JP2008011547A - Processing apparatus and processing method of conditional access system - Google Patents

Processing apparatus and processing method of conditional access system Download PDF

Info

Publication number
JP2008011547A
JP2008011547A JP2007198169A JP2007198169A JP2008011547A JP 2008011547 A JP2008011547 A JP 2008011547A JP 2007198169 A JP2007198169 A JP 2007198169A JP 2007198169 A JP2007198169 A JP 2007198169A JP 2008011547 A JP2008011547 A JP 2008011547A
Authority
JP
Japan
Prior art keywords
key
broadcast
encryption
head end
scramble
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
JP2007198169A
Other languages
Japanese (ja)
Other versions
JP4536091B2 (en
Inventor
Seiichi Nanba
誠一 難波
Original Assignee
Nippon Hoso Kyokai <Nhk>
日本放送協会
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nippon Hoso Kyokai <Nhk>, 日本放送協会 filed Critical Nippon Hoso Kyokai <Nhk>
Priority to JP2007198169A priority Critical patent/JP4536091B2/en
Publication of JP2008011547A publication Critical patent/JP2008011547A/en
Application granted granted Critical
Publication of JP4536091B2 publication Critical patent/JP4536091B2/en
Application status is Expired - Fee Related legal-status Critical
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network, synchronizing decoder's clock; Client middleware
    • H04N21/44Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs
    • H04N21/4405Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs involving video stream decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/266Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
    • H04N21/26606Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing entitlement messages, e.g. Entitlement Control Message [ECM] or Entitlement Management Message [EMM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/462Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
    • H04N21/4623Processing of entitlement messages, e.g. ECM [Entitlement Control Message] or EMM [Entitlement Management Message]

Abstract

<P>PROBLEM TO BE SOLVED: To securely transmit the information to be used for controlling a conditional access, when receiving a broadcast signal transmitted by using a CAS (Conditional Access System) for a broadcast transmission line of satelite broadcast waves or the like, retransmitting and broadcasting the broadcast signal by using another CAS for a broadcast transmission line of a CATV or the like. <P>SOLUTION: A program signal of satellite broadcasting is scrambled by a scrambler 11 and a transferred to an STB, without being descrambled. An ECM and an EMM are transferred to the STB via a head end. On a broadcast station side of satellite broadcasting, related information is encrypted by an S-CAS system and the resultant ECM and EMM are decrypted in a head-end receiving section of CATV by decryption means 32, 33, re-encrypted according to a C-CAS system by encryption means 28, 29 and are transferred to the STB. From the viewpoint of security, encryption methods are separated for key information common to all receivers and information specific to each receiver. <P>COPYRIGHT: (C)2008,JPO&INPIT

Description

  The present invention relates to a related information processing apparatus in a conditional access system. In particular, a signal broadcast using a limited reception system on a first broadcast transmission path such as satellite broadcasting or terrestrial broadcast is retransmitted using a limited reception system on a broadcast system using a second broadcast transmission path such as CATV. The present invention relates to an apparatus for processing related information in a conditional access method applied when broadcasting. Here, as a function of the limited reception method, in addition to a reception control function when a signal is scrambled and transmitted in order to perform pay broadcasting, in the broadcasting, whether or not the signal is scrambled It also covers functions that can transmit information for selecting and controlling specific receivers, such as displaying individual messages for each receiver.

  FIG. 2 shows a basic system configuration of the conditional access system (hereinafter referred to as CAS). Here, the method of scrambling the program signal with the scrambler 1 in the broadcasting station employs the block cipher system in Japan's satellite digital broadcasting, but this encryption key, that is, the key for scrambling the signal ( For example, the scramble key (hereinafter referred to as “Ks”) increases the security against unauthorized reception by changing it in units of one second. In order to descramble the signal by the descrambler 2 on the receiver side, it is necessary to know this Ks information. This Ks is encrypted with another key (work key: hereinafter referred to as Kw) together with attribute information relating to the program in the encryption means 3 in the broadcast station, and related information (hereinafter referred to as ECM) is referred to as program information (Heisei Era). (See the Ministry of Posts and Telecommunications Order No. 57 and 1998 Post Office Notification No. 260). Furthermore, Kw can be updated in units of, for example, one month or one year in order to maintain safety. This Kw also needs to be encrypted before being transmitted on a medium that can be accessed from anywhere such as radio waves. Therefore, this Kw is sent to the receiver as related information called individual information (hereinafter referred to as EMM) together with information (contract contents information) for indicating the contents contracted by each receiver. When this EMM is also transmitted by radio waves or the like, it is encrypted by the encryption means 4 so as not to be used illegally or to alter the information content. The key for this encryption (master key: hereinafter referred to as Km) is generally different for each receiver. These encryption decryption processing and reception determination processing are performed by an integrated circuit provided in the receiver or a security module removable from the receiver main body, but in recent years, the latter has been put into practical use by using an IC card 5 with a built-in CPU. Many systems are used. This IC card has, for example, a CPU and a memory such as an EEPROM in which predetermined information as will be described later and a control procedure of each means for realizing the function by the CPU are stored. That is, the IC card 5 has Km as information, and is attached to the receiver, and decrypts the contract contents information and Kw from the EMM received using the Km by the decryption means 6. The decryption means 7 decrypts the Ks and the attribute information related to the program from the received ECM, and the descrambling / impossibility determination means 8 determines the contract contents from the encryption / decryption means 6 and the attribute information of the program from the encryption / decryption means 7. Based on the above, it is determined whether or not the broadcast (program) can be descrambled. If possible, the switch 9 for supplying Ks from the encryption / decryption means 7 to the descrambler 2 is closed. As a result, a program signal descrambled and restored by the descrambler 2 is obtained.

  Of the keys described above, Kw is common to all receivers that receive the broadcast, but Km is different for each receiver. At this time, it is desirable to encrypt information on the contract contents of each receiver by using the same key between operators broadcasting to the same receiver, in order to simplify the processing at the receiver. In other words, contract information for each broadcaster is created by each broadcaster, but the Km used for encryption when this is sent to the receiver as an EMM is managed uniformly among the broadcasters. (If it is duplicated and managed by each broadcaster, if it is leaked by either, it is expected that tracking will be difficult and will have a big impact). For this purpose, an organization called a key management center 10 is provided on the broadcasting station side, and it is common to perform encryption of EMMs created by each broadcaster using the encryption means 4 in a unified manner. is there.

  The above is the basic configuration of CAS on a single broadcast transmission path. Next, consider a case where a program broadcast by satellite broadcasting or the like is received by the CATV headend and retransmitted to CATV.

  The CAS configuration as shown in FIG. 2 is common to, for example, a satellite broadcasting system and a CATV system. However, when a satellite broadcasting system and a CATV system are connected, there are several combinations of how to scramble, transmission of related information, and processing methods.

  When the signal is scrambled and broadcast, it is necessary to send the above-described key (Ks and Kw) information necessary for descrambling the signal to the receiver. Also, when broadcasting using the CAS function, such as pay broadcasting, information about the key for signal descrambling and whether each program is subscribed to each receiver, that is, whether or not the program can be received, that is, de It is necessary to send information for enabling the receiver to determine whether or not to scramble. At this time, generally Ks and Kw necessary for receiving a certain program are information common to all receivers, but information for determining a contract is an individual information item for each receiver. The method of transmitting such related information to CATV greatly affects the business forms of satellite broadcasters and CATV operators.

  A typical system configuration in the case of receiving a broadcast program broadcast using CAS on a first transmission path such as a satellite broadcast wave and retransmitting it to a second transmission path such as a cable is shown in FIGS. Shown in

  In FIG. 3, the satellite broadcast wave signal received at the CATV headend is retransmitted to the cable as it is or after conversion of only the modulation method and transmission frequency. In FIG. 3, 11 is a scrambler, 12 is a descrambler, 13 and 14 are encryption means, 15 is an IC card provided in the STB of the receiver, 16 and 17 are encryption / decryption means, and 18 is a descrambling availability determination means. , 19 is a switch, 20 is a key management center, 11, 13, 14, and 20 are provided on the broadcasting station side, and 12, 15, 16, 17, 18, and 19 are provided on the receiver side. Yes. These are the same as those described in FIG. The STB (Set Top Box) is a part for realizing the basic functions of the receiver. Further, the switch 19 may be a gate circuit (the same applies to the switches in the drawings described later).

  In the case of FIG. 3, since the CAS broadcast satellite is used as it is, the receiver can perform the same control and receiver management as the case of directly receiving the satellite broadcast wave. On the other hand, in addition to the retransmission of satellite broadcast programs, there is a system in which the CATV provider performs pay broadcasting of an original program from the head end. In this case, considering the convenience of the viewer, the re-transmission credit program and the original program Can be received by the same receiver. In the system as shown in FIG. 3, this can be realized by using the same system as the satellite broadcasting CAS in CATV (this system is not shown in FIG. 3). Since management of the master key in the system in this case is basically performed on the satellite broadcasting side, it is assumed that there is a limit on the independence of the business of the CATV operator. Therefore, it is difficult to adopt when this becomes a problem in the broadcasting business.

  FIG. 4 shows a system in which the restoration process of the CAS system (hereinafter referred to as S-CAS system) such as satellite broadcasting is performed at the CATV headend, and after returning to a normal signal, the system is sent to the CATV transmission line. In FIG. 4, 21 is a descrambler, 27 is a scrambler, 22 and 23 are encryption / decryption means, 24 is a descrambling enable / disable judging means, 25 is a switch, 26 is an IC card provided in the headend receiver, and 28 and 29 Is encryption means, 30 is a key management center, 11, 13, 14, and 20 are provided on the broadcasting station side, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30 Is provided at the head end, and 12, 15, 16, 17, 18, and 19 are provided on the receiver side. These are the same as those described in FIG.

  The configuration shown in FIG. 4 has been implemented since the era of analog satellite broadcasting. In the following, digital broadcasting in which digital signals are transmitted in the first transmission path such as satellite broadcasting will be considered. However, there are two cases of retransmission to a cable: conventional analog transmission and digital transmission. . In the case of analog transmission, when the signal is scrambled by satellite broadcasting or the like, descrambling is performed at the head end, and the output signal is retransmitted without being scrambled, and S-CAS is used in the CATV system. There is a case where the data is retransmitted after being scrambled by a system different from the system (hereinafter referred to as C-CAS system). For example, FIG. 4 shows a configuration for scrambling. This is a form in which the basic system of FIG. 2 is provided independently in the satellite transmission line part and the cable transmission line part and cascaded. In this system, the CATV provider manages the CATV completely, but the satellite broadcaster cannot directly manage the subscribers in the CATV. That is, between the satellite broadcaster and the head end, using an IC card having a master key Km_he (head end master key) corresponding to the head end, reception control is performed in a batch, and the restored program signal is transmitted. It is scrambled again by the C-CAS method and transmitted to the receiver of each subscriber.

  In recent years, CATV has started digital broadcasting for digitally transmitting signals. In digital broadcasting, the number of programs to be broadcast increases, and broadcasting with new functions combined with various data is performed. . In addition, it is conceivable to charge various charges for these broadcasts. Therefore, when retransmitting satellite digital broadcasts, etc. with cables, the various demands of satellite broadcasters in terms of program viewing and operation are required. The problem is how much the function can be realized by each receiver (the basic function is provided in the STB). In particular, there have been insufficient studies on a case where a signal broadcast by satellite broadcasting or the like is retransmitted by digital transmission through a cable, such as a function that can be realized when pay broadcasting is performed.

  Below, the function of the conditional access system in the case of retransmitting by CATV is examined.

  First, regarding the signal scrambling method, the same case is handled in satellite digital broadcasting and cable digital broadcasting. Further, scramble the signal of the program for retransmitting the satellite broadcast on the satellite broadcasting station side, and do not descramble at the head end of the cable digital broadcast, and retransmit as it is and descramble with the STB. At this time, the transmission method and encryption method of related information including Ks are considered to be the same or different between the satellite digital broadcast and the cable digital broadcast.

(A) When the C-CAS system is the same as the S-CAS system This corresponds to the case of FIG. 3, and each STB can receive the same IC card as the S-CAS system. When scrambled and broadcast a program unique to cable broadcasting, EMM encryption for this contract needs to be performed at the key management center on the satellite broadcasting side, which causes problems in business independence. However, it is not considered in the following because there is no technical problem.

(B) When the C-CAS system and the S-CAS system are different This corresponds to the configuration of FIG. The conventional form shown in this figure can be used in the case of analog satellite broadcasting with a small number of channels, but by retransmitting multi-channel and multi-function signals such as satellite digital broadcasting to CATV, satellite broadcasting business The functions are insufficient to perform various services using CAS on the user side without causing a security problem. In order to directly manage each subscriber via CATV, the satellite digital broadcast-related information addressed to each subscriber is encrypted by the S-CAS system at the satellite broadcast station side and decrypted by the cable digital broadcast headend. The obtained plain text EMM is re-encrypted by the C-CAS method and sent. At this time, generally speaking, in the head-end device, the EMM appears in an unencrypted state and is encrypted again. Of the information contained in this EMM, Kw is common to all receivers, and if this leaks to the outside, the security of the entire CAS scheme considered here will be lost.

  The above-described CAS method can be such that Kw appears only in a security module such as an IC card that cannot be read from the outside on the receiving side, and only Ks obtained as a result of decryption using the Kw appears outside the security module. However, it is the basis of safety (even if Km of each receiver is observed, it is meaningless if Kw is known somewhere). Since this EMM encryption / decryption process is performed at the head end of cable stations nationwide, if it leaks from a station that does not have sufficient security measures, the security of all satellite broadcasts will be lost, so you must be extremely careful. Don't be. On the other hand, if information other than Kw leaks to the outside of the information contained in the EMM, these are information about the receiver who is connected to the cable operator and who is subscribed to satellite digital broadcasting. The impact on other broadcasters is thought to be small.

  The present invention realizes the necessary functions of the limited reception system on the satellite digital broadcasting side by transferring it to the cable side, and also enables transmission of related information that does not cause a security (safety) problem during this transfer. The purpose is to be. In particular, it is an object of the satellite digital broadcasting service provider to directly manage a person who is receiving satellite digital broadcasting in CATV without compromising security.

  In the present invention, first, in order to solve the problem that security cannot be maintained if Kw appears outside when related information is transferred at the head end, between the broadcasting station of the satellite digital broadcasting and the head end. Applies a method different from the related information transmission method for general receivers. That is, when an EMM for receiving a satellite digital broadcast retransmitted within a certain cable digital broadcast station is sent from the satellite digital broadcast station, a new related information transmission system for the head end of the cable operator is applied.

  Further, as described above, since the signal scramble system in CATV is the same as that for satellite digital broadcasting, it is not particularly necessary to decode and re-scramble the scrambled signal packet at the head end. . However, regarding ECM encryption including Ks used for descrambling control, as described above, Kw used for ECM encryption needs to be changed between the S-CAS method and the C-CAS method for security. In the end, it is necessary to perform a C-CAS decoding process in the STB. For this reason, the ECM encryption by the S-CAS method is decrypted at the head end, and the encryption by the C-CAS method is performed again. At this time, a cable used for re-encryption of ECM is Kw_c, and a cable used on the satellite side is Kw_s.

  The EMM is generally an identification number (hereinafter, typically referred to as a card ID) of an EMM transmission destination (a receiver, an STB, a decoder, a security module such as an IC card), and a key for ECM encryption. It is composed of a certain Kw and information related to the contract contents of each receiver (hereinafter simply referred to as contract information). For this EMM, in the present invention, the card ID (not encrypted) and the contract information (encrypted with the receiver's individual key) are transferred from the satellite broadcast side to the CATV, and related information such that Kw is not transferred. The transmission processing method is applied. In other words, information necessary for individual control of each receiver is transferred, but transfer processing is not performed for items that are common to all receivers and have a large security impact due to leakage. Apply transmission and processing methods.

  According to the first aspect of the present invention, a scramble key (FIG. 1, Ks) for encrypting a broadcast signal by a scramble algorithm, and a program attribute information common to the scramble key and all receivers are displayed in a first encryption algorithm (FIG. 1, the first work key (FIG. 1, Kws) for encryption with encryption I), and the first work key and information on the contents of individual contracts for each receiver. Broadcast signal broadcast on the first broadcast transmission path using the first conditional access system using the first master key (FIG. 1, Km he) for encryption by the algorithm, the scramble key and the program The attribute information, the first work key, and the contract content information are received, and each of the second work key (FIG. 1, Kw c) and the second master key (FIG. 1) are transmitted through a plurality of second broadcast transmission paths. , Km i) and the second encryption algorithm (FIG. 1, When the re-encryption is performed using the second conditional access system using the encoding II) and re-transmission is performed in the second broadcast transmission path, the conditional reception system at the head end of the second broadcast transmission path The broadcast signal encrypted using the scramble algorithm and the scramble key retransmits the received signal as it is, and the scramble key and the program attribute information are recorded for each headend. Using the first master key (FIG. 1, Km he) common to all receivers (FIG. 1, STB) that are received individually and through the second broadcast transmission path from the head end, the head end Obtained by performing decryption using the first work key obtained by performing decryption using a security module (FIGS. 1 and 35) having a hardware configuration in which the first work key does not leak to the outside. The scramble key and program attribute information are re-encrypted and re-transmitted using the second work key generated at the head end and the second encryption algorithm, and the contract content information is the first Individual second information is received for each receiver that receives the contract content information obtained by encryption / decryption at the head end using the master key together with the second work key through each second broadcast transmission path. Each step of re-encrypting and re-transmitting using the master key and the second encryption algorithm.

  According to a second aspect of the present invention, a scramble key (FIG. 1, Ks) for encrypting a broadcast signal with a scramble algorithm, and program attribute information common to the scramble key and all receivers are stored in a first encryption algorithm ( FIG. 1 shows a first work key (FIG. 1, Kws) for encryption with encryption I), and information on individual contract contents for each first work key and receiver. A broadcast signal broadcast on the first broadcast transmission path using the first conditional access system using the first master key (FIG. 1, Km he) for encryption with the encryption algorithm, the scramble key, The program attribute information, the first work key, and the contract content information are received, and each of the second work key (FIG. 1, Kw c) and the second master key (FIG. 1) are received through a plurality of second broadcast transmission paths. 1, Km i) and the second encryption algorithm (Fig. The limited reception provided at the head end of the second broadcast transmission path, re-encrypted using the second limited reception scheme using encryption II) and retransmitted in the second broadcast transmission path A broadcast signal encrypted using the scramble algorithm and the scramble key, means for retransmitting the received signal as it is, and the scramble key and the attribute information of the program include: Using the first master key (FIG. 1, Km he) that is common to all receivers (FIG. 1, STB) that receive each head end individually and through the second broadcast transmission path from the head end, the head Using the first work key obtained by performing encryption and decryption using a security module (FIGS. 1 and 35) having a hardware configuration in which the first work key does not leak to the outside at the end Means for re-encrypting and re-sending the scramble key and program attribute information obtained by decrypting and decrypting using the second work key generated at the head end and the second encryption algorithm (FIGS. 1 and 28); ) And the contract content information, the contract content information obtained by encryption and decryption at the head end using the first master key, together with the second work key, And a means (FIGS. 1 and 29) for re-encrypting and re-transmitting using an individual second master key and a second encryption algorithm for each receiver received through the broadcast transmission path, To do.

  According to the present invention, a signal broadcast using a first conditional access system on a first broadcast transmission line such as satellite broadcast is received, and a second conditional reception is received on a second broadcast transmission line such as CATV. When retransmitting using a method, related information including information for individually controlling a receiver that receives a signal from the second broadcast transmission path can be transferred without sacrificing safety. it can.

  FIG. 1 shows an embodiment of the present invention. Regarding the functions of the constituent elements included in this figure, those corresponding to the elements described in FIGS. 2 to 4 will be omitted or simplified. That is, 11 is a scrambler, 13 and 14 are encryption means, 20 is a key management center, these are provided on the broadcasting station side, 31 is an EMM filter unit, 32 and 33 are encryption / decryption means, and 28 , 29 are encryption means, 30 is a key management center, 34 is a subscriber card ID setting unit, 35 is an IC card provided in the head end receiving unit, these are provided in the head end, A descrambler, 15 is an IC card, 16 and 17 are encryption / decryption means, 18 is a descrambling determination means, and 19 is a switch, which are provided on the receiver side.

  In this embodiment, the satellite broadcast program signal is scrambled by the scrambler 11, but is not descrambled at the head end and is transferred to the STB as it is. Accordingly, since the descrambler 12 of the STB needs to descramble the satellite broadcast, the ECM and EMM necessary for this are transferred to the STB via the head end. In FIG. 1, related information is encrypted by the S-CAS system on the broadcasting station side such as satellite broadcasting (encryption I), and the ECM and EMM obtained by this encryption are encryption / decryption means at the head-end receiving unit of CATV. The EMM is decrypted by the C-CAS method by the encryption means 28 and 29 (encrypted by the EMM filter unit 31). II) and transferred to the STB. Here, from the viewpoint of security described above, Kw (Kw_s) in the S-CAS system and Kw (KW_c) in the C-CAS system are separated.

  In digital broadcasting, each related information of the ECM, EMM, and EMM message is transmitted with a structure shown in FIG. 5 called a section. A more specific configuration example of the EMM is shown in FIG. Related information is encrypted and transmitted. The range to be encrypted is not publicly disclosed in terms of security, but at least the header part of the section is not encrypted. In addition, EMM extracts information addressed to itself from a large amount of information transmitted by each receiver and performs decryption in the IC card. However, it is necessary to extract the information addressed to itself at high speed. The card ID part is not encrypted. Accordingly, in the conventional EMM section, the contract information “contract information_i” (contract information in the i-th decoder) after the card ID portion of FIG. 6 is encrypted with the i-th master key Km_i.

  On the other hand, in order to directly manage a person who subscribes to the satellite digital broadcast in the CATV, the satellite broadcaster performs the transfer using the EMM section by the method described below. That is, the satellite broadcaster needs to transfer the EMM to each STB in order to directly manage the people who subscribe to the satellite digital broadcast in CATV. It is necessary to extract and decrypt the EMMs for the subscribers in each CATV from a large number of EMMs, and to re-encrypt them using the C-CAS method. In order to do this, it is necessary to sequentially receive all EMMs of the corresponding card ID and sequentially decrypt the cipher using each corresponding Km_i, but this Km_i is an IC that cannot be accessed from the outside in order to maintain security. It is assumed that it exists only inside the card. Therefore, it is necessary to place, for example, IC cards for subscribers in CATV in parallel at the head end. Such a device is not practical. For this reason, transfer is performed using the EMM section by the method described below.

  FIG. 7 shows an example of a section for sending an EMM of a satellite broadcast subscriber in CATV or an EMM individual message to the CATV headend used in the present invention. In the conventional EMM section in CATV, as shown in FIG. 8, the contract information_i after each card ID_i is encrypted with different Km_i. In contrast, in the EMM section of FIG. 7, the contract information_i after each card ID_i is encrypted with the same Km_he (head end master key).

  Next, the process of receiving the section in the format of FIG. 7 at the head end and converting it to the section for CATV in the conventional format of FIG. 8 with the configuration of FIG. 1 will be described. The head end is provided with a subscriber card ID setting unit 34, which stores the card ID of the STB that is subscribed to the satellite digital broadcast in the CATV, that is, the EMM of the satellite digital broadcast needs to be transferred. ing. From here, each ID is given to the EMM filter unit 31 sequentially, and the EMM of the subscriber in each CATV is extracted from the satellite broadcast wave, and is sequentially transferred to the head end IC card 35 for encryption / decryption processing. .

  At this time, the processing program in the IC card for headend is different from the IC card for direct reception of general satellite broadcasting. That is, the EMM decryption result is stored in the IC card from a general IC card and does not appear outside. However, in the head end IC card, the contract information of each receiver is encrypted again by the C-CAS method. Output is required to send to STB. In a general IC card (for example, 5 in FIG. 2), when EMM is decrypted with Km (Km_i) of each IC card, Kw_s and contract information_i of the recipient are obtained, but these are stored in the IC card. It cannot be read from the outside. When the ECM encryption is decrypted using Kw_s, Ks and program attribute information are obtained. This Ks is output from the IC card and supplied to the descrambler. However, the attribute information of the program is used only for collation with the contract information in the IC card and is not output to the outside from the IC card. However, in the IC card for headend according to the present invention, when EMM as shown in FIG. 7 is decrypted with Km (Km_he) for headend, Kw_s and contract information_i of each subscriber in the CATV are obtained. . Among these, Kw_s is stored in the IC card, but the contract information_i is output to the outside as a response from the IC card. When the ECM is received, the head end IC card decrypts the encryption using the stored Kw_s to obtain Ks and program attribute information. These are output to the outside as responses from the IC card. The output Ks and program attribute information are encrypted by the encryption means 28 with CATV Kw (Kw_c) (encryption II), and sent as CATV ECM. On the other hand, for each card ID, the EMM adds the CATV Kw_c to the contract information output from the headend IC card and encrypts it with the CATV master key Km_i by the encryption means 29, and the CATV as shown in FIG. Configure and send EMM.

  Note that the configuration of the section transmitted by CATV is the same as the EMM section in the case of directly receiving satellite digital broadcasting. For this reason, the function and design of the STB become common with the IRD of satellite digital broadcasting, and the receiver cost can be reduced.

  As described above, the CATV headend selectively receives (filters) EMMs addressed to all STBs that subscribe to satellite digital broadcasting within the CATV and transfers them to the IC card 35. After transferring to the IC card 35, all are decrypted with the same Km (Km_he). Although filtering of EMM addressed to all subscribers in the CATV before the transfer has no security problem in terms of key management, the filtering process needs to be performed at high speed. This part is a device placed at the head end of a CATV operator, and although it is not necessary to be as simple as a general receiver, it is expected to be quite large. Therefore, in order to efficiently perform the processing of the card ID setting unit and the EMM filter unit, a specific bit of the card ID (48 bits in the satellite digital broadcasting standard) used for the STB for CATV is set in operation. It is effective to use an operator code. That is, it is only necessary to extract and transfer to the IC card 35 those that match a specific bit of the card ID, and the ID collating operation becomes extremely easy. In consideration of the transfer time to the IC card, it is appropriate that the transmission side of the satellite digital broadcast sends the EMMs addressed to each STB in the CATV with a certain time interval or more.

  It should be noted that EMMs from the satellite broadcasting station side to the receivers subscribed in the CATV can be delivered collectively to the head end using a communication line or the like without using the satellite broadcast transmission path. In this case, since the data is received collectively at the head end, the burden on the satellite broadcast transmission path side is reduced, but it is necessary to perform control such as repeated transmission on the CATV side to reliably receive the EMM (depending on the satellite broadcast wave). In the case of distribution, since it is generally repeatedly transmitted in advance, it may be transmitted as received at the head end.

  Next, in each STB, in order to be able to receive the channel of the satellite digital broadcaster and the channel of the CATV carrier via the cable with the same IC card, the card ID of the EMM for receiving both channels Need to be managed in common. However, the master key Km_i of each card for the card ID can be used independently by the satellite broadcaster and the CATV provider. In this case, the satellite broadcaster uses only the corresponding head end Km_he for the STB subscribed in CATV, and the other Km_i is assigned to the IRD that directly receives the satellite.

  By the way, in the present invention, since the contract contents of each receiver in the CATV to the satellite broadcaster appear in a state where they are not encrypted at the head end, it is assumed that fraud is performed here. As described above, this influence is limited to the CATV provider concerned and does not relate to the safety of the entire CAS of the satellite digital broadcasting. However, if this safety becomes a problem, the encryption on the satellite broadcasting side It is necessary to process the EMM while applying. FIG. 9 shows an example of a system configuration for realizing this, and the EMM encrypted on the broadcast station side is not the card ID part, and the other is encrypted with Kms_i in the S-CAS system. Without decrypting the ECM and EMM from the satellite broadcast received at the headend, the data is further retransmitted after being encrypted (encrypted II) by the C-CAS method using the encryption means 36, 37, and 38. In this case, in the IC card 15 (security module) in the STB, first, the ECM and EMM from the head end are decrypted (encryption / decryption II) by the C-CAS method using the encryption / decryption means 39, 40, If the EMM belongs to a satellite digital broadcaster, the encryption / decryption means 41 and 42 are used to perform S-CAS encryption / decryption (encryption / decryption II). In this system, the ECM is not encrypted and decrypted at the head end, but is encrypted and transmitted as it is with the CATV Kw (Kw_c). As for EMM, the part received from the satellite broadcast is encrypted by the S-CAS system (encrypted by Kms_i which is the Km for the i-th receiver in the S-CAS system) again as it is. Encrypt using C-CAS method and send to cable. The key at this time is Kmc_i, which is Km for the i-th receiver in the C-CAS system. In this method, at least a plurality of C-CAS and S-CAS encryption algorithms and Km, that is, Kmc_i and Kms_i, must be installed in a security module such as an STB IC card. In this method, it is necessary to send Kw_c for decrypting the ECM re-encrypted with Kw_c on the cable side to the STB, and an EMM for sending Kw_c is added by the encryption means 37 from the head end. This EMM is encrypted with Kmc_i and sent with the same card ID as the EMM transferred from the same satellite broadcast. When receiving the EMM addressed to the STB, the STB transfers it to the IC card and encrypts / decrypts it with Kmc_i by the encryption / decryption means 40 (encryption / decryption II). When the received EMM is for transmitting Kw_c, it is stored in the IC card and is used for decrypting the ECM by the encryption / decryption means 39. When the received EMM is the re-encrypted EMM of the satellite broadcast, the decrypted EMM is further decrypted with Kms_i by the decryption means 42 (encryption / decryption I), and then the satellite broadcast is directly received. Similarly, the satellite broadcast ECM is decoded, and the descrambling / non-descrambling determining unit 43 determines whether or not descrambling is possible from the program attribute information and the contract contents, and closes the switch 44 and outputs Ks. In this method, although not shown in FIG. 9, the control of the CATV provider's own program can be similarly performed by omitting the encryption / decryption I processing in the STB.

  By using the limited reception function, individual messages can be sent to each receiver and displayed on the screen. In this case, the EMM message section is used for sending, but in order to increase the efficiency of transmission, individual messages for each receiver are sent with a fixed-form number to be displayed, and the actual message content is a separate fixed-form number. There is a method to send the message as a common message to all receivers marked with. When sending a message to a specific receiver by satellite digital broadcasting in this way, when the receiver is in the CATV being retransmitted, a mechanism for transferring related information at the head end is required. This can also be transmitted by the system of the embodiment shown in FIG. At this time, since the content of the fixed message common to all the receivers is a standard that is not encrypted, the head end can transfer the EMM message section to CATV without performing any special processing. On the other hand, an individual message section indicating a fixed sentence number that is different for each receiver is encrypted with Km_i in the same manner as the EMM, and thus is essentially the same as the EMM transmission described in the present invention. However, in the case of an EMM message, the Kw for decrypting the ECM cipher is not sent, so matters relating to the security of the Kw are irrelevant and can be realized more easily than the EMM transfer problem.

It is a figure which shows the system configuration | structure of the Example of this invention. It is a figure which shows the basic system structure of a conditional access system (CAS). It is a figure which shows the conventional system configuration. It is a figure which shows the other conventional system configuration. It is a figure which shows the structure of the section which transmits related information (ECM, EMM) by digital broadcasting. It is a figure which shows the structural example of the section which transmits EMM. It is a figure which shows the structure of the EMM section used for this invention. It is a figure which shows the structure of the EMM section transmitted to a receiver. It is a figure which shows the system configuration | structure of the Example of this invention.

Explanation of symbols

1,11 Scrambler 2,12,27 Descrambler 3,4,13,14,28,29,36,37,38 Encryption means 5,15,35 IC card 6,7,16,17,22,23 , 32, 33, 39, 40, 41, 42 Encryption / decryption means 8, 18, 24, 43 Descramble availability determination means 9, 19, 25, 44 Switch 10, 20, 30 Key management center 31 EMM filter 34 Subscriber card ID setting section

Claims (2)

  1. A scramble key for encrypting a broadcast signal with a scramble algorithm; a first work key for encrypting the scramble key and program attribute information common to all receivers with a first encryption algorithm; The first limited reception method using the first master key for encrypting the information of the individual contract contents for each work key and each receiver with the first encryption algorithm. Receiving a broadcast signal broadcast on a broadcast transmission path, the scramble key and program attribute information, a first work key and contract content information;
    Re-encrypting using a second conditional access method using a second work key, a second master key, and a second encryption algorithm on each of a plurality of second broadcast transmission paths, When retransmitting in a broadcast transmission path, a processing method of a limited reception method at a head end of the second broadcast transmission path,
    The broadcast signal encrypted using the scramble algorithm and the scramble key retransmits the received signal as it is,
    The scramble key and the attribute information of the program are stored in the head end using a first master key that is individual for each head end and is common to all receivers that receive from the head end through the second broadcast transmission path. The scramble key and program obtained by performing encryption / decryption using the first work key obtained by performing encryption / decryption using a security module having a hardware configuration in which the first work key does not leak outside The attribute information is re-encrypted and re-transmitted using the second work key generated at the head end and the second encryption algorithm,
    The contract content information includes the contract content information obtained by encryption and decryption at the head end using the first master key, together with the second work key. Re-encrypt and re-transmit using a separate second master key and second encryption algorithm for each receiver receiving through
    A conditional access system processing method comprising each step.
  2. A scramble key for encrypting a broadcast signal with a scramble algorithm; a first work key for encrypting the scramble key and program attribute information common to all receivers with a first encryption algorithm; The first limited reception method using the first master key for encrypting the information of the individual contract contents for each work key and each receiver with the first encryption algorithm. Receiving a broadcast signal broadcast on a broadcast transmission path, the scramble key and program attribute information, a first work key and contract content information;
    Re-encrypting using a second conditional access method using a second work key, a second master key, and a second encryption algorithm on each of a plurality of second broadcast transmission paths, A processing apparatus of a limited reception method provided at a head end of the second broadcast transmission path, which is retransmitted in a broadcast transmission path,
    A broadcast signal encrypted using the scramble algorithm and the scramble key, means for retransmitting the received signal as it is,
    The scramble key and the attribute information of the program are stored in the head end using a first master key that is individual for each head end and is common to all receivers that receive from the head end through the second broadcast transmission path. The scramble key and program obtained by performing encryption / decryption using the first work key obtained by performing encryption / decryption using a security module having a hardware configuration in which the first work key does not leak outside Means for re-encrypting and re-transmitting the attribute information using the second work key generated at the head end and the second encryption algorithm;
    The contract content information includes the contract content information obtained by encryption and decryption at the head end using the first master key, together with the second work key. Means for re-encrypting and re-transmitting using a separate second master key and a second encryption algorithm for each receiver receiving through;
    A conditional access system processing device comprising:
JP2007198169A 2007-07-30 2007-07-30 Processing apparatus and processing method for conditional access system Expired - Fee Related JP4536091B2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2007198169A JP4536091B2 (en) 2007-07-30 2007-07-30 Processing apparatus and processing method for conditional access system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP2007198169A JP4536091B2 (en) 2007-07-30 2007-07-30 Processing apparatus and processing method for conditional access system

Related Child Applications (1)

Application Number Title Priority Date Filing Date
JP11294575 Division

Publications (2)

Publication Number Publication Date
JP2008011547A true JP2008011547A (en) 2008-01-17
JP4536091B2 JP4536091B2 (en) 2010-09-01

Family

ID=39069242

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2007198169A Expired - Fee Related JP4536091B2 (en) 2007-07-30 2007-07-30 Processing apparatus and processing method for conditional access system

Country Status (1)

Country Link
JP (1) JP4536091B2 (en)

Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH01246979A (en) * 1988-03-29 1989-10-02 Kondeishiyonaru Akusesu Technol Kenkyusho:Kk Chargeable program distributing system and cryptographic key distributing structure
JPH04233345A (en) * 1990-06-08 1992-08-21 Matra Commun Method and device for transmission control in broadcast equipment
JPH04506736A (en) * 1990-02-01 1992-11-19
JPH05145923A (en) * 1991-03-29 1993-06-11 Scient Atlanta Inc Independent external security protection module for television signal decoder capable of digitally high quality processing
JPH07245605A (en) * 1994-03-03 1995-09-19 Fujitsu Ltd Ciphering information repeater, subscriber terminal equipment connecting thereto and ciphering communication method
JPH0855164A (en) * 1994-08-10 1996-02-27 Fujitsu Ltd Software distribution system, repeating device, and user terminal device
JPH08107412A (en) * 1994-02-02 1996-04-23 General Instr Corp Of Delaware Method and device for controlling access to digital signal
JPH08125651A (en) * 1994-10-28 1996-05-17 Hitachi Ltd Signal processing device
JPH08237596A (en) * 1994-12-08 1996-09-13 Lg Electron Inc Method and device to prevent copying in digital magnetic recording/reproducing system
JPH0969830A (en) * 1995-08-30 1997-03-11 Hitachi Ltd Cipher communication system
WO1997039552A1 (en) * 1996-04-17 1997-10-23 Intel Corporation An apparatus and method for re-encrypting data
WO1998021852A1 (en) * 1996-11-12 1998-05-22 Scientific-Atlanta, Inc. Control for a global transport data stream
JPH1155247A (en) * 1997-07-31 1999-02-26 Nippon Telegr & Teleph Corp <Ntt> Method for transmitting secret information for ensuring transmitter anonymity and device therefor and program storage medium
JPH11252161A (en) * 1998-03-04 1999-09-17 Seiko Epson Corp Information addition device and information addition method

Patent Citations (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH01246979A (en) * 1988-03-29 1989-10-02 Kondeishiyonaru Akusesu Technol Kenkyusho:Kk Chargeable program distributing system and cryptographic key distributing structure
JPH04506736A (en) * 1990-02-01 1992-11-19
JPH04233345A (en) * 1990-06-08 1992-08-21 Matra Commun Method and device for transmission control in broadcast equipment
JPH05145923A (en) * 1991-03-29 1993-06-11 Scient Atlanta Inc Independent external security protection module for television signal decoder capable of digitally high quality processing
JPH08107412A (en) * 1994-02-02 1996-04-23 General Instr Corp Of Delaware Method and device for controlling access to digital signal
JPH07245605A (en) * 1994-03-03 1995-09-19 Fujitsu Ltd Ciphering information repeater, subscriber terminal equipment connecting thereto and ciphering communication method
JPH0855164A (en) * 1994-08-10 1996-02-27 Fujitsu Ltd Software distribution system, repeating device, and user terminal device
JPH08125651A (en) * 1994-10-28 1996-05-17 Hitachi Ltd Signal processing device
JPH08237596A (en) * 1994-12-08 1996-09-13 Lg Electron Inc Method and device to prevent copying in digital magnetic recording/reproducing system
JPH0969830A (en) * 1995-08-30 1997-03-11 Hitachi Ltd Cipher communication system
WO1997039552A1 (en) * 1996-04-17 1997-10-23 Intel Corporation An apparatus and method for re-encrypting data
JP2000508854A (en) * 1996-04-17 2000-07-11 インテル・コーポレーション Data re-encryption device and method
WO1998021852A1 (en) * 1996-11-12 1998-05-22 Scientific-Atlanta, Inc. Control for a global transport data stream
JP2000516422A (en) * 1996-11-12 2000-12-05 サイエンティフィック―アトランタ,インコーポレイテッド Control over the global transport data stream
JPH1155247A (en) * 1997-07-31 1999-02-26 Nippon Telegr & Teleph Corp <Ntt> Method for transmitting secret information for ensuring transmitter anonymity and device therefor and program storage medium
JPH11252161A (en) * 1998-03-04 1999-09-17 Seiko Epson Corp Information addition device and information addition method

Also Published As

Publication number Publication date
JP4536091B2 (en) 2010-09-01

Similar Documents

Publication Publication Date Title
EP0787391B1 (en) Conditional access system
EP1151608B1 (en) Method and apparatus for encrypted transmission
AU2005258137B2 (en) Validating client-receivers
US4736422A (en) Encrypted broadcast television system
US6286103B1 (en) Method and apparatus for encrypted data stream transmission
US6587561B1 (en) Key delivery in a secure broadcasting system
AU676404B2 (en) Method and apparatus for controlling access to digital signals
USRE40334E1 (en) Method and apparatus for encrypted data stream transmission
US7698568B2 (en) System and method for using DRM to control conditional access to broadband digital content
US5111504A (en) Information processing apparatus with replaceable security element
JP4633202B2 (en) Method for providing secure communication between two devices and application of this method
KR101055908B1 (en) Secure data transmission through multichannel entitlement management and control
US4887296A (en) Cryptographic system for direct broadcast satellite system
US7797552B2 (en) Method and apparatus for controlling paired operation of a conditional access module and an integrated receiver and decoder
JP2004516775A (en) Conditional access
JP3789469B2 (en) Method and apparatus for uniquely encrypting terminal data
AU755892B2 (en) Method and apparatus for secure communication of information between a plurality of digital audiovisual devices
EP0485887B1 (en) System for maintaining scrambling security in a communication network
JP3476481B2 (en) Independent external security module for digitally enhanced television signal decoder
CN1258898C (en) Method for managing symmetrical secret key in communication network, and device for carrying out such method
CA2364398C (en) Method for operating a conditional access system for broadcast applications
AU754015B2 (en) Method and apparatus for recording of encrypted digital data
JP2005500752A (en) System and method for hybrid conditional access to encrypted transmission information for a receiver
US7383561B2 (en) Conditional access system
US5627892A (en) Data security scheme for point-to-point communication sessions

Legal Events

Date Code Title Description
A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20100330

A521 Written amendment

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20100518

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20100604

A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20100615

R150 Certificate of patent or registration of utility model

Free format text: JAPANESE INTERMEDIATE CODE: R150

FPAY Renewal fee payment (event date is renewal date of database)

Free format text: PAYMENT UNTIL: 20130625

Year of fee payment: 3

FPAY Renewal fee payment (event date is renewal date of database)

Free format text: PAYMENT UNTIL: 20140625

Year of fee payment: 4

LAPS Cancellation because of no payment of annual fees