for the same broadcast being transmitted, all security modules correspond to the same data. Given that the data transmitted from the security module to the receiver flows slowly (approximately 20 to 30 octets/s), smugglers can use this data for public transmission, for example via the Internet.

Jedan takav sustav je opisan u dokumentu "DVD Conditional Access" koji je napisao David Cutts u časopisu "Electronics and Communication Engineering Journal" iz veljače 1997. Opisan je standardizirani sustav za dekodiranje audio i video tokova koji dolaze od različitih davatelja usluga. Sigurnosni modul, nazvan CA (Conditional Access) zadužen je za snabdijevanje kontrolnim riječima CW. Taj modul može i dodatno upotrijebiti čip karticu (Smart Card - SM) u funkciji dekodiranja. Nakon što su podaci dekodirani u CA modulu, kontrolne riječi CW se vraćaju u dekoder da bi dobile dekodirane podatke. One such system is described in the paper "DVD Conditional Access" written by David Cutts in the February 1997 "Electronics and Communication Engineering Journal". It describes a standardized system for decoding audio and video streams coming from different service providers. The security module, called CA (Conditional Access), is in charge of supplying control words CW. This module can additionally use a chip card (Smart Card - SM) in the decoding function. After the data is decoded in the CA module, the control words CW are returned to the decoder to obtain the decoded data.

U ranijoj publikaciji naslovljenoj "Conditional Access Broadcasting: Datacare 2, an Over-Air Enabled Svstem fbr General Purpose Data Channeis", izdanoj 1. kolovoza 1988. u časopisu "BBC Research and Development Report" br. 10, opisan je nezavisni modul (Modul za uvjetovani pristup) zadužen za prihvaćanje i dešifriranje podataka zaduženih za dekodiranje. Taj modul regulira ključ zadužen za taj sustav i isporučuje kontrolne riječi neophodne za dekodiranje video emisije. U tom tipu modula, nakon što su kontrolne riječi jednom dešifrirane, dekodirane se prenose do jedinice zadužene za dekodiranje. In an earlier publication entitled "Conditional Access Broadcasting: Datacare 2, an Over-Air Enabled System fbr General Purpose Data Channel", issued on 1 August 1988 in the journal "BBC Research and Development Report" no. 10, an independent module (Module for Conditional Access) responsible for accepting and deciphering the data responsible for decoding is described. That module regulates the key in charge of that system and supplies the control words necessary to decode the video broadcast. In this type of module, after the control words have been deciphered once, they are decoded and transmitted to the decoding unit.

Dakle, postavlja se problem kako određeni prijemnik i sigurnosni modul učiniti međusobno ovisnima, tako da: So, the problem is how to make a specific receiver and security module interdependent, so that:

- određeni sigurnosni modul ne može biti uporabljen osim s prijemnikom za koji je predviđen; - a specific security module cannot be used except with the receiver for which it is intended;

- protok podataka između sigurnosnog modula i prijemnika bude jedinstven. Ta jedinstvenost sprječava druge prijemnike, koji nemaju za to predviđeni sigurnosni modul, da rade pomoću javnog prijenosa tih podataka. - the data flow between the security module and the receiver is unique. This uniqueness prevents other receivers, which do not have a dedicated security module, from working using the public transmission of this data.

Prikaz izuma Presentation of the invention

Predloženo rješenje gore navedenih problema koristi barem jedan ključ za šifriranje u svakom prijemniku. Taj (ili ti) ključ(evi) nazvan(i) je(su) ključevima za sparivanje. Bar jedan od ključeva je drugačiji za svaki prijemnik. Taj (ili ti) ključ(evi) je(su) smješten(i) u trajnoj memoriji prijemnika, bilo za vrijeme proizvodnje tog prijemnika, bilo u nekoj kasnijoj etapi. Prijemnik ne pruža vanjskom svijetu nikakvu mogućnost pristupa tom (ili tim) ključu (ključevima). The proposed solution to the above problems uses at least one encryption key in each receiver. That (or those) key(s) are (are) called pairing keys. At least one of the keys is different for each receiver. That (or those) key(s) is (are) located in the permanent memory of the receiver, either during the production of that receiver, or at some later stage. The receiver does not provide the outside world with any access to that key(s).

Jedan od mogućih načina za programiranje tog ključa u sigurnosnom modulu je uporaba središnjeg informacijskog sustava koji upravlja svim prijemnicima i koji može unijeti u protok video-prijenosa podatke potrebne za programiranje tog ključa u trajnu i tajnu memoriju sigurnosnih modula. Naravno, formatiranje tog postupka je tajno. One of the possible ways to program that key in the security module is to use a central information system that controls all receivers and which can enter in the flow of video transmission the data needed to program that key in the permanent and secret memory of the security modules. Of course, the formatting of that procedure is secret.

Za vrijeme prijenosa podataka, koji su povjerljivi i/ili potrebni za funkcioniranje sistema, od sigurnosnog modula prema prijemniku (obično "control words", ali i drugi podaci se mogu prenositi na ovaj način), sigurnosni modul šifrira te podatke pomoću jednog ili više jedinstvenih ključeva za sparivanje, zajedničkih jednom jedinom paru prijemnik/sigurnosni modul. Metoda šifriranja je bilo koja metoda poznata sigurnosnom modulu, dok prijemnik poznaje odgovarajuću metodu dešifriranja. During the transfer of data, which is confidential and/or necessary for the functioning of the system, from the security module to the receiver (usually "control words", but other data can also be transferred in this way), the security module encrypts this data using one or more unique pairing keys common to a single receiver/security module pair. The encryption method is any method known to the security module, while the receiver knows the corresponding decryption method.

Nakon što je jednom primio podatke, prijemnik ih dakle dešifrira koristeći poznatu metodu dešifriranja i ključ za sparivanje koji ima pohranjen u svojoj trajnoj memoriji. Spomenuti podaci potom su dešifrirani i spomenuti prijemnik može se njima koristiti. Once the data has been received, the receiver therefore decrypts it using a known decryption method and a matching key stored in its permanent memory. The mentioned data is then decrypted and the mentioned receiver can use it.

Dakle, izum predlaže sistem kontroliranja prijenosa podataka između prijemnika i sigurnosnog modula, posebice za sustav kodiranih televizijskih programa, u kojem se podaci koji se prenose šifriraju i dešifriraju pomoću bar jednog ključa za šifriranje, pohranjenog s jedne strane u prijemniku, a s druge u sigurnosnom modulu. Thus, the invention proposes a system for controlling data transmission between the receiver and the security module, especially for the coded television program system, in which the transmitted data is encrypted and decrypted using at least one encryption key, stored on the one hand in the receiver, and on the other in the security module .

Izum se odnosi i na sistem za dekodiranje kodiranih podataka, te sustava kodiranih televizijskih programa koji obuhvaća sistem kontroliranja prijenosa. The invention also relates to a system for decoding coded data and a system of coded television programs that includes a transmission control system.

Osim toga, izum se odnosi i na metodu kontroliranja prijenosa podataka između prijemnika i sigurnosnog modula, posebice kod kodiranih televizijskih programa, naznačene time da je barem jedan jedinstveni ključ za šifriranje pohranjen s jedne strane u prijemniku, a s druge u sigurnosnom modulu, te da se prenošeni podaci šifriraju i dešifriraju pomoću barem jednog takvog jedinstvenog ključa za šifriranje. In addition, the invention also relates to a method of controlling data transmission between the receiver and the security module, especially for coded television programs, characterized by the fact that at least one unique encryption key is stored on the one hand in the receiver, and on the other in the security module, and that the transmitted data is encrypted and decrypted using at least one such unique encryption key.

Ovo rješenje prema izumu rješava postavljene probleme. U stvari: This solution according to the invention solves the set problems. In fact:

- sigurnosni modul umetnut u neki prijemnik, koji nije onaj s kojim je spomenuti sigurnosni modul bio sparen, prenijet će tom prijemniku tok povjerljivih podataka i/ili podataka potrebnih za funkcioniranje šifriranog sistema s ključem koji ne odgovara onom upotrijebljenom za dešifriranje tog sistema. Rezultat je, dakle, neupotrebljiv; - a security module inserted in a receiver, which is not the one with which said security module was paired, will transmit to that receiver a stream of confidential data and/or data necessary for the functioning of an encrypted system with a key that does not match the one used to decrypt that system. The result is therefore unusable;

- tok povjerljivih podataka i/ili podataka potrebnih za funkcioniranje sistema koji proizlazi iz sigurnosnog modula ne može se raspodijeliti na više prijemnika. Samo prijemnik sparen s karticom opremljenom za taj tok povjerljivih podataka i/ili podataka potrebnih za funkcioniranje sistema može uspješno dešifrirati spomenuti tok. - the flow of confidential data and/or data necessary for the functioning of the system resulting from the security module cannot be distributed to multiple receivers. Only a receiver paired with a card equipped for that stream of confidential data and/or data required for system operation can successfully decrypt said stream.

Sistem može sadržavati mehanizam za verifikaciju sparivanja. Središnji informacijski sustav može upisati neki broj svojstven prijemniku na sigurnosni modul sparen s tim prijemnikom, primjerice broj koji je ovaj posljednji slučajno izabrao, ili može jednostavno upotrijebiti njegov serijski broj. Tako je prijemniku pružena mogućnost da slobodno provjeri svoj broj upisan na sigurnosni modul i da ga usporedi s onim pohranjenim u svojoj trajnoj memoriji. The system may include a pairing verification mechanism. The central information system can write some number specific to the receiver on the security module paired with that receiver, for example the number that the latter chose by chance, or it can simply use its serial number. Thus, the receiver is given the opportunity to freely check its number written on the security module and to compare it with the one stored in its permanent memory.

Prednost ovog mehanizma je što ne koristi pogrešne podatke. Rezultat nekog šifriranja nakon kojeg slijedi dešifriranje pomoću nekog drugog ključa obično daje lažno-slučajni rezultat. Ako se taj rezultat ne prepozna kao pogrešan, te ako se upotrijebi bez promjene, može se oštetiti prijemnik ili naprave koje su na njega priključene. The advantage of this mechanism is that it does not use wrong data. The result of some encryption followed by decryption with some other key usually gives a pseudo-random result. If this result is not recognized as wrong, and if it is used without change, it may damage the receiver or the devices connected to it.

Neki tipovi prijemnika sadrže odvojivi modul za dekodiranje. Taj modul preuzima na sebe određene operacije među kojima je i dekodiranje primljenih signala. Prijenos povjerljivih podataka tada se odvija između odvojivog sigurnosnog modula i odvojivog modula za dekodiranje. Gore opisani mehanizam šifriranja prijenosa između prijemnika i sigurnosnog modula se tada prenosi bez promjene na odvojivi sigurnosni modul i na odvojivi modul za dekodiranje. Some types of receivers contain a detachable decoding module. This module takes over certain operations, including the decoding of received signals. The transmission of confidential data then takes place between a detachable security module and a detachable decoding module. The transmission encryption mechanism described above between the receiver and the security module is then transmitted unchanged to the detachable security module and to the detachable decoding module.

Na isti se način gore opisani mehanizam za sparivanje između sigurnosnog modula i prijemnika prenosi bez promjene na odvojivi sigurnosni modul i odvojivi modul za dekodiranje. In the same way, the pairing mechanism between the security module and the receiver described above is transferred without change to the detachable security module and the detachable decoding module.

Prijenos dekodiranih signala odvija se dakle između odvojivog modula za dekodiranje i prijemnika. Gore opisani mehanizam šifriranja prijenosa, kao i mehanizam za sparivanje, između sigurnosnog modula i prijemnika prenosi se tada bez promjene na prijemnik i odvojivi modul za dekodiranje. The transmission of decoded signals therefore takes place between the detachable module for decoding and the receiver. The transmission encryption mechanism described above, as well as the pairing mechanism, between the security module and the receiver is then transmitted unchanged to the receiver and the detachable decoding module.

Funkcije koje provode odvojivi modul za dekodiranje i odvojivi sigurnosni modul, može izvoditi jedan modul, nazvan odvojivim sigurnosnim modulom za dekodiranje. Prethodno opisani mehanizam za sparivanje prenosi se tada na odvojivi sigurnosni modul za dekodiranje i prijemnik. Functions performed by a detachable decoding module and a detachable security module can be performed by a single module, called a detachable security decoding module. The previously described pairing mechanism is then transferred to the detachable security module for decoding and the receiver.

U svim gore opisanim slučajevima ključ ili ključevi za sparivanje mogu se koristiti za šifriranje toka povjerljivih podataka i/ili podataka potrebnih za funkcioniranje sistema u suprotnom smjeru, zamjenjujući: In all the cases described above, the pairing key or keys can be used to encrypt the flow of confidential data and/or data necessary for the system to function in the opposite direction, replacing:

- prijemnik i odvojivi sigurnosni modul; - receiver and detachable security module;

- odvojivi modul za dekodiranje i odvojivi sigurnosni modul; - detachable decoding module and detachable security module;

- prijemnik i odvojivi modul za dekodiranje; - receiver and detachable module for decoding;

- prijemnik i odvojivi sigurnosni modul za dekodiranje. U svim slučajevima u kojima se određeni ključ za sparivanje odnosi na jedan uređaj (prijemnik ili odvojivi modul), isti principi se odnose na korištenje jednog (ili više) ključ(eva) za sparivanje koji se odnose na neku skupinu uređaja. - receiver and detachable security module for decoding. In all cases where a particular pairing key refers to a single device (receiver or detachable module), the same principles apply to the use of one (or more) pairing key(s) that apply to a group of devices.

Kratak opis slika Short description of the pictures

Slika 1 prikazuje sklop koji primjenjuje prijemnik i odvojivi sigurnosni modul. Figure 1 shows the circuit that implements the receiver and the detachable security module.

Slika 2 prikazuje sklop koji primjenjuje prijemnik, odvojivi modul za dekodiranje i odvojivi sigurnosni modul. Figure 2 shows a circuit that implements a receiver, a detachable decoding module and a detachable security module.

Slika 3 prikazuje sklop koji primjenjuje prijemnik i odvojivi sigurnosni modul za dekodiranje. Figure 3 shows a circuit that implements a receiver and a detachable security decoding module.

Podroban opis Detailed description

Prijemnik A na Slici 1 prima tok kodiranih video-podataka iz nekog izvora, kao što je satelitski prijemnik, ili kabelskim putem. Taj tok veličine nekoliko megabita u sekundi oblikuje se u prijemniku A, a potom prenosi u kontrolnu jedinicu B koja je odgovorna za dekodiranje i za upravljanje ovlaštenjem pristupa kodiranim video-podacima. Da bi to činila, kontrolna jedinica B povremeno ispituje odvojivi sigurnosni modul C (kanal 3), koji joj odgovara tokom povjerljivih podataka i/ili podataka potrebnih za funkcioniranje kontrolne jedinice B (kanal 4). Te razmjene podataka teku sporo, te se mogu jednostavno procesirati pomoću mikroprocesora na tržišno dostupnim karticama. Prema izumu, odvojivi sigurnosni modul C sadrži u svojoj trajnoj memoriji barem jedan šifrirani ključ K, pomoću kojega se šifriraju povjerljivi podaci i/ili podaci potrebni za funkcioniranje kontrolne jedinice B (kanal 4) prema prijemniku A. Taj ključ K jedinstven je za prijemnik A i upisan u odvojivi sigurnosni modul C, te čini tok podataka 4 jedinstvenim za taj sklop. Javni prijenos podataka 4 neće više biti ni od kakve koristi drugim prijemnicima jer je za njih, s obzirom na to da nemaju isti ključ K, ovaj tok podataka sasvim nerazumljiv. Pomoću podataka 4 kontrolna jedinica B može pronaći dekodirani video-signal 2, koji je bio obrađen i potom prenijet u standardnom obliku (PAL, SECAM, NTSC) na video-monitor. Receiver A in Figure 1 receives a stream of coded video data from a source, such as a satellite receiver, or via cable. This flow of a size of several megabits per second is formed in the receiver A, and then transmitted to the control unit B, which is responsible for decoding and for managing the authorization of access to coded video data. To do this, the control unit B periodically examines the detachable security module C (channel 3), which responds to it during confidential data and/or data necessary for the functioning of the control unit B (channel 4). These data exchanges are slow and can be easily processed by microprocessors on commercially available cards. According to the invention, the detachable security module C contains in its permanent memory at least one encrypted key K, which is used to encrypt confidential data and/or data necessary for the operation of the control unit B (channel 4) towards receiver A. This key K is unique to receiver A and written into the detachable security module C, and makes data stream 4 unique to that circuit. Public data transmission 4 will no longer be of any use to other receivers because for them, given that they do not have the same key K, this data stream is completely incomprehensible. Using the data 4, the control unit B can find the decoded video signal 2, which was processed and then transmitted in standard form (PAL, SECAM, NTSC) to the video monitor.

Jedna inačica izuma rabi šifriranje iste vrste za podatke 3 koje se šalju u odvojivi sigurnosni modul C, bilo uz isti ključ K, ili uz neki drugi ključ J, jedinstven i specifičan za sklop koji čine prijemnik A i odvojivi sigurnosni modul C. Na taj je način znatno otežan svaki pokušaj da se iz toka podataka 4 otkrije ključ K. One version of the invention uses encryption of the same type for the data 3 that is sent to the detachable security module C, either with the same key K, or with another key J, unique and specific to the circuit made up of the receiver A and the detachable security module C. way, any attempt to discover the key K from data stream 4 is much more difficult.

Slika 2 prikazuje inačicu koja rabi odvojivi modul za dekodiranje D, a koja ima ugrađenu kontrolnu jedinicu B. U tom se slučaju kodirani video-tok 1 oblikuje u prijemniku A i upućuje prema odvojivome modulu za dekodiranje D. Način rada opisan za Sliku 1 između prijemnika A i odvojivog sigurnosnog modula C sada je primijenjen na dijalog između odvojivog modula za dekodiranje D i odvojivog sigurnosnog modula C. Ključ K upisan je u neki tajni dio odvojivog modula za dekodiranje D, umjesto u prijemnik A. Na taj su način podaci koje odvojivi sigurnosni modul C šalje odvojivome modulu za dekodiranje D šifrirani i bezvrijedni za neki drugi odvojivi modul za dekodiranje D. Figure 2 shows a version using a detachable decoding module D, which has a built-in control unit B. In this case, the coded video stream 1 is formed in the receiver A and directed to the detachable decoding module D. The mode of operation described for Figure 1 between the receivers A and the detachable security module C is now applied to the dialogue between the detachable decoding module D and the detachable security module C. The key K is written in some secret part of the detachable decoding module D, instead of the receiver A. In this way, the data that the detachable security module module C sends to detachable decoding module D encrypted and worthless to some other detachable decoding module D.

Vidljivo je, da se podaci koje se prenosi do prijemnika A, sadržani u toku dekodiranih video-podataka 6, mogu jednostavno iskoristiti, primjerice za nedopuštene kopije. Prema jednoj inačici izuma, tok 6 šifrira se u odvojivome modulu za dekodiranje D, prije no što ga se pošalje do prijemnika A, da bi ga jedinica za dešifriranje E' dešifrirala. Tu operaciju izvršava ključ K' svojstven samo sklopu prijemnika A i odvojivome modulu za dešifriranje D. Na taj način tok podataka 6 nema više nikakvo značenje i može ga razumjeti samo prijemnik A koji sadrži isti ključ K'. It can be seen that the data transmitted to the receiver A, contained in the stream of decoded video data 6, can be easily used, for example, for illegal copies. According to one version of the invention, the stream 6 is encrypted in the detachable decoding module D, before it is sent to the receiver A, to be decrypted by the decoding unit E'. This operation is performed by the key K' inherent only to the receiver assembly A and the detachable decryption module D. In this way, the data stream 6 no longer has any meaning and can only be understood by the receiver A, which contains the same key K'.

U kodirani video tok 1, prijemnik A može dodati kontrolne podatke za odvojivi modul za dekodiranje. Da ti podaci ne bi postali javni i tako otvorili vrata razumijevanju mehanizma šifriranja, te podatke šifrira jedinica za šifriranje E, te na taj način nastaje kodirani video-tok 6 koji sadrži šifrirane kontrolne podatke. To encoded video stream 1, receiver A can add control data for a detachable decoding module. In order for this data not to become public and thus open the door to understanding the encryption mechanism, this data is encrypted by the encryption unit E, and in this way an encoded video stream 6 containing encrypted control data is created.

Slika 3 prikazuje inačicu izuma kod koje je odvojivi sigurnosni modul sadržan u odvojivom sigurnosnom modulu za dekodiranje F. Zadatak ovog modula je dekodiranje i upravljanje ovlaštenjem video signala koje prima prijemnik A. Prema Izumu ovaj modul sadrži jedinstveni ključ za šifriranje, svojstven receptoru A i upisan u odvojivi sigurnosni modul za dekodiranje. Na taj je način dekodirani video-tok šifriran pomoću tog ključa i prenesen u tom obliku do prijemnika A koji, zahvaljujući jedinici za dešifriranje E' i koristeći isti jedinstveni ključ, može pronaći čisti video-signal. Figure 3 shows a version of the invention in which the detachable security module is contained in the detachable security module for decoding F. The task of this module is to decode and manage the authorization of the video signals received by the receiver A. According to the invention, this module contains a unique encryption key, specific to the receiver A and written into a detachable security module for decoding. In this way, the decoded video stream is encrypted using that key and transmitted in that form to the receiver A, which, thanks to the decryption unit E' and using the same unique key, can find the clean video signal.

Analogno procesu opisanom na Slici 2, kontrolne podatke sadržane u kodiranom video-toku 1, jedinica E može šifrirati pomoću jedinstvenog ključa za šifriranje prije no što budu preneseni do odvojivog sigurnosnog modula za dekodiranje. Analogous to the process described in Figure 2, the control data contained in the encoded video stream 1 can be encrypted by the E unit using a unique encryption key before being transmitted to the detachable security module for decoding.

U svim primjerima opisanim u Slikama 1 do 3 može se provesti kontrola sparivanja. U slučaju Slike 1, prijemnik A upisuje svoj osobni broj, primjerice svoj serijski broj, u odvojivi sigurnosni modul C. Na taj način prijemnik može u svakom trenutku provjeriti je li odvojivi sigurnosni modul C doista onaj koji mu je namijenjen. U okviru primjera opisanog u Slici 2 kontrola se može provesti na dvije razine: najprije između odvojivog modula za dekodiranje D i odvojivog sigurnosnog modula C; potom između odvojivog modula za dekodiranje D i prijemnika A. Druga razina posebice je važna ako se šifriraju dekodirani podaci 6 u smjeru prijemnika A. In all examples described in Figures 1 to 3, pairing control can be performed. In the case of Figure 1, the receiver A writes its personal number, for example its serial number, into the detachable security module C. In this way, the receiver can check at any time whether the detachable security module C is really the one intended for it. In the framework of the example described in Figure 2, the control can be carried out at two levels: first between the detachable decoding module D and the detachable security module C; then between the detachable decoding module D and the receiver A. The second level is particularly important if the decoded data 6 in the direction of the receiver A is encrypted.

U rješenju na Slici 3 kontrola sparivanja se izvodi između prijemnika A i odvojivog sigurnosnog modula za dekodiranje F. In the solution in Figure 3, the pairing control is performed between the receiver A and the detachable security decoding module F.

Prema jednom obličju izuma, prijemnik A je dekoder MPEG koji rabi "control words" (podatke potrebne za dekodiranje signala) za dekodiranje video-signala. Te "control words" pribavlja odvojivi sigurnosni modul C. Taj modul, primjerice autonomna čip-kartica, sadrži trajnu memoriju za njihovo snabdijevanje. According to one aspect of the invention, receiver A is an MPEG decoder that uses "control words" (data necessary for signal decoding) to decode the video signal. These "control words" are provided by the detachable security module C. This module, for example an autonomous chip card, contains permanent memory for supplying them.

Prema jednom obličju izuma, odvojivi modul za dekodiranje je kartica tipa PCMCIA, koja sadrži dekoder MPEG (kontrolna jedinica B). According to one aspect of the invention, the detachable decoding module is a PCMCIA type card, which contains an MPEG decoder (control unit B).

Prema jednom obličju izuma, odvojivi sigurnosni modul za dekodiranje F napravljen je u obliku autonomne čip-kartice koja sadrži dekoder MPEG i sigurnosni modul C. According to one embodiment of the invention, the detachable security module for decoding F is made in the form of an autonomous chip card containing the MPEG decoder and the security module C.

Prema jednom obličju izuma jedinstveni ključ za dešifriranje K zajednički je skupini prijemnika. Ta mogućnost zanimljiva je, primjerice u školi koja raspolaže s nekoliko prijemnika za koje će se, prema potrebi, upotrijebiti isti odvojivi sigurnosni modul. Na isti način, više odvojivih sigurnosnih modula sadrži isti ključ za dešifriranje, tako da bi ih se moglo upotrijebiti na bilo kojem od prijemnika iz te skupine. U tom se slučaju kontrola sparivanja izvodi pomoću broja koji više nije svojstven samo jednom prijemniku već cijeloj skupini prijemnika. Može se učiniti kombinacija broja koji se sastoji od dva dijela, jednog koji određuje skupinu, i drugog koji određuje prijemnik. Jedinstvenost osobnog broja poštuje se, a ispitivanje podudarnosti sparivanja tada se provodi samo na dijelu tog broja koji označuje skupinu. According to one embodiment of the invention, a unique decryption key K is shared by a group of receivers. This possibility is interesting, for example in a school that has several receivers for which, if necessary, the same detachable security module will be used. Likewise, multiple detachable security modules contain the same decryption key, so they could be used on any of the receivers in that group. In this case, pairing control is performed using a number that is no longer unique to one receiver, but to the entire group of receivers. A combination of a number consisting of two parts, one that determines the group, and the other that determines the receiver, can be made. The uniqueness of the personal number is respected, and the match matching test is then carried out only on the part of that number that indicates the group.

Claims (20)

1. Sustav prijema kodiranih televizijskih programa koji sadrži prijemnik (A) spojen sa sigurnosnim sredstvima (C, D, F), s time da taj prijemnik (A) prima podatke za dekodiranje od sigurnosnih sredstava (C, D, F), naznačen time, daje barem dio podataka (4, 6) koji se prenose od sigurnosnih sredstava (C, D, F) prema prijemniku (A) šifriran jedinstvenim ključem za šifriranje.1. A system for receiving coded television programs containing a receiver (A) connected to security means (C, D, F), with this receiver (A) receiving data for decoding from security means (C, D, F), indicated by , provides at least part of the data (4, 6) transmitted from the security means (C, D, F) to the receiver (A) encrypted with a unique encryption key. 2. Sustav prijema kodiranih televizijskih programa prema zahtjevu 1, naznačen time, da je jedinstveni ključ za šifriranje zajednički za grupu prijemnika.2. The system for receiving coded television programs according to claim 1, characterized in that the unique encryption key is shared by a group of receivers. 3. Sustav prijema kodiranih televizijskih programa prema zahtjevima 1 ili 2, naznačen time, daje harem dio podataka (3, 5) koji se prenose od prijemnika (A) do sigurnosnih sredstava (C, D, F) šifriran jedinstvenim ključem za šifriranje.3. System for receiving coded television programs according to claims 1 or 2, characterized in that the harem part of the data (3, 5) transmitted from the receiver (A) to the security means (C, D, F) is encrypted with a unique encryption key. 4. Sustav prijema kodiranih televizijskih programa prema zahtjevima 1 do 3, naznačen time, da prijemnik (A) sadrži osobni broj koji se može upisati u sigurnosna sredstva (C, D, F), s time da spomenuti prijemnik (A) može u svakom trenutku provjeriti podudarnost tog osobnog broja upisanog u spomenuta sigurnosna sredstva (C, D, F).4. System for receiving coded television programs according to claims 1 to 3, characterized in that the receiver (A) contains a personal number that can be entered in the security means (C, D, F), with the said receiver (A) being able in each moment to check the match of that personal number registered in the aforementioned security means (C, D, F). 5. Sustav prijema kodiranih televizijskih programa prema zahtjevu 4, naznačen time, da osobni broj sadrži dio koji je svojstven grupi prijemnika, te dio koji je svojstven pojedinačnom prijemniku, te da se provjeravanje podudarnosti sparivanja provodi na dijelu svojstvenom grupi prijemnika.5. System for receiving coded television programs according to claim 4, characterized in that the personal number contains a part specific to a group of receivers, and a part specific to an individual receiver, and that the matching matching check is carried out on the part specific to the group of receivers. 6. Sustav prijema kodiranih televizijskih programa prema zahtjevima 1 do 5, naznačen time, da prijemnik (A) sadrži kontrolnu jedinicu (B), te da se sigurnosna sredstva sastoje od odvojivog sigurnosnog modula (C) u kojem su pohranjeni povjerljivi podaci i/ili podaci potrebni za rad kontrolne jedinice (B).6. System for receiving coded television programs according to claims 1 to 5, characterized in that the receiver (A) contains a control unit (B), and that the security means consist of a detachable security module (C) in which confidential data is stored and/or data required for the operation of the control unit (B). 7. Sustav prijema kodiranih televizijskih programa prema zahtjevima 1 do 5, naznačen time, da sigurnosna sredstva sadrže odvojivi sigurnosni modul za dekodiranje (F) koji sadrži kontrolnu jedinicu (B) te sigurnosnu jedinicu (C'), koje su odgovorne za dekodiranje i autorizaciju video-podataka.7. System for receiving coded television programs according to claims 1 to 5, characterized in that the security means contain a detachable security module for decoding (F) containing a control unit (B) and a security unit (C'), which are responsible for decoding and authorization video data. 8. Sustav prijema kodiranih televizijskih programa koji sadrži prijemnik (A) povezan sa sigurnosnim sredstvima (C, D, F), s time da taj prijemnik (A) prima podatke za dekodiranje od sigurnosnih sredstava (C, D, F), naznačen time, da se ta sigurnosna sredstva sastoje od odvojivog sigurnosnog modula (C) i odvojivog modula za dekodiranje (D) koji sadrži kontrolnu jedinicu (B), te t me da odvojivi sigurnosni modul (C) šifrira pomoću jedinstvenog ključa za šifriranje barem dio povjerljivih podataka i/ili podataka potrebnih (4) za rad kontrolne jedinice (B) prije nego što ih se prenosi do odvojivog modula za dekodiranje.8. A system for receiving coded television programs containing a receiver (A) connected to security means (C, D, F), with this receiver (A) receiving data for decoding from security means (C, D, F), indicated by , that these security means consist of a detachable security module (C) and a detachable decoding module (D) containing a control unit (B), and that the detachable security module (C) encrypts at least part of the confidential data using a unique encryption key and/or data required (4) for the operation of the control unit (B) before being transmitted to the detachable decoding module. 9. Sustav prijema kodiranih televizijskih programa prema zahtjevu 8, naznačen time, da je barem dio podataka (3) koji se prenose od odvojivog modula za dekodiranje (D) do sigurnosnog modula (C) kodiran jedinstvenim ključem za šifriranje.9. System for receiving encoded television programs according to claim 8, characterized in that at least part of the data (3) transmitted from the detachable decoding module (D) to the security module (C) is encoded with a unique encryption key. 10. Sustav prijema kodiranih televizijskih programa prema zahtjevima 8 i 9, naznačen time, da odvojivi modul za dekodiranje (D) sadrži osobni broj koji se može upisati u odvojivi sigurnosni modul (C), s time da spomenuh* modul za dekodiranje (D) može u svakom trenutku provjeriti podudarnost tog osobnog broja upisanog u odvojivi sigurnosni modul (C).10. The system for receiving coded television programs according to claims 8 and 9, characterized in that the detachable decoding module (D) contains a personal number that can be entered in the detachable security module (C), with the aforementioned* decoding module (D) can at any time check the correspondence of that personal number entered in the detachable security module (C). 11. Sustav prijema kodiranih televizijskih programa prema zahtjevu 10, naznačen time, da osobni broj sadrži dio svojstven grupi odvojivih modula za dekodiranje (D) i dio svojstven pojedinačnom odvojivom modulu za dekodiranje (d), te time da se provjera podudarnosti sparivanja izvodi na dijelu svojstvenom grupi odvojivih modula za dekodiranje (D).11. System for receiving coded television programs according to claim 10, characterized in that the personal number contains a part characteristic of a group of detachable decoding modules (D) and a part characteristic of an individual detachable decoding module (d), and in that the matching matching check is performed on the part characteristic of a group of detachable decoding modules (D). 12. Sustav prijema kodiranih televizijskih programa prema zahtjevima 9 do 11, naznačen time, da je barem dio podataka (5) koji se prenose od prijemnika (A) prema odvojivom modulu za dekodiranje (D) šifriran jedinstvenim ključem za šifriranje.12. The system for receiving coded television programs according to claims 9 to 11, characterized in that at least part of the data (5) transmitted from the receiver (A) to the detachable decoding module (D) is encrypted with a unique encryption key. 13. Sustav prijema kodiranih televizijskih programa prema zahtjevima 9 do 12, naznačen time, da je barem dio podataka (6) koji se prenose od odvojivog modula za dekodiranje (D) prema prijemniku (A) šifriran jedinstvenim ključem za šifriranje.13. The system for receiving coded television programs according to claims 9 to 12, characterized in that at least part of the data (6) transmitted from the detachable decoding module (D) to the receiver (A) is encrypted with a unique encryption key. 14. Sustav prijema kodiranih televizijskih programa prema zahtjevima 12 do 13, naznačen time, da prijemnik (A) sadrži osobni broj koji se može upisati u odvojivi modul za dekodiranje (D), s time da spomenuti prijemnik (A) može u svakom trenutku provjeriti podudarnost tog osobnog broja upisanog u spomenuti odvojivi modul za dekodiranje (D).14. System for receiving coded television programs according to claims 12 to 13, characterized in that the receiver (A) contains a personal number that can be entered into a detachable module for decoding (D), with the said receiver (A) being able to check at any time the match of that personal number written in the aforementioned detachable module for decoding (D). 15. Postupak kontroliranja prijenosa podataka između prijemnika (A) i sigurnosnih sredstava (C, D, F) u sustavu kodiranih televizijskih programa, s time da sigurnosna sredstva šalju prijemniku (A) podatke potrebne za dekodiranje audio i video signala, naznačena time, da se barem jedan jedinstveni ključ za šifriranje pohranjuje s jedne strane u prijemniku (A), a s druge strane u sigurnosnim sredstvima, te time da se podaci koji se prenose između prijemnika (A) i sigurnosnih sredstava šifriraju i dešifriraju pomoću barem jednoga od spomenutih jedinstvenih ključeva za šifriranje.15. The procedure for controlling data transmission between the receiver (A) and the security means (C, D, F) in the coded television program system, with the security means sending the receiver (A) the data necessary for decoding audio and video signals, indicated by the fact that at least one unique encryption key is stored on the one hand in the receiver (A) and on the other hand in the security means, and that the data transmitted between the receiver (A) and the security means is encrypted and decrypted using at least one of the mentioned unique keys for encryption. 16. Postupak prema zahtjevu 15, naznačena time, da se osobni broj prijemnika (A) upisuje u sigurnosna sredstva za vrijeme postupka inicijalizacije, te da prijemnik (A) može u svakom trenutku provjeriti podudarnost tog osobnog broja upisanog u spomenuta sigurnosna sredstva.16. The method according to claim 15, indicated by the fact that the personal number of the receiver (A) is entered into the security means during the initialization procedure, and that the receiver (A) can at any time check the correspondence of the personal number entered into the aforementioned security means. 17. Odvojivi sigurnosni modul (C), namijenjen priključenju na prijemnik (A) kao dio sustava prijema kodiranih televizijskih programa, koji sadrži barem jednu trajnu memoriju namijenjenu pohranjivanju povjerljivih podataka i/ili podataka potrebnih za rad sustava za dekodiranje, sredstava prijenosa s prijemnikom (A), naznačen time, da taj odvojivi sigurnosni modul (C) sadrži sredstva za šifriranje prijenosa, te da ta memorija također sadrži barem jedan ključ za šifriranje koji djeluje na sredstva za šifriranje prijenosa.17. Detachable security module (C), intended to be connected to the receiver (A) as part of the system for receiving coded television programs, which contains at least one permanent memory intended for storing confidential data and/or data necessary for the operation of the decoding system, means of transmission with the receiver ( A), characterized in that said detachable security module (C) contains transmission encryption means, and that said memory also contains at least one encryption key that acts on the transmission encryption means. 18. Odvojivi modul za dekodiranje (D) koji je dio sustava prijema kodiranih televizijskih programa i koji sadrži kontrolu jedinicu (B), prva prijenosna sredstva (3, 4) s odvojivim sigurnosnim modulom (C), druga prijenosna sredstva (5, 6) s prijemnikom (A), te trajnu memoriju, naznačen time, da sadrži prva sredstva za šifriranje, te time da ta memorija sadrži barem jedan ključ za šifriranje koji djeluje na prva sredstva za šifriranje, zadužena za šifriranje prijenosa prvih prijenosnih sredstava (3, 4).18. Detachable module for decoding (D) which is part of the system for receiving coded television programs and which contains a control unit (B), first transmission means (3, 4) with a detachable security module (C), second transmission means (5, 6) with a receiver (A), and a permanent memory, indicated by the fact that it contains the first encryption means, and that this memory contains at least one encryption key that acts on the first encryption means, responsible for encrypting the transmission of the first transmission means (3, 4 ). 19. Odvojivi modul za dekodiranje prema zahtjevu 18, naznačen time, da sadrži druga sredstva za šifriranje, te time da ta memorija sadrži barem jedan ključ za šifriranje koji djeluje na druga sredstva za šifriranje, zadužena za šifriranje prijenosa drugih prijenosnih sredstava (5, 6).19. Detachable module for decoding according to claim 18, characterized in that it contains other encryption means, and in that this memory contains at least one encryption key that acts on other encryption means, in charge of encrypting the transmission of other transmission means (5, 6 ). 20. Prijemnik za dekodiranje u sustavu kodiranih televizijskih programa (A) koji sadrži sredstva za prijenos do sigurnosnih sredstava (C, D, F), kao i trajnu memoriju, naznačen time, da sadrži sredstva za šifriranje prijenosa, kako iz, tako i prema sigurnosnim sredstvima (C, D, F), te time da ta memorija sadrži barem jedan ključ za šifriranje koji djeluje na uređaje za šifriranje prijenosa.20. A receiver for decoding in a system of coded television programs (A) containing means for transmission to security means (C, D, F), as well as a permanent memory, characterized by the fact that it contains means for encrypting transmissions, both from and to security means (C, D, F), and that this memory contains at least one encryption key that acts on transmission encryption devices.
HR20000753A 1998-05-07 2000-11-06 Mechanism for matching a receiver with a security module HRP20000753A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IB9800681 1998-05-07
PCT/IB1999/000821 WO1999057901A1 (en) 1998-05-07 1999-05-06 Mechanism for matching a receiver with a security module

Publications (1)

Publication Number Publication Date
HRP20000753A2 true HRP20000753A2 (en) 2001-10-31

Family

ID=11004712

Family Applications (1)

Application Number Title Priority Date Filing Date
HR20000753A HRP20000753A2 (en) 1998-05-07 2000-11-06 Mechanism for matching a receiver with a security module

Country Status (37)

Country Link
EP (1) EP1078524B2 (en)
JP (1) JP2002514862A (en)
KR (1) KR100607314B1 (en)
CN (1) CN1181684C (en)
AP (1) AP2000002000A0 (en)
AR (1) AR015072A1 (en)
AT (1) ATE222441T1 (en)
AU (1) AU751436B2 (en)
BG (1) BG64137B1 (en)
BR (1) BRPI9909710B1 (en)
CU (1) CU22758A3 (en)
CZ (1) CZ301694B6 (en)
DE (1) DE69902527T3 (en)
DK (1) DK1078524T4 (en)
EA (1) EA002703B1 (en)
EE (1) EE200000639A (en)
ES (1) ES2181418T5 (en)
GE (1) GEP20032936B (en)
HR (1) HRP20000753A2 (en)
HU (1) HU224950B1 (en)
ID (1) ID26103A (en)
IL (2) IL139364A0 (en)
IS (1) IS5648A (en)
MY (1) MY124673A (en)
NO (1) NO331328B1 (en)
NZ (1) NZ507807A (en)
OA (1) OA12034A (en)
PL (1) PL193427B1 (en)
PT (1) PT1078524E (en)
SI (1) SI1078524T1 (en)
SK (1) SK16492000A3 (en)
TR (1) TR200003258T2 (en)
TW (1) TW412909B (en)
UA (1) UA60366C2 (en)
WO (1) WO1999057901A1 (en)
YU (1) YU49340B (en)
ZA (1) ZA200006172B (en)

Families Citing this family (34)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6959090B1 (en) * 2000-11-20 2005-10-25 Nokia Corporation Content Protection scheme for a digital recording device
US7224797B2 (en) * 2001-08-17 2007-05-29 Koninklijke Philips Electronics N.V. System and method for hybrid conditional access for receivers of encrypted transmissions
WO2003024104A1 (en) 2001-09-13 2003-03-20 Nds Limited Hacking prevention system
DE60331387D1 (en) * 2002-06-28 2010-04-08 Nagravision Sa Security key update method for TV decoder
TW200421811A (en) * 2002-09-24 2004-10-16 Nagracard Sa Multiple pairing control method
US7224310B2 (en) 2002-11-20 2007-05-29 Nagravision S.A. Method and device for the recognition of the origin of encrypted data broadcasting
TW200509700A (en) 2003-06-20 2005-03-01 Nagravision Sa Decoder and system for processing pay-TV data and process for managing at least two decoders
FR2866773B1 (en) * 2004-02-20 2006-04-28 Viaccess Sa METHOD FOR MATCHING AN NUMBER N OF RECEIVER TERMINALS WITH A NUMBER M OF CONDITIONAL ACCESS CONTROL CARDS
FR2866772B1 (en) 2004-02-20 2006-04-28 Viaccess Sa METHOD FOR MATCHING A RECEIVER TERMINAL WITH A PLURALITY OF ACCESS CONTROL CARDS
US8528106B2 (en) 2004-02-20 2013-09-03 Viaccess Process for matching a number N of reception terminals with a number M of conditional access control cards
FR2883683B1 (en) * 2005-03-23 2007-07-06 Viaccess Sa METHOD FOR MATCHING BETWEEN A TERMINAL AND A SECURITY PROCESSOR, SYSTEM AND COMPUTER PROGRAM FOR IMPLEMENTING THE METHOD
EP1742474A1 (en) * 2005-07-07 2007-01-10 Nagracard S.A. Method and device to control access to enciphered data
US7992175B2 (en) 2006-05-15 2011-08-02 The Directv Group, Inc. Methods and apparatus to provide content on demand in content broadcast systems
FR2902585B1 (en) * 2006-06-14 2008-09-26 Viaccess Sa METHODS OF BROADCASTING AND RECEIVING A MULTI-MEDIA PROGRAM, NETWORK HEAD, TERMINAL, RECEIVER AND SECURITY PROCESSOR THEREFOR
FR2905215B1 (en) * 2006-08-23 2009-01-09 Viaccess Sa METHOD OF TRANSMITTING COMPLEMENTARY DATA TO A RECEPTION TERMINAL
EP1968316A1 (en) 2007-03-06 2008-09-10 Nagravision S.A. Method to control the access to conditional access audio/video content
FR2921175A1 (en) * 2007-09-14 2009-03-20 Sagem Securite Sa Chip card i.e. contact chip card, for use as e.g. bank card, has antenna for exchanging data with external device, RAM including storage zone dedicated for exchanged data, and processing unit for securing zone and storing data in zone
ATE484148T1 (en) 2008-02-11 2010-10-15 Nagravision Sa METHOD FOR UPDATING AND MANAGING AN APPLICATION FOR PROCESSING AUDIOVISUAL DATA IN A MULTIMEDIA DEVICE THROUGH A CONDITIONAL ACCESS MODULE
EP2129116A1 (en) 2008-05-29 2009-12-02 Nagravision S.A. Unit and method for securely processing audio/video data with controlled access
FR2940691B1 (en) * 2008-12-31 2011-02-25 Viaccess Sa METHODS OF TRANSMITTING, RECEIVING AND IDENTIFYING, SECURITY PROCESSOR, AND INFORMATION RECORDING MEDIUM FOR SUCH METHODS.
US8782417B2 (en) 2009-12-17 2014-07-15 Nagravision S.A. Method and processing unit for secure processing of access controlled audio/video data
EP2337347A1 (en) 2009-12-17 2011-06-22 Nagravision S.A. Method and processing unit for secure processing of access controlled audio/video data
EP2373019A1 (en) 2010-03-29 2011-10-05 Nagravision S.A. Secure descrambling of an audio / video data stream
WO2012066471A1 (en) 2010-11-19 2012-05-24 Nagravision S.A. Method to detect cloned software
EP2466505B1 (en) 2010-12-01 2013-06-26 Nagravision S.A. Method for authenticating a terminal
PL2647213T3 (en) 2010-12-02 2017-12-29 Nagravision S.A. System and method to record encrypted content with access conditions
CA2839236C (en) 2011-07-01 2019-05-21 Nagravision S.A. A method for playing repeatable events on a media player
EP2645729A1 (en) 2012-03-30 2013-10-02 Nagravision S.A. Security device for Pay-TV receiver/decoder
US9197312B2 (en) 2013-03-11 2015-11-24 Nagravision S.A. Near field communication system in a local network
EP2802152B1 (en) 2013-05-07 2017-07-05 Nagravision S.A. Method for secure processing a stream of encrypted digital audio / video data
EP2827601A1 (en) 2013-07-19 2015-01-21 Nagravision S.A. Method and device for protecting decryption keys of a decoder
EP3293979A1 (en) * 2016-09-09 2018-03-14 Nagravision S.A. Host rendering device tagging by a portable multimedia processing device
CN108833944A (en) * 2018-07-09 2018-11-16 中国联合网络通信集团有限公司 Method of video distribution
DE102021101101A1 (en) 2021-01-20 2022-07-21 zereOS GmbH Adapters and methods for affecting or diagnosing a device

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4484027A (en) * 1981-11-19 1984-11-20 Communications Satellite Corporation Security system for SSTV encryption
JPS6016082A (en) * 1983-07-07 1985-01-26 Sony Corp Transmission system of scramble television signal
US5029207A (en) 1990-02-01 1991-07-02 Scientific-Atlanta, Inc. External security module for a television signal decoder
US5204900A (en) * 1991-03-04 1993-04-20 Pires H George Coding system for descrambling video
JPH07283809A (en) * 1994-04-08 1995-10-27 Mitsubishi Corp Ciphering key system
HRP970160A2 (en) * 1996-04-03 1998-02-28 Digco B V Method for providing a secure communication between two devices and application of this method
KR100194790B1 (en) * 1996-06-10 1999-06-15 정선종 Conditional Conditional Access System and Conditional Conditional Access Service Processing Method Using It
JP2001519629A (en) 1997-10-02 2001-10-23 カナル プラス ソシエテ アノニム Method and apparatus for transmitting an encrypted data stream

Also Published As

Publication number Publication date
CZ301694B6 (en) 2010-05-26
HUP0301133A2 (en) 2003-08-28
YU49340B (en) 2005-07-19
ID26103A (en) 2000-11-23
AR015072A1 (en) 2001-04-11
ATE222441T1 (en) 2002-08-15
DK1078524T3 (en) 2002-11-25
NO331328B1 (en) 2011-11-28
KR100607314B1 (en) 2006-07-28
PL193427B1 (en) 2007-02-28
CU22758A3 (en) 2002-02-28
GEP20032936B (en) 2003-03-25
PT1078524E (en) 2002-12-31
CZ20003968A3 (en) 2001-02-14
IL139364A (en) 2008-11-26
OA12034A (en) 2006-05-02
BG64137B1 (en) 2004-01-30
NZ507807A (en) 2002-11-26
DE69902527D1 (en) 2002-09-19
EP1078524A1 (en) 2001-02-28
MY124673A (en) 2006-06-30
HUP0301133A3 (en) 2003-09-29
ES2181418T3 (en) 2003-02-16
PL343941A1 (en) 2001-09-10
WO1999057901A1 (en) 1999-11-11
CN1181684C (en) 2004-12-22
JP2002514862A (en) 2002-05-21
DE69902527T3 (en) 2009-12-17
AP2000002000A0 (en) 2000-12-31
BG104905A (en) 2001-06-29
EP1078524B2 (en) 2009-06-17
EE200000639A (en) 2002-04-15
EA002703B1 (en) 2002-08-29
DE69902527T2 (en) 2003-05-08
TW412909B (en) 2000-11-21
UA60366C2 (en) 2003-10-15
TR200003258T2 (en) 2001-03-21
BRPI9909710B1 (en) 2016-02-10
ZA200006172B (en) 2001-05-14
IL139364A0 (en) 2001-11-25
IS5648A (en) 2000-09-29
EP1078524B1 (en) 2002-08-14
NO20005533D0 (en) 2000-11-02
AU751436B2 (en) 2002-08-15
CN1314047A (en) 2001-09-19
HU224950B1 (en) 2006-04-28
BR9909710A (en) 2000-12-26
NO20005533L (en) 2000-11-02
DK1078524T4 (en) 2009-10-05
KR20010043258A (en) 2001-05-25
SK16492000A3 (en) 2001-05-10
YU65600A (en) 2002-08-12
AU3529799A (en) 1999-11-23
ES2181418T5 (en) 2009-11-05
EA200001072A1 (en) 2001-04-23
SI1078524T1 (en) 2002-12-31

Similar Documents

Publication Publication Date Title
HRP20000753A2 (en) Mechanism for matching a receiver with a security module
US7577846B2 (en) Mechanism of matching between a receiver and a security module
US6904522B1 (en) Method and apparatus for secure communication of information between a plurality of digital audiovisual devices
US7239704B1 (en) Method and apparatus for recording of encrypted digital data
AU748518B2 (en) Method and apparatus for encrypted data stream transmission
EP1151608B1 (en) Method and apparatus for encrypted transmission
EP1486069B1 (en) Content playback apparatus, method, and program, and key management apparatus and system
CN102164320B (en) A kind of terminal based on conditional access technology of improvement
HRP970160A2 (en) Method for providing a secure communication between two devices and application of this method
CN101513057B (en) Recording method of security processor
JPH04286434A (en) Method of terminal renewal for maintaining safe communication net and its device
US20090238363A1 (en) Method and a system for receiving a multimedia signal, a cryptographic entity for said reception method and system, and a method and a black box for producing said cryptographic entity
CN1643915B (en) Secure method of storing encrypted data on a personal digital recorder
JP2007174682A (en) Playback apparatus for playing back content
MXPA00010684A (en) Mechanism for matching a receiver with a security module
WO2020109623A1 (en) Secured transmission of content
NO331570B1 (en) Method for transmitting rights criteria for multi-domain and trans-domain distribution of video and other media content

Legal Events

Date Code Title Description
A1OB Publication of a patent application
ARAI Request for the grant of a patent on the basis of the submitted results of a substantive examination of a patent application
ODRP Renewal fee for the maintenance of a patent

Payment date: 20050422

Year of fee payment: 7

OBST Application withdrawn