HUE033255T2 - Eljárás audió/videó tartalomhoz való biztonságos hozzáférésre egy dekódoló egységben - Google Patents

Description

(12) EUROPEAN PATENT SPECIFICATION (45) Date of publication and mention (51) Int Cl.: of the grant of the patent: H04N 211426 <201101> H04N 2114623 <201101> 12.04.2017 Bulletin 2017/15 H04N 7I16<201101> (21) Application number: 10714309.1 (86) International application number: PCT/EP2010/055324 (22) Date of filing: 22.04.2010 (87) International publication number: WO 2010/124982 (04.11.2010 Gazette 2010/44)

(54) METHOD TO SECURE ACCESS TO AUDIO/VIDEO CONTENT IN A DECODING UNIT

Verfahren zum sicheren Zugriff auf Audio-/Videoinhalt in einer Decodierungseinheit Proc6d6 de s6curisation de I’acces έι un contenu audio/vid6o dans une unite de d6codage (84) Designated Contracting States: · STRANSKY, Philippe AT BE BG CH CY CZ DE DK EE ES FI FR GB GR CH-1033 Cheseaux-sur-Lausanne (CH)

HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO SE SI SK SM TR (74) Representative: Leman Consulting S.A.

Chemin de Precossy 31 (30) Priority: 27.04.2009 EP 09158878 1260 Nyon (CH) (43) Date of publication of application: (56) References cited: 07.03.2012 Bulletin 2012/10 WO-A-2009/007876 JP-A- 2008 034 938 US-A1- 2004 114 764 US-A1- 2009 067 622 (73) Proprietor: Nagravision S.A.

1033 Cheseaux-sur-Lausanne (CH) · WENJUN ZANG, HEATHER YU, CHING-YUNG LIN: "Multimedia Security Technologies for

(72) Inventors: Digital Rights Management" 2006, ACADEMIC • CONUS, Joel PRESS , XP002549200 ‘section 12.3 A Tutorial CH-1417 Essertines-sur-Yverdon (CH) Example, p 306-307*

Description

INTRODUCTION

[0001] The present invention relates to the domain of pay-TV, in particular to the treatment of an audio/video signal, at the transmission and at the reception of said signal, to only allow a subscriber with the appropriate authorisation to access the original content when using genuine decoding units.

BACKGROUND OF THE INVENTION

[0002] In common Pay-TV decoding units (also known as Set-top-box), the decoding unit comprises a slot to insert a security module (generally in the form of a smart card). The handling of the rights, the decryption of the keys to access the content is carried out in such security module.

[0003] Those security modules can be implemented in a variety of manners such as on a microprocessor card, on a smartcard or any electronic module in the form of a badge or key. These modules are generally portable and detachable from the decoding unit. The most commonly used form has electrical contacts but contactless versions of type ISO 14443 also exist. Another implementation of the security module exists where it is directly soldered inside the decoding unit, a variation of this being a circuit on a socket or connector such as a SIM module. Yet another implementation is to have the security module integrated on a chip which has another function e.g. on the de-scrambling module or on the microprocessor module of the decoding unit. The security module can also be implemented in software.

[0004] The decoding unit could have peripherals such as remote control, external hard disk, conditional access module (such as provided by SmarDTV1111) or security elements connected via USB, PCMCIA, IS07816 or Bluetooth. Those peripherals interact with the decoding unit and contain identification data.

[0005] Some decoding units do not contain a security module and the security operations are carried out directly by the software - protected or not by so called SW protection techniques such as code obfuscation and/or White-Box Cryptography - of the decoding unit. In such a case, the decoding unit regularly initiates a connection with a management center to receive the keys to descramble the audio/video content. This connection can be made via a modem or via IP (Internet) connection.

[0006] In the case that no such connection is available, the security relies only on software verification of the rights carried out by the decoding unit.

[0007] The temptation is great to acquire a general purpose decoding unit and load into it a modified version of the software that skips the verification of the rights.

[0008] The aim of the present application is to offer a better way to secure the audio/video content received by a decoding unit.

BRIEF DESCRIPTION OF THE INVENTION

[0009] The present invention concerns the generation of a key necessary to decrypt audio/video contents by genuine decoding units.

[0010] It concerns in particular a method to secure the reception of a broadcast content managed by a control center and encrypted by at least one transmission key or a datum allowing to recover said transmission key and transmitted to at least one decoding unit, said decoding unit having at least one environment parameter known by the control center, and executing the following steps : receiving from the control center a first message common to a plurality of decoding units comprising the encrypted transmission key, receiving from the control center a second message pertaining to said decoding unit comprising correction data, decrypting the encrypted transmission key using at least one environment parameter of said decoding unit and the correction data.

[0011] The environment parameter is a datum extracted from the decoding unit or from one of its peripheral and linked with some logical or physical configuration. Examples of an environment parameter are as follows: a software version of said decoding unit or one of its peripherals, such as V3.2c [0012] The answer proposed by the document US 2004/0114764 is to load into all genuine decoders some authentication data and bind the decryption of a first key with the presence of these data. It describes a way to obtain the first key by data previously stored in the decoder. Additionally, several authentication data are previously stored in the decoder and a selection command is transmitted to be used as a pointer to select the data allowing to obtain this first key thanks to the use of the transmitted second key.

In this example, the first and the second keys are common to all decoding unit. The command is the same for all decoding unit as well. configuration data of an hardware module, such as the version or designation of a chipset, the identification of some hardware modules (decryption module DES, IDEA) present in the decoding unit or one of its peripherals, status information of hardware module, such as the information loaded into the registers of these hardware modules while the decoding unit or one of its peripherals is running its operating system, a certificate, such certificate being loaded into the main software or into the various peripherals. Some of the communication peripherals contain such certificate that is used during the creation of a secure channel, a hash function of all or part of the software, this can be used to calculate a signature on the software and use this signature as a key; only a part of the software e.g. the loader in charge of the security operation can be considered for the generation of the signature (Notice that the result of this hash might be unique per decoding unit or one of its peripherals. This is typically the case when software protection techniques are used; in this case unique software, embedding unique secrets, can be provided individually to each decoding units), a location indication of the decoding unit, this could be done by the data extracted from a GPS, or the data extracted from a GSM network, or the location indication stored in the memory of the decoding unit such as the ZIP code, a hardware address of a local network interface, such as a hardware address (MAC address) of the communication interface, an identification number of the chipset, Hard disk or video card of said decoding unit, these devices having each a personal serial number, identification data of one of the peripherals of the decoding unit, this peripheral could be a remote control, a removable hard disk, a mobile phone (orsmart-phone) connected with the decoding unit via infrared or radio frequency (Bluetooth), a television screen.

[0013] This invention involves three elements, namely : the first one being the encrypted transmission key, generated and transmitted by the control center toward a plurality of decoding units, the second one is the environment parameter, extracted bythedecoding unitand known by the control center, this parameter being unique for a decoding unit of for a group of decoding unit (by group it is meant a number of decoding units less than the decoding units receiving the first element), correction data, generated and transmitted by the control center toward a decoding unit or a group of decoding units.

[0014] The main idea is to need the cooperation of the environment parameter and the correction data in the decoding unit to extract the transmission key from the encrypted transmission key.

BRIEF DESCRIPTION OF THE DRAWINGS

[0015] The invention will best be understood by reference to the following detailed description of the preferred embodiment when read in conjunction with the accompanying drawings, wherein: FIG.1 shows a block diagram of the elements participating to the obtaining of the transmission key in a decoding unit,

Fig.2 shows a block diagram of the elements participating to the obtaining of the transmission key with a security module and a decoding unit.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT

[0016] The present invention is of particular relevance to the pay-TV industry and makes use of the elements implemented in a genuine decoding unit to access the keys necessary to decrypt an audio/video content. A decoding unit can be a specific electronic box such as a set-top-box or a personal computer having capabilities to decode the encrypted content. It will be below referred as decoding unit.

[0017] According to the method of the invention, the control center sends two types of messages, the first one being common to a plurality of decoding units and the second one being targeted to only one decoding unit or a group of decoding units. In case that the second message targets a group of decoding units, those units share at least some environmental parameters.

[0018] Several embodiments can be used to obtain the transmission key TK in clear, namely decrypt the encrypted transmission key (TK)k using the environment parameter to obtain the intermediate transmission key TK’, and further decrypt the intermediate transmission key TK’ by the correction data to obtain the transmission key TK, decrypt the encrypted transmission key (TK)k using the correction data to obtain the intermediate transmission key TK", and further decrypt the intermediate transmission key TK" by the environment parameter to obtain the transmission key TK, (note : the intermediate transmission key TK" is different than the intermediate transmission key TK’, both are temporary information to finally obtain the transmission key) calculating the encryption key k by a function of the correction data and the environment parameter, and decrypting the encrypted transmission key (TK)k using the encryption key k.

[0019] The term "decryption" can also be an "encryption" or a mathematical function such as XOR.

[0020] The detailed description is now focused on the first embodiment. The other implementations are equally valid.

[0021] Once the environment parameter is fetched by the decoding unit, it is used to decrypt the encrypted transmission key contained in the first message. Since the environment data pertains to a particular decoding unit, the result of the decryption is different for each decoding unit.

[0022] The aim is to obtain a transmission key that is the same for all genuine decoding units and this is why the second message contains the correction data to be applied on the result of the decryption.

[0023] In the control center, a first datum is randomly generated and will serve as the encrypted transmission key (TK)k. This datum can be embedded in the first message for broadcast to all decoding units. Another datum is also generated by the control center and can by either the encryption key k or the transmission key TK. If this datum is the encryption key k, the encrypted transmission key (TK)k is decrypted to obtain the transmission key TK.

[0024] The second step is to calculate the correction data CD for each decoding unit (RC1). For a given decoding unit RC, the environment parameter EP is used in the encryption process. The control center executes a cryptographic function (encryption or decryption) using the environment parameter and the encrypted transmission key. Since the same cryptographic function will be used in the decoding unit, the key of this function can be either the encrypted transmission key or the environment parameter.

[0025] The resulting datum from this function is called the intermediate transmission key TK’ and is still not useful at that stage since this result is different for each decoding unit.

[0026] According to an embodiment of the invention, the second message (uniquely or group addressed) is sent well in advance before a transmission key TK change occurs in order to be able to reach all decoding units. The first message is sent just before the transmission key change so that the decoding unit is able to get the transmission key shortly before using it. This reduces the risk that a hacker has the time to crack the messages and provide the transmission key to non-authorized decoding units.

[0027] The final transmission key TK is generated randomly directly by the control center or by a common control center in a Simulcrypt environment.

[0028] The correction data CD is calculated by combining the intermediate transmission key TK’ and the transmission key TK. This combination is preferably an XOR function or a reversible cryptographic function, the intermediate transmission keyTK’ serving as the key. On open platform, White-Box Cryptography and software obfuscation techniques can be used for preventing reverse-engineering of the combination function and the potential keys in action. An even safer implementation would secure in the same White-Box Crypto block the first decoding stage and this corrective action.

[0029] This result of the combination can be embedded in the second message, this message being individual (ordedicated to a group). The header of the second message contains the identification of the decoding unit or the group of decoding units.

[0030] According to an embodiment of the invention, the first or the second message contains additionally the indication of the environment parameter used forthe generation of the transmission key. Since it is possible to select or mix two or more environment parameters, the message will describe which parameters are used.

[0031] This could be done with a simple bitmap, each bit being dedicated to one parameter, the value resulting from one parameter being mathematically combined with the other designated parameters.

[0032] On the reception side, as illustrated in the figure 1, the decoding unit receives the first message and extracts the encrypted transmission key (TK)k. Forthe example below, we assume that the environment parameter is a hash value of a software portion. The decoding unit calculates the hash value (H) of the selected software and uses this value in a cryptographic function with the encrypted transmission key (TK)k. As explained above with respect to the control center, the cryptographic function will be executed with two parameters namely the encrypted transmission key (TK)k and the hash value (H). One can be used as the input data and the other one as the key and vice-versa.

[0033] The cryptographic function can be an obfuscating function, i.e. the order to the bits (or block of bits) in the message is shuffled or masked or distributed in noncontiguous memory, or in one of many different obfuscating functions. The environment parameter is a key to put the bits of the message in the proper order.

[0034] The result of this cryptographic function gives the intermediate transmission key TK’ and needs further processing. This is done thanks to the data contained in the second message dedicated to said decoding unit.

[0035] It is to be noted that the control center broadcasts a lot of second messages, one per decoding unit or group of decoding units. Each second message has an address field that indicates the decoding unit identification such as a serial number. The decoding unit filters the second messages until the identification matches its identification.

[0036] This second message is only dedicated to said decoding unit and contains correction data CD for said decoding unit.

[0037] In order to obtain the final transmission keyTK, the decoding unit executes an XOR function with the intermediate transmission key TK’ and the correction data CD. According to another embodiment, the transmission key TK’ can be obtained by the inverse function of that made in the control center, this function using the intermediate transmission key TK’ as a key and the correction data CD as input data.

[0038] Once the transmission key is obtained, this key can be used to directly decrypt the audio/video content. This key could be the control word that allows access to a portion of the audio/video content or a content key to decrypt a service during 24 hours.

[0039] The transmission key can be used to decrypt messages comprising the key to decrypt the content. These keys are the control words that change rapidly. The transmission key is valid for a long time in comparison with the control word, e.g. 1 week.

[0040] According to a particular embodiment, the cryptographic function that gives the intermediate transmission key TK’ can be personalized with data pertaining to said decoding unit. In case that this is an encryption process, this process could be a non-standard process that uses specific data. Since the control center has the image of the encryption process of said decoding unit, the control center will take into account the personalized data while calculating the intermediate transmission key TK’ and thereafter, the correction data CD will also take into account this particular data.

[0041] An example of such parameters is the SBox loaded in an IdeaNxt encryption engine.

[0042] The encryption engine can be downloaded in the decoding unit via a connection through an IP network. Once the decoding unit is switched on, its connects to a service center to download the encryption or the parameters of said encryption valid for a limited time (a day, a week etc..). During the connection, the service center requests the identification data of the subscriber so as to detect fake decoding units.

[0043] The verification of the identification can additionally be done with a challenge that is generated by the service center, this challenge being sent to the decoding unit. In return the decoding unit performs some operation with the challenge, these operations using the characteristics of the decoding unit and send it to the service center. This center can then verify the decoding unit by checking if the identification data are conform with the response to the challenge.

[0044] As already explained, the second message is individually addressed and therefore increases the bandwidth used for the service information. At the same time, when the transmission key changes, it is necessary to update the correction data pertaining to the new transmission key thus leading to the transmission of a second message for each decoding unit.

[0045] In order to reduce the bandwidth used for the second messages, the latter will embed more than one correction data that will be applied to several first messages’ content. The first message will preferably contain an index indicating which correction data has to be used with the encrypted transmission key (TK)k in this message.

[0046] The transmission key TK can change at a rate defined by the control center. In this case, it would be advisable to include into the first and second messages the data relative to the current and the next transmission key. In this case, a synchronization process is necessary so that the proper transmission key is used. This can achieved by adding an identification data in the messages decrypted by the transmission key to identify the key that has served to encrypt the message. The decoding unit receives in advance the next transmission key and store it. When the ECM message is received indicating the new transmission key identifier, this key is used in place of the previous one.

[0047] In the embodiment illustrated at the figure 2, the obtaining of the final transmission key TK is carried out using two distinct devices, namely the receiver/decoder (STB) and the security module (SC). These two devices form the decoding unit (RC1). The environment parameters (EP) are preferably extracted from the receiver/decoder (STB) and passed to the security module (SC). The receiver/decoder (STB) receives the incoming data stream and comprises a filter (FI) to extract the management data pertaining to the security module (SC). These management data are the management messages (EMM) containing the encrypted transmission key (TK)k and the correction data CD. Since the management messages are usually not accessible by the receiver/decoder (the key to decrypt such messages being only in the security module), the security module can interrogate the receiver/decoder to obtain the environment parameter. In case that the environment parameter represents a signature on a large number of data such as the hash of the software code, the hash function can be carried out by the receiver/decoder and the result passed to the security module.

[0048] The environment parameter can be then collected not only in the receiver/decoder but also in the security module.

[0049] Once the transmission key TK is calculated by the security module, it is passed back to the receiver/decoder to be applied onto the decoder DEC. It is to be noted that the channel to transmit the transmission key TK is secured i.e. all data passed back to the receiver/decoder are encrypted by a key pertaining to the couple receiver/decoder and security module.

[0050] It is to be noted that the first or the second message transmitted to the decoding unit can comprise access right conditions. These conditions are verified in the security module if the corresponding rights are present. The second message being addressed to a unique decoding unit can also contain the update of the subscriber’s rights or the update of the security keys, i.e. the keys decrypt management messages. The second message is preferably encrypted by a key unique for the targeted decoding unit.

Claims 1. Method to secure the reception of a broadcast content encrypted by at least one transmission key (TK) and transmitted to at least one decoding unit, said at least one transmission key (TK) being generated and transmitted by a control center, said decoding unit having at least one environment parameter (EP) known by the control center, said method comprising the following steps : - receiving by the decoding unit from the control center a first message common to a plurality of decoding units comprising the encrypted transmission key (TK)k, - receiving by the decoding unit from the control center a second message pertaining to said decoding unit comprising correction data (CD), said correction data (CD) is calculated by the control center based on at least one environment parameter (EP) of the decoding unit, said environment parameter being specific to said decoding unit or a group of decoding units, the environment parameter (EP) being : - a software version of said decoding unit, - configuration data of hardware module, - status information of hardware module, - a certificate, - a hash function of all or part of the software, - a location indication of the decoding unit, - a hardware address of a local network interface, or -an identification number of one of the hardware devices of said decoding unit said first or second message further comprising an indication of which environment parameter to be used, - determining by the decoding unit the at least one environment parameter (EP) of the decoding unit by using the indication contained in the first or second message, - decrypting the encrypted transmission key (TK)k using the determined environment parameter (EP) and the correction data (CD). 2. Method according to claim 1, comprising the steps to retrieve the transmission key : -applying a decryption process on the encrypted transmission key (TK)k using at least one of said environment parameters (EP) as a key to obtain an intermediate transmission key (TK’), - combining the intermediate transmission key (TK’) with the correction data to obtain the transmission key (TK). 3. Method according to claim 1, comprising the steps to retrieve the transmission key : - applying a decryption process on the encrypted transmission key (TK)k using the correction data (CD) as a key to obtain a second intermediate transmission key (TK"), - combining the second intermediate transmission key (TK’) with the at least one of said environment parameters (EP) to obtain the transmission key (TK). 4. Method according to claim 1, comprising the steps to retrieve the transmission key : - combining the at least one of said environment parameters (EP) with the correction data (CD) to obtain an encryption key (k), - applying a decryption process on the encrypted transmission key (TK)k using the encryption key (k) to obtain the transmission key (TK). 5. Method according to any of the claims 1 to 4, wherein the second message pertaining is addressed to a group of decoding units and comprises correction data (CD) relating to the environmental parameter of said group of decoding units. 6. Method according to one of the claims 1 to 5, wherein the first message or the second message comprises a descriptor of the environmental parameter to be used by the decoding unit. 7. Method according to one of the claims 1 to 6, wherein the transmission key (TK) is directly used to decrypt said content. 8. Method according to one of the claims 1 to 6, wherein the transmission key (TK) is used to decrypt control messages containing the keys to decrypt the content. 9. Method according to any of the claims 1 to 8, wherein the decoding unit comprises a memory to store all or part of the software related to the decryption process, this memory being updated by the reception of update messages from the control center. 10. Method according to any of the claims 1 to 9, wherein the second message comprises a plurality of correction data (CD), each correction data being used with a different encrypted transmission key (TK)k sent at different time. 11. Method according to one of the claims 1 to 10, wherein the second message is common to a group of decoding units and wherein the environment parameter (EP) is shared by the group of decoding units.

Patentansprüche 1. Verfahren, um den Empfang eines Sendeinhalts zu sichern, der von mindestens einem Überm ittlungs-schlüssel(TK) verschlüsselt wird und zu mindestens einer Entschlüsselungseinheit übertragen wird, wobei besagter mindestens ein Übermittlungsschlüssel (TK) von einem Kontrollzentrum erzeugt und übertragen wird, wobei besagte Entschlüsselungseinheit mindestens einen Umgebungsparameter (EP) hat, der dem Kontrollzentrum bekannt ist, und wobei das Verfahren die folgenden Schritte umfasst: - Empfang einer ersten Nachricht, die einer Vielzahl von Entschlüsselungseinheiten gemeinsam hat und die den verschlüsselten Übermittlungsschlüssel (TK)k enthält, durch die Entschlüsselungseinheit, - Empfang einer zweiten Nachricht, die Korrekturdaten (CD) mit Bezug auf die besagte Entschlüsselungseinheit enthält, durch die Entschlüsselungseinheit, wobei besagte Korrekturdaten (CD) von dem Kontrollzentrum auf der Grundlage von mindestens einem Umgebungsparameter (EP) der Entschlüsselungseinheit berechnet werden, und wobei besagter Umgebungsparameter spezifisch für besagte Ent-schlüsselungseinheit oder eine Gruppe von Entschlüsselungseinheiten ist, und der Umgebungsparameter (EP) wie folgt ist: - eine Softwareversion der Entschlüsselungseinheit, - Konfigurationsdaten des Hardwaremoduls, - Statusinformationen des Hardwaremoduls, - ein Zertifikat, - eine Hash-Funktion von der ganzen oder einem Teil der Software, - eine Ortsangabe der Entschlüsselungseinheit, - eine Hardwareadresse einer LAN-Schnitt-stelle, oder - eine Identifikationsnummer einer der Hardwarevorrichtungen der besagten Entschlüsselungseinheit, wobei besagte erste oder zweite Nachricht des Weiteren eine Angabe darüber enthält, welcher Umgebungsparameter verwendet werden soll, - Ermittlung mindestens eines Umgebungsparameters (EP) der Entschlüsselungseinheit unter Verwendung der Angabe, die in der ersten oder zweiten Nachricht enthalten ist, durch die Entschlüsselungseinheit, - Entschlüsselung des verschlüsselten Übermittlungsschlüssels (TK)k unter Verwendung des bestimmten Umgebungsparameters (EP) und der Korrekturdaten (CD). 2. Verfahren nach Anspruch 1, das folgende Schritte umfasst, um den Übermittlungsschlüssel abzurufen: - Anwendung eines Entschlüsselungsverfahrens auf den Übermittlungsschlüssel (TK)k un-terVerwendung von mindestens einem der Umgebungsparameter (EP) als Schlüssel, um einen zwischenzeitlichen Übermittlungsschlüssel (TK’) zu erhalten, - Kombinieren des zwischenzeitlichen Übermittlungsschlüssels (TK’) mit den Korrekturdaten, um den Übermittlungsschlüssel (TK) zu erhalten. 3. Verfahren nach Anspruch 1, das folgende Schritte umfasst, um den Übermittlungsschlüssel abzurufen: - Anwendung eines Entschlüsselungsverfahrens auf den Übermittlungsschlüssel (TK)k unter Verwendung der Korrekturdaten (CD) als Schlüssel, um einen zweiten zwischenzeitlichen Übermittlungsschlüssel (TK") zu erhalten, - Kombinieren des zweiten zwischenzeitlichen Übermittlungsschlüssels (TK’) mit mindestens einem der besagten Umgebungsparameter (EP), um den Übermittlungsschlüssel (TK) zu erhalten. 4. Verfahren nach Anspruch 1, das folgende Schritte umfasst, um den Übermittlungsschlüssel abzurufen: - Kombinieren von mindestens einem der besagten Umgebungsparameter (EP) mit den Korrekturdaten (CD), um einen Verschlüsselungsschlüssel (k) zu erhalten, - Anwendung eines Entschlüsselungsverfahrens auf den verschlüsselten Übermittlungsschlüssel (TK)k unter Verwendung des Verschlüsselungsschlüssels (k), um den Übermittlungsschlüssel (TK) zu erhalten. 5. Verfahren nach einem der Ansprüche 1 bis 4, wobei die zweite zugehörige Nachricht sich an eine Gruppe von Entschlüsselungseinheiten richtet und Korrekturdaten (CD) mit Bezug auf den Umgebungsparameter der Gruppe von Entschlüsselungseinheiten enthält. 6. Verfahren nach einem der Ansprüche 1 bis 5, wobei die erste Nachricht oder die zweite Nachricht einen Beschreiber des Umgebungsparameters enthält, der von der Entschlüsselungseinheit verwendet wird. 7. Verfahren nach einem der Ansprüche 1 bis 6, wobei der Übermittlungsschlüssel (TK) direkt verwendet wird, um besagten Inhalt zu entschlüsseln. 8. Verfahren nach einem der Ansprüche 1 bis 6, wobei der Übermittlungsschlüssel (TK) benutzt wird, um Kontrollmeldungen zu entschlüsseln, diedie Schlüssel enthalten, um den Inhaltzu entschlüsseln. 9. Verfahren nach einem der Ansprüche 1 bis 8, wobei die Entschlüsselungseinheit einen Speicher umfasst, um die gesamte oder ein Teil der Software mit Bezug auf das Entschlüsselungsverfahren zu speichern , wobei dieser Speicher durch Aktualisierungsnachrichten vom Kontrollzentrum aktualisiert wird. 10. Verfahren nach einem der Ansprüche 1 bis 9, wobei die zweite Nachricht eine Vielzahl von Korrekturdaten (CD) enthält, wobei jede der Korrekturdaten mit einem verschiedenen verschlüsselten Übermittlungsschlüssel (TK)k verwendet wird, der zu verschiedenen Zeitpunkten geschickt werden. 11. Verfahren nach einem der Ansprüche 1 bis 10, wobei die zweite Nachricht eine Gruppe von Entschlüsselungseinheiten gemeinsam hat und wobei der Umgebungsparameter (EP) von der Gruppe von Entschlüsselungseinheiten geteilt wird.

Revendications 1. Méthode pour sécuriser la réception d’un contenu diffusé chiffré par au moins une clé de transmission (TK) et transmis à au moins une unité de décodage, ladite au moins une clé de transmission (TK) étant générée et transmise par un centre de contrôle, ladite unité de décodage ayant au moins un paramètre d’environnement (EP) connu par le centre de contrôle, ladite méthode comprenant les étapes suivantes : - réception par l’unité de décodage depuis le centre de contrôle d’un premier message commun à une pluralité d’unités de décodage comprenant la clé de transmission chiffrée (TK)k, - réception par l’unité de décodage depuis le centre de contrôle d’un deuxième message relatif à ladite unité de décodage comprenant des données de correction (CD), lesdites données de correction (CD) étant calculées par le centre de contrôle en fonction d’au moins un paramètre d’environnement (EP) de l’unité de décodage, ledit paramètre d’environnement étant spécifique à ladite unité de décodage ou à un groupe d’unités de décodage, le paramètre d’environnement (EP) étant : - une version de logiciel de ladite unité de décodage, - des données de configuration de module hardware, - des informations d’état de module hardware, - un certificat, - une fonction de hachage de tout ou une partie du logiciel, - une indication de localisation de l’unité de décodage, - une adresse de logiciel d’une interface de réseau local, ou - un numéro d’identification de l’un des dispositifs hardware de ladite unité de décodage, ledit premier ou deuxième message comprenant en outre une indication du paramètre d’environnement à utiliser, - détermination par l’unité de décodage d’au moins un paramètre d’environnement (EP) de l’unité de décodage en utilisant l’indication contenue dans le premier ou deuxième message, -déchiffrementde la clé de transmission chiffrée (TK)k utilisant le paramètre d’environnement déterminé (EP) et les données de correction (CD). 2. Méthode selon la revendication 1, comprenant les étapes pour récupérer la clé de transmission : - application d’un processus de déchiffrement sur la clé de transmission chiffrée (TK)k utilisant au moins l’un desdits paramètres d’environnement (EP) comme clé pour obtenir une clé de transmission intermédiaire (TK’), - combinaison de la clé de transmission intermédiaire (TK’) avec les données de correction pour obtenir la clé de transmission (TK). 3. Méthode selon la revendication 1, comprenant les étapes pour récupérer la clé de transmission : - application d’un processus de déchiffrement sur la clé de transmission chiffrée (TK)k utilisant les données de correction (CD) comme clé pour obtenir une deuxième clé de transmission intermédiaire (TK"), - combinaison de la deuxième clé de transmission intermédiaire (TK’) avec l’au moins un desdits paramètres d’environnement (EP) pour obtenir la clé de transmission (TK). 4. Méthode selon la revendication 1, comprenant les étapes pour récupérer la clé de transmission : - combinaison de l’au moins un desdits paramètres d’environnement (EP) avec les données de correction (CD) pour obtenir une clé de chiffrement (k), - application d’un processus de déchiffrement sur la clé de transmission chiffrée (TK)k utilisant la clé de chiffrement (k) pour obtenir la clé de transmission (TK). 5. Méthode selon l’une quelconque des revendications 1 à 4, où le deuxième message relatif est adressé à un groupe d’unités de décodage et comprend des données de correction (CD) relatives au paramètre d’environnement dudit groupe d’unités de décodage. 6. Méthode selon l’une des revendications 1 à 5, où le premier message ou le deuxième message comprend un descripteurdu paramètre d’environnement à utiliser par l’unité de décodage. 7. Méthode selon l’une des revendications 1 à 6, où la clé de transmission (TK) est utilisée directement pour déchiffrer ledit contenu. 8. Méthode selon l’une des revendications 1 à 6, où la clé de transmission (TK) est utilisée pour déchiffrer des messages de contrôle contenant les clés pour déchiffrer le contenu. 9. Méthode selon l’une quelconque des revendications 1 à 8, où l’unité de décodage comprend une mémoire pour stocker tout ou une partie du logiciel lié au processus de déchiffrement, cette mémoire étant mise à jour par la réception de messages de mise à jour depuis le centre de contrôle. 10. Méthode selon l’une quelconque des revendications 1 à 9, où le deuxième message comprend une pluralité de données de correction (CD), chaque donnée de correction étant utilisée avec une clé de transmission chiffrée différente (TK)k envoyée à un moment différent. 11. Méthode selon l’une des revendications 1 à 10, où le deuxième message est commun à un groupe d’unités de décodage et où le paramètre d’environnement (EP) est partagé par le groupe d’unités de décodage.

REFERENCES CITED IN THE DESCRIPTION

This list of references cited by the applicant is for the reader’s convenience only. It does not form part of the European patent document. Even though great care has been taken in compiling the references, errors or omissions cannot be excluded and the EPO disclaims all liability in this regard.

Patent documents cited in the description • US 20040114764 A[0012]

Claims (4)

1. kijárás aodió/yidea tartalomhoz való biztonságos hozzáférésre egy dskédslé egpághpn Sxtibadalmi igénypontok %, fijárás egy legalább egy átviteli kulccsal <;K} kódolt és legalább egy dekódoló egységhez továbbított broadcasi tartalom yótgíáoek biztosítására., az emlbett: legalább egy átviteli kulcsot ΙΪΚ; egy vezedokozpont állítja elő és viszi át, u említett dekódoló egységosk Isplább egy s wzédőközpöntáltál ismert khfrryszab paramétere íkPj van, m említett eljárás: á követke# Ιέ^έΜ^ teítsimsxxáí ~»; dekódoló egységgel egy első üzenet vétele a vezárlőpzpor >í f ói, mely tíxenet több delyáddíó egység teklntP-lében kdílb amelyek mfesdóit átviteli :.kbfespt::p^ - adpkódöíó: egységgél egy második: toriéi vétele a vezérlőközponttól, mely üzenet az említett dekódoló egységbét tmtidXikyék kőtrekdos adatot ':$$$. tartalmáé, M emíiíétt korrekciós adatot ICO) a yezédŐSfegont számolja ki a dekódoló1 egység legalább agy környezeti paramétere •pgjjtalspján,· az említett kornyétóh há^árne-tér az említett dekódoló egységre vagy dekódold egységek egy csoportjára specifikus, s környezeti paraméter (HP) pétiig; - geemjiteít dekódoló egység:egyisxöítyeresyáitöaetd, ™ s hardver modul konfigurációs adata,. - hardver móduI státüss Információja; egy tanósityáby, '*,á szoftver egészének vagy részének agy hash függvénye, ·'· a dskódoil egység rügyének jelsósé, - egy helyi íiálózatl interfész hardveres címe, vagy ~ az említett dekódoló egység hardver eszközei egyikének azonosító száma, az említett első vagy második üzenet tartalmaz továbbá egy jelzést, hogy mely környezeti paramétert kel! használni, - a dekódoló egység útján a dekódoló egység legalább egy környezet; paraméterének pgj meghatárszása, az: első vagy második: üzenetben léyitelxéslsgsínálátávgí, ~g kódolt átviteli köles fsk|k:dekódolásé: s megbattroaott kőimyeaetl paraméter ivé) és a korrekciós adat jüD): használatával.: 2* Aa:l. Igénypont szerinti eljárás; amely ekövetkazd iépésekefíprCSimszza axátyiteií köles megszerzéséhez· - égy: dekódoló: művelet alkalmazása: a kódok átviteli: kulcson ITKjk aa említett környezeti: paraméterek jfp) léga iább agyi kének k« lesként: tőrténÓ::basab:|latáyal;: egy :kóabe őse átviteli ku les: (W) m egsaeraéséb efc: « a kbtbebsó átviteli köles ÍTk’i kombinálása a korrekciós adattak m átviteli köles i'VK) nmgfcspáslhozy
2. 3. Az .1, igényporit szerinti eljárás, amely a következó lépéseket tartalmazza az átviteli kulcs megszerzéséhez; —•«gV'íüMfe^dolő mövste: sikalmazisa a ködőit átvitel-kölese# {?üü}lc, a kö{?é|$|b adat .|Cö| kuisskédt sdríÉ^ kásznáiatiyábiegy másmdik kőxfe-É^ átviteli kulcs megszerzéséhez (TK"), - a második közbenső átviteli kulcs Wk"} kcmskénéiáéá aa említsd fcfemyeáéf iW) I^Sjiá^figyM'·' vek az étvítíííi kulcs -TK) megszerzéséihez,
3. 4, Az 1..igényport· szennO -Hjáms, ameiy a köve: kezd lépéseké* Sar-aimszza az átvaek kulcs megszerzéséhez.: » M említett környezeti paraméterek|^||^tó-^y>ké«:ek::tebi:8ás‘ás8.3 korrekciós adattal piőkefy kódoló kulcs ík) megszerzéséhez, *?,éjgy -iilÉÜÉii- ^ővölöt'sNfmr^s» « kódolt átviteli kulcson íTkJk/ss kddnld kulcs (k) hésznáfc&amp;ávaí' az iftM kulcs {TK} zöopzorezéséh ez. $,· M lvtzij|énypóntök bármelyike szerinti e|árss,: ahol *; hozzá tartozó második: üzenet dekódoló siységekegy esöborphötvan: címezve,. és az émilett dekódoló .é|y$'#!.ii^p0rt- köróPSft vonalköze köffék* cíós adatot (CD) tartalmai, ói AZ t.-S, :ígj^l«¥ril>0^t:0fe::-báFmiisl^iÍk#--lg;|£^irÍÍirl ^íjiéy^:$>--:sí>p:í: az első Usenet vagy a második üzenet a dekódoló egység liiaiiihasznáiandö környezeti paraméter egy feléiét tíartafm»m:. Az }gÍ»itj^|iíÉ^ií1hfte1ylks szerinti eljárás, aöó! át átviteli kétes |TKj közvetlenül hasaálíjuk az említett tartalom dekódolásához.
4. 8, Az i?&amp; ••^Ιίΐ^ΓΪδίί ahol az átviteli kulcsotPKt Hasz«flj.uk a tartalom dekódolá sához valö kulcsokat tsrtalmazbvexédŐözenetekdeködolásáhM, 8; Az t~B, szedeti eljárás, ahol a dekódold egység memóriát tartalmaz a dekódolás! müveiéire vonatkozó szoftver egészének vagy t észének árolásárá^Mt: a memóriát a vözéríŐközöonttóS írissöésl -i^etigkvétdlévfifyissltj.QICi M Az l-S. igénypontok bármelyike szsrinömljárás, abó|a második: őzedet több kormpiis. :imazf minden egyes korrekciós adatot klílöilMzŐ Időben küldött különböző kódolt átviteli kulccsá! £tl|k használjuk. 11, A; 1- .10 igénypontok bármelyike szerinti eljárás., ahol a második üzenet közös dekódoló egységek egy csoportjára, és ahol a környezeti paramétert (EP) a dekódoló egység csoporí osztja meg.